Overheard in the tech blogosphere:

Security

Nov 2 2009   2:48PM GMT

Overheard - Operation Phish Phry



Posted by: Margaret Rouse
Operation Phish Phry, phishing, Security
“Criminally savvy groups recruit here and abroad to pool tactics and skills necessary to commit organized theft facilitated by the computer, including hacking, fraud and identity theft, with a common greed and shared willingness to victimize Americans.”

FBI Los Angeles acting assistant director Keith Bolcar,  Operation Phish Phry: FBI Arrests 33 for Internet Scam

Today’s WhatIs.com Word of the Day is Operation Phish Phry.

Oct 30 2009   12:51PM GMT

Overheard - Kill a Zombie Day



Posted by: Margaret Rouse
zombie, pulsing zombie, Security, Spam
“IT security and data protection company, Sophos, has called on computer users around the world to participate in “Kill-A-Zombie Day” on Saturday 31st October, also known as Halloween. Billions of spam messages are sent every day, with over 99% determined to be relayed from innocent users’ computers that have been hijacked and turned into a zombie.”

Kansas City InfoZine, International Kill-a-Zombie Day Will be a Thriller for Halloween

Today’s WhatIs.com Word of the Day is pulsing zombie.  Happy Halloween!


Oct 23 2009   4:42PM GMT

Overheard - Baby botnet



Posted by: Margaret Rouse
micro-botnet, Security, botnet, phishing, social engineering
I suspect that a sizable percentage of small botnets are those developed by people who understand or are operating inside a business as employees who want to gain remote access to corporate systems, or by criminal entities that have dug deep and gotten insider information on the environment…We’ve seen a growth in the number of sites that offer the sale of corporate documents that were extracted from the bots.

Gunter Ollmann, as quoted in Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected

Today’s WhatIs.com  Word of the Day is micro-botnet, also known as baby botnet.


Oct 1 2009   1:49PM GMT

Overheard - Remote Access Trojan (RAT)



Posted by: Margaret Rouse
Malware, Trojan horse, RAT, remote access tool, remote access Trojan, Security, risk management
“In an even more sophisticated ploy, the Trojan altered the victim’s online banking page to change the amount of the transfer to a smaller number. In one transaction, the cybercriminals stole more than $8,000, but to the victim, it appeared like a $53 transaction.”

Angela Moscaritolo, URLZone touted as most sophisticated banking Trojan yet

Today’s WhatIs.com Word of the Day is RAT.  It’s a type of malware horse.


Sep 28 2009   2:56PM GMT

Overheard - VoIPSA



Posted by: Margaret Rouse
VoIP, Security, virus, Trojan
“Some computer viruses have a crude but scary ability to spy on people by logging every keystroke they type.  Now hackers and potentially law enforcement have another weapon: a virus that can eavesdrop on voice conversations that go over computers instead of a regular phone line.”

Jordan Robertson, Wiretapping Skype calls: virus eavesdrops on VoIP

Today’s WhatIs.com Word of the Day is VoIPSA.


Sep 22 2009   2:23PM GMT

Overheard - FISMA and ICE



Posted by: Margaret Rouse
FISMA, Compliance, ICE, Security
“The new FISMA requirements call for government agencies and DoD contractors to comply with a set of prioritized controls that reflect their ability to detect and stop cyberattacks.”

Alexander B. Howard, ICE Act would restructure cybersecurity rule, create White House post

Today’s WhatIs.com Word of the Day is FISMA.


Aug 18 2009   4:22PM GMT

Overheard - RealDVD and the power of the MPAA



Posted by: Margaret Rouse
Digital rights management, intellectual property, iPod, Video
“It’s perfectly legal to rip music from a CD and upload it onto an iPod for personal use; why can’t a person do the same with their own copies of movies?”

Brennon Slattery, Why Pick on RealDVD?

It’s sad that RealDVD, with its sophisticated and lawful approach to DVD-copying, had to swallow the wrath of the MPAA. It’s also clear that the DMCA [Digital Millenium Copyright Act of 1998] needs to be updated to reflect the changes in media distribution 11 years later.


Jul 13 2009   5:14PM GMT

Overheard - BIOS attack



Posted by: Margaret Rouse
Sherri Davidoff, BIOS attack, Security, Hardware
“Until now, common wisdom has been that the large variety of BIOS implementations means it is unfeasible for attackers to create portable, widespread BIOS malware. Core’s researchers proved this wrong.”

Sherri Davidoff, BIOS can become a source of malware

According to Core’s CTO, Ivan Arce, the researchers identified a specific section of BIOS code — a decompression routine — used in the majority of motherboards. BIOS code is stored compressed so that it takes up less space, and code must be decompressed before it runs. The decompression routine is exactly the same in many different motherboards. This gives attackers a single snippet of code that they can target in order to compromise many different BIOSes. The result? For the first time, researchers showed that BIOS-level malware can practically infect a wide variety of hardware.


Jul 10 2009   3:32PM GMT

Overheard - Distributed denial of service attack



Posted by: Margaret Rouse
Security, DDoS, denial of service attack, cyberwar, Dave Dittrich
There are a lot of statements being made by people who are not involved in analyzing these attacks, and a lot of inappropriate rhetoric about ‘cyberwar.’

Dave Dittrich as quoted in Latest DDoS attacks extremely unsophisticated, experts say

DDoS attacks were aimed at several U.S. government sites this past week, including sites for the Federal Trade Commission and the U.S. Department of Transportation.  The New York Stock Exchange, the Nasdaq electronic exchange, the Washington Post and South Korean government sites were also attacked.

Researchers from the U.S. Computer Emergency Readiness Team (CERT) and the Korea Internet Security Center are busy analyzing the traffic packets and it looks like there might be a “command and control server” out there giving orders to a zombie army.  If that’s true, it should be easier to catch whoever is behind the attacks. Hopefully.


Jul 1 2009   1:29PM GMT

Overheard - Bugging HTML email



Posted by: Margaret Rouse
web bug, web beacon, HTML email, Security
eric lai Hewlett-Packard Co. admitted several years ago to using Web bugs to spy on reporters during an internal investigation of news media leaks by board members.

Eric Lai, Analysis: Is HTML e-mail dangerous for your PC, or just your eyeballs?

There’s some buzz right now about whether or not HTML email is so insecure that it’s never a good idea. That means that Web bugs are back in the news.  If you missed the HP story the first time around, a company rep testified in front of a House of Representatives subcommittee about bugging emails to find corporate leaks to the press. They used a service called readnotify.com

ReadNotify’s service makes bugging e-mail a matter of pointing and clicking. The ReadNotify Web page will generate a document with an image. This image, a green check mark, can simply be dragged and dropped into the document that needs to be traced. The check mark becomes transparent after being dropped.

Web bugs aren’t illegal. Marketers use them to track email blasts to see how many emails were actually opened and synchronize browser cookies so a returning visitor gets served relevant ads.