Friday, July 24, 2009

Quote of the day

Quote of the day

You can have anything you want -- if you want it badly enough.

You can be anything you want to be, have anything you desire, accomplish anything you set out to accomplish -- if you will hold to that desire with singleness of purpose.

Robert Collier


New IT Term of the day

New IT Term of the day

chicken boner

A slang term used in reference to an inexperienced spammer. The reference implies that the person is a low-life who spends all their time in front of the computer with "fried chicken bones littering the floor".

FINED : UK Consultant Handed £5,000 Fine Over Database Breach

FINED : UK Consultant Handed £5,000 Fine Over Database Breach

by Desire Athow

21 July, 2009,


A man behind an illicit database containing details of construction workers has been slapped with a fine of £5,000 for infringing the UK Data Protection Act at Knutsford Crown Court and required to pay a further £1,187.20 in costs.

Last week, Ian Kerr, the founder of The Consultancy Association (TCA) which illicitly held and sold confidential information of employees, has been found guilty of data breaches and eventually ordered to pay considerable fines.

Kerr was sentenced by the Court following an investigation by the Information Commissioner’s Office, which disclosed that he conducted a secret operation to vet construction workers for job in the industry.

David Smith, Deputy Information Commissioner, commented on the case by saying, “Ian Kerr colluded with construction firms for many years flouting the Data Protection Act and ignoring people's privacy rights. Trading people's personal details in this way is unlawful and we are determined to stamp out this type of activity.”

It was ascertained by the Court that the database created by TCA held information on as many as 3,213 construction workers and was utilised by around 40 construction companies.

The information watchdog is said to take enforcement action against 17 construction companies that paid Kerr for information on workers, in the wake of any representations made by the firms.

JAILED : Two years in jail for IT director who wiped medical data

JAILED : Two years in jail for IT director who wiped medical data

Ex-employee deleted crucial organ donation records

By Jaikumar Vijayan


21 July 2009


An IT director at an organ donation organisation has been sentenced to two years in prison for intentionally deleting numerous records and other data after being fired from her job.

Danielle Duann, 51, who worked at an organ procurement centre for more than 200 hospitals in Texas, was also sentenced to three years of supervised release upon completion of her term and ordered to pay more than $94,000 in restitution to her former employer, LifeGift Organ Donation Center.

Duann in April had pleaded guilty to one count of unauthorised access to a protected computer.

Court documents filed in connection with the case describe what is becoming an increasingly familiar tale of companies victimised by insiders.

Duann was hired by LifeGift in 2003 and put in charge of overseeing the company's entire IT infrastructure and fired in November 2005 for reasons not specified in court documents.

At the time of her termination, Duann was informed in writing that all her access rights had been revoked. The company also took steps to lock all administrator accounts to which Duann was known to have access.

Despite such steps, Duann still managed to access LifeGift's network from her home on the same evening she was fired, via a VPN account that she appears to have previously set up without anyone's knowledge.

Once inside the network, Duann used an administrator account belonging to another LifeGift employee to log into several servers, including the company's organ donor database server and main accounting server, multiple times.

Over the next several hours, she then deleted donor records, accounting invoice files, database and software applications, backup files and the software tokens needed to run some applications.

In a bid to cover her tracks, Duann manually deleted all logs of her VPN sessions with the company's network. She also disabled the activity logging functions on the database and accounting servers -- making it impossible for LifeGift to identity all of the individual files and applications she deleted, the court documents said.

Duann's sabotage, however, was discovered the next morning by an employee of a network services company that had just been hired by LifeGift to provide backup and disaster recovery services for the non-profit. The employee noticed someone deleting files in real-time from a VPN connection, which he quickly terminated.

The VPN connection logs and IP address was later traced back to Duann's home Internet connection. A subsequent search of Duann's home and computer systems by the FBI uncovered more evidence that linked her to the sabotage.

Like countless similar incidents, this one highlights the challenges that companies face when it comes to protecting data and systems from malicious insiders. In this case, the sabotage occurred even though LifeGift appears to have taken most of the measures that security experts recommend when employees leave the company or are fired.

For instance, the company immediately revoked Duann's access privileges after terminating her and disabled all administrator accounts to which she had had previous access. The fact that Duann still managed to access the company's servers just hours later, highlights how difficult it can sometimes be to stop insiders who plan to do harm.

THREAT : Cyber attack a threat to London Olympics

THREAT : Cyber attack a threat to London Olympics

Organizers feel that a potential cyber attack posed a unique challenge for the London 2012 Olympics

Avril Ormsby

July 22, 2009


LONDON, UK: Olympic organizers are "very alive" to the threat of a cyber attack on the London 2012 Olympics, made more challenging because of its evolving nature, senior Interior Ministry officials said on Tuesday.

Ticketing systems, the transport network and hotel bookings as well as security are among potential targets.

Olympic security officials are also planning for the possible diversion of aircraft to protect airspace around the venues from terrorist attacks, the officials said.

The greatest threat to security at the Games is international terrorism, the government's latest "Safety and Security Strategy" report said.

"There's no current evidence of a terrorist threat to 2012," one of the Interior Ministry officials said.

"But if you look at precedents for sporting events, and to some degree about Olympic events, it would not be beyond the point of imagination to imagine a terrorist threat to 2012 nearer the time."

Metropolitan Police Assistant Commissioner Chris Allison said it was likely there would be a terrorist threat at the Games but he pointed to Britain's "long history of delivering safe sporting events".

Threats Change

Despite the British government on Monday lowering the threat level from international terrorism from "severe" to "substantial", security planning for the Games will be based on an assumed threat level of severe -- the second highest level.

Interior Minister Alan Johnson said in a statement that security planning was "progressing in good time and to budget".

A total of 600 million pounds ($980 million) has been put aside for security, but Interior Ministry officials said if the threat increased it could put upward pressure on costs.

The officials, who declined to be named, said a potential cyber attack posed a unique challenge because it was constantly changing and that more funds were being directed at the problem of computer attacks.

"The general challenge reflected in cyber is anticipating what threats will look like three years out, and threats change, the nature of terrorism changes and the nature of serious crime changes as well, and cyber specifically is a really good example of a moving threat," one of the officials said.

"I think we are very alive to the cyber (issue) and we are very alive to the fact that at the moment it is difficult to predict what it will look like with specific reference to the Games in 2012."

Officials are also drawing up plans for protecting water and air space around Olympic venues from possible attack, including possibly diverting aircraft. It is expected diversions would most likely affect smaller, private aircraft.

"We do expect there will have to be some management of air space," another of the Interior Ministry officials said.

"We do not expect that any airports will have to be closed."

TOPPER : U.S. Is Top Spam-Producing Country

TOPPER : U.S. Is Top Spam-Producing Country

The US has been named the world's biggest spam-producing country, says security vendor Sophos.

By Carrie-Ann Skinner

PC Advisor (UK)

July 21, 2009


The US has been named the world's biggest spam-producing country.

Security firm Sophos said the US was responsible for 15.6 percent of all spam received between April and June this year - that's one in every six junk emails.

The US was closely followed by Brazil, which produced 11.1 percent of all spam, and Turkey, which generated 5.2 percent.

Russia, which was second on Sophos' Dirty Dozen list a year ago, has now fallen to ninth place and was only responsible for 3.2 percent of all spam between April and June.

Graham Cluley, senior technology consultant for Sophos, said: "Barack Obama's recent speech on cybersecurity emphasised the threat posed by overseas criminals and enemy states, but these figures prove that there is a significant problem in his own back yard. If America could clean up its compromised PCs it would be a considerable benefit to everyone around the world who uses the net".

Sunday, July 19, 2009

Quote of the day

Quote of the day

When it is dark enough, you can see the stars.

Charles Beard

New IT Term of the day

New IT Term of the day


Software that is used by spammers to send out automated spam e-mail. Spamware packages may also include an e-mail harvesting tool.

SURVEY : One in six consumers acts on spam

SURVEY : One in six consumers acts on spam

Jeremy Kirk

July 14, 2009

IDG News Service


About one in six consumers have at some time acted on a spam message, affirming the economic incentive for spammers to keep churning out millions of obnoxious pitches per day, according to a new survey.

Due to be released Wednesday, the survey was sponsored by the Messaging Anti-Abuse Working Group (MAAWG), an industrywide security think tank composed of service providers and network operators dedicated to fighting spam and malicious software.

Eight hundred consumers in the U.S. and Canada were asked about their computer security practices habits as well as awareness of current security issues.

Those who did admit to opening a spam message -- which in and of itself could potentially harm their computer -- said they were interested in a product or service or wanted to see what would happen when they opened it.

"It is this level of response that makes spamming a lot more attractive as a business because spam is much more likely to generate revenues at this response rate," according to the survey.

One other study, conducted by the computer science departments of the University of California at its Berkeley and San Diego campuses, showed the number people who actually made a purchase following a spam pitch was just a fraction of a percent.

Those researchers infiltrated the Storm botnet, a network of hacked computers used to send spam.

They monitored three spam campaigns, in which more than 469 million e-mails were sent. Of the 350 million messages pitching pharmaceuticals, 10,522 users visited the advertised site, but only 28 people tried to make a purchase, a response rate of .0000081 percent. Still, that rate is high enough to potentially generate up to $3.5 million in annual revenue, they concluded.

MAAWG's survey showed that nearly two-thirds of the 800 polled felt they were somewhat experienced in Internet security, a highly complex field even for those trained in it, said Michael O'Reirdan, chairman of MAAWG's board of directors.

And some 80% of people felt their machine would never be infected with a bot, or a piece of malicious software that can send spam, harvest data and do other harmful functions. That's dangerous, O'Reirdan said.

"If you don't believe you aren't going to get one, you aren't going to look for one," he said. "If you get a bot, you're a nuisance to other people."

Interestingly, 63% of consumers said they would allow remote access to their computer to remove malware. That idea is under increasing discussion in the security community, which is grappling with how to deal with botnets. Botnets can also conduct denial-of-service attacks against Web sites, such as the ones attacked last week in South Korea and the U.S.

Some ISPs are building automated systems that can cut off a computer's Internet access if the machine is suspected of containing malware. Consumers are then given instructions on how to patch their machine and install security software. When their PC is clean, they are restored full access to the Internet. MAAWG is close to issuing a set of guidelines for ISPs on how to battle botnets.

"The best thing a user can do is patch their machine religiously," O'Reirdan said. "It's incredible easy to do."

RISK : SPAM BOT for 3G Phone

RISK : SPAM BOT for 3G Phone

Zombies bite into Symbian smartphones

Low-risk mobile Trojan bundles botnet features

By John Leyden

16th July 2009


Security researchers have identified the first known spam bot client for 3G phones.

YXES-B poses as a legitimate application called Sexy Space (ACSServer.exe) to steal the subscriber, phone, and network information of victims. The malware forwards these details to a site under hacker control.

The same site contains message clips that form the template to send spammed SMS messages to the victims' contacts.

The malware therefore has a command and control infrastructure that makes it a botnet for mobile phones, according to Trend Micro, the security software firm.

The code-signing process applied by Symbian is designed to enure that threats like YXES-B never meet the light of day. Hackers have subverted this process for a second time - YXES-B was proceeded by an earlier variant. It it's unclear how they have done this

The damage potential posed by the malware is quite high. Fortunately, incidents of actual infections remain low.

More details on the threat can be found in a write-up from Trend Micro here http://blog.trendmicro.com/signed-malware-coming-to-a-phone-near-you/#ixzz0LLLdJHN9&D

PROFESSIONAL : Cyber Criminals using Business School Teachings

PROFESSIONAL : Cyber Criminals using Business School Teachings

Cyber crime lords using big business tactics:Cisco

PHYSorg.com / AFP

14 Jul 2009


Cyber criminals are aping executives when it comes to sales, marketing and risk management in the world of online treachery, according to a report released by networking giant Cisco.

"A lot of techniques they are using today are not new; it is really about how they may be doing some of the same old things," said Cisco chief security researcher Patrick Peterson.

Cyber criminals are aping executives when it comes to sales, marketing and risk management in the world of online treachery, according to a report released by networking giant Cisco.

"A lot of techniques they are using today are not new; it is really about how they may be doing some of the same old things," said Cisco chief security researcher Patrick Peterson.

"The novel thing is that they have taken the Harvard Business School, General Electric board room

business training and applied it to their old techniques."

The California technology firm specializing in computer networking gear summarized current threats in a "Midyear Security Report" that concludes hackers are increasingly operating like successful businesses.

Peterson cited how cyber hackers capitalized on interest in the death of pop icon Michael Jackson in late June.

Disasters, celebrity doings and other major news is routine fodder for bogus emails and websites

booby-trapped with computer viruses, but in the case of Jackson's death, crooks cranked out fake news stories to dupe readers.

"They had their criminal copy editors working on copy for the story as fast as it happened," Peterson said.

"They brought the Jackson story to market in a way that rivals media outlets. They have an advantage; they don't have to do any reporting."

Billions of spam messages with links to trick websites or videos promising scintillating Jackson images and information were fired off in the days after his June 25 death, according to Cisco.

"Sales leads" that followed online links were turned into "customers," whose computers were stealthily infected with nefarious codes for stealing data, usurping control of machines or other evil deeds.

Cyber criminals are reportedly embracing a nefarious version of a "cloud computing" trend of offering

computer applications online as services.

Commanders of infected computers woven into "botnet" armies rent out illegally assembled networks to fellow criminals for sending spam, launching attacks or other deeds, according to Cisco.

Peterson told of an "anti-anti-virus" online operation called "Virtest" that charges hackers monthly fees to keep them informed about which security firms can detect their malicious programs.

"It's a criminal service," Peterson said of the operation, which appears to be based in Russia. "We've seen lots of examples of criminals sharing tools, but we've never seen a commercial business like this."

Spammers also employ a business marketing practice of packing booby-trapped websites with terms

typically used as keywords in various Internet search engines so that their links land high in query results.

Cisco referred to the practice as "Spamdexing."

"Because so many consumers tend to trust and not be suspicious of rankings on leading search engines, they may readily download one of the fake software packages assuming it is legitimate," Cisco said in the report.

Cyber crooks are also hunting for prey in the rapidly expanding population of mobile telephone users by sending trick text messages.

Criminals have taken to sending blanket text messages to numbers based on area codes of local banks directing people to call into a service center to address supposed concerns about their accounts.

Callers are connected to automated voice systems that, feigning to represent the banks, ask people to enter account passwords and other personal information that can later be exploited, Peterson said.

Online social networks, according to Cisco, are becoming popular "customer acquisition" territory for cyber criminals.

"It's big business now to penetrate those networks," said Peterson.

People in online communities are more likely to click on links and download content they believe is from people they know and trust, the report said.

BEWARE : Hacker Hacked Twitter – Stolen Secret Documents

BEWARE : Hacker Hacked Twitter – Stolen Secret Documents

By Maggie Shiels

Technology reporter

BBC News



The microblogging service Twitter has been terribly hacked. Twitter is taking legal advice after hundreds of documents were hacked into and published by a number of blogs.

TechCrunch has made public some of the 310 bits of material it was sent.

It posted information about Twitter's financial projections and products.

"We are in touch with our legal counsel about what this theft means for Twitter, the hacker and anyone who accepts...or publishes these stolen documents, " said Twitter's Biz Stone.

In a blog posting he wrote that "About a month ago, an administrative employee here at Twitter was targeted and her personal email account was hacked.

"From the personal account, we believe the hacker was able to gain information which allowed access to this employee's Google Apps account which contained Docs, Calendars and other Google Apps Twitter relies on for sharing notes, spreadsheets, ideas, financial details and more within the company."

Mr Stone, Twitter's co-founder, went on to stress that "the attack had nothing to do with any vulnerability in Google Apps".

He said this was more to do with "Twitter being in enough of a spotlight that folks who work here can be a target".

In his blog post, Mr Stone underlined the need for increased online security within the company and for staff to ensure their passwords are robust.

It is believed a French hacker who goes by the moniker "Hacker Croll" illegally accessed the files online by guessing staff members' passwords.

"News value"

A number of technology blogs were offered the documents for publication in what is now being dubbed "Twittergate" in some online forums.

TechCrunch, one of the most respected blogs in Silicon Valley, has set off a firestorm of criticism and debate over its decision to post some of the material.

It started things off with what it called a "softball" and published details about a reality TV show involving Twitter. Details of such a programme were made public in May.

That was followed by documents relating to an internal Twitter financial forecast that the company said is no longer accurate.

"There is clearly an ethical line here that we don't want to cross, and the vast majority of these documents aren't going to be published, at least by us.

"But a few of the documents have so much news value that we think it's appropriate to publish them," wrote TechCrunch Editor and founder Michael Arrington

Mr Arrington noted the site received a deluge of comments on the issue and said "many users say this is "stolen" information and therefore shouldn't be published. We disagree.

"We publish confidential information almost every day on TechCrunch. This is stuff that is also "stolen," usually leaked by an employee or someone else close to the company."

The TechCrunch founder cited examples of stories it has covered in the past that involved information it had acquired and also those covered by newspapers like the Wall Street Journal that had done a similar thing.

Mr Arrington said that he has also consulted lawyers about the laws that cover trade secrets and the receipt of stolen goods.


Many in the technology industry said this latest episode points to the potent reminder of how much information is stored in the cloud and the vulnerability or otherwise of that data.

The hacker has claimed to have wanted to teach people to be more careful and in a message to the French blog Korben, wrote that his attack could make internet users "conscious that no one is protected on the net."

"The security breach exploited "an easy-to-guess password and recovery question, which is one of the simplest ways to make a username and password combination really insecure," said Phil Wainewright of ZDNet.com

"Unfortunately, users won't wise up until the cloud providers force them to."

In a study last year the security firm Sophos found that 40% of internet users use the same password for every website they access.

The affair has put Google on the defensive because the information was stored in Google Apps, an online package of productivity software that includes email, spreadsheets and calendars.

The company issued a blog post. While it highlighted the need for strong security, it said it could not discuss individual uses or customers.

Twitter's Mr Stone tried to play down the importance of the information being touted around the web.

"Obviously, these docs are not polished or ready for prime time and they're certainly not revealing some big, secret plan for taking over the world.

"This is "akin to having your underwear drawer rifled: Embarrassing, but no one's really going to be surprised about what's in there." That is an apt apology," Mr Stone said.

At the social media blog Mashable, Adam Ostrow agreed.

"It's another embarrassing moment in Twitter's torrid growth, but nothing that's likely to bring the house down."

Also see -

Tech Crunch’s posting-


Twitter’s response


This Day in History

Thanks for your Visit