If you are new to or would like to know more about the conficker worm that has given many administrators sleepless nights, I have compiled a few URLs to resources that will help you understand how the worm operates, how to detect it and how to contain it.
I’m not sure what the real intentions are but doesn’t it sound a bit odd that the Telegraph media group CIO will thank the guys at Hackersblog for exposing their SQL injection vulnerabilities?
Oh great! Its now my account that has been compromised .. ouch! Interestingly this is the first time any service provider has sent me any such notification. This may be in part because I live in Europe where data breach notification is still being debated therefore many providers may remain silent until exposed.
This is a mail I received from Spotify this evening
The UK Prime Minister’s medical records have been breached in a series of high profile ‘data violations’ involving UK politicians and others, the Sunday mail reports. Last week UK cabinet minister Jack Straw’s hotmail account was pwned by criminals trying to hoodwink the minister’s ‘friends’ into sending them money.
I read about a startup (Altor Networks) that has developed a virtual firewall for VMware hypevisor. It is basically a virtual appliance that you plug into your virtual environment to act as a firewall between your virtual switches and virtual machines. It also wraps firewall policies for each VM so that even when migrated, the VMs will still be protected.
Researchers from the University of Cambridge have published a paper which discusses problems with the introduction of new hand held card readers optimized for online banking in the UK. Here is a part of the abstract:
UK Justice Secretary Jack Straw’s hotmail account was compromised and hundreds of mails sent to his contacts in a bold attempt to get unsuspecting recipients to send money to the fraudsters, BBC reports.
This is how the scheme works
Looks like F-Secure made it to the “sql-injected” and “xsscripted” list.
Attack is not new but it looks like it its becoming popular… Symantec reports:
a Trojan installed on an infected machine runs a rogue DHCP server on the local network and serves bogus DHCP packets to other machines when they request a new IP configuration. If the Trojan is fast enough in sending out these [...]
F-Secure has published the IT Security Threat summary for the second half of 2008.
Summary:
Growth in amounts of malicious software
Growth in infections
Growth in the number of botnets
Growth in criminal profits
Call for growth in punishment
Highlights:
On Botnets infections
During 2008 our Response Lab conducted a small research project focusing on approximately 60 orphaned botnets. Listening to the communication attempts [...]
