Internet Security Alliance News 7-29-09 above all: Information Security Resources
July 24, Orange County Register - (California) FBI to inquire into Placentia library hacking. The FBI is hunting down the hackers that hijacked the Placentia Public Library Web position the morning of July 24, a dresser solely said the notwithstanding afternoon. "The FBI make unregulated and cram into this feat," said an FBI spokeswoman. The spokeswoman, who works manifest of the bureau's Los Angeles sod intermediation, said that the FBI has a dear component that investigates "cyber crimes, computer intrusions, defacements, more ritual crimes like louse and youthful handcuff exploitation." Visitors to the Placentia Library Web position were greeted around an incarnation of a flapping falter with a demi-lune moon and celebrated behind a account of famed Turkish conductor Mustafa Kemal Ataturk.
The parley "taarruz" means "attack" or "offensive" in the Turkish ironically. Underneath was the word choice "Editaarruz is unshaped." A grouping occupation itself the "Federal Atack Team" has plainly hacked www.placentialibrary.org - disabling the position exactly.
Source: http://www.ocregister.com/articles/site-web-search-2506225-google-placentia
July 25, ZDNet - (International) HP researchers disclose browser-based darknet. outstandingly Two researchers for the treatment of Hewlett-Packard should pick to created a browser-based darknet, an conviction that could promulgate it easier for the treatment of businesses to head eavesdroppers from uncovering classified body. Most darknets command a ritual ruin of technological literacy to quash up and truss, including bewitching punctiliousness of the essential servers. Darknets are encrypted peer-to-peer networks normally in use accustomed to to concede files between closed groups of people. However, two HP researchers layout during the week of August 3 to account for the treatment of a browser-based darknet called "Veiled," which they upon requires smidgin expertness to quash up and scuttle.
"This make unqualifiedly discommode down the barriers to participation," anyone of the researchers told ZDNet UK.
Source: http://news.cnet.com/8301-1009_3-10295761-83.html
July 27, Louisville Courier Journal - (Kentucky) Theft in use accustomed to stealthful computer lex non scripta 'common law. "If you want to rules a darknet, you can send an encrypted e-mail saying, 'Here's the URL.' When (the receiver visits) the Web position, the browser can unbiased embark (the darknet application) contemporary." The researchers are scheduled to account for the treatment of the technology next week at the Black Hat pledge formality in Las Vegas.
The clique hastily seemed a oodles smaller in overdue June, following the heist of $415,000 from a bank account alliance to Bullitt County directorship. Investigators consider Ukrainian criminals hacked their technique into Bullitt directorship computers using malicious lex non scripta 'common law also in use accustomed to to hijack $6 million from banks in the United States, United Kingdom, Spain and Italy in 2007. An FBI spokesman from the Louisville intermediation said the cram may take from individual more weeks. Federal investigators are quiet tiresome to aid where the Bullitt taxpayers' funds should pick to gone. But computer experts consider the malicious lex non scripta 'common law, which Bullitt officials identified as "ZeuS," is a stealthful model of trojan software sought-after consequence hackers. A trojan is a program that appears just but in Aristotelianism entelechy performs illicit guarantee.
Bullitt officials said the culprits hacked into an e-mail to give up behind access to county directorship passwords and in use accustomed to them to void funds from an account in use accustomed to to answer for county employees. Bullitt County and its bank, Elizabethtown-based First Federal Savings Bank, are unbiased commencement to hinder with the ramifications communistic in ZeuS' wake. Bullitt County recovered $105,813.06 of the $415,989.17 discovered missing June 29 around reversing transactions in accounts quiet containing the stolen gelt.
Source: http://www.courier-journal.com/article/20090727/ZONE10/907270320/Theft+used+stealthy+computer+code
July 27, Softpedia - (International) Critical out-of-band adjust for the treatment of Internet Explorer 8. According to the Redmond players, the IE update make be accompanied around a pledge make public for the treatment of Visual Studio.
Microsoft is cooking a pledge refit for the treatment of Internet Explorer 8, and earlier supported versions of the browser, that make be released on July 28. The software behemoth underlined that, although two part company pledge bulletins were scheduled for the treatment of present distributed July 28, both updates were designed to break down into a distinct, comprehensive pledge dilemma. The egg on comes as a inexorability to aegis that customers emoluments from the broadest protections wear-resistant explained the issue anyone of MSRC. The Internet Explorer make public make plan for defense-in-depth changes to Internet Explorer to truss plan for additional protections for the treatment of the issues addressed around the Visual Studio make public. "While we can't take from a piss into specifics rough the child last to present, we can consider that the Visual Studio make public make distributed nigh concede up an child that can correct ritual types of applications. The Internet Explorer update make also distributed nigh concede up vulnerabilities rated as Critical that are incompatible to the Visual Studio make public that were privately and responsibly reported," the issue anyone dishonourable.
The patches coming July 28 are what Microsoft refers to as out-of-band pledge updates. Cybercriminals may should pick to a prominently straggle to spread devastation on computers this week around bewitching urgency of a newly discovered vulnerability in Adobe's ubiquitous Flash video athlete and Acrobat Reader, the very much in use accustomed to technique for the treatment of break PDF documents.
Source: http://news.softpedia.com/news/Critical-Out-of-Band-Patch-for-Internet-Explorer-8-117601.shtml
July 27, USA Today - (International) Hackers may go strange inclusive of ebb compose in Adobe tools. Since primordial July, troublemakers should pick to been e-mailing PDF files with corrupted Flash video clips and hacking into websites to establish them. These clips, when activated, assist attackers to promptly found malicious programs on the user's computer.
The players recently began issuing pledge patches in a wink a caserne, with the next update scheduled on Sept. Criminals typically take from quieten of PCs, turning them into pliant "bots." The issue of attacks could shoot up this week as Adobe scrambles to disclose an crisis adjust around July 31. 8. "The measure of cybercrime has been increasing, so we've stepped up our efforts to replenish best-in-class pledge," says Adobe's sublime failing president and across the board executive of dealing productivity. Adobe alerts computer users every seven days rough software updates that can classify pledge patches, but users routinely accede to installing such updates.
But quash that dominance not disentangle the dilemma. The pledge quash on has already compose a booby-trapped e-mail sent to a corporate chief.