Tuesday, 19 January 2010

ISPs could cut spam easily, says expert

By John E. Dunn
Techworld
18 January 10

Two simple techniques could be used to strangle botnets, a security expert has claimed. First, block email port 25 by default. Second, tell users when they are spewing spam from compromised PCs.

According to Trend Micro's CTO, Dave Rand, who is leading a campaign to reform the way ISPs approach the matter of botnets and spam, the two countries that adopted such techniques, The Netherlands and Turkey, have seen a huge reduction in the numbers of botnetted PCs.

According to his own figures and analysis, Turkey went from having around 1.7 million compromised PCs per month to only 35,000 after implementing techniques through its major ISP, Turk Telekom.

"They went from the number one spam source in the world to off the charts, said Rand. "They don't appear in the top 50 now."

Or alternativly, you can purchase 'Caretaker Antispam' available from iremove.nl

Companies Fight Endless War Against Computer Attacks

By STEVE LOHR
The New York Times
January 17, 2010

The recent computer attacks on the mighty Google left every corporate network in the world looking a little less safe.

Google's confrontation with China - over government censorship in general and specific attacks on its systems - is an exceptional case, of course, extending to human rights and international politics as well as high-tech spying. But the intrusion into Google's computers and related attacks from within China on some 30 other companies point to the rising sophistication of such assaults and the vulnerability of even the best defenses, security experts say.

"The Google case shines a bright light on what can be done in terms of spying and getting into corporate networks," said Edward M. Stroz, a former high-tech crime agent with the F.B.I. who now heads a computer security investigation firm in New York.

Computer security is an ever-escalating competition between so-called black-hat attackers and white-hat defenders. One of the attackers. main tools is malicious software, known as malware, which has steadily evolved in recent years. Malware was once mainly viruses and worms, digital pests that gummed up and sometimes damaged personal computers and networks.

Malware today, however, is likely to be more subtle and selective, nesting inside corporate networks. And it can be a tool for industrial espionage, transmitting digital copies of trade secrets, customer lists, future plans and contracts

Poisoned PDF pill used to attack US military contractors

By John Leyden
The Register
18th January 2010

Unidentified hackers are running an ongoing cyber-espionage attack targeting US military contractors

Booby-trapped PDF files, posing as messages from the US Department of Defense, were emailed to US defence contractors last week. The document refers to a real conference due to be held in Las Vegas in March.

Opening the malicious PDF file attached to the spoofed emails triggers an attempt to exploit an Adobe Reader vulnerability only patched by the software firm last Tuesday (12 January).

The infection of vulnerable systems opens up a backdoor that connects to a server hosted in Taiwan, though the hackers who set up the attack may potentially be located anywhere.

France, Germany Say Avoid IE Until Security Vulnerability Patched

By Brian Prince
eWEEK.com
2010-01-18

France and Germany are advising users to switch from Internet Explorer to another Web browser until Microsoft patches the zero-day vulnerability linked to attacks on Google and others.

France and Germany have advised their citizens to ditch Internet Explorer (IE) in the wake of reports that an IE zero-day bug was involved in the massive cyber-attack against Google and other companies.

Officials in both countries issued warnings in the past few days through telling users to consider switching from Internet Explorer to other Web browsers until Microsoft delivers a patch. Researchers at McAfee have reported seeing references to attack code for the vulnerability on mailing lists and confirmed the presence of the code on at least one Website.

The IE vulnerability was used in a spate of cyber-attacks targeting Google and other large corporate networks. The attacks, which are believed to have come from China, have prompted Google to threaten to pull out of China altogether, and the U.S. State Department plans to get answers from China this week regarding the incident.

Officials at Microsoft said they are only seeing a limited number of targeted attacks against a small subset of corporations.

Prince William in New Zealand security alert as DJ gatecrashes barbecue

By Andrew Alderson, in Wellington
Telegraph.co.uk
18 Jan 2010

The man is believed to have gained access to Mr Key's private residence at Premier House in Wellington, where the Prime Minister had invited 50 guests.

The local DJ is understood to have spent several minutes on the loose as a stunt. Sources said he was carrying his own sausages and bread in an apparent attempt to pose as catering staff once inside the grounds.

A spokesman for Wellington police said: "A radio employee jumped over the fence into the grounds of Premier House. He was apprehended by police and removed."

Prince William, who is on his first foreign tour representing the Queen, had not arrived at the event when the man was detained by police.

Google investigates its own China staff over cyber attack

By Tania Branigan in Beijing and Reuters Guardian.co.uk
18 January 2010

Google is investigating whether one or more of its employees in China helped launch the cyber attack against it last month, according to reports.

It is thought the line of inquiry is a routine part of its investigation into the attack, which Google says was sophisticated, originated in China and targeted intellectual property and the email accounts of human rights activists.

According to Reuters news agency, citing two unidentified sources, the attack, which targeted people with access to specific parts of Google networks, might have been helped by employees in the company's offices in China. It has several hundred staff on the mainland.

"We're not commenting on rumour and speculation. This is an ongoing investigation and we simply cannot comment on the details," a Google spokeswoman said.

emails

a

The Register - Security

IQ test

The Register - Security: Anti-Virus

HackWire - Hacker News