Re: [funsec] Skype with care
A different point of view also: http://www.zdnet.com/is-microsoft-reading-your-skype-instant-messages-715388/ Juha-Matti Jeffrey Walton [noloa...@gmail.com] kirjoitti: A couple of follow ups on this Skype backdoor confirmation, http://lists.randombit.net/pipermail/cryptography/2013-May/004224.html and All Your Skype Are Belong To Us, http://financialcryptography.com/mt/archives/001430.html On Wed, May 15, 2013 at 10:20 PM, Jeffrey Walton noloa...@gmail.com wrote: (Thanks to KW in a private email). http://www.h-online.com/security/news/item/Skype-with-care-Microsoft-is-reading-everything-you-write-1862870.html Anyone who uses Skype has consented to the company reading everything they write. The H's associates in Germany at heise Security have now discovered that the Microsoft subsidiary does in fact make use of this privilege in practice. Shortly after sending HTTPS URLs over the instant messaging service, those URLs receive an unannounced visit from Microsoft HQ in Redmond. A reader informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. The server indicated a potential replay attack. It turned out that an IP address which traced back to Microsoft had accessed the HTTPS URLs previously transmitted over Skype. Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service. A few hours after their Skype messages, they observed the following in the server log: 65.52.100.214 - - [30/Apr/2013:19:28:32 +0200] HEAD /.../login.html?user=tbtestpassword=geheim HTTP/1.1 Source: Utrace They too had received visits to each of the HTTPS URLs transmitted over Skype from an IP address registered to Microsoft in Redmond. URLs pointing to encrypted web pages frequently contain unique session data or other confidential information. HTTP URLs, by contrast, were not accessed. In visiting these pages, Microsoft made use of both the login information and the specially created URL for a private cloud-based file-sharing service. In response to an enquiry from heise Security, Skype referred them to a passage from its data protection policy: Skype may use automated scanning within Instant Messages and SMS to (a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links. A spokesman for the company confirmed that it scans messages to filter out spam and phishing websites. This explanation does not appear to fit the facts, however. Spam and phishing sites are not usually found on HTTPS pages. By contrast, Skype leaves the more commonly affected HTTP URLs, containing no information on ownership, untouched. Skype also sends head requests which merely fetches administrative information relating to the server. To check a site for spam or phishing, Skype would need to examine its content. Back in January, civil rights groups sent an open letter to Microsoft questioning the security of Skype communication since the takeover. The groups behind the letter, which included the Electronic Frontier Foundation and Reporters without Borders expressed concern that the restructuring resulting from the takeover meant that Skype would have to comply with US laws on eavesdropping and would therefore have to permit government agencies and secret services to access Skype communications. In summary, The H and heise Security believe that, having consented to Microsoft using all data transmitted over the service pretty much however it likes, all Skype users should assume that this will actually happen and that the company is not going to reveal what exactly it gets up to with this data. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] OT: Front company used to sign malware
See also: http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/ Juha-Matti Jeffrey Walton [noloa...@gmail.com] kirjoitti: Does anyone know anything about the Trojans? I'm specifically interested in what the CA knew (or should have known) before issuing a code signing certificate. http://www.h-online.com/security/news/item/Front-company-used-to-sign-malware-1799101.html Using a shell company, criminals in Brazil purchased valid certificates from a certificate authority in order to sign malware, according to a report from Malwarebytes. The new method of obtaining signatures was detected when the criminals signed a banking trojan and other malware and put them into circulation. The certificates were issues to a company called Buster Paper Comercial Ltda which apparently only existed on paper. The company was used to request a certificate from CA Digicert. Digicert told CIO Magazine that it did issue the certificate because at the time Buster Paper Comercial Ltda was a legally registered business as confirmed through the Brazilian Ministerio da Fazenda: Cadastro Sincronizado Nacional. The certificate has since been revoked. The trojan that was signed with the fraudulently obtained certificate was sent by email as an attached executable file. The executable was disguised as a PDF file which, once opened, installed malicious code, deployed further payloads and tapped the system to obtain bank account details and passwords. Digitally signing malware has been used to give the user a false sense of security in the software and to get it past some defences in operating systems, but in the past, most of the certificates used have been stolen rather than applied for. ___ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] IBM ISS and funny Current Internet Threat Level
IBM ISS's Current Internet Threat Level page at https://webapp.iss.net/gtoc/index.html was quite funny on Thursday 24th Jan including the following text: --clip-- Current Internet Threat Level Rhea Gillian Dawn Shelly Cynthia Shannon Eve Lunea Gretchen Bethany Heidi Zenaida Kerry Britanney Carla Shannon Rana Eleanor Heather Joelle Maris Shea Alisa Samantha Eugenia Tasha Callie Evelyn ... Threats zxcxzcXzc Recommendations Rhea Gillian Dawn Shelly Cynthia Shannon Eve Lunea Gretchen Bethany Heidi Zenaida Kerry Britanney Carla Shannon Rana Eleanor Heather Joelle Maris Shea Alisa Samantha Eugenia Tasha Callie Evelyn Alyssa Quyn Deanna Sara Audra Jordan Nadine Fay Gail ... --clip-- Try Google search: https://webapp.iss.net/gtoc/index.html Any explanation for this?? Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Google Earth finds more strange patterns in the Chinese desert
http://www.technologyreview.com/view/506471/google-earth-finds-more-strange-patterns-in-the-chinese-desert/ Opinions? Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] BlackBerry maker Research in Motion agrees to hand over its encryption keys to India
http://m.economictimes.com/news/news-by-industry/telecom/blackberry-maker-research-in-motion-agrees-to-hand-over-its-encryption-keys-to-india/articleshow/15319701.cms Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Innovative stealth ship sold to firm for scrap
Not in the news every day: http://www.sacbee.com/2012/07/06/4614558/innovative-stealth-ship-sold-to.html Also http://en.wikipedia.org/wiki/Sea_Shadow_(IX-529) Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Yahoo breach
Worth of checking: http://m.cnet.com/news/yahoo-breach-swiped-passwords-by-the-numbers/57470878 (removed infosecbc@ as a recipient) Juha-Matti Rob, grandpa of Ryan, Trevor, Devon Hannah [rmsl...@shaw.ca] kirjoitti: Still very little info on the Yahoo breach (although lots of reports that it was an unencrypted password file). In regard to the reports that this only affected a company Yahoo purchased, and subsequently named Yahoo Voice: I've obtained a copy of the password file. I've had at least three Yahoo accounts, two of them for over ten years. None of them are in the file. So, whatever it is, it isn't a general file of Yahoo accounts. == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org My son is not brilliant; he's not genius. Anyone that has any computer knowledge could have done what Jeff did. It doesn't take a level of genius to do this. - mother of teen charged with modifying a virus - got *that* right victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Yahoo breach
Also, Yahoo released this on Friday: http://ycorpblog.com/2012/07/13/yahoo-0713201/ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] SWAT team throws flashbangs, raids wrong home due to open WiFi network
http://arstechnica.com/tech-policy/2012/06/swat-team-throws-flashbangs-raids-wrong-home-due-to-open-wifi-network/ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] You wont believe how dumb these iOS 6 maps mistakes are
http://gizmodo.com/5918041/you-wont-believe-how-dumb-these-ios-6-maps-mistakes-are Yep. Apple's new Maps app confuses Greenland for the Indian Ocean, the Indian Ocean for the Arctic Ocean, the middle of Africa for the North Pacific, and the southern ocean for the North Atlantic. Sreenshot included... Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] You wont believe how dumb these iOS 6 maps mistakes are
Also at http://www.dailytech.com/Quick+Note+Apples+Maps+App+Flunks+at+Geography+Navigation/article24926.htm Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Error in Finnish e-prescription software randomly added characters when Return was used
Finnish Medical Journal (in Finnish): http://www.laakarilehti.fi/uutinen.html?opcode=show/news_id=12029/type=1 Google translation: http://translate.google.com/translate?hl=en?sl=fitl=enu=http%3A//www.laakarilehti.fi/uutinen.html%3Fopcode%3Dshow/news_id%3D12029/type%3D1 It is reported that using Return key in Effica e-prescription software randomly caused the program to add or destroy characters typed by the doctor. According to the article The National Institute for Health and Welfare (THL) denied the use of Return key when writing dosage instructions. Technically the error in the software developed by Tieto company was associated to the message transmission. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] 7 Ways Oracle Puts Database Customers At Risk
A very good coverage: http://www.darkreading.com/database-security/167901020/security/news/232901381/7-ways-oracle-puts-database-customers-at-risk.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] iOS5 passcode bypass flaw reported
http://threatpost.com/en_us/blogs/ios-5-flaw-allows-unfettered-access-users-contacts-calls-022212 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Top Ten Web hacking techniques of 2011 - poll is closing
It appears that this poll https://blog.whitehatsec.com/vote-now-top-ten-web-hacking-techniques-of-2011/ is closing (Phase 1) today. Link to the poll http://www.surveymonkey.com/s/TopTenWebHackingTechniques2011 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] NHS body implements encryption after losing disc with data on 1.6 million people
http://www.guardian.co.uk/healthcare-network/2011/sep/19/nhs-kent-medway-data-loss An NHS trust has told patients that it is acting to improve its data handline practices after a rebuke from the Information Commissioner's Office (ICO) for losing a CD containing details on 1.6 million people. Chief executive of NHS Kent and Medway Ann Sutton said that information is now more secure following the implementation of encryption systems to replace the use of floppy discs and CDs. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] If you don't want people to know, then shut up.
Comments at http://www.schneier.com/blog/archives/2011/09/outing_a_cia_ag.html#comments are worth of reading too. Juha-Matti Rob, grandpa of Ryan, Trevor, Devon Hannah [rmsl...@shaw.ca] wrote: The CIA is complaining that news media and other entities are giving away information about it's agents and operations. http://www.theatlanticwire.com/global/2011/07/did-cia-do-enough-protect-bin- ladens-hunter/39867/ Trouble is, the information being analysed has been provided by the CIA. If the CIA is being too eager to promote themsleves, or careless in censoring the material they do provide, is that the fault of the media? In doing the CISSP seminars, I use lots of security war stories. Some of them are from my own work. Some of them I've collected from the attendees over the years. It's not hard to use the story to make a point, but leave absolutely no clues as to the company involved, let alone individuals. == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org ASCII to ASCII, DOS to DOS. victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] CVE for Medtronic insulin pump issue assigned
It appears that there is a CVE id http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3386 assigned recently. Many of us remember that this case was demonstrated at Black Hat '11. (see references) Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fw: Microsoft security centre search poisoned with infectious smut
11th Jul: Microsoft has disabled the search results on its Security Centre after malware-spreaders abused the function to promote shady pornographic websites serving Trojans as well as cheap thrills. --clip-- http://www.theregister.co.uk/2011/07/11/ms_security_search_malware_links_poisioning/ Juha-Matti (Linuxbox.org was not reachable last week.) ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] The MSRC - now and then - worth of reading
I really like reading this, it's not written in a typical way. http://blogs.securiteam.com/index.php/archives/1518 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] DoD, NSA reportedly hacked?
Report at http://www.thehackernews.com/2011/05/exclusive-report-is-department-of.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Russian investigators free Kaspersky's son, no ransom paid
The kidnapped 20-year-old son of Eugene Kaspersky, founder of Kaspersky Lab, was freed by Russian investigators on Sunday without ransom, the company said. Kaspersky Lab confirms that an operation to free Ivan Kaspersky was carried out successfully by the Federal Security Service (FSB), the Criminal Investigation Department of the Moscow Police and Kaspersky Lab's own security personnel. Ivan is alive and well and is currently located at a safe location. --clip-- http://www.pcmag.com/article2/0,2817,2384235,00.asp Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] US Facebook data passed through Chinese, South Korean ISPs
This was not posted to funsec yet: Earlier this week, your Facebook posts could have been rewritten on the Great Wall of China, not just on your friends walls. For about 30 minutes on Tuesday morning, Facebook traffic in the US, or at least the connections going through ATTs Internet services, did not travel via the most direct route. Normally, ATT passes packets of data to US-based Level3 Communications, which in turn hands them off to Facebooks servers. --clip-- http://www.zdnet.com/blog/facebook/us-facebook-data-passed-through-chinese-south-korean-isps/970 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] What happened to the people in Microsoft's iconic 1978 company photo
http://www.businessinsider.com/microsoft-1978-photo-2011-1 This is the message of the story: 'We all know what happened with the two guys in the bottom left and bottom right corners - Bill Gates, and Paul Allen. But what about the rest?' Enjoy. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Zuckerbergs Facebook fan page hacked
http://techcrunch.com/2011/01/25/zuckerberg-fan-page-hack/ Earlier today, a strange message appeared on Facebook CEO Mark Zuckerbergs fan page. It read as follows: Let the hacking begin: If facebook needs money, instead of going to the banks, why doesnt Facebook let its users invest in Facebook in a social way? Why not transform Facebook into a social business the way Nobel Price winner Muhammad Yunus described it? http://bit.ly/fs6rT3 What do you think? #hackercup2011 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Dancho reportedly found and alive
http://news.ycombinator.com/item?id=2112135 ___ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Dancho reportedly found and alive
http://news.ycombinator.com/item?id=2112135 ___ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] China erects wall against Skype
China is starting off the new year by flexing its control over Voice over IP (VoIP) telephone services such as Skype. The nation's Ministry of Information and Industry Technology (MIIT) on Friday said it will crack down on illegal VoIP telephone services, and was collecting evidence for legal cases against them. Only state-run China Mobile, China Telecom, and China Unicom will offer VoIP in this nation of about 1.3 billion people, an MIIT spokesperson told the South China Morning Post. http://www.informationweek.com/news/software/soa_webservices/showArticle.jhtml?articleID=228901618subSection=All+Stories Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Man facing charges for checking wifes e-mail
Leon Walker, 33, is being charged under a state statute that prohibits unlawful access to a computer system, program or network. Walker admitted that he rummaged through his wifes e-mail, but said he strongly believes he didnt break any laws. What dont you share in a marital home? She asked me to read her e-mails before. She gave me the passwords before; she didnt hide it, Walker said. http://www.msnbc.msn.com/id/40825677/ns/local_news-detroit_mi/ It would be interesting to hear is Michigan the only state where this will happen? Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Amazon Web Services blog entry related to Wikileaks
Related to recent Wikileaks cases: http://aws.amazon.com/message/65348/ There have been reports that a government inquiry prompted us not to serve WikiLeaks any longer. That is inaccurate. There have also been reports that it was prompted by massive DDOS attacks. That too is inaccurate. There were indeed large-scale DDOS attacks, but they were successfully defended against. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] No solution on the market today can prevent the infinite number of AETs!
There is a good pointer written in November: http://raistlin.soup.io/post/82972413/Advanced-Anti-Evasion-Super-Mega-Ultra Juha-Matti David M Chess [ch...@us.ibm.com] kirjoitti: Is there anyone legitmate behind www.antievasion.com, or is it just the usual amusing everyone previous to us was stupid, but now we have discovered that it's possible to create new attacks that won't be detected right away, maybe! sort of hype? DC ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] ftp.proftpd.org compromised
More details http://proftpd.org/ via https://twitter.com/VUPEN/status/10272716158402560 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] .kp is down ?
These sites you are listing are not reachable from Finland now and some forums had discussion about .kp being down in October already. Juha-Matti Viktor Larionov [viktor.lario...@salva.ee] kirjoitti: Hey! ;) Am I the only one who can't access .kp zone or the zone is down ? ;) http://www.friend.com.kp/ http://www.koredufund.org.kp/ http://www.kcce.kp/ http://www.naenara.kp/ http://www.kpnic.gov.kp/ The biggest internet black hole is blacked out tottaly now ? ;) Cheers, vik Viktor Larionov süsteemiadministraator / NMC Arendusosakond Salva Kindlustuse AS Tel: (+372) 683 0636 | GSM: (+372) 566 86811 | viktor.lario...@salva.ee | www.salva.ee (SMX)1936 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Sarah Palin E-mail hacker sentenced to 1 year in custody
http://www.wired.com/threatlevel/2010/11/palin-hacker-sentenced/ David Kernell, the former Tennessee student convicted of hacking into Sarah Palins personal e-mail account, was sentenced on Friday to one year in custody. Kernell, 22, was convicted earlier this year of misdemeanor computer intrusion and a felony count of obstruction of justice. The jury found him not guilty of a wire-fraud charge and hung on a fourth charge for identity theft, after four days of deliberating. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] 0-day of the week - MSIE6/7/8 CSS tag vuln (CVE-2010-3962)
And if someone missed there is a public PoC available, it was public on Wednesday already. Juha-Matti Peter Evans [pe...@ixp.jp] wrote: On Wed, Nov 03, 2010 at 11:52:34PM +0200, Juha-Matti Laurio wrote: MS advisory #2458511: http://www.microsoft.com/technet/security/advisory/2458511.mspx Given there are so many M$ boxes out there, they make a better target than the fruit freaks. Eventually, M$ will be so secure that no one will be able to hack it. But by then, coffee cups will be so intelligent that they will be the new target of hackers. =^x^= P ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] 0-day of the week - MSIE6/7/8 CSS tag vuln (CVE-2010-3962)
MS advisory #2458511: http://www.microsoft.com/technet/security/advisory/2458511.mspx Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Several Barackobama.com XSS issues reported
http://security-sh3ll.blogspot.com/2010/10/obama-website-xss-defacement.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Firefox 0-day in the wild
More info at http://news.softpedia.com/news/Zero-Day-Firefox-Vulnerability-Exploited-to-Distribute-Trojan-163065.shtml Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Canada says Google Wi-Fi sniffing collected personal data
http://www.pcmag.com/article2/0,2817,2371121,00.asp Canada's privacy commissioner said Tuesday that Google's recent Wi-Fi sniffing was a serious violation of Canadians' privacy rights and included the collection of personally identifiable information. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Kaspersky hit by cyber criminals
http://www.itpro.co.uk/627817/updated-kaspersky-hit-by-cyber-criminals The Russian-based security firm Kaspersky has fallen victim to the cyber criminals it tries to protect users against, according to reports. The company, known for its anti-virus software, has supposedly been compromised by hackers who have directed users trying to download Kasperskys software to malicious sites. Once they have reached the destination they are then encouraged to download fake anti-virus software, which could compromise their data security. Oops! Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] HAPPY INTERNATIONAL CAPS LOCK DAY!
REFERENCES: http://news.blogs.cnn.com/2010/10/22/annoying-right-happy-caps-lock-day/ http://capslockday.com/ THEY HAVE EVEN A TWITTER ACCOUNT NOW. Juha-Matti OOPS. REGARDS, JUHA-MATTI ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Cryptome hacked
Their status report at http://cryptome.org/0002/cryptome-hack3.htm Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Microsoft wants to keep your infected computers off the Internet
A good timing from MS, because This month as part of our predictable security update process we are releasing 16 comprehensive bulletins addressing 49 vulnerabilities. These vulnerabilities cover Windows, Internet Explorer, Microsoft Office, and the .NET Framework. http://blogs.technet.com/b/msrc/archive/2010/10/06/advance-notification-service-for-october-2010-security-bulletin.aspx :) Juha-Matti Joel Esler [joel.es...@me.com] kirjoitti: I've seen it done, successfully, in an extremely large enterprise. I don't know how it was done exactly (never got the opportunity to ask), but i thought it was a neat idea. -- Sent from my iPad On Oct 7, 2010, at 8:32 PM, Peter Evans pe...@ixp.jp wrote: On Thu, Oct 07, 2010 at 04:32:41PM -0800, Rob, grandpa of Ryan, Trevor, Devon Hannah wrote: http://bit.ly/cD4bXo sends you to here: http://blogs.technet.com/b/microsoft_on_the_issues/archive/2010/10/05/the-need-for-global-collective-defense-on-the-internet.aspx Having been around this field for a while, I can pretty much guarantee that this is easier to pontificate about than to do. M$ had this working in 2005 with the corpulent intranet. Once I connected (with a smart card no less) to the vpn gateway, it would give me a quarantine IP until it was happy that my PC was up to the corpulent rules, ie, CA ETrust Antivirus was up to date. All current patches and stuff applied. (No badness found?) Once it did this, which might take a minute, more if it deems you need stuff, which it automatically applies, it then gave you an IP address that you could use and you were on your way. One of the nice features of this was that you could just start your VPN with a fresh install and let it take care of making it M$ approved, completely paws off. P ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Cryptome hacked
It appears that a status report and a response to Wired.com article has been posted to the site. Juha-Matti Juha-Matti Laurio [juha-matti.lau...@netti.fi] kirjoitti: From their Web page: Cryptome was hacked this morning about 3:45 AM, down for about six hours, now restored. Email hacked also, now restored. Juha-Matti Sven Aluoor [alu...@gmail.com] kirjoitti: On Sat, Oct 2, 2010 at 11:10 AM, Juha-Matti Laurio juha-matti.lau...@netti.fi wrote: It appears that http://cryptome.org/ has been defaced recently. Juha-Matti For the folks to late: http://i.imgur.com/PjkRe.png ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Cryptome hacked
It appears that http://cryptome.org/ has been defaced recently. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Cryptome hacked
From their Web page: Cryptome was hacked this morning about 3:45 AM, down for about six hours, now restored. Email hacked also, now restored. Juha-Matti Sven Aluoor [alu...@gmail.com] kirjoitti: On Sat, Oct 2, 2010 at 11:10 AM, Juha-Matti Laurio juha-matti.lau...@netti.fi wrote: It appears that http://cryptome.org/ has been defaced recently. Juha-Matti For the folks to late: http://i.imgur.com/PjkRe.png ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] SANS InfoCon set to Yellow still
SANS ISC set their InfoCon to Yellow yesterday to raise awareness about the ASP.net issue: http://isc.sans.edu/infocon.html http://isc.sans.edu/diary.html?storyid=9625 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Anti-piracy lawyers' email database leaked after hack
http://www.theregister.co.uk/2010/09/27/anti_piracy_lawyer_email_leak/ Hackers have uploaded a leaked database of emails from anti-piracy law firm ACS:Law onto P2P networks and websites. ACS:Law was among a handful of entertainment industry-affiliated organisations to endure denial of service attacks by the denizens of 4Chan last week. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Iran successfully battling cyber attack
Iranian information technology officials have confirmed that some Iranian industrial systems have been targeted by a cyber attack, but added that Iranian engineers are capable of rooting out the problem. According to Associated Press, a complex computer worm dubbed Stuxnet has infected many industrial sites in Iran and is capable of taking over power plants. The director of the Information Technology Council of the Industries and Mines Ministry has announced that the IP addresses of 30,000 industrial computer systems infected by this malware have been detected, the Mehr New Agency reported on Saturday. --clip-- More at http://www.tehrantimes.com/index_View.asp?code=227332 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Pen and paper scripting attack...
http://news.ycombinator.com/item?id=1722043 http://alicebobandmallory.com/articles/2010/09/23/did-little-bobby-tables-migrate-to-sweden Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Hacker attack wreaks havoc on Sweden Democrat website
The website of the far-right Sweden Democrats was hacked on Saturday, one day before the party is expected to be voted into the Riksdag in Swedens September 19th general elections. We have had hacker attacks over the past 24 hours. We have no idea where it is coming from, Sweden Democrats spokesman Erik Almqvist told AFP, adding that the party expected to get its website running again soon. http://www.thelocal.se/29098/20100918/ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Cyber-criminals steal identity of one of the world's top security chiefs using Facebook
The head of Interpol has warned that cyber-crime is the 'most dangerous criminal threat we will ever face' after fraudsters stole his identity on Facebook. Security chief Ronald K. Noble revealed that two fake accounts were created in his name and used to find the details of highly-dangerous criminals. http://www.dailymail.co.uk/news/worldnews/article-1313381/Cyber-crooks-steal-identity-Ronald-K-Noble-worlds-security-chief--FACEBOOK.html According to news sources the identity was stolen during the summer already. But Noble was not aware until now. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] HDCP antipiracy leak opens doors for black boxes
[September 17, 2010] An antipiracy code used in set-top boxes, Blu-ray and DVD players has been cracked and published on the Internet, and as a result, we may soon see devices on the market that allow people to make unauthorized copies of movies. Intel confirmed to CNET yesterday that code posted anonymously to the Internet earlier this week is the secret master key to the HDCP (High-bandwidth Digital Content Protection) protocol. Intel created HDCP to be used for ensuring that only authorized devices are playing copyright-protected video and audio, and it licenses the technology to hardware manufacturers. http://news.cnet.com/8301-27080_3-20016768-245.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Mailman 2.1.14rc1 out, two XSS issues fixed
https://launchpad.net/mailman/+milestone/2.1.14rc1 FunSec runs on Mailman too. Release Notes / Security - Two potential XSS vulnerabilities have been identified and fixed Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Adobe Reader 9.x/8.x 0-day in the wild
References: http://www.adobe.com/support/security/advisories/apsa10-02.html http://isc.sans.edu/diary.html?storyid=9523 http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Hackers attack Philippine government website
The Philippines on Sunday ordered all government offices to tighten Internet security after its main information website was brought down by hackers. We are alerting all government agencies to review and improve security of their websites in view of the hacking of the website this afternoon, presidential spokesman Herminio Coloma said. ... Coloma did not say whether the hacker attack was related to widespread public anger in Hong Kong over police bungling of a hostage crisis that left eight tourists dead on Monday. http://www.google.com/hostednews/afp/article/ALeqM5ivZZSAypl6NWxjg7z9VyCFJ45Jbg Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Ongoing FTP Brute Password guessing attacks
via http://isc.sans.edu/diary.html?storyid=9454 Especially good, old tips are worth of reading: Watch your logs! Remove Anonymous Access Restrict Access to FTP Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Report: Virus may have hit Spanair Mx computers around time of MD-80 crash
http://news.cnet.com/8301-1009_3-20014237-83.html http://www.aviationweek.com/aw/blogs/mro/index.jsp?plckController=BlogplckScript=blogScriptplckElementId=blogDestplckBlogPage=BlogViewPostplckPostId=Blog%3A388668c6-b459-4ea7-941e-a0a2206d415fPost%3A6af8aa8b-e6d8-494d-ade9-9ad2d7096684 Original source: http://www.elpais.com/articulo/espana/ordenador/Spanair/anotaba/fallos/aviones/tenia/virus/elpepunac/20100820elpepinac_11/Tes Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Intel to acquire McAfee
http://finance.yahoo.com/news/Intel-to-Acquire-bw-1892904611.html?x=0.v=1 Purchase of all of McAfees common stock for $48 per share in cash, valuing the deal at approximately $7.68 billion. McAfee will operate as a wholly-owned subsidiary, reporting into Intels Software and Services Group. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Apple.com hit in latest mass hack attack
A hack attack that can expose users to malware exploits has infected more than 1 million webpages, at least two of which belong to Apple. The SQL injection attacks bombard the websites of legitimate companies with database commands that attempt to add hidden links that lead to malware exploits. While most of the sites that fell prey appear to belong to mom-and-pop operations, two of the infections hit pages Apple uses to promote iTunes podcasts, this Google search shows. http://www.theregister.co.uk/2010/08/17/apple_sql_attack/ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Russias FSB receives decrypted BlackBe rry messages from Mobile TeleSystems
On January 16, 2008 the Ministry of Information Technology and Telecommunications of the Russian Federation (RF) amended paragraph 2 of Article 64 of State law regulating the requirements of telecommunications networks for operational and search activities. It requires that intercepted communications which have additional encryption be turned over in decoded form. This includes Research In Motion and all other foreign-owned companies who sell services in the RF through a Russian vendor which, in RIMs case, is Mobile TeleSystems. --clip-- http://blogs.forbes.com/firewall/2010/08/16/russias-fsb-receives-decrypted-blackberry-messages-from-mobile-telesystems/ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Swedish server host says helping WikiLeaks publish papers
http://www.google.com/hostednews/afp/article/ALeqM5gX6c1WjekyzxKnOeRyMRVLBPfInA A Swedish Internet company said Friday it had been helping whistleblower website WikiLeaks since 2008 by hosting its servers at a secret basement location in a Stockholm suburb. WikiLeaks contacted us through a third party in Sweden a few years ago and ... their traffic goes through us, Mikael Viborg, the 27-year-old head of the PRQ Internet hosting company, told AFP. Originally reported by Dagens Nyheter http://www.dn.se/nyheter/sverige/lackan-usa-vill-tata-finns-i-solna-1.1149459 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Ex-hacker Lamo denies alleged WikiLeaker gave him classified documents
http://www.wired.com/threatlevel/2010/08/lamo-classified-documents/ From the article: Update 8/2/10 18:30 EDT: Adrian Lamo said Monday that Manning did not provide him with classified documents. Lamo says Ubers statements were the result of a misunderstanding. Lamo informed Uber in May that Manning, in his instant messenger chats with Lamo, had discussed things hed seen on classified networks. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Hackers study vulnerabilities as ATMs spit cash
http://ca.reuters.com/article/technologyNews/idCATRE66S02Y20100729 A security expert showed off techniques for breaking into ATMs, causing machines to spit out cash to a cheering crowd at an annual gathering of hackers. I hope to change the way people look at devices that from the outside are seemingly impenetrable, Barnaby Jack, director of research at security consulting firm IOActive Labs, told a standing-room-only crowd before launching the demonstration using equipment he purchased over the Internet. He spent over a year learning to break into stand-alone automated teller machines found at gas stations, bars and retail establishments. At the annual Black Hat conference, Jack showed how he could upload his home-brewed piece of software dubbed Dillinger -- named after the infamous bank robber -- to an ATM made by privately held Tranax Technologies. After he infected the ATM, he approached the machine and instructed it to start dispensing cash. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Hackers study vulnerabilities as ATMs spit cash
'ATM Spits Out Cash at Black Hat - Barnaby Jack ATM Hacking Demo' http://www.youtube.com/watch?v=fS3Z8Xv-vUcfeature=related Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Linnea, 1 year, triggered a bomb alert in New Jersey
Translated with Google Translate: The family was heading to Boston in early July and had just stopped over at Newark Airport. When little Linnea went through security showed up Explosive! With intense red letters on the monitor. Then chaos erupted. When airport staff reviewed Linnea shoes they found a small piece of explosive material. - The FBI, the bomb team and the New York police came toward us, says her mother, Helena Karlsson. http://www.aftonbladet.se/nyheter/article7519826.ab (Swedish-language article) Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] 'World's No. 1 hacker' tome rocks security world
Summer time reading: http://www.theregister.co.uk/2010/06/22/worlds_no_1_hacker/ A recently published e-book penned by the self-proclaimed world's No. 1 hacker is rocking the security community with back-and-forth allegations of plagiarism, racism, and even threats against a security podcaster and his family. How to Become the World's No. 1 Hacker is purportedly written by Gregory D. Evans, an animated felon who went on to become CEO of Ligatt Security International, a publicly traded company worth about 0.0002 cent per share that bills itself as a full-service computer security firm. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Apples Antenna Design and Test Labs
http://www.apple.com/antenna/testing-lab.html via Cryptome Apple has invested more than $100 million building its advanced antenna design and test labs. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Teens now getting high off 'digital drugs'
Scary and dangerous: I-dosing on digital drugs is becoming an alarming new trend amongst teens. Web sites are luring kids with free downloads of digital drugs, which are audio files designed to induce drug-like effects. The sites claim it is a safe and legal way to get high, but parents fear it could lead to illegal drug use. Videos of teenagers trying digital drugs are all over YouTube, leaving parents, educators and law enforcement officials with the Oklahoma Bureau of Narcotics and Dangerous Drugs concerned. http://www.newson6.com/global/story.asp?s=12793977 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] GFI Software acquired Sunbelt Software
http://www.computerworld.com/s/article/9179127/Security_vendor_GFI_Software_acquires_Sunbelt_Software and http://www.sunbeltsoftware.com/Press/Releases/?id=362 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] State Department anxious about possible leak of cables to Wikileaks
http://www.wired.com/threatlevel/2010/06/state-department-anxious/ The State Department and personnel at U.S. embassies around the world are reportedly waiting anxiously to find out if an Army intelligence analyst [Bradley Manning] was telling the truth when he boasted that he had supplied 260,000 classified State Department diplomatic cables to the whistleblower site Wikileaks. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Botnet viruses targeting Symbian smartphones
http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=225702440 Two Symbian operating systems are vulnerable: S60 platform 3rd Edition, aka Symbian OS 9.1, as well as S60 5th edition, aka Symbian OS 9.4. The operating systems run a number of smartphones from such manufacturers as Nokia, Samsung and Sony Ericsson. Dubbed ShadowSrv.A, FC.Downsis.A, BIT.N and MapPlug.A, the viruses come hidden in games designed for Symbian smartphones. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] State Department anxious about possible leak of cables to Wikileaks
Naturally there is a newer article available too; 'Army intelligence analyst charged with leaking classified information' http://www.wired.com/threatlevel/2010/07/manning-charges/ Juha-Matti Juha-Matti Laurio [juha-matti.lau...@netti.fi] kirjoitti: http://www.wired.com/threatlevel/2010/06/state-department-anxious/ ... ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] London tube feed halted by huge demand
http://www.networkworld.com/news/2010/070510-london-tube-feed-halted-by.html Transport for London (TfL) has had to suspend access to the underground train departure data after demand for the feed overloaded the organisation's gateway system. The data was made available on 15 June to third-party application developers keen to market what is a precious information resource to London travellers, but demand through the London Datastore proxy has exceeded expectations in a matter of days. From an initial 180,000 requests, traffic soared to 10 million hits per week, overloading servers... Yep. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Baby terrorists
And: '6-Year-Old Northeast Ohio Girl on 'No Fly' List': http://www.fox8.com/news/wjw-news-westlake-ohio-six-year-old-no-fly-list,0,1122601.story Juha-Matti Rob, grandpa of Ryan, Trevor, Devon Hannah [rmsl...@shaw.ca] kirjoitti: OK, I'm willing to concede that this guy is crazy enough to possibly run in a BC election. http://politicalcorrection.org/blog/201006250005 No guarantee he'd win, mind you ... (I *wish* this were Friday, but it's not ...) == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org If you can't say anything good about someone, sit right here by me. - Alice Roosevelt Longworth victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] FTC says scammers stole millions using virtual companies
The U.S. Federal Trade Commission has disrupted a long-running online scam that allowed offshore fraudsters to steal millions of dollars from U.S. consumers -- often by taking just pennies at a time. The scam, which had been run for about four years years, according to the FTC, provides a case lesson in how many of the online services used to lubricate business in the 21st century can equally be misused for fraud. And later The scammers stayed under the radar by charging very small amounts -- typically between $0.25 and $9 per card -- and by setting up more than 100 bogus companies to process the transactions. http://www.computerworld.com/s/article/9178560/FTC_says_scammers_stole_millions_using_virtual_companies?taxonomyId=17 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Unreal IRCd backdoor
Advisory and MD5's listed at http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt Juha-Matti Gadi Evron [...@linuxbox.org] kirjoitti: Very interesting post by Fyodor: http://seclists.org/nmap-dev/2010/q2/826 Gadi. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Cyber War (book): Microsoft a weak link in national security
Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds? Ralph Nader? No, the author is former White House adviser Richard A. Clarke in his new book, Cyber War: The Next Threat to National Security and What to Do About It. It has been a few months since Clarke's latest opus appeared, but it's still making quite a splash. Clarke, after all, was the guy who repeatedly warned the White House about Al Qaeda before September 11, 2001. As a result, he has quickly become the most publicly identifiable person on the subject. While it may appear to give America some sort of advantage, Cyber War warns, in fact cyber war places this country at greater jeopardy than it does any other nation. http://arstechnica.com/security/news/2010/06/cyber-war-microsoft-a-weak-link-in-national-security.ars Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Apple's worst security breach: 114, 000 iPad owners exposed
Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. Theyand every other buyer of the cellular-enabled tabletcould be vulnerable to spam marketing and malicious hacking. The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel's information was compromised. http://gawker.com/5559346/apples-worst-security-breach-114000-ipad-owners-exposed?skyline=trues=i Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Apple's worst security breach: 114, 000 iPad owners exposed
Yeah, especially when Apple itself was not the target. Apple's customers were. Juha-Matti Joel Esler [joel.es...@me.com] kirjoitti: My only problem with the article is the inaccuracy of the headline. Gawker is known for their sensationalism. Frustratingly awesome. 11:20 AM, on Jun 10, 2010, wrote: So I fall somewhere in the yes, this really is a big deal, and don't mind Gawker blasting it out public like this. I don't think it undermines the message of data security. -- Joel Esler http://www.joelesler.net ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] U.S. intelligence analyst arrested in Wikileaks video probe
http://www.wired.com/threatlevel/2010/06/leak/ Federal officials have arrested an Army intelligence analyst who boasted of giving classified U.S. combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks, Wired.com has learned. The article continues that Spc Bradley Manning, 22(!) was stationed at Forward Operating Base Hammer, 40 miles east of Baghdad, where he was arrested nearly two weeks ago by the Armys Criminal Investigation Division. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Adobe Reader, Adobe Acrobat and Flash 0-day being exploited
If you are not aware of the Friday's finding Adobe advisory is located at http://www.adobe.com/support/security/advisories/apsa10-01.html Most recent Adobe Readers for Windows, Mac and Unix are affected, BUT Adobe Reader versions 8.x are confirmed not vulnerable. Flash Player versions 10.0.45.2 and other 10.0.x versions are vulnerable. Version 9.0.262 too. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] James Clapper nominated as intelligence director
http://online.wsj.com/article/SB10001424052748704183204575288483090536208.html President Barack Obama nominated Defense Department intelligence chief James Clapper to be the nation's top spymaster, an appointment that taps decades of spy experience but is likely to meet with resistance on Capitol Hill. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] CarInfoSec
Interesting bedtime reading, shared on 14th May via http://linuxbox.org/pipermail/funsec/2010-May/024838.html Juha-Matti Rob, grandpa of Ryan, Trevor, Devon Hannah [rmsl...@shaw.ca] kirjoitti: Security geek/auto buff bedtime reading: http://www.autosec.org/pubs/cars-oakland2010.pdf == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org As soon as men decide that all means are permitted to fight an evil, then their good becomes indistinguishable from the evil that they set out to destroy. - Christopher Dawson, The Judgment of Nations victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] IBM hands out malware-stuffed USB at security conference
IBM has apologised after supplying a malware-infected USB stick to delegates of this week's IBM AusCERT security conference. The unlovely gift was supplied to an unknown number of delegates to the Gold Coast, Queensland conference who visited IBM's booth. Big Blue does not identify the strain of malware involved in the attack beyond saying it's a type of virus widely detected for at least two years which takes advantage of Windows autorun to spread, as a copy of IBM's email apology published by the Beast Or Buddha blog explains. http://www.theregister.co.uk/2010/05/21/ibm_usb_malware_snafu/ Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Obama to replace Director of National Intelligence Dennis Blair
http://blogs.abcnews.com/politicalpunch/2010/05/exclusive-president-obama-to-replace-director-of-national-intelligence-dennis-blair.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] live phish
I recently submitted adbp932b.exe to VirusTotal - results 17/41: http://www.virustotal.com/analisis/0955aa2abef6e9f5dbb4972ab6e9d56a91788abb289b96f5840f674a5c7ec44d-1274279584 Juha-Matti RandallM [randa...@fidmail.com] kirjoitti: Our controller just got a phish again...the one where the CEO sent a forward..I got the file but its live now Download the instructions here: http://190.245.18.181 /adobe/update.pdf To start the update process and download the installation file: http:// 190.245.18.181/adobe/adbp932b.exe (READ FIRST THE INSTRUCTIONS BEFORE UPDATING THE SYSTEM) Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-6677 rbarn...@adobe.com == -- been great, thanks RandyM a.k.a System ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Happy 50th birthday laser!
http://edition.cnn.com/2010/TECH/05/14/laser.fifty/index.html But when the first working laser was rolled out 50 years ago [this week] -- developed at California's Hughes Research Laboratory -- it didn't take long for the hyperfocused beams of light to find work. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Hacker develops multi-platform rootkit for ATMs
I really hate those adds.. try http://www.csoonline.com/article/592791/Hacker_develops_multi_platform_rootkit or http://news.idg.no/cw/art.cfm?id=6B3BDDA5-1A64-67EA-E4F76C333A95A662 Juha-Matti Juha-Matti Laurio [juha-matti.lau...@netti.fi] kirjoitti: http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/news/2010/050610-hacker-develops-multi-platform-rootkit-for.htmlpagename=/news/2010/050610-hacker-develops-multi-platform-rootkit-for.htmlpageurl=http://www.networkworld.com/news/2010/050610-hacker-develops-multi-platform-rootkit-for.htmlsite=printpage One year after his Black Hat talk on Automated Teller Machine security vulnerabilities was yanked by his employer, security researcher Barnaby Jack plans to deliver the talk and disclose a new ATM rootkit at the computer security conference. Let's hope the link is working without generating add... ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Hacker develops multi-platform rootkit for ATMs
http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/news/2010/050610-hacker-develops-multi-platform-rootkit-for.htmlpagename=/news/2010/050610-hacker-develops-multi-platform-rootkit-for.htmlpageurl=http://www.networkworld.com/news/2010/050610-hacker-develops-multi-platform-rootkit-for.htmlsite=printpage One year after his Black Hat talk on Automated Teller Machine security vulnerabilities was yanked by his employer, security researcher Barnaby Jack plans to deliver the talk and disclose a new ATM rootkit at the computer security conference. Let's hope the link is working without generating add... Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Internet traffic keeps straying, and the chance of long-term fix is slim
http://www.latimes.com/technology/sns-ap-us-tec-fragile-internet,0,126956.story In 1998, a hacker told Congress that he could bring down the Internet in 30 minutes by exploiting a certain flaw that sometimes caused online outages by misdirecting data. In 2003, the Bush administration concluded that fixing this flaw was in the nation's vital interest. Fast forward to 2010, and very little has happened to improve the situation. The flaw still causes outages every year. Related: http://news.cnet.com/8301-10784_3-9878655-7.html (How Pakistan knocked YouTube offline) http://en.wikipedia.org/wiki/Peiter_Zatko Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] No SharePoint fix in Microsoft's next Tuesday patches
http://www.pcworld.com/article/195835/microsofts_next_patches_small_but_vital.html and http://blogs.technet.com/msrc/archive/2010/05/06/advance-notification-for-the-may-2010-security-bulletin-release.aspx Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Girl frozen in time may hold key to ageing
Weekend reading: http://www.timesonline.co.uk/tol/news/science/genetics/article7120516.ece Related: Girl who doesn't age http://linuxbox.org/pipermail/funsec/2009-June/021238.html Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Major Facebook security hole lets you vie w your friends live chats (video)
http://eu.techcrunch.com/2010/05/05/video-major-facebook-security-hole-lets-you-view-your-friends-live-chats/ ... there is [was] a major security flaw in the social networking site that, with just a few mouse clicks, enables any user to view the live chats of their friends. Using what sounds like a simple trick, a user can also access their friends latest pending friend-requests and which friends they share in common. Thats a lot of potentially sensitive information. Video: http://www.youtube.com/watch?v=ny8ui4delEo Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Extremely severe vulnerability in Opera
Multiple asynchronous calls to a script that modifies the document contents can cause Opera to reference an uninitialized value, which may lead to a crash. To inject code, additional techniques will have to be employed http://www.opera.com/support/kb/view/953/ Version Opera 10.53 for Win and Mac have been released including fix. Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Nmap 2010 user survey
It appears that their 2010 Survey is still live: http://nmap.org/survey/ -- Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Symantec picks up PGP, GuardianEdge
http://www.internetnews.com/security/article.php/3879386/Symantec+Picks+Up+PGP+GuardianEdge.htm Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] The new Facebook API exposes the events that some users attend to anyone on the Internet
http://zestyping.livejournal.com/256801.html Facebook has reportedly changed the mechanism on 26th Apr. Tool: http://zesty.ca/facebook Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Apparently McAfee stepped on their genitals today...
This is covered at https://kc.mcafee.com/corporate/index?page=contentid=KB68780 Juha-Matti The Security Community [thesecuritycommun...@gmail.com] kirjoitti: http://isc.sans.org/ We have received several reports indicating some issues with McAfee DAT 5958 causing Windows XP SP3 clients to be locked out. It is affecting svchost.exe. Here is an example of the message: The file C:WINDOWSsystem32svchost.exe contains the W32/Wecorl.a Virus. Undetermined clean error, OAS denied access and continued. Detected using Scan engine version 5400.1158 DAT version 5958.. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Facebook making privacy changes again...
http://blog.facebook.com/blog.php?post=382978412130 Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.