The Great Geek Manual News

Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web.

Major software and hardware makers worked in secret for months to create a software “patch” released on Tuesday to repair the problem, which is in the way computers are routed to web page addresses.

“It’s a very fundamental issue with how the entire addressing scheme of the Internet works,” Securosis analyst Rich Mogul said in a media conference call.

“You’d have the Internet, but it wouldn’t be the Internet you expect. (Hackers) would control everything.”

The flaw would be a boon for “phishing” cons that involve leading people to imitation web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.

Attackers could use the vulnerability to route Internet users wherever they wanted no matter what website address is typed into a web browser.

Read the Entire Story…
Source: AFP via Yahoo! News

Hackers have “compromised” pages on the US Sony PlayStation website, a security firm claimed today..

Sophos said that cyber-criminals used an SQL injection vulnerability to add unauthorised code to pages promoting PlayStation games SingStar Pop and God of War.

The malware claims to undertake an antivirus scan and displays a fake message stating that the visitor’s computer has been infected.

The visitor is then urged to purchase a bogus security product to clean up the ‘infection’.

Sophos warned that it would be “trivial” for the hackers who have compromised the web pages to alter the payload so that it became more malicious.

They could install code designed to harvest confidential information from users, or turn innocent victims’ PCs into botnet zombies.

“There are millions of video game lovers around the world, many of whom will visit Sony’s PlayStation website regularly to find out more about the latest console games,” said Graham Cluley, senior technology consultant at Sophos.

Read the Entire Story…
Source: iT News

A study from researchers at Google, IBM and the Communications Systems Group in Switzerland found only 60 percent of Web users have safe browsers. The most secure is Mozilla’s Firefox, and the least secure is Microsoft’s Internet Explorer. The findings are similar to those by Sophos, which found 81 percent of corporate endpoints vulnerable.

Researchers from Google, IBM and the Communications Systems Group in Switzerland released a study Monday that shows only 60 percent of Web users are surfing with patched, updated browsers.

They estimated that only 576 million of 1.4 billion Internet users worldwide used the most secure browsers. The data Relevant Products/Services came from Google’s server logs between January 2007 and last month.

Mozilla users are most likely to be using the latest versions of their browsers, with 83 percent of Firefox users patched. By contrast, only 63.3 percent of Safari users and 56.1 percent of Opera users have the latest versions. Microsoft Relevant Products/Services Internet Explorer users ranked at the bottom with only 47.6 percent using the most secure version of IE7.

“We believe the auto-update mechanism as implemented within Firefox to be the most efficient patching mechanism of the Web browsers studied,” the researchers wrote.

Read the Entire Story…
Source: News Factor

Researchers from Radboud University in the Netherlands have successfully cracked the security of the Oyster card used for fare payments on buses and tubes in London..

The researchers travelled on the tube on a cloned card, reset its credit level from a laptop and caused gates to jam closed.

Transport for London (TfL) said that its Oyster cards are secure, that personal information is kept separate from journey information and that anyone caught using a cloned card would be prosecuted.

The system is checked every 24 hours and the best any Oyster criminal could get is a day’s free travel, the company claimed.

Radboud researcher Wouter Teepe presented evidence on the crack to the Dutch parliament, which has already delayed installation of a €1bn automated payment transport system based on the same core technology.

At the heart of an Oyster card is the Mifare chip, made by Philips spin-off NXP.

Designed in the 1990s before processors of that size could handle strong encryption, Mifare has suffered at least three published cracks, according to security experts who have urged TfL to upgrade the system.

Source: iTNews

Two U.S. Congressmen on Wednesday accused China of hacking their office computers, possibly compromising information on Chinese dissidents, the Congressmen and news reports said.

Virginia Rep. Frank Wolf said from the floor of the U.S. House of Representatives, “in August 2006, four of the computers in my personal office were compromised by an outside source. This source first hacked into the computer of my foreign policy and human rights staff person, then the computers of my chief of staff, my legislative director, and my judiciary staff person. On these computers was information about all of the casework I have done on behalf of political dissidents and human rights activists around the world.”

“In subsequent meetings with House Information Resources and FBI officials, it was revealed that the outside sources responsible for this attack came from within the People’s Republic of China. These cyber attacks permitted the source to probe our computers to evaluate our system’s defenses, and to view and copy information. My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China’s abysmal human rights record,” he continued, according to a transcript on Wolf’s Web site.

A spokesperson for the U.S. Embassy in Beijing’s Public Affairs office did not immediately respond to a request for comment. A spokesperson’s phone at China’s Foreign Ministry in Beijing rang unanswered.

Read the Entire Story…
Source: Network World

A nuclear power plant in Georgia was recently forced into an emergency shutdown for 48 hours after a software update was installed on a single computer.

The incident occurred on March 7 at Unit 2 of the Hatch nuclear power plant near Baxley, Georgia. The trouble started after an engineer from Southern Company, which manages the technology operations for the plant, installed a software update on a computer operating on the plant’s business network.

The computer in question was used to monitor chemical and diagnostic data from one of the facility’s primary control systems, and the software update was designed to synchronize data on both systems. According to a report filed with the Nuclear Regulatory Commission, when the updated computer rebooted, it reset the data on the control system, causing safety systems to errantly interpret the lack of data as a drop in water reservoirs that cool the plant’s radioactive nuclear fuel rods. As a result, automated safety systems at the plant triggered a shutdown.

Southern Company spokeswoman Carrie Phillips said the nuclear plant’s emergency systems performed as designed, and that at no time did the malfunction endanger the security or safety of the nuclear facility.

Phillips explained that company technicians were aware that there was full two-way communication between certain computers on the plant’s corporate and control networks. But she said the engineer who installed the update was not aware that that the software was designed to synchronize data between machines on both networks, or that a reboot in the business system computer would force a similar reset in the control system machine.

Read the Entire Story…
Source: Washington Post

A spokeswoman for the Phoenix Mars Lander mission says a hacker took over the mission’s public Web site during the night and changed its lead news story.

Spokeswoman Sara Hammond says a mission update posted Friday was replaced with a hacker’s signature and a link redirecting visitors to an overseas Web site.

Hammond says the site hosted by the University of Arizona has been taken off line while computer experts work to correct the problem.

The Mars Lander vehicle touched down on the Red Planet last Sunday to search for traces of organic compounds that are the basic building blocks of life.

Source: The Associated Press via MyPlainView

It has become apparent during the last few hours that Comcast, everyone’s favorite ISP (especially in the BitTorrent world) has been hacked. The message on the homepage read: “KRYOGENIKS EBK and DEFIANT RoXed COMCAST.”

When you’re as large as Comcast, you can’t please all of the people, all of the time. Although it has done so in other ways too, Comcast managed to annoy a large portion of its customer base with its throttling activities, not to mention its misleading statements and ’smokescreen’ attitude when it was discovered to be squirming away from the truth. Maybe it’s this that motivated a group of individuals to make the next move?

This morning many people will be celebrating as reports circulate that in the last few hours Comcast has been the subject of a hacking which defaced its homepage (mirror here).

Read the Entire Story…
Source: Torrent Freak

A hacker has used a loophole to collect more than $50,000 from Google Checkout and online brokerage firms, a few cents at a time. When opening an online brokering account it is common practice for companies such as E-trade and Schwab to send a tiny payment - ranging from only a few cents to a couple of dollars - to verify that the user has access to the bank account listed. Services such as Google Checkout and Paypal use a similar tactic to verify credit and debit cards linked to accounts.

According to court documents, Californian Michael Largent used an automated script to open 58,000 such accounts, collecting many thousands of these small payments into a few personal bank accounts.

Largent also performed the same trick with Google’s Checkout service, cashing more than $8,000 alone from the service.

He is currently free on bail pending a court judgement on charges of wire, bank and mail fraud for his antics with the online brokerage sites, although his similar approach to getting cash out of Google has not been pursued by police as of this time.

When his bank contacted him about the thousands of small payments, Largent explained that he had read the terms of service of the sites he was targeting, and believed he was doing nothing wrong, claiming that he needed the money to pay off debts.

However, Largent used false names, including cartoon characters, as well as false addresses and social security numbers, which opened him to conviction under laws on mail, bank and wire fraud.

Source: PC Pro

The number of successful attacks on .au domain names has increased over the past 12 months, according to the latest Cyber Hack Update 2008 report from TippingPoint.

The report, released at the AusCERT conference revealed that Australia is second in APAC in terms of the number of successful cyber attacks annually; up one position from last year’s third ranking.

Korea Republic domain names which were previously most attacked in 2006-2007 fell below Australia and are now in third place. China is now leading the pack in APAC with 32,128 successful hacks in 2007-2008.

The report also revealed that there were more successful attacks on .au domains than popular Asian countries, Russia, Taiwan, Japan and Hong Kong.

“Australia is a high profile country despite its population. Its news attracts the attention of the world and [having] Asia as its nearest neighbour it’s certainly attractive,” said Ken Low security marketing director APAC at TippingPoint.

According to the report, .au domain names were hacked 24,444 times in the past 12 months, compared to 20,113 in the previous year.

Read the Entire Story…
Source: iT News

Spanish police have arrested five people suspected of hacking into or outright disabling thousands of Internet pages, some of them run by government agencies in the U.S., Latin America and Asia, authorities said Saturday. The National Police said the suspects belonged to one of the most active hacker groups on the Internet and said two of the suspects are 16 years old. The others are 19 or 20.

On the Internet, the group calls itself D.O.M Team, police said. One of the group’s techniques was to infiltrate Web sites and insert a page of its own, police said. The group attacked some 21,000 Web pages over the last two years, police said in a statement. The five were arrested this week in Barcelona, Burgos, Malaga and Valencia.

The statement did not identify which government Web sites the suspects are accused of tampering with.

The Spanish newspaper El Mundo reported in March that the group had infiltrated NASA’s Web page. A police official said Saturday she could not confirm this, and she refused to specify which sites had been hit. The official spoke on condition of anonymity in line with department rules. The newspaper said the group also hacked the Venezuelan national telephone company’s page and that of the Spanish telephone operator Jazztel, among others.

El Mundo said it had contacted the group in March and that members described themselves not as delinquents, but as computer-lovers who raided Web sites to show system administrators the pages’ vulnerabilities. The Spanish investigation began in March after the Web page of a Spanish political party, Izquierda Unida, was disabled shortly after Spain’s general election March 9. The five suspects did not know one another personally, but rather just over the Internet, police said. They were in contact with other members of the hacking group, mainly in Latin America, police said.

Source: The Associated Press via UticaOD

Hackers often harness the combined power of thousands of virus-infected personal computers to pump out spam e-mail or disable targeted servers by overwhelming them with Internet traffic.

Now an Air Force colonel is suggesting the U.S. military build its own “botnet,” or network of remotely controlled computers, to be ready to attack the computer networks of foreign enemies.

The proposal Col. Charles Williamson III outlined in the May edition of the Armed Forces Journal highlights the creative cyberwarfare strategies being hashed out by the military as hackers abroad step up their attacks on U.S. government computer networks and others around the world.

“The days of the fortress are gone, even in cyberspace,” wrote Williamson, staff judge advocate for Air Force Intelligence in the Surveillance and Reconnaissance Agency at Lackland Air Force Base in Texas. “While America must harden itself in cyberspace, we cannot afford to let adversaries maneuver in that domain uncontested.”

The government wouldn’t build its botnet by infecting innocent people’s computers like criminal hackers, Williamson wrote. Instead, the military could use PCs it was going to throw away. And it could expand that botnet’s computing horsepower by implanting its code on other government computers.

Read the Entire Story…
Source: The Associated Press via Hampton Roads’ Pilot Online

A high-ranking News Corp. official testified on Tuesday that he kept two hackers on the payroll for years after one of them was accused of infiltrating the security system of rival satellite television company DISH Network Corp.

Abraham Peled, CEO of News Corp. affiliate NDS Group — and a member of News Corp.’s executive management committee headed by Rupert Murdoch — said he continued to employ Christopher Tarnovsky after being told by another former hacker that Tarnovsky posted information on the Internet to let users unscramble DISH’s network and receive free service.

“We made it clear that these people were turning over to the good side and are expected to fight piracy instead of engage in it and we trusted Mr. Tarnovsky and instructed him not to do so,” Peled said at a corporate spying trial in federal court in Santa Ana, Calif.

“Obviously, there’s a theoretical risk” in hiring hackers, he added.

The espionage case was brought by EchoStar Communications, which later split into two companies, DISH (NASDAQ: DISH) and EchoStar, with DISH being the primary plaintiff. DISH claims it lost $900 million in revenue and system-repair costs.

Read the Entire Story…
Source: Internet News

Several websites of the U.S.-funded Radio Free Europe/Radio Liberty have been attacked, the broadcaster said Monday, suggesting the Belarus government could be responsible. In the form of a denial-of-service attack that floods servers with fake traffic so legitimate visitors cannot get through, the assault began Saturday and continues, the network said in a statement.

The broadcaster said it is trying to restore its websites.

The attack is aimed mainly the site of Radio Free Europe’s Belarus service, but websites serving Iran, Russia, Azerbaijan, Tajikistan, Kosovo, Macedonia, Bosnia and Croatia also have been affected, the network said.

Jeffrey Gedmin, the network’s president, compared the attack to communist countries jamming U.S.-backed broadcasts during the Cold War.

“Dictators are still trying to prevent the kind of unfiltered news and information that (Radio Free Europe) provides from reaching their people,” Gedmin said. “They did not succeed in the last century and they will not succeed now.”

Radio Free Europe/Radio Liberty is a private, nonprofit corporation that receives funding from the U.S. government. It was established in 1949 to spread pro-Western news and promote democratic values and institutions in countries behind the Iron Curtain.

Read the Entire Story…
Source: The Globe and Mail