Television Development Community
Daily Report - January 14, 2010
Top Story - U.S. Leaders Discuss Google China Controversy -- Google users in China left flowers at the company’s Beijing headquarters after it said it may leave because of censorship restrictions. Rep. Frank Wolf (R-VA) delivered the following remarks on the House floor following Google’s announcement that it is considering pulling out of China following a recent attack on the company’s e-mail service and corporate infrastructure: "I rise today to voice my strong support of Google’s intention to consider pulling out of China due to a ‘highly sophisticated and targeted attack’ on its corporate infrastructure and email service. Google is making a principled stand reminiscent of the companies that pulled out of apartheid South Africa and fascist Germany.
"The Washington Post reported today that Google said it has evidence that ‘a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.’ They found that the Gmail accounts of literally dozens of brave human rights advocates, ‘appear to have been routinely accessed by third parties.’
"This is unconscionable, but unsurprising given China’s long history of cracking down on free speech, human rights and religious freedom. China is regressing. They are increasingly brazen in their human rights abuses.
"This principled stand on the part of Google will surely give hope to the millions of Chinese people who yearn for freedom and cry out for basic human rights."
Congresswoman Loretta Sanchez (CA-47) issued the following statement:
"In December, Google was attacked by an individual or group of individuals attempting to retrieve the e-mail accounts of Chinese human rights activists. Although Google has not explicitly accused China of initiating the attacks, the evidence strongly suggests that the Chinese Government was the perpetrator.
"This attack was a blatant, illicit attempt to access the private information of Google users who the government perceives to be a threat. If China turns out to be the perpetrator, it should be strongly condemned for its actions, which violate the internet's core principles of free speech and expression.
"At the same time, I applaud Google's decision to risk its lucrative Chinese contracts for the sake of these principles. In the past, Google and other internet providers have struggled to provide their Chinese users with a free and open forum in the face of government opposition. I sincerely hope Google's threat to sever its ties with China completely will compel not only the Chinese government but other regimes - like Vietnam - to finally expand free speech on the Web."
As reported by Stephen Kaufman, staff writer for America.gov:
The Obama administration is continuing its efforts to promote universal and uncensored access to the Internet around the world, viewing it as a critical element to modern economies and societies, the State Department’s Alec Ross said January 14.
Ross, who serves as senior adviser for innovation to Secretary of State Hillary Rodham Clinton, told reporters in New York that Clinton has been “very engaged in helping to ensure that there is universal access to an uncensored Internet.” The secretary is scheduled to give a speech on the topic January 21.
Ross argued that access to 21st-century communication tools is a “net good” around the world. “The way in which information flows in the 21st century is increasingly over our global communications networks and our digital networks,” he said.
Ross’ remarks come after the U.S.-based Google Corporation said January 12 that it would stop adhering to Chinese government censorship rules and was considering pulling out of the Chinese market altogether. Google also cited a “highly sophisticated and targeted attack” by Chinese hackers, who primarily sought to break into the e-mail accounts of Chinese human rights activists.
“The ability to operate with confidence in cyberspace is critical to any modern economy and society,” Ross said. “The United States has frequently made clear to the Chinese our views on the importance of unrestricted Internet use as well as cybersecurity, and we look to the Chinese government for an explanation.”
In a January 12 statement, Secretary Clinton said Google’s allegations “raise very serious concerns and questions. We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy. I will be giving an address next week on the centrality of internet freedom in the 21st century, and we will have further comment on this matter as the facts become clear.”
Speaker of the U.S. House of Representatives Nancy Pelosi commended Google’s decision to end its Chinese-language censorship.
“Google is to be commended for taking action in response to cyber attacks originating from China targeting Chinese human rights advocates, and the intellectual property and corporate data of Google and more than 30 other companies. The announcement that Google will fully review its business operations in China and will no longer tolerate censorship of its search engine should serve as an example to businesses and governments.
“The Chinese government operates one of the most sophisticated operations in the world to control the Internet. It is essential that technology companies not assist in efforts that violate human rights or prohibit the free exchange of ideas,” she added.
In his December 10, 2009, remarks to the U.S.-China Internet Industry Forum, Under Secretary of State for Economic, Energy and Agricultural Affairs Robert Hormats said China has the world’s largest population of Internet users and can boast “an exceptional platform to support the researchers, engineers, product designers and business leaders of the future.”
Unrestricted access to information “is vital to the types of innovation that spark economic growth,” Hormats said.
“The Internet offers us an unparalleled ability to acquire knowledge if we allow unrestricted access to it,” he said. Echoing President Obama’s November 16, 2009, Shanghai town hall remarks, he added that “freely flowing information allows people to think for themselves and generate new ideas. It also encourages creativity.”
The Obama administration is aware that the Internet comes with potential downsides, such as its use to spread pornography and facilitate the ability of terrorist groups to organize. “We look forward to working with China and the private sector, both here and abroad, to mitigate these risks while maximizing the free flow of information,” Hormats said.
The United States believes that “certain core principles,” such as the freedom of expression as outlined in the Universal Declaration of Human Rights, apply to everyone around the world. Along with speaking out for those principles, “we believe that commerce should be open and that information should generally be freely accessible,” the under secretary said.
January 13, Washington Post – (International) Google threatens to leave China after attacks on activists’ e-mail. Google said on January 12 that it may pull out of China because of a sophisticated computer network attack originating there and targeting its e-mail service and corporate infrastructure, a threat that could rattle U.S.-China relations, as well as China’s business community. The company said it has evidence to suggest that “a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists,” but it said that at least 20 other large companies, including finance, media, and chemical firms, have been the targets of similar attacks. Google said it discovered the attack in December 2009. Industry sources said the attacks were even broader, affecting some 34 firms. Adobe said in a posting on a company blog on January 12 that it had been the subject of a “sophisticated, coordinated attack,” but that no sensitive information had been compromised. Congressional sources said that other targeted companies possibly include Northrop Grumman and Dow Chemical. The hackers directed the attacks on the companies through six Internet addresses linked to servers in Taiwan, which sent commands to targeted computers in the firms, said the head of international cyberintelligence for the Silicon Valley-based cybersecurity research and forensics firm Verisign iDefense, which is helping companies investigate the penetrations. The hackers were sending the data to a large Internet data center in San Antonio called Rackspace, he said. They appeared to be after information on weapons systems from defense firms and were seeking companies’ “source code,” the most valuable form of intellectual property because it underlies the firms’ computer applications, he said. U.S. authorities, including the National Security Agency, are involved in investigating the attacks.
Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/01/13/AR2...
January 13, Bank Info Security – (National) Year of the hack: review of 2009 data breaches. There were 62 data breaches involving financial institutions in 2009 — three of them occurring in the last month of the year. These breaches represent only a portion of the total of 498 incidents compiled in the 2009 Data Breach Report compiled by the Identity Theft Resource Center (ITRC), based in San Diego, California. But the largest of them, the Heartland Payment Systems breach, involved an estimated 130 million credit and debit card numbers taken, accounting for more than half of the 222 million records potentially taken in 2009. Insiders caused the largest number of data breaches within the financial services industry, says the executive director of the ITRC, and this threat will continue to be a problem for financial institutions in 2010, “The numbers come out almost every year, and they have said for the past eight or nine years that 70 percent of all hacking happens internal to the company,” the director said. May was the month with the most breaches (10), followed by August with nine and March with eight. June was the month with the fewest recorded breaches — just one.
Source: http://www.bankinfosecurity.com/articles.php?art_id=2067
January 13, Bank Systems and Technology – (National) Card fraud costs U.S. payment providers $8.6 billion per year. Card fraud costs the U.S. card payments industry an estimated $8.6 billion per year, according to a report released on January 13 by Aite Group. Though this sum is small compared with the $2.1 trillion in total yearly U.S. card volume, this area remains troubling for the industry. Fighting card fraud effectively involves triage and telepathy — picking appropriate battles to fight while anticipating fraudsters’ next steps based on the rapidly evolving technological landscape, Aite’s analysts say. Card technologies in the United States are unlikely to be universally upgraded anytime soon due to prohibitively high implementation costs and the loss of signature interchange. Given the relative speed and cost efficiency for deployment, the most practical method of mitigating card fraud currently would be based around end-to-end encryption, they say.
Source: http://www.banktech.com/payments-cards/showArticle.jhtml?articleID=...
January 12, The Register – (New York) Hackers pluck 8,300 customer logins from bank server. Hackers have stolen the login credentials for more than 8,300 customers of small New York bank after breaching its security and accessing a server that hosted its online banking system. The intrusion at Suffolk County National Bank (SCNB) happened over a six-day period that started on November 18, according to a release issued January 11. It was discovered on December 24 during an internal security review. In all, credentials 8,378 online accounts were pilfered, a number that represents less than 10 percent of SCNB’s total “Although the intrusion was limited in duration and scope, SCNB immediately isolated and rebuilt the compromised server and took other measures to ensure the security of data on the server,” the bank, located about an hour east of New York City, stated. “To date, SCNB has found no evidence of any unauthorized access to online banking accounts, nor received any reports of unusual activity or reports of financial loss to its customers.” The breach represents a variation on more traditional types of attacks on online banking. Cyber crooks typically target customers by surreptitiously planting malware on their computers that log their user name and password. By contrast, accessing a server that is storing online credentials for tens of thousands of customers is not the kind of intrusion one hears about every day. Best security practices are clear that passwords should never be stored on servers unless they are encrypted.
Source: http://www.theregister.co.uk/2010/01/12/bank_server_breached/
January 12, KCRA 3 Sacramento – (California) Kaiser patient data stolen. Information regarding approximately 15,000 Kaiser Permanente patients, including about 4,000 people in the Sacramento area, was stolen in December, the organization said Tuesday. Names and medical record numbers — and in some cases age, gender, phone number and general information regarding their medical care — were taken December 1 when an external electronic data storage device containing the data was stolen from a Kaiser Permanente employee’s car at the employee’s home in Sacramento, said the vice president of compliance and privacy for Kaiser Permanente. Kaiser said Tuesday there were no patient Social Security numbers or financial information on the device, adding that there is no evidence that the information was used inappropriately. Affected patients have been notified by Kaiser Permanente.
Source: http://www.kcra.com/mostpopular/22220329/detail.html
January 13, Computerworld – (International) Adobe patches PDF zero-day, other critical bugs. Adobe late January 12 patched eight security vulnerabilities, six of them critical, in its popular PDF viewing and editing programs. Security experts urged consumers and corporate IT administrators to use the time provided by a light month of Microsoft patching to update Adobe Reader and Acrobat, calling the Adobe fixes more important for one of the first times ever. The January 12 Adobe update, the company’s that hackers had already exploited. The bug, which was publicly disclosed in mid-December but has been used by attackers since November, had gone unpatched until January 12. In December 2009, Adobe said it would not patch the bug until January 12 because an emergency fix would upset the schedule of quarterly security updates. In the interim, hackers continued to launch limited attacks that targeted specific individuals and companies, and conducted large-scale campaigns that touched thousands of users. Adobe tagged six of the eight vulnerabilities with the phrases “could allow arbitrary code execution” or “could lead to code execution,” security-speak for bugs that could be used to hijack a system.
Source: http://www.computerworld.com/s/article/9144238/Adobe_patches_PDF_ze...
January 12, ZDNet – (International) Adobe confirms ‘sophisticated, coordinated’ breach. In an attack described as “sophisticated” and “coordinated,” Adobe said its corporate network systems were breached by hackers. The company said the attack also affected other unnamed companies. Adobe did not provide any other details except to say it was aware of the breach on January 2, 2010. Adobe said in a brief statement that it became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies. They are currently in contact with other companies and are investigating the incident. At this time, they have no evidence to indicate that any sensitive information — including customer, financial, employee or any other sensitive data — has been compromised. They anticipate the full investigation will take quite some time to complete. It is not yet clear if this incident is related to the Google breach that is being blamed on China.
Source: http://blogs.zdnet.com/security/?p=5230
January 12, DarkReading – (International) Report: Mal-Bredo A virus spreads via social media. Commtouch on January 12 released its Internet Threats Trend Report for Q4 2009. Spammers continue to be cutting-edge marketers, this time taking advantage of the reputations of global brands, such as UPS, DHL, and Facebook, to prompt opening of emails. During this past quarter, cybercriminals focused on distributing the Mal-Bredo A virus. While the number of variants decreased from 10,000 to 1,000 as compared to last quarter, it was spread with much more virulence. Commtouch’s quarterly trend report is based on the analysis of more than two billion email messages and Internet transactions seen daily within the company’s cloud-based global detection centers. Blended threats, including fake Swine Flu alerts and Halloween tricks, continued to circulate, while spammers introduced a few new ploys including MP3 spam and personal enhancement spam targeting women.
Source: http://www.darkreading.com/vulnerability_management/security/app-se...
January 12, The Register – (International) South Korea sets up cyberwarfare unit to repel NORK hackers. South Korea has launched a cyberwarfare command center designed to fight against possible hacking attacks blamed on North Korea and China. The division boasts a reported 200 techies, who will be tasked with tackling a reported 95,000 hacking attacks the country’s military networks face every day. North Korea was blamed for a wave of attacks against U.S. and South Korean websites last July. However since botnets were used in the attack the true orchestrator of the assault remains unclear. More recently North Korean hackers were blamed for lifting a secret US-South Korean war plan from South Korean systems last month. Some reports suggest the hack may have relied on the use of an insecure (malware infected?) memory stick.
Source: http://www.theregister.co.uk/2010/01/12/korea_cyberwarfare_unit/
January 13, The Register – (International) ‘Sandwich attack’ busts new cellphone crypto. A new encryption scheme for protecting 3G phone networks has not even gone into commercial use and already cryptographers have cracked it — at least theoretically. In a paper published on January 12, the cryptographers showed that the Kasumi cipher, which is also referred to as A5/3, can be broken using what is known as a related-key attack, in which a message encrypted with one key is later changed to one or more different keys. The team dubbed the technique a sandwich attack because it was broken into three parts: two thick slices at the top and bottom and a thin slice in the middle. The results come two weeks after a separate team released a practical method for cracking A5/1, the cipher currently used to prevent snooping on GSM networks. The technique relies on about $4,000 worth of equipment and requires the capture of only a few minutes worth of an encrypted conversation in order to break it. The attack exploits weaknesses in the decades-old cipher. The GSM Association, which represents about 800 cellular carriers in 219 countries, has vowed to switch to the much more modern A5/3 cipher, but so far, it has provided no time line for doing so.
Source: http://www.theregister.co.uk/2010/01/13/gsm_crypto_crack/
The abstracts above are selected from today's DHS Daily Open Source Infrastructure Report (Daily Report). The Daily Report is collected each week day as a summary of open-source published information concerning significant critical infrastructure issues. Each Daily Report is divided by the critical infrastructure sectors and key assets defined in the National Infrastructure Protection Plan. Items selected by Cybercrime.TV are drawn from Banking and Finance, Information Technology, and Communications, as well as other sectors when an item is computer-related.
"The Washington Post reported today that Google said it has evidence that ‘a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.’ They found that the Gmail accounts of literally dozens of brave human rights advocates, ‘appear to have been routinely accessed by third parties.’
"This is unconscionable, but unsurprising given China’s long history of cracking down on free speech, human rights and religious freedom. China is regressing. They are increasingly brazen in their human rights abuses.
"This principled stand on the part of Google will surely give hope to the millions of Chinese people who yearn for freedom and cry out for basic human rights."
Congresswoman Loretta Sanchez (CA-47) issued the following statement:
"In December, Google was attacked by an individual or group of individuals attempting to retrieve the e-mail accounts of Chinese human rights activists. Although Google has not explicitly accused China of initiating the attacks, the evidence strongly suggests that the Chinese Government was the perpetrator.
"This attack was a blatant, illicit attempt to access the private information of Google users who the government perceives to be a threat. If China turns out to be the perpetrator, it should be strongly condemned for its actions, which violate the internet's core principles of free speech and expression.
"At the same time, I applaud Google's decision to risk its lucrative Chinese contracts for the sake of these principles. In the past, Google and other internet providers have struggled to provide their Chinese users with a free and open forum in the face of government opposition. I sincerely hope Google's threat to sever its ties with China completely will compel not only the Chinese government but other regimes - like Vietnam - to finally expand free speech on the Web."
As reported by Stephen Kaufman, staff writer for America.gov:
The Obama administration is continuing its efforts to promote universal and uncensored access to the Internet around the world, viewing it as a critical element to modern economies and societies, the State Department’s Alec Ross said January 14.
Ross, who serves as senior adviser for innovation to Secretary of State Hillary Rodham Clinton, told reporters in New York that Clinton has been “very engaged in helping to ensure that there is universal access to an uncensored Internet.” The secretary is scheduled to give a speech on the topic January 21.
Ross argued that access to 21st-century communication tools is a “net good” around the world. “The way in which information flows in the 21st century is increasingly over our global communications networks and our digital networks,” he said.
Ross’ remarks come after the U.S.-based Google Corporation said January 12 that it would stop adhering to Chinese government censorship rules and was considering pulling out of the Chinese market altogether. Google also cited a “highly sophisticated and targeted attack” by Chinese hackers, who primarily sought to break into the e-mail accounts of Chinese human rights activists.
“The ability to operate with confidence in cyberspace is critical to any modern economy and society,” Ross said. “The United States has frequently made clear to the Chinese our views on the importance of unrestricted Internet use as well as cybersecurity, and we look to the Chinese government for an explanation.”
In a January 12 statement, Secretary Clinton said Google’s allegations “raise very serious concerns and questions. We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy. I will be giving an address next week on the centrality of internet freedom in the 21st century, and we will have further comment on this matter as the facts become clear.”
Speaker of the U.S. House of Representatives Nancy Pelosi commended Google’s decision to end its Chinese-language censorship.
“Google is to be commended for taking action in response to cyber attacks originating from China targeting Chinese human rights advocates, and the intellectual property and corporate data of Google and more than 30 other companies. The announcement that Google will fully review its business operations in China and will no longer tolerate censorship of its search engine should serve as an example to businesses and governments.
“The Chinese government operates one of the most sophisticated operations in the world to control the Internet. It is essential that technology companies not assist in efforts that violate human rights or prohibit the free exchange of ideas,” she added.
In his December 10, 2009, remarks to the U.S.-China Internet Industry Forum, Under Secretary of State for Economic, Energy and Agricultural Affairs Robert Hormats said China has the world’s largest population of Internet users and can boast “an exceptional platform to support the researchers, engineers, product designers and business leaders of the future.”
Unrestricted access to information “is vital to the types of innovation that spark economic growth,” Hormats said.
“The Internet offers us an unparalleled ability to acquire knowledge if we allow unrestricted access to it,” he said. Echoing President Obama’s November 16, 2009, Shanghai town hall remarks, he added that “freely flowing information allows people to think for themselves and generate new ideas. It also encourages creativity.”
The Obama administration is aware that the Internet comes with potential downsides, such as its use to spread pornography and facilitate the ability of terrorist groups to organize. “We look forward to working with China and the private sector, both here and abroad, to mitigate these risks while maximizing the free flow of information,” Hormats said.
The United States believes that “certain core principles,” such as the freedom of expression as outlined in the Universal Declaration of Human Rights, apply to everyone around the world. Along with speaking out for those principles, “we believe that commerce should be open and that information should generally be freely accessible,” the under secretary said.
January 13, Washington Post – (International) Google threatens to leave China after attacks on activists’ e-mail. Google said on January 12 that it may pull out of China because of a sophisticated computer network attack originating there and targeting its e-mail service and corporate infrastructure, a threat that could rattle U.S.-China relations, as well as China’s business community. The company said it has evidence to suggest that “a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists,” but it said that at least 20 other large companies, including finance, media, and chemical firms, have been the targets of similar attacks. Google said it discovered the attack in December 2009. Industry sources said the attacks were even broader, affecting some 34 firms. Adobe said in a posting on a company blog on January 12 that it had been the subject of a “sophisticated, coordinated attack,” but that no sensitive information had been compromised. Congressional sources said that other targeted companies possibly include Northrop Grumman and Dow Chemical. The hackers directed the attacks on the companies through six Internet addresses linked to servers in Taiwan, which sent commands to targeted computers in the firms, said the head of international cyberintelligence for the Silicon Valley-based cybersecurity research and forensics firm Verisign iDefense, which is helping companies investigate the penetrations. The hackers were sending the data to a large Internet data center in San Antonio called Rackspace, he said. They appeared to be after information on weapons systems from defense firms and were seeking companies’ “source code,” the most valuable form of intellectual property because it underlies the firms’ computer applications, he said. U.S. authorities, including the National Security Agency, are involved in investigating the attacks.
Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/01/13/AR2...
January 13, Bank Info Security – (National) Year of the hack: review of 2009 data breaches. There were 62 data breaches involving financial institutions in 2009 — three of them occurring in the last month of the year. These breaches represent only a portion of the total of 498 incidents compiled in the 2009 Data Breach Report compiled by the Identity Theft Resource Center (ITRC), based in San Diego, California. But the largest of them, the Heartland Payment Systems breach, involved an estimated 130 million credit and debit card numbers taken, accounting for more than half of the 222 million records potentially taken in 2009. Insiders caused the largest number of data breaches within the financial services industry, says the executive director of the ITRC, and this threat will continue to be a problem for financial institutions in 2010, “The numbers come out almost every year, and they have said for the past eight or nine years that 70 percent of all hacking happens internal to the company,” the director said. May was the month with the most breaches (10), followed by August with nine and March with eight. June was the month with the fewest recorded breaches — just one.
Source: http://www.bankinfosecurity.com/articles.php?art_id=2067
January 13, Bank Systems and Technology – (National) Card fraud costs U.S. payment providers $8.6 billion per year. Card fraud costs the U.S. card payments industry an estimated $8.6 billion per year, according to a report released on January 13 by Aite Group. Though this sum is small compared with the $2.1 trillion in total yearly U.S. card volume, this area remains troubling for the industry. Fighting card fraud effectively involves triage and telepathy — picking appropriate battles to fight while anticipating fraudsters’ next steps based on the rapidly evolving technological landscape, Aite’s analysts say. Card technologies in the United States are unlikely to be universally upgraded anytime soon due to prohibitively high implementation costs and the loss of signature interchange. Given the relative speed and cost efficiency for deployment, the most practical method of mitigating card fraud currently would be based around end-to-end encryption, they say.
Source: http://www.banktech.com/payments-cards/showArticle.jhtml?articleID=...
January 12, The Register – (New York) Hackers pluck 8,300 customer logins from bank server. Hackers have stolen the login credentials for more than 8,300 customers of small New York bank after breaching its security and accessing a server that hosted its online banking system. The intrusion at Suffolk County National Bank (SCNB) happened over a six-day period that started on November 18, according to a release issued January 11. It was discovered on December 24 during an internal security review. In all, credentials 8,378 online accounts were pilfered, a number that represents less than 10 percent of SCNB’s total “Although the intrusion was limited in duration and scope, SCNB immediately isolated and rebuilt the compromised server and took other measures to ensure the security of data on the server,” the bank, located about an hour east of New York City, stated. “To date, SCNB has found no evidence of any unauthorized access to online banking accounts, nor received any reports of unusual activity or reports of financial loss to its customers.” The breach represents a variation on more traditional types of attacks on online banking. Cyber crooks typically target customers by surreptitiously planting malware on their computers that log their user name and password. By contrast, accessing a server that is storing online credentials for tens of thousands of customers is not the kind of intrusion one hears about every day. Best security practices are clear that passwords should never be stored on servers unless they are encrypted.
Source: http://www.theregister.co.uk/2010/01/12/bank_server_breached/
January 12, KCRA 3 Sacramento – (California) Kaiser patient data stolen. Information regarding approximately 15,000 Kaiser Permanente patients, including about 4,000 people in the Sacramento area, was stolen in December, the organization said Tuesday. Names and medical record numbers — and in some cases age, gender, phone number and general information regarding their medical care — were taken December 1 when an external electronic data storage device containing the data was stolen from a Kaiser Permanente employee’s car at the employee’s home in Sacramento, said the vice president of compliance and privacy for Kaiser Permanente. Kaiser said Tuesday there were no patient Social Security numbers or financial information on the device, adding that there is no evidence that the information was used inappropriately. Affected patients have been notified by Kaiser Permanente.
Source: http://www.kcra.com/mostpopular/22220329/detail.html
January 13, Computerworld – (International) Adobe patches PDF zero-day, other critical bugs. Adobe late January 12 patched eight security vulnerabilities, six of them critical, in its popular PDF viewing and editing programs. Security experts urged consumers and corporate IT administrators to use the time provided by a light month of Microsoft patching to update Adobe Reader and Acrobat, calling the Adobe fixes more important for one of the first times ever. The January 12 Adobe update, the company’s that hackers had already exploited. The bug, which was publicly disclosed in mid-December but has been used by attackers since November, had gone unpatched until January 12. In December 2009, Adobe said it would not patch the bug until January 12 because an emergency fix would upset the schedule of quarterly security updates. In the interim, hackers continued to launch limited attacks that targeted specific individuals and companies, and conducted large-scale campaigns that touched thousands of users. Adobe tagged six of the eight vulnerabilities with the phrases “could allow arbitrary code execution” or “could lead to code execution,” security-speak for bugs that could be used to hijack a system.
Source: http://www.computerworld.com/s/article/9144238/Adobe_patches_PDF_ze...
January 12, ZDNet – (International) Adobe confirms ‘sophisticated, coordinated’ breach. In an attack described as “sophisticated” and “coordinated,” Adobe said its corporate network systems were breached by hackers. The company said the attack also affected other unnamed companies. Adobe did not provide any other details except to say it was aware of the breach on January 2, 2010. Adobe said in a brief statement that it became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies. They are currently in contact with other companies and are investigating the incident. At this time, they have no evidence to indicate that any sensitive information — including customer, financial, employee or any other sensitive data — has been compromised. They anticipate the full investigation will take quite some time to complete. It is not yet clear if this incident is related to the Google breach that is being blamed on China.
Source: http://blogs.zdnet.com/security/?p=5230
January 12, DarkReading – (International) Report: Mal-Bredo A virus spreads via social media. Commtouch on January 12 released its Internet Threats Trend Report for Q4 2009. Spammers continue to be cutting-edge marketers, this time taking advantage of the reputations of global brands, such as UPS, DHL, and Facebook, to prompt opening of emails. During this past quarter, cybercriminals focused on distributing the Mal-Bredo A virus. While the number of variants decreased from 10,000 to 1,000 as compared to last quarter, it was spread with much more virulence. Commtouch’s quarterly trend report is based on the analysis of more than two billion email messages and Internet transactions seen daily within the company’s cloud-based global detection centers. Blended threats, including fake Swine Flu alerts and Halloween tricks, continued to circulate, while spammers introduced a few new ploys including MP3 spam and personal enhancement spam targeting women.
Source: http://www.darkreading.com/vulnerability_management/security/app-se...
January 12, The Register – (International) South Korea sets up cyberwarfare unit to repel NORK hackers. South Korea has launched a cyberwarfare command center designed to fight against possible hacking attacks blamed on North Korea and China. The division boasts a reported 200 techies, who will be tasked with tackling a reported 95,000 hacking attacks the country’s military networks face every day. North Korea was blamed for a wave of attacks against U.S. and South Korean websites last July. However since botnets were used in the attack the true orchestrator of the assault remains unclear. More recently North Korean hackers were blamed for lifting a secret US-South Korean war plan from South Korean systems last month. Some reports suggest the hack may have relied on the use of an insecure (malware infected?) memory stick.
Source: http://www.theregister.co.uk/2010/01/12/korea_cyberwarfare_unit/
January 13, The Register – (International) ‘Sandwich attack’ busts new cellphone crypto. A new encryption scheme for protecting 3G phone networks has not even gone into commercial use and already cryptographers have cracked it — at least theoretically. In a paper published on January 12, the cryptographers showed that the Kasumi cipher, which is also referred to as A5/3, can be broken using what is known as a related-key attack, in which a message encrypted with one key is later changed to one or more different keys. The team dubbed the technique a sandwich attack because it was broken into three parts: two thick slices at the top and bottom and a thin slice in the middle. The results come two weeks after a separate team released a practical method for cracking A5/1, the cipher currently used to prevent snooping on GSM networks. The technique relies on about $4,000 worth of equipment and requires the capture of only a few minutes worth of an encrypted conversation in order to break it. The attack exploits weaknesses in the decades-old cipher. The GSM Association, which represents about 800 cellular carriers in 219 countries, has vowed to switch to the much more modern A5/3 cipher, but so far, it has provided no time line for doing so.
Source: http://www.theregister.co.uk/2010/01/13/gsm_crypto_crack/
The abstracts above are selected from today's DHS Daily Open Source Infrastructure Report (Daily Report). The Daily Report is collected each week day as a summary of open-source published information concerning significant critical infrastructure issues. Each Daily Report is divided by the critical infrastructure sectors and key assets defined in the National Infrastructure Protection Plan. Items selected by Cybercrime.TV are drawn from Banking and Finance, Information Technology, and Communications, as well as other sectors when an item is computer-related.
Views: 5
Comment
© 2012 Created by Cybercrime.TV.
You need to be a member of CYBERCRIME.TV to add comments!
Join CYBERCRIME.TV