Point, Click ... Eavesdrop: How the FBI Wiretap Net Operates

The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act.

The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.

It's a "comprehensive wiretap system that intercepts wire-line phones, cellular phones, SMS and push-to-talk systems," says Steven Bellovin, a Columbia University computer science professor and longtime surveillance expert.

DCSNet is a suite of software that collects, sifts and stores phone numbers, phone calls and text messages. The system directly connects FBI wiretapping outposts around the country to a far-reaching private communications network.

Many of the details of the system and its full capabilities were redacted from the documents acquired by the Electronic Frontier Foundation, but they show that DCSNet includes at least three collection components, each running on Windows-based computers.

Sorce:
http://www.wired.com/politics/security/news/2007/08/wiretap

Get paranoid: Zombies abound

Reason No. 6: Hackers, crackers, and phishers -- need we say more?

We are in the midst of a zombie epidemic that shows no signs of slowing. During the second half of July, the volume of spam e-mails containing variations on the Storm worm increased tenfold. The result? A zombie network estimated by IT security company SecureWorks at more than 1.7 million PCs -- big enough to do serious damage to the Net.

source:
http://www.infoworld.com/article/07/08/27/35FEparanoia-6_1.html?source=rss&url=http://www.infoworld.com/article/07/08/27/35FEparanoia-6_1.html

Ballistic Bookbag - Affordable self defense bookbag

Like the GPS-enabled school uniforms we wrote about earlier this month, the notion of bulletproof backpacks for students is sure to provoke mixed reaction.

Some people will call the invention an overreaction, while others will view it as a wise protective gadget. It's sad--and sobering--to think that a bulletproof backpack could prove a practical back-to-school purchase, but it's not so far-fetched an idea in these days of campus violence.

MJ Safety Solutions, a Massachusetts company run by three dads, has developed what it says is the first full-size, lightweight ballistic protection backpack that's affordable and practical for kids. The $175 My Child's Pack contains a 20-ounce bulletproof panel that the creators say can ward off 97 percent of bullets. The packs can be used to offer upper torso coverage on the back or as a shield for frontal protection of the head and upper body.

A video ad on YouTube shows the bags undergoing tests at the shooting range--to the tune of Neil Young's "Four Dead in Ohio."

source:
http://news.com.com/8301-10784_3-9767193-7.html?part=rss&subj=news&tag=2547-1009_3-0-10

First California, now New York City lets pensioner info slip

First, California's state pension fund office admitted to accidentally printing out Social Security numbers (SSN) in the address pane of brochures it mailed out to some 485,000 retirees.

Now, a laptop thought to contain SSNs and other personal data on 280,000 New York City pensioners has gone missing. The laptop belonged to a consultant working at the city's Financial Information Services Agency (FISA) and was stolen Monday evening from a restaurant in which he was dining.

source:
http://www.networkworld.com/news/2007/082307-first-california-now-new-york.html?fsrc=rss-security

Windows Genuine Advantage suffers worldwide outage, problems galore (updated)

Late last night we started receiving reports from readers experiencing problems with Windows Genuine Advantage authentication. Users of both Windows XP and Windows Vista were writing to say that they could not validate their installations using WGA, and one user even said that his installation was invalidated by the service.

We contacted our sources at Microsoft, who told us off the record that the company is aware of a major WGA server outage affecting users across the globe. The Windows Genuine Advantage support forum has exploded with complaints, as a result, and Phil Liu, WGA project manager, says that he won't sleep until the problem is fixed. Windows Vista and XP are affected, 32- and 64-bit versions.

Source:
http://arstechnica.com/news.ars/post/20070825-windows-genuine-advantage-suffers-worldwide-outage-problems-galore.html

Role of Telecom Firms in Wiretaps Is Confirmed

WASHINGTON, Aug. 23 — The Bush administration has confirmed for the first time that American telecommunications companies played a crucial role in the National Security Agency’s domestic eavesdropping program after asserting for more than a year that any role played by them was a “state secret.”

Source:
http://www.nytimes.com/2007/08/24/washington/24nsa.html?ei=5090&en=4e8428cf3d46306c&ex=1345608000&adxnnl=1&partner=rssuserland&emc=rss&adxnnlx=1187957045-V20CkSkOG8yiSmma85kVRw

Now playing: Peter Ilyich Tchaikovsky - Finale: Allegro vivacissimo

Monster Hack update

It is Fraud not a computer virus or deeply placed rootkit on a trusted system.

Fraudster got credentials to query the database like a regular recruiters do.

A recently disclosed fraud involving hundreds of thousands of people on the Monster.com jobs Web site reveals the perils of leaving detailed personal information online, security analysts say.

Before the scheme was uncovered last week by researchers at Symantec Corp., con artists had filched legitimate user names and passwords from recruiters who search for job candidates on Monster. Then with access into the Monster system, the hackers grabbed resumes and used information on those documents to craft personalized "phishing " e-mails to job seekers.

"What phishers are trying to do these days is make them as realistic as possible, by adding specific information," said Patrick Martin, a Symantec product manager. "If they know you've submitted a resume to Monster, that makes it (seem) a little more legitimate."

source:
http://www.enterprise-security-today.com/story.xhtml?story_id=54834

Now playing: London Symphony Orchestra - Mars, The Bringer Of War

How to patch five must-close vulnerabilities, now

Neutralizing today's worst Web attacks
 Symantec Corp. recently posted details about a new version of MPack, a for-sale Web attack kit that loads up a site with exploits against Windows, QuickTime and WinZip. The $400 kit was used in the June Italian Job online assault that hijacked tens of thousands of Web sites, most of them in Italy. Crooks can buy MPack and a host of other nefarious programs on a thriving online black market.

In its post, Symantec listed only which holes the new MPack version targets; I followed up with the company to get specifics and links to fixes. All of the vulnerabilities allow an attacker to take over your PC if you view a tainted Web page. And according to Roger Thompson of Exploit Prevent Labs, another popular kit called Icepack attacks the same flaws.

Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032338&source=rss_topic17

Now playing: Antonio Vivaldi - Concerto Per Due Violini, Archi E Cembalo In B Flat Major RV 524 - Allegro

First California, now New York lets pensioner info slip

A laptop containing data on New York pensioners is missing

The past few days have turned out to be a tad unlucky for some retirees.

First, California's state pension fund office admitted to accidentally printing out Social Security numbers (SSNs) in the address pane of brochures it mailed out to some 485,000 retirees.

Now, a laptop thought to contain SSNs and other personal data on 280,000 New York pensioners has been stolen. The laptop belonged to a consultant working at the city's Financial Information Services Agency (FISA) and was taken Monday evening from a restaurant in which he was dining.

"The consultant hired by FISA had access to personal information of members of the city's various pension systems," Jason Post, a City Hall spokesman, said via e-mail. "We believe that the stolen laptop contained some files with personal information in them, but it is unclear how much,"

source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032458&source=rss_topic17

Now playing: Antonio Vivaldi - Concerto Per Due Flauti, Archi E Cembalo In C Major RV 533 - Allegro Molto

Comcast throttles BitTorrent users

It looks like Comcast, America's biggest cable network, has put the squeeze on BitTorrent users.

On Friday, the widely-read BitTorrent blog TorrentFreak reported that many Comcast users were unable to "seed" their BitTorrent downloads, which severely slows the exchange of music and video over the popular P2P protocol. Comcast has denied any-wrongdoing, but hundreds of BitTorrent mavens continue to complain.

"Over the past weeks more and more Comcast users started to notice that their BitTorrent transfers were cut off," wrote Ernesto, the mononym behind TorrentFreak. "Most users report a significant decrease in download speeds, and even worse, they are unable to seed their downloads. A nightmare for people who want to keep up a positive ratio at private trackers and for the speed of BitTorrent transfers in general."

Source:
http://www.theregister.co.uk/2007/08/22/comcast_throttles_bittorrent_users/


Now playing: Aerosmith - Crazy

Briton Held over Wireless Broadband Theft

Users need to be aware that using someone else's wireless connection without permission is "unlawful," police say.

A 39-year-old Briton has been arrested on suspicion of using someone else's wireless Internet connection without permission, police said on Wednesday.

Source:
http://www.eweek.com/article2/0,1759,2174292,00.asp?kc=EWRSS03119TX1K0000594

Now playing: Aerosmith - Cryin'

'Storm' Trojan horse may turn to hyping Hurricane Dean

Malware's makers love news, and Dean would take them on trip down Nostalgia Lane

The 8-month old Storm Trojan horse may soon come full circle and take up touting Hurricane Dean, the Category 5 storm that slammed into Mexico yesterday, security researchers said.

Storm, also known as Peacomm, started life in January as malware attached to messages that shilled fake news accounts of a massive series of wind storms that struck Europe. One of the first Storm-bearing messages dangled the subject head "230 dead as storm batters Europe" to tempt users into launching the file. Recipients who clicked on the attached executable were infected by the Trojan horse, which turned their systems into spam-spewing zombies.

Source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032218&source=rss_topic85

Now playing: Aerosmith - Janie's Got A Gun

Monster.com Trojan recruits 'money mules' from victim pool

Meanwhile, the job search site says it's shut down the hacker's server

The Trojan responsible for stealing more than 1.6 million personal records from Monster.com uses that information to build targeted spam that offers recipients lucrative, but illegal, money laundering jobs, effectively turning some victims into criminal accomplices, said Symantec Corp. today.

Monster.com, meanwhile, said today it had shut down the server used to store the stolen resume information.

Earlier this week, Symantec fingered Infostealer.Monstres for using stolen Monster.com log-ons to run automated searches that have collected information on hundreds of thousands who have posted their resumes on the job search site.

Source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9032278&source=rss_topic85

Now playing: Aerosmith - Dude (Looks Like A Lady)

Zero day Bug for Yahoo messneger webcam

Application:
Yahoo! Messenger 8.1.0.413

Description:
A zero-day vulnerability has been publicly documented. This vulnerability lies in the Yahoo! Messenger Webcam component. If an attacker is able to convince a victim to accept an incoming Webcam request, the attacker is then able to run code upon that remote victims host. However, do to the nature of this vulnerability, an attacker is only able to leverage it against victims that accept the webcam request.

Severity:
High

Code Execution:
Yes

Source:
http://research.eeye.com/html/alerts/zeroday/20070812.html

Identity attack spreads; 1.6M records stolen from Monster.com

Convincing phishing mail seeds bank account-stealing Trojan horse and 'ransomware'

The 46,000 people reportedly infected by ads on job sites may be only a fraction of the victims of an ambitious, multistage attack that has stolen data belonging to several hundred thousand people who posted resumes on Monster.com, a researcher said this weekend.

According to Symantec Corp. security analyst Amado Hidalgo, a new Trojan horse called Infostealer.Monstres by Symantec has stolen more than 1.6 million records belonging to several hundred thousand people from Monster Worldwide Inc.'s job search service. That data is then used to target the Monster.com users with credible phishing mail that plants more malware on their machines.

Source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9031418&source=rss_topic85

Cisco VPN Client error 51 - Mac OS X and the fix

So after installing the latest version of Parallels my Cisco VPN client broke and would give the following error on launch:

Error 51: Unable to communicate with the VPN subsystem.
Please make sure that you have at least one network interface that is currently active and has an IP address and start this application again.

I tried uninstalling Parallels and reinstalling the VPN client, still no go. After doing some digging around, I found out how to fix the problem so I figured I would post it since im probably not the only one having this issue.

 

 

Source:
http://security-protocols.com/2007/08/20/cisco-vpn-client-error-51-mac-os-x/

Microsoft releases super bundle of security patches - Network World

Microsoft releases super bundle of security patches

Microsoft releases super bundle of security patches - Network World.

Record-breaking 'Storm' linked to spam surge

Storm, the Trojan that Hoovers PCs into hacker-controlled botnets, roared back into life last month in several waves, security researchers said Monday, and has blown by 2005's Sober to become the most prolific e-mail-borne malware ever.

"This is the biggest since Sober in mid-to-late 2005," said Sam Masiello, the director of threat research at MX Logic, referring to a long-lasting worm whose variants struck repeatedly in the second half of 2005, often in extremely high numbers. In November 2006, for instance, e-mail filtering companies reported malware-laden e-mail counts spiking 1,500% in a week, and said they were intercepting four times the usual number of infected messages.

According to MX Logic, Storm -- a bot Trojan that collects compromised computers into large networks of ready-to-use PCs -- has broken Sober's records. Thanks to Storm, the Englewood, Colo. managed e-mail security vendor tracked a July jump in malicious e-mail of 1,700% over June.

Storm, however, is much more malevolent than Sober ever dreamed. "Not only is it designed to propagate more copies of Storm, but it releases huge quantities of spam," said Masiello.

Security analysts, Wood and Masiello among them, have been drawing a line between Storm's success and spam outbursts of July and August, including one that dropped impressive quantities of "pump-and-dump" stock scam mail in mailboxes worldwide. "Certain Trojans are specifically written not only to make their own botnet larger, but to propagate specific types of spam," Masiello said.

Source:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=17&articleId=9030538&intsrc=hm_topic

'Purple Pill' Exposes Unpatched Flaw Affecting ATI & Vista

A security researcher developed a proof-of-concept utility called Purple Pill designed to demonstrate a method for circumventing Vista's kernel and anti-rootkit defenses and smuggle malware via device drivers. What he didn't realize, until after he released it, is that Microsoft has not yet patched this hole, and that drivers from video display card manufacturer ATI are impacted. A large percentage of Vista computers, and possibly as much as half of the Vista laptops, rely on ATI drivers so the inadvertent release of Purple Pill poses a problem for both Microsoft and ATI. For more details about the flaw in Vista and the Purple Pill utility, read ATI driver flaw exposes Vista kernel from The Register.

Source:
http://netsecurity.about.com/b/a/256881.htm

Patch Tuesday to Bring 9 Microsoft Bandages

Microsoft's August Patch Tuesday will bring nine security bulletins to fix problems—six of which are rated "critical"—in Microsoft Windows and Office, according to Christopher Budd of the MSRC (Microsoft Security Response Center) on Aug. 9.

Source:
http://www.eweek.com/article2/0,1759,2169559,00.asp?kc=EWRSS03129TX1K0000614

Survey Says

Survey Suggests a 1-in-4 Chance of Being An Online Victim

You may getting more then music when you stream it

Recent security conference presentation indicate that they may be a flaw in the CODECs used for streaming audio and video with media player.

Now playing: U2 - All Because Of You

sources:
http://www.enterprise-security-today.com/story.xhtml?story_id=54418

Who is listening??

Congress strikes agian.
The 1987 wiretapping law has once again been expanded and controls removed as to the use and oversite required.

The new law effectively expands the National Security Agency's power to eavesdrop on phone calls, e-mail messages and other Internet traffic with limited court oversight. Telecommunications companies can be required to comply with government demands, and if they do so they are immune from all lawsuits.

Now playing: U2 - Crumbs Form Your Tale

Sources:
http://news.com.com/FAQ+How+far+does+the+new+wiretap+law+go/2100-1029_3-6201032.html?part=rss&tag=6201032&subj=news

Worms crawl in and worms crawl out with your music

 There are a a number of reports on new worm called Deletmusic which is spreading via USB flash drives.  The propogation is slow due to the media used.  It is currently only effecting MP3 files.  Looks like Apples AAC and other formats are safe.

sources:
http://netsecurity.about.com/b/a/256877.htm
http://www.theregister.com/2007/07/31/delete_music_worm/

Bitlocker looks like it's secure

No Back Door For BitLocker
Law enforcement officers like to have the master keys. Government entities and law enforcement organizations want their information to be impenetrably secure from any unauthorized access, but they would prefer that you not have that privilege. Unfortunately for law enforcement, there is no back door or secret key that will crack Windows Vista's BitLocker encryption. Steve Riley, security guru and a senior program manager for Microsoft's Security business unit, states in his blog that good guys, bad guys, and innocent bystanders alike will all be secure using BitLocker. For more details, read the post on Steve Riley's blog. Also be sure to check out the Comments to the post and add your own opinion if you have one.
Saturday August 4, 2007 | comments (0)

http://netsecurity.about.com/b/a/256879.htm