Warning to white-hat hackers: Obama proposal a threat to what you do
President Obama’s proposal to update the computer fraud and abuse act could put white-hat hackers at risk of prosecution as members of organized crime, the SchmooCon hacking conference was told. Under Obama’s proposal, simply sharing passwords with friends – something hackers do routinely – could be enough to indicate that the person doing the sharing […] more…Hacktivist Group CyberBerkut Behind Attacks on German Official Websites
A pro-Russian group called CyberBerkut claimed responsibility for a recent hack on certain German government websites in early January. We were able to gather some information on some of its members based on Pastebin data that had been leaked by the Ukrainian nationalist political party (Pravy Sektor). A Background on CyberBerkut CyberBerkut is an organized group […] more…Barack Obama proposes shielding companies that share cyber threat data
President Obama on Tuesday proposed new cybersecurity legislation that would put cybercrime on par with racketeering and would protect companies from getting sued if they share computer threat data with the government. more…Planned VOIP Network Disruption
On Friday, January 9th, beginning at 5:00AM and ending at 6:00AM, TNS will be performing maintenance on Paterno VOIP AG 2 and Paterno VOIP AG 4. During this work voice services will be disrupted to the building listed below. Paterno Voip AG 2 Pond VoIP Recreation VoIP Oswald VoIP Rackley VoIP Music II VoIP Chambers […] more…Why is ICANN rushing its ‘UN ‘net security council’? So it can be announced at Davos
Despite rejections from its closest allies and calls for delay, ICANN is determined to create a “coordination council” for its internet-steering NetMundial Initiative this month. Why? The initiative was born out of a meeting in April between some governments, ICANN, and others, in Brazil, to discuss the future direction of the web in the wake […] more…Android apps exploit permissions granted, French researchers find
Android apps really do use those permissions they ask for to access users’ personal information: one online store records a phone’s location up to 10 times a minute, French researchers have found. The tools to manage such access are limited, and inadequate given how much information phones can gather. In a recent study, ten volunteers […] more…New trojan aims to steal your password manager’s password
Password managers are supposed to protect our logins and other sensitive information in one encrypted database, secured with a master key. They’re a much better alternative to using the same password on multiple sites or constantly forgetting your passwords. But now hackers are targeting these password managers. Ars Technica reports that a new Citadel trojan, […] more…Citadel malware now targets password management applications
Attackers have started using the Citadel Trojan program to steal master passwords for password management applications and other authentication programs. The Citadel malware has typically been used to steal online banking credentials and other financial information by modifying banking sites on the fly when opened by users in their local browsers. The technique is known […] more…Citadel malware attacking open source password managers
The king of the castle has a new tormentor. IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine. The targeted processes include Password Safe and KeePass, two open-source password managers. The variant also […] more…Malware served through rogue Tor exit node tied to cyberespionage group
A malware program distributed recently through a rogue server on the Tor anonymity network was also used in targeted attacks against European government agencies. The malware has been dubbed OnionDuke by security researchers from antivirus firm F-Secure, who believe it is connected to MiniDuke, a cyberespionage threat of Russian origin that was used to attack […] more…Georgia man sentenced to nine years for stolen credit card data
A 28-year-old man was sentenced to more than nine years in prison Wednesday for buying stolen credit and debit card numbers from an underground online marketplace. Cameron Harrison of Augusta, Georgia, pleaded guilty in April to participating in a racketeer-influenced corrupt organization and trafficking in false identification documents. He was also ordered to pay $50.8 […] more…Drupal releases patch for severe SQL injection flaw
Drupal has released a patch for a highly critical flaw in its content management system, which could allow rogue code to run. Drupal, which is a volunteer open-source project whose software is used by websites such as The White House and the Economist, said all of 7.x releases prior to 7.32 are affected, according to […] more…CUTWAIL Spambot Leads to UPATRE-DYRE Infection
A new spam attack disguised as invoice message notifications was recently seen spreading the UPATRE malware, that ultimately downloads its final payload- a BANKER malware related to the DYREZA/DYRE banking malware. Background In early October we observed a surge of spammed messages sent by the botnet CUTWAIL/PUSHDO, totaling to more than 18,000 messages seen in a single day. CUTWAIL/PUSHDO has been in […] more…Website Security: A Case of SEO Poisoning
There are so many ways your website can be co-opted by hackers for many different reasons, targeting the value created via your SEO is highly attractive. It provides an attacker the opportunity to cheat the system by quickly benefiting from your raw traffic, your audience. In this post we will share details of a recent […] more…BlackEnergy 3: An Intermediate Persistent Threat
We have a new white paper available. BlackEnergy & Quedagh: The convergence of crimeware and APT attacks The paper’s author, Broderick Aquilino, first wrote about BlackEnergy in June: • BlackEnergy Rootkit, Sort Of • Beware BlackEnergy If Involved In Europe/Ukraine Diplomacy BlackEnergy is a kit with a long history and this new analysis is quite timely. In fact, […] more…Scheduled power disruption – Pattee Library
OPP has scheduled an electrical services shutdown affecting the basement Telecom room at the Pattee Library on Wednesday, September 24 at 4:30 AM. Immediately prior to the shutdown, ITS staff will power down the VoIP aggregate equipment that will be affected. Upon power being restored, expected to be shortly before 5:00 AM, ITS staff will […] more…More information
- US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations
- In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak
- Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
- Resolved: ITS wireless disruption
- Live from CeBIT [Chet Chat Podcast 236]
- Say hello to the Windows 365 Cloud PC
- COMPUTER RULES, LAST UPDATED 31 JULY 1988
- Rapid7 CEO: Rethink IT and security organizational structures
- GTA 5 Source Code Leak Raises Security Concerns
- ICS Vendors Assessing Impact of New OPC UA Vulnerabilities