IT security, vunerabilities, bugs, fixes, flaws, RSA conference and Infosec.

China's online army?

A US military report with facebook marketing services into relations with China has claimed that the Chinese government is developing an information warfare division - a cyber army. The report suggests that the People's Republic of China is developing teams to handle computer network attack, defence and exploitation with a separate section handling electronic countermeasures.

Surely it seems reasonable that any army would have a digital warfare division these days. But then again, just look at what's happening in Estonia.

May 29, 2007 | Permalink | Comments (0) | TrackBack (0)

An antispam standard?

The Internet Engineering Task Force has granted preliminary approval to DomainKeys Identified Mail (DKIM). The platform promises to kill spam by preventing spoofing. DomainKeys attaches an encrypted digital signature unique to the sender to each email when it is sent.

More here.

May 24, 2007 | Permalink | Comments (0) | TrackBack (0)

Gozi steals from SSL streams

It would appear that a mutation of the Russian Gozi virus can now hijack and steal data from an SSL stream. This also turns out to be one of the hardest Trojans to detect. It look slike around 6,000 users have already had their banking details comprimised.

May 23, 2007 | Permalink | Comments (0) | TrackBack (0)

The drive by download experiment is an intersting social experiment. A security researcher took out an ad - which stated: 'Is your PC virus-free? Get it infected here!'. The ad was displayed 259,723 times and 409 people clicked on the link. The idea is to show how people will click on anything, as this a version of a standard trick used by hackers. Unfortunately,Google has since disapproved and removed the ad, stating that it violates AdWords editorial guidelines.

May 21, 2007 | Permalink | Comments (0) | TrackBack (0)

Pirate Bay hacked

Swedish BitTorrent site The Pirate Bay has been hacked and a database containing 1.6 million user names and passwords stolen. However the Pirates tracked down the culprits, although the data was always safe as it had been encrypted in such a way the thieves were unable to break it. it's interesting that some bittorrent tracker can keep its data safe even in the event of a theft, while a number of multinationals have been left red faced in similar circumstances.

May 15, 2007 | Permalink | Comments (0) | TrackBack (0)

e-gold the fraudsters favourite

Security firm RSA has warned that cyber fraudsters are favouring online transaction site e-gold for shifting their ill gotten gains. Directors of the company have already been indicted for money laundering, operating an unlicensed money transmitter business, and conspiracies to commit both offences.

It looks like more  fraudsters are starting to accept WebMoney as well, RSA said.

May 13, 2007 | Permalink | Comments (1) | TrackBack (0)

Now it's M&S' turn

Another security cock up, this time affecting 26,000 employees at Marks & Spencer. A laptop containing all the employees personal details has been nicked. Might have been a different story had it been encrypted.

May 9, 2007 | Permalink | Comments (0) | TrackBack (0)

TSA loses important hard drive

Another one of those 'oops' situations. The Transportation Security Administration (TSA), which, ironically, is part of Homeland Security, has 'misplaced' an external hard drive with details of 100,000 employees on it. They still don't know if its been lost or stolen. Incredible isn't it?

May 8, 2007 | Permalink | Comments (0) | TrackBack (0)

The HD-DVD crack debacle

This has been an interesting one to watch, not because a key has been circulating that allows users to disable the copy protection on Blu-ray and HD-DVD, but because of the effect of the scramble to stop the key spreading. It's really only succeeded in making the matter worse - for instance, when Digg tried to pull all postings of the key, users only posted more and even flooded the site at one point.

There's a reason why it's called user generated content - and if you run a site like that, it belongs to the community.

May 3, 2007 | Permalink | Comments (0) | TrackBack (0)

An unusual punishment

Microsoft has forced a software pirate to take out an ad in a trade magazine advertising his guilt. The Redmond Giant worked the unusual punishment into a case it won against the pirate. Maybe we'll be seeing more of these...

May 2, 2007 | Permalink | Comments (0) | TrackBack (0)