Thursday, March 29, 2012

Duqu malware resurfaces after five-month holiday

Duqu, the malware that has been compared to 2010's notorious Stuxnet, is back, security researchers said today.
After a several-month sabbatical, the Duqu makers recompiled one of the Trojan's components in late February, said Liam O Murchu, manager of operations at Symantec's security response team.
The system driver, which is installed by the malware's dropper agent, is responsible for decrypting the rest of the already-downloaded package, then loading those pieces into the PC's memory.
Symantec has captured a single sample of the driver, which was compiled Feb. 23, 2012. Before that, the last time the Duqu gang updated the driver was Oct. 17, 2011.
Duqu has been characterized by Symantec -- the first to extensively analyze the Trojan last year -- and others as a possible precursor to the next Stuxnet, the ultra-sophisticated wormthat sabotaged Iran's nuclear fuel enrichment program by crippling critical gas centrifuges.
O Murchu said that the functionality of the new driver was "more or less the same" as earlier versions, including the one spotted last October and another from late 2010 that later surfaced. "The functionality hasn't changed," said O Murchu.
While O Murchu was hesitant to speculate on why the hackers had returned to action or why they took a five-month break, security researchers at Moscow-based Kaspersky Lab were not as reluctant.

Q&A: What the FTC recommendations mean for online privacy

The Federal Trade Commission this week released its final report on online consumer privacy that recommended implementing a universal "Do Not Track" standard, a centralized website for data brokers and more.
Christopher Wolf, the director of information management practice at the Hogen Lovells law firm and the co-chairman of the Future of Privacy Forum, thinks that the FTC hit most of the right notes in crafting its policy, as it will rely on a flexible "self-regulation" regime that subjects web companies to FTC enforcements if they agree to sign on to privacy rules created by the FTC and industry leaders. In this question-and-answer session we'll talk with Wolf about how "self-regulation" might work, what a centralized data broker information site might look like and what the FTC needs to do to protect consumer privacy on the mobile web.
A lot of the recommendations being pushed by the FTC involve "self-regulation." How exactly does this work on a practical basis.
I'd call it "co-regulation" rather than "self-regulation." The concept is that groups and businesses will come up with a set of standards that they'll promise to abide by and if they don't then they're subject to enforcement by FTC under regulations against deceptive trade practices. Rather than imposing standard one-size-fits-all rules, it allows for flexibility and it allows for changes to occur.

{ NSFW! ADULTS ONLY! } Big black cock destroy my wife


FTC to Congress: Shorten Data Brokers' Leash

The Federal Trade Commission this week urged Congress to impose new regulations on companies that collect consumer data related to Internet browsing habits. Under the policy the FTC suggests, data brokers, or the holders of personal consumer information, must allow consumers access to that information.

More @

Google Guns for Facebook With Third-Party Comment Platform

Google is reportedly planning to launch its own third-party commenting system soon. It will apparently be tied into its Google+ social platform, its Web services and the company's Web search products. Google, according to reports, will make the platform available to third parties in much the same way Facebook offers its platform.

More @

Operation Global Blackout: Real danger or irrelevant?

Will the hacker group Anonymous make good on its threat to take down the Internet Saturday? Probably not. But it could slow it down, according to a number of security experts. And it may depend in part on how unified Anonymous is about the attack -- there are some indications of divisions within the group.
Anonymous has threatened retaliation for the arrests of about 25 of its members last month, and is also focused on what its members believe is a continuing threat by Congress to censor the Internet through revised versions of the Stop Internet Piracy Act (SOPA) and the companion Senate bill called the Protect IP Act (PIPA), even though the legislation was put on hold in January.
And it is essentially daring anyone to stop Operation Global Blackout -- the group announced March 31 as the date of the attack, along with the method they intend to use -- disabling the Domain Name Service through distributed denial of service attacks on the root servers of the DNS with an attack tool called "ramp," which stands for "reflective amplification." While two of the basic rules of hacking are: Don't tell your target in advance and don't give away your methods, Radware security vice president Carl Herberger says the announcement is a classic Anonymous tactic.
"They are not financially motivated," he says. "They're after behavioral changes -- things like trying to stop SOPA. In that case, you almost by definition have to file your grievance -- tell them you're angry with them. They also like to boast of how effective they are, and how the rest of the world is not worthy of their technical talents."

New Google Account Activity lets you know what Google knows about you

If you're confused about what Google does and doesn't know about your online activity, take heart: Google is letting you in on the secret.
Google today announced that it has created a new Account Activity feature that sends users monthly reports about what they've been doing while signed into Google services such as Google Play, Google+ and Gmail. Among other things, the monthly report will detail the number of emails you've sent and received, the number and types of searches you've conducted while signed into your Google account, the places that you've signed in from and the different platforms and operating systems you've used while signed in.
Andreas Tuerk, a Google product manager, described the new feature as something that "helps you better understand and manage your information on Google." For example, Tuerk says Account Activity can help users see if anyone has been signing into their Google accounts on locations where they don't visit or from devices they don't own, and thus give them the ability to change their password to stop unauthorized use.
The Account Activity feature is part of Google's broader effort to make sure users are more comfortable with the company's new privacy policies that allow for sharing of user data across multiple Google services. Google has maintained that these new policies will benefit users by providing them with more relevant advertising that comes from a broader variety of data on a given user's Internet behavior. Google insists that it is not selling users' data to outside parties and says that users can always sign out of their Google accounts if they don't want their searches tracked and used for personalized advertising.

FTC Report Calls for Transparency, Stops Short on Do Not Track Law

The U.S. Federal Trade Commission released a report Monday calling for greater privacy protections for online users, including increased transparency regarding the data companies collect from consumers. The report also addressed Do Not Track systems, which allow consumers to opt out of online behavior tracking mechanisms.

More @

Microsoft Wields RICO Act to Storm Zeus-Infested Botnet Hives

Microsoft, together with partners from the financial services industry, has hit the operators of a botnet running the Zeus Trojan. Escorted by U.S. Marshals, staff of the companies seized command and control servers in two hosting locations -- Scranton, Pa. and Lombard, Ill. -- and took down two IP addresses related to the C&C structure.

More @

International security team shoots down second Hlux/Kelihos botnet

A team of security experts cooperating globally say they've disabled a large botnet of about 110,000 remotely controlled infected machines dubbed HLux.B/Kelihos.B by interfering in its peer-to-peer connections in a "poisoning" process to sinkhole them, cutting off the botnet's central control point.
Kaspersky Lab, Dell SecureWorks, Crowdstrike Intelligence Team and the Honeynet Project all had a hand in monitoring and disabling the botnet. There's speculation that it was created by the same gang that created the first Hlux/Kelihos bot that was shot down with help fromMicrosoft's Digital Crimes Unit, with others, last September.
Crowdstrike's senior research scientist Tillmann Werner and Kaspersky Lab's global head of research in Germany, Marco Preuss, discussed how the sinkholing operation against HLux.B proceeded, cautioning that the sinkhole can probably be maintained indefinitely, but that more than 100,000 computers around the world are still infected.
The Hlux.B/Kelihos botnet has been used for spam, denial-of-service attacks and "spying on credentials" on victims' computers, noted Werner. About one quarter of the 110,000 or more infected machines appear to be in Poland, with about 10% in the U.S., and the reminder elsewhere around the world, including Turkey, Spain, India and Argentina.

AVG adds 'do not track' technology to antivirus

AVG has become the first antivirus vendor to offer a privacy filter to monitor and block websites and ad networks that silently collect Internet usage data from consumers, the company has announced.
Available from today in a service pack for all paid and free AVG antivirus users, DoNotTrack is a plug-in for Internet Explorer, Mozilla and Chrome that keeps tabs on which sites are collecting data as users browse the web.
Some of this will be fairly innocent web analytics of the sort gathered by every site to monitor how visitors interact with sites, but AVG said users should also be more aware of social media applications that collected extensive data usage information and ad networks. Both of these could be intrusive in search of the information necessary to serve context-aware advertising, AVG said.
AVG users will be able to block or allow these on a case-by-case basis, controlling what data is tracked depending on their assessment of a particular site.

Iran Still Stuck With Stuxnet

Iran apparently has developed an antivirus program to neutralize the notorious Stuxnet virus that put a kink in the country's nuclear development program in June 2010. Iran has vowed to distribute the antivirus program for free in about a month, according to Trend, a publication that describes itself as a private media outlet in Azerbaijan.

More @

Facebook on Passwords During Job Interviews: Don't Ask, Don't Tell

Reacting to recent reports that some organizations are demanding that job seekers turn over their Facebook passwords, the social network on Friday criticized the practice for undermining members' privacy expectations and security. It also pointed out that such a move could expose employers who ask for passwords to dangerous liabilities and vowed to take action to protect the privacy and security of its users.

More @

Review: 7 password managers for Windows, Mac OS X, iOS, and Android

I hate passwords. I hate coming up with them. I hate remembering them. I hate mistyping them four times in a row. And I hate getting locked out of whatever I'm trying to log into in the process.
That said, I hate being hacked only slightly more, so I've done my part to use passwords that aren't "password123" or something equally foolish. The hard part is keeping them straight, which I could do by writing them down -- but isn't that a security hole all over again? Heck, I've known that since I was a kid. I saw "WarGames."
[ Also on InfoWorld: 5 very cool (but kinda creepy) mobile technologies | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. | Get a dose of daily computer security news by following InfoWorld's Roger Grimes on Twitter. ]
Password vaults, aka password safes or password managers, help solve this problem. They give you a central place to store all your passwords, encrypted and protected by a passphrase or token that you provide. This way, you have to memorize a single password -- the one for your password vault. All the other passwords you use can be as long and complex as possible, even randomly generated, and you don't have to worry about remembering them.
If having your passwords in a single encrypted store were all you needed, then a password-protected Microsoft Word document would do the trick. There has to be an easier way. One of the reasons I looked at these password vaults -- a total of seven -- was to see how easy it was to work with them over an extended period of time. If they didn't provide much more convenience over simply copying and pasting passwords from a text file, they'd hardly be worth using.
Here's what I found. To keep the list manageable, I've focused on programs that have both a desktop and a mobile version available, with the desktop taking precedence.

Avira becomes latest vendor to offer Mac antivirus software

German security company Avira has released free antivirus software for Apple Macs, joining a host of security software providers offering protection for OS X.
Avira said Apple's market share for computers has increased, which has been followed by an increase in malicious software programs. The company said the product will not contain advertising or marketing pop-up ads.
Many of the top security software companies offer security software for Macs, with some for free. Kaspersky Lab, Intego, PC Tools, Symantec, McAfee and Trend Micro all offer paid security software, while Sophos offers its Mac product for free.
Apple has marketed itself as inherently more secure than Windows. Security experts have said its platform is just as prone to software vulnerabilities as other operating systems, but Windows is targeted more due to its high market share. In a sign of the increasing prevalence of Mac malware, Apple rolled out an antimalware tool called XProtect in 2009, which is periodically updated to detect new malware.

AT&T Let Scammers Overrun Calling Service, Feds Charge

The Department of Justice has filed a lawsuit against telecommunications giant AT&T, claiming that the carrier allowed scammers to use a calling service for the hearing-impaired and then stuck U.S. taxpayers with the bill. While many Internet scams have originated from Nigeria, this case reportedly involves scammers using a free Internet-based calling system for hearing-impaired users.

More @

12 Steps for Staying 1 Step Ahead of Online Security Threats

With the explosion of Web-based communications in the form of applications, blogs, podcasts, and social networking sites like Facebook and Twitter, new security threats that can cause serious damage to computers are emerging. As they access these Web-based services from both work and personal computers, many users are unaware that they may be exposing themselves and their organizations to risk.

More @

{ NSFW! ADULTS ONLY! } Big black cock meets Leah POV

{ NSFW! ADULTS ONLY! } Big black cock for this blonde who tries to take it all up the ass

Hacktivists, Not Profiteers, Stole Most Data in 2011

Cyberattacks carried out by hacktivists -- hackers motivated by political reasons -- shot up in 2011, accounting for 58 percent of the data stolen in cyberbreaches, according to Verizon. The company's 2012 Data Breach Investigations Report also stated that 79 percent of the attacks were opportunistic, meaning they were carried out because an opportunity presented itself, rather than being planned.

More @

Security Wonks Tussle Over Tolly Test

Security experts have been debating for years the merits of whitelists versus blacklists in securing an enterprise, and last week the debate continued to rage with the release of some test results from the Tolly Group. The group tested three endpoint protection programs: McAfee Endpoint Protection Suite, Symantec Endpoint Protection 12.1 and Parity Suite 6.0 from Bit9, which also sponsored the tests.

More @

Netflix uses lots of cloud services -- but don't call it 'NoOps'

Netflix's streaming-video entertainment via the Internet has become so popular it now represents almost a third of peak downstream traffic in North America. It also represents an IT support challenge for Netflix, which is trying to balance use of cloud services with traditional internal IT and data centers.
"There's a new world order and if you don't want to be a dinosaur, you support the cloud" and software-as-a-service (SaaS) applications, says Mike Kail, who is Netflix's top techie as vice president of IT operations (there's no CIO).
To meet its internal business needs, Netflix uses several cloud services, including Google Enterprise Docs, Workday for human resources and payroll, and even offers every employee an individual account at cloud-storage provider Box.
In fact, Netflix uses so many cloud-based services, including for its developers in the engineering-rich Netflix work environment, that the company's director of cloud systems architecture, Adrian Cockcroft, stirred up debate last week when he blogged about it, calling it "NoOps."

Microsoft co-founder Paul Allen's identity stolen by AWOL soldier

An AWOL soldier living in Pittsburgh has been charged with stealing the identity of Microsoft co-founder Paul Allen and using his credit card account to make a $658.81 payment on a loan from Armed Forces Bank.
The soldier, Brandon Lee Price, is charged with changing the address on the billionaire's Citibank credit card to Price's home address in Pittsburgh, then phoning in to report the card missing and get a new one sent to the Pittsburgh address, according to a criminal complaint filed in U.S. District Court in Pittsburgh.
On Jan. 13 the card was delivered to Price's address, and the same day charges started appearing on it, the criminal complaint says.

{ NSFW! ADULTS ONLY! } SExy Brunette Take A Big Black Dick In The Anal

{ NSFW! ADULTS ONLY! } Hot PHATT White bitch pleasures the BBC!

Invasion of Privacy Court Ruling Could Be a Game-Changer

The Court of Appeal for Ontario recently considered whether there was a cause of action for the invasion of personal privacy in Jones v.Tsige. The case involved two bank employees, Sandra Jones and Winne Tsige, who worked at two different branches of the same bank. Over the course of four years, the respondent had used her work computer to secretly access the appellant's banking records.

More @

Dell Bolsters Security Portfolio With SonicWall Buy

Dell is acquiring network-security and data-protection tool provider SonicWall for an estimated $1 billion to $1.5 billion. This is the latest in a series of acquisitions Dell has made in recent months. It has acquired Force 10, Perot Systems and SecureWorks. All of these companies focus on different areas: Perot Systems is a consultant; SecureWorks offers managed security services. The addition of SonicWall rounds out Dell's portfolio.

More @

Study finds major weaknesses in single sign-on systems

The single sign-on protocols that allow users to sign in to a range of websites with their Google or Facebook accounts suffer from security flaws that could allow scammers to log in as somebody else, security researchers have reported.
The researchers, from Indiana University Bloomington and Microsoft Research, say they have found a number of serious flaws in OpenID and the single-sign on system used by Facebook, as well as implementations of those systems at several popular websites. Google and PayPal are among the users of OpenID.
"The problem here is that the authentication system makes life easier but it makes security management more challenging," said XiaoFeng Wang, one of the authors of the study.
Using a single sign-on login initiates a conversation between the website a user is currently visiting and the provider of the identifying account. The website asks for certain information to be verified, and the account provider responds with a thumbs-up or thumbs-down. But, as with most conversations, there is room for misunderstanding.

Reborn LulzSec claims hack of dating site for military personnel

A group of hackers claiming to be the reborn Lulz Security (LulzSec) took credit for an alleged compromise of, a dating website for military personnel, and the leak of over 160,000 account details from its database.
The group announced the hack on Twitter and Pastebin on Sunday, using the name "LulzSec Reborn" and ASCII art previously associated with LulzSec, the hacker group that apparently disbanded and merged with the Anonymous hacktivist collective last year.

Google's New Privacy Policy vs. the World

Even before Google launched its new privacy policy earlier this month, consolidating separate privacy policies for more than 60 applications, legal issues had surfaced. Now, attorneys general from more than 31 States have accused Google of violating privacy laws because of complaints from users that they were finding ads are popping up on YouTube just after they did a search on Google Maps about the same subject.

More @

Your Employees May Be Causing That Data Drip, Drip, Drip You're Hearing

Nearly 80 percent of organizations have experienced a data breach in the last two years due to employee negligence or maliciousness. That was one of the findings in a study released last week by the Ponemon Institute and sponsored by antivirus software maker Trend Micro.

{ NSFW! ADULTS ONLY! } Melrose Foxx Loves Outdoor Sex

{ NSFW! ADULTS ONLY! } Skinny white wife takes a big black cock

Microsoft downs Zeus botnet but can't ID who's behind it

Microsoft won court permission to seize servers Friday that took down a deployment of the Zeus botnet, and it even detailed the corporate structure that enabled using the zombie network to steal cash from victims.
The downside is it can't name any of the perpetrators.
According to court papers, Microsoft can identify 39 individuals by their roles in the criminal enterprise, by online aliases and in some cases email addresses where they can be reached, but none of them by their real names and addresses.
The names run the gamut - Jonni, D Frank, MaDaGaSkA, Lucky, NoName, bx1, Admin 2010, Veggi Roma - as do the email addresses, many of them Yahoo and Hotmail accounts. And the roles of the defendants are precisely described, but bringing them to justice, at the moment, is still a way off. All of the 39 accused appear as John Doe with an associated number from one to 39.
The group ran botnets from 59 domain names, the legal papers claim. Permission to seize servers involved with the botnets was granted without hearing from the accused on the basis that if they knew they were found out, they would hide the evidence.

Pew Study: All Search Engines Being Equally Intrusive, Google's the Best

There is no question that Google is the dominant player in the search engine arena, and a new survey released Friday by the Pew Internet & American Life Project found that 83 percent of U.S. search engine users rated Google as their preferred search engine, despite concerns about the company's data-collection and advertising practices.

More @

No Cloud Apps at Your Company? Don't Just Blame IT

Corporate concerns about potential Internet security risks have skyrocketed, not only because of Facebook, Twitter and other popular social networking tools, but also as a result of the rising unilateral adoption of Software as a Service and other cloud services by business end-users without the authorization of corporate IT.

More @


{ NSFW! ADULTS ONLY! } Tia Cyrus Goes Berserk When she gets a Big Black Cock in her Tight Pussy

Dutch police arrest 17-year-old suspected of breaching hundreds of KPN servers

The Dutch High Tech Crime Team has arrested a 17-year-old suspected of compromising customer account data on hundreds of servers belonging to telecommunications operator KPN.
The teenager was arrested last Tuesday in the Dutch town of Barendrecht, where police seized an encrypted computer, two laptops and other storage media including external hard drives, DVDs and USB sticks, the Dutch Public Prosecution Service announced on Monday.
"He has made a confession," said Wim de Bruin, spokesman for the Public Prosecution Service.
The arrested teenager called himself "xS", "Yoshioka" and "Yui" online, and is suspected of breaching the security of hundreds of KPN servers last January, compromising user data and damaging KPN's infrastructure, said the Prosecution Service.

Cybercrime now major drag on financial services, PwC finds

Too few organisations in the financial services sector are investing in the response mechanisms needed to cope with cybercrime incidents, a PwC survey has found.
This is despite cybercrime now being a major cause of losses in the financial sector, ahead of accounting fraud, bribery and corruption and even money laundering, it said.
The prominence of cybercrime in the figures, drawn from 878 responses from professionals in the sector in 56 countries, is no surprise given that almost all cybercrime impacts on financial services at some point.
Cybercrime is now the second biggest cause of economic crime experienced by the sector, beating all other forms bar catch-all 'asset misappropriation' (mostly simple physical theft) even though PwC admits that definitions of what constitutes it vary from organisation to organisation.
Many financial organisations still prefer to draw a veil over the issue of cybercrime losses because of the technological 'lack' it suggests in their operations.

The Privacy Shell Game, Part 2

The White House has proposed a consumer privacy bill of rights, a step that could result in new laws regarding what companies can do with information about their online customers and users. Privacy advocates are cautiously optimistic, though some fear the result will be laws rendered toothless by lobbyists. Other critics already see problems in the way the proposal is structured.

More @

It's Business as Usual for Anonymous as Panda Takes a Hit

The hacktivists known as "Anonymous" have retaliated following Tuesday's news of the arrests of LulzSec hackers exposed by their former leader, Hector Xavier Monsegur. Overnight, Anonymous hackers took down more than 25 websites belonging to Panda Security. They also posted email addresses, usernames and passwords of more than a hundred of the firm's employees and defaced a number of marketing-related sites.

More @