By Dan Goodin in San Francisco
The Register
28th April 2010
A Texas man has agreed to plead guilty to charges he trained a botnet on a popular internet service provider so he could demonstrate custom-made malware to a potential customer.
David Anthony Edwards of Mesquite, Texas admitted that in August 2006 he and alleged accomplice Thomas James Frederick Smith unleashed a flood of data on ThePlanet.com to demonstrate the effectiveness of bot software they called Nettick, according to court documents. The men allegedly told one purchaser they had 22,000 zombie machines under their control and would sell them for 15 cents apiece in minimum batches of 5,000.
Smith, most recently of Parris Island, South Carolina, has pleaded not guilty to the charges. A trial is scheduled to begin May 17.
In a plea agreement signed by Edwards, he also said that he and Smith breached servers operated by webhost, T35.net. They then extracted password files and made hundreds of thousands of user IDs and access codes available online, the document, filed in US District Court in Dallas, stated. The pair went on to deface the website, Edwards added.
Thursday 29 April 2010
Government backs competition to recruit security experts
By Claudine Beaumont
Technology Editor
Telegraph.co.uk
27 April 2010
The competition, which has the backing of the Cabinet Office and the Metropolitan Police, uses a series of web-based games and challenges to find people with untapped analytical, forensic and programming skills.
There are fears that unless the country bolsters its ranks of computer security experts and analysts, it won't be able to cope with rising levels of cyber crime.
The Cyber Security Challenge games are designed to measure eight key skill areas, including network analysis and logical thinking. People who pass those challenges will be invited to take part in further tests to ascertain their suitability for a security role. Those who meet the requirements could be offered scholarships and training courses.
"The current system is not delivering enough skilled professionals to meet the cyber security challenges we face," said Judy Baker, director of the Cyber Security Challenge. "We have to improve the quality and quantity of talented people entering the profession to accommodate escalating requirements.
[...]
Technology Editor
Telegraph.co.uk
27 April 2010
The competition, which has the backing of the Cabinet Office and the Metropolitan Police, uses a series of web-based games and challenges to find people with untapped analytical, forensic and programming skills.
There are fears that unless the country bolsters its ranks of computer security experts and analysts, it won't be able to cope with rising levels of cyber crime.
The Cyber Security Challenge games are designed to measure eight key skill areas, including network analysis and logical thinking. People who pass those challenges will be invited to take part in further tests to ascertain their suitability for a security role. Those who meet the requirements could be offered scholarships and training courses.
"The current system is not delivering enough skilled professionals to meet the cyber security challenges we face," said Judy Baker, director of the Cyber Security Challenge. "We have to improve the quality and quantity of talented people entering the profession to accommodate escalating requirements.
[...]
Storm Worm Reappears
By Kelly Jackson Higgins
DarkReading
April 28, 2010
It's baaack: The bot code used in the infamous, massive Storm botnet that was taken down nearly two years ago is being used to build another spamming botnet. Researchers have reverse-engineered the tweaked version of the original Storm code, which so far has spread somewhere between
10,000 to 20,000 machines.
Researchers don't know for sure whether it's the same botnet gang that drove the original Storm and then its predecessor, Waledac -- both of which are no more -- but they have identified two-thirds of the same elements in this latest version as in the original Storm code version.
Noticeably missing is Storm's trademark peer-to-peer component: This version is all HTTP-based rather than the hybrid P2P/HTTP approach in the old botnet, which at one point swelled to a half-million bots. Storm began to fade away in the fall of 2008 after researchers were able to successfully disrupt its operations on more than one occasion.
Waledac, which boasted 60,000 to 80,000 zombies, was downed in February by a sneak attack from a team from Microsoft, Shadowserver, the University of Washington, Symantec, and a group of researchers from Germany and Austria who had first infiltrated the botnet last year.
Joe Stewart, director of malware research for the counter threat unit at Secureworks and known for his previous research on Storm, says he believes another person or group has procured the code and stripped out the P2P element. "From everything we've seen, it looks like the original Storm crew moved to Waledac...so what strikes me is that they stripped out the P2P and sold the spam code to another group to build a more simplified botnet," Stewart says. The P2P feature had been targeted by researchers, which made it less appealing, he says.
[...]
DarkReading
April 28, 2010
It's baaack: The bot code used in the infamous, massive Storm botnet that was taken down nearly two years ago is being used to build another spamming botnet. Researchers have reverse-engineered the tweaked version of the original Storm code, which so far has spread somewhere between
10,000 to 20,000 machines.
Researchers don't know for sure whether it's the same botnet gang that drove the original Storm and then its predecessor, Waledac -- both of which are no more -- but they have identified two-thirds of the same elements in this latest version as in the original Storm code version.
Noticeably missing is Storm's trademark peer-to-peer component: This version is all HTTP-based rather than the hybrid P2P/HTTP approach in the old botnet, which at one point swelled to a half-million bots. Storm began to fade away in the fall of 2008 after researchers were able to successfully disrupt its operations on more than one occasion.
Waledac, which boasted 60,000 to 80,000 zombies, was downed in February by a sneak attack from a team from Microsoft, Shadowserver, the University of Washington, Symantec, and a group of researchers from Germany and Austria who had first infiltrated the botnet last year.
Joe Stewart, director of malware research for the counter threat unit at Secureworks and known for his previous research on Storm, says he believes another person or group has procured the code and stripped out the P2P element. "From everything we've seen, it looks like the original Storm crew moved to Waledac...so what strikes me is that they stripped out the P2P and sold the spam code to another group to build a more simplified botnet," Stewart says. The P2P feature had been targeted by researchers, which made it less appealing, he says.
[...]
Childs found guilty in SF network password case
By Robert McMillan
IDG News Service
April 27, 2010
Terry Childs, the San Francisco network administrator who refused to hand over passwords to his boss, was found guilty of one felony count of denying computer services, a jury found Tuesday.
Childs now faces a maximum of five years in prison after jurors determined that he had violated California's computer crime law by refusing to hand over passwords to the city's FiberWAN to Richard Robinson, the chief operations officer for the city's Department of Technology and Information Services (DTIS).
Although the city's network continued to run, San Francisco went 12 days without administrative control of the FiberWAN, and that constituted a denial of service -- illegal under state law.
Childs' lawyers had argued that he was a buttoned-down, security-obsessed administrator who believed he was simply doing his job.
IDG News Service
April 27, 2010
Terry Childs, the San Francisco network administrator who refused to hand over passwords to his boss, was found guilty of one felony count of denying computer services, a jury found Tuesday.
Childs now faces a maximum of five years in prison after jurors determined that he had violated California's computer crime law by refusing to hand over passwords to the city's FiberWAN to Richard Robinson, the chief operations officer for the city's Department of Technology and Information Services (DTIS).
Although the city's network continued to run, San Francisco went 12 days without administrative control of the FiberWAN, and that constituted a denial of service -- illegal under state law.
Childs' lawyers had argued that he was a buttoned-down, security-obsessed administrator who believed he was simply doing his job.
CIA Boosting Cybersecurity Investment
By Elizabeth Montalbano
InformationWeek
April 27, 2010
The CIA has made investing in technology to prevent and fight cyber threats as one of its three main priorities in a five-year strategic plan unveiled this week.
The move is in line with a government-wide ramp-up in cybersecurity efforts across all agencies that have responsibility for protecting critical infrastructure in the United States, such as the Department of Homeland Security and the National Security Agency.
CIA 2015, released this week, is a three-pillar blueprint for the agency's next five years. The goal of the plan is to ensure that the agency remains in step with current national security challenges, such as cyber threats and so-called "dangerous technology," according to a press statement.
Indeed, industry experts agree that the threat of cyber attacks on the U.S. is on the rise, and a recent survey found that a majority of federal CIOs believe a major attack is imminent.
InformationWeek
April 27, 2010
The CIA has made investing in technology to prevent and fight cyber threats as one of its three main priorities in a five-year strategic plan unveiled this week.
The move is in line with a government-wide ramp-up in cybersecurity efforts across all agencies that have responsibility for protecting critical infrastructure in the United States, such as the Department of Homeland Security and the National Security Agency.
CIA 2015, released this week, is a three-pillar blueprint for the agency's next five years. The goal of the plan is to ensure that the agency remains in step with current national security challenges, such as cyber threats and so-called "dangerous technology," according to a press statement.
Indeed, industry experts agree that the threat of cyber attacks on the U.S. is on the rise, and a recent survey found that a majority of federal CIOs believe a major attack is imminent.
Militants using international credit cards for operations
Sify News
2010-04-27
New Delhi: Terrorists, sleeper cells and terror suspects have been using international credit cards to fund their operations in India, Parliament was told on Tuesday.
"As per available reports, instances have come to notice regarding use of international credit cards by terrorists in India," Minister of State for Home Affairs Ajay Maken informed the Lok Sabha in a written reply.
"Similarly, espionage agents in India have come to notice for using cards issued by the foreign banks," he said.
Maken said that the Central Government has strengthened the legal frame-work for combating financing of terrorism under the Unlawful Activities (Prevention) Act.
2010-04-27
New Delhi: Terrorists, sleeper cells and terror suspects have been using international credit cards to fund their operations in India, Parliament was told on Tuesday.
"As per available reports, instances have come to notice regarding use of international credit cards by terrorists in India," Minister of State for Home Affairs Ajay Maken informed the Lok Sabha in a written reply.
"Similarly, espionage agents in India have come to notice for using cards issued by the foreign banks," he said.
Maken said that the Central Government has strengthened the legal frame-work for combating financing of terrorism under the Unlawful Activities (Prevention) Act.
Wednesday 7 April 2010
iRemove Amstedam PC repair & Online Services
iRemove Amsterdam is a PC company dedicated to removing Spyware & Viruses, protecting household and business computers , and securing your 21st century online lifestyle
With today's cybercriminal getting better at what he does, then so should we...
Since the 90's viruses, worms, Trojans, adware, spyware, and other security-related risks , have been growing at a unprecedented rate. Using the latest techniques & technology, iRemove can disinfect and protect your PC and help you configure it against future problems.
We can help you online, at home, or in store.
Residents of Amsterdam, can have an iRemove technician visit their home and do the repair on the spot.
No Travel Cost To Any Address In Amsterdam. + NO FIX NO FEE
For problems that may take more time to fix, we offer a "pickup & deliver" and a "Drop & Collect" service to do the repairs at our office.
For those of you out of reach of home visits, our Online Assistance service is available for Malware removal, instructor led tutorials, PC cleanup, Online Backup of files and system diagnostics . via secure chat server , & Secure RDP
We also a comprehensive selection of the Latest Antivirus/Antispyware tools using new "Cloud" techniques with a great discount,
visit our online store at http://ifix.es/gostore to find more great deals.
For your free diagnostics use our Remote diagnostic tool
iRemove offers other services including:
· Remote Assistance Malware Removal
· Data Backup+Recovery
· Fresh Install (Operating system of choice including the new Windows 7)
· Safe n Secure Setup (Maximum protection 24hrs online and offline)
· Network Setup (Wired or Wireless)
· Advanced Tutorials : instructor led assistance and written tutorials to protect yourself from the latest threats.
· Hardware Repair
· Software Installation
· Screen Inverter replacement
· Multiple Online Services
http://iremove.nl Now Open
**NEW** Discount Antivirus packages & Internet Seuciry Suites now available. Latest Security Tools at a discount price. Prices starting from 17,95 per Year
Subscribe to:
Posts (Atom)
