The Security Eunoia

The Register has reported that an online payment service mycheckfree.com has lost control of at least two of its domains to a crime gang believed to be based in Eastern Europe.
Possible explanation?
It’s also unclear how the culprits managed to hijack the domains. While security experts say DNS poisoning wasn’t out of the question, the more [...]

SANS Internet Storm Center is currently developing a web honeypot project much like the Dshield project.
Volunteer researchers are needed for the next 3 months. Request is made for 70 hours per volunteer for the next 3 months.
Skills needed (up to 4 from the list is welcome):

PHP coding
SQL
Apache
Understanding of HTTP
IIS
Technical writing (documentation)
Experience with various open source [...]

An article by Zdnet’s Zero Day blog discusses the current spread of malware via the Windows Autorun functionality - USB being the main transport agent.Talking about the malware, it notes:
Their functionality varies. It started out with online games password-stealers targeting World of Warcraft, LineAge and others. But over the last months, we’re seeing malware being [...]

TrendMicro reports having found what could be a rootkit in an enterprise infosecurity software. The rootkit-churning vendor is the same one that published Sony MicroVault USM-F fingerprint reader discovered last year. What other products has this vendor shipped?

Aiming to take the fight to the bot herders, a company - SRI International - has released a tool called BotHunter. It is free. The software works by monitoring the communication between compromised hosts on a corporate network and bot-herding computers also known as command & control centres.

BotHunter uses what sounds more like heuristic methods and processes (where detection is based on patterns) or than signatures (where detection is based on known attacks). This is how it works:

A US federal court judge has ruled that taking a cryptographic hash (fingerprinting) of a suspects hard drive constitutes a search and therefore a search warrant should be obtained first.
The judge ruled:
“To derive the hash values of Crist’s [suspect] computer, the government physically removed the hard drive from the computer, created a duplicate image of [...]

CAINE - Computer Aided INvestigative Environment -is a digital forensics project based on Ubuntu Hardy Heron. It comes complete with the full complement of Ubuntu’s traditional Gnome interface. On top of the Ubuntu kernel is an assembly of open source computer forensics tools held together by a perl wrapper. Tools included are:

Grissom Analizer
Automated Image & [...]