Cyber Threats Accelerate: 94% of Web Browser Exploits Occur Within 24 Hours of Disclosure

Today X-Force, IBM's security research and development arm, released its 2008 Midyear Trend Statistics report that indicates cyber-criminals are adopting new automation techniques and strategies that allow them to exploit vulnerabilities much faster than ever before. The new tools are being implemented on the Internet by organized criminal elements, and at the same time public exploit code published by researchers are putting more systems, databases and ultimately, people at risk of compromise. more»

Chinese Government Accused of Being Behind 'Titan Rain' Cyber Attacks

China has been accused of sponsoring cyber attacks at the International Crime Science Conference held in London, UK recently. Security expert, John Walker, CTO of forensics consultancy Secure-Bastion, said that the Chinese government was behind the 'Titan Rain' attacks on the US and the UK. Titan Rain is codename given by the U.S. government to a series of coordinated attacks on American computer systems where hackers gained access to many U.S. computer networks, including NASA. The attacks were identified as being Chinese in origin, however the Chinese government has not been officially accused of being behind the assault. more»

Small Businesses in Denial about Threat Posed by Cyberattacks

Small- and medium-sized businesses are in denial about the threat posed by cyberattacks, security software firm McAfee concluded in a study published this week. While most small- and medium-sized companies believe that they operate under cybercriminals' radar, the study found that one-in-five firms have been attacked. The survey -- which polled 500 companies with 1,000 employees or less -- found that for every eight firms, only ten employees were dedicated to managing the businesses' information-technology systems. more»

US-CERT Says They Are Aware of DNS Exploit Code, Emphasizes Urgent Patching

The United States Computer Emergency Readiness Team (US-CERT) has acknowledged that they are aware of the publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. US-CERT is re-emphasizing the urgency of patching vulnerable DNS systems. more»

DNS Attack Code Has Been Published

As warned by Dan Kaminsky, Paul Vixie, and numerous other experts experts, it was just a matter of time before an exploit code for the now public DNS flaw would surface. An exploit code for the flaw allowing insertion of malicious DNS records into the cache of target nameservers has been posted to Metasploit, a free provider of information and tools on exploit techniques. According to reports Metasploit creator, H D Moore in collaboration with a researcher named "|)ruid" from Computer Academic Underground, created the exploit, dubbed "DNS BaliWicked Attack", along with a DNS service created to assist with the exploit. more»

Targeted Social Engineering Attacks Against Corporations Reach Record Levels

A recent report by iDefense Labs estimates that there have been 66 distinct spear phishing attacks between February 2007 and June 2008, with the rate of attacks continuing to accelerate. Spear phishing groups have claimed more than 15,000 corporate victims in 15 months, with victim losses exceeding $100,000 in some cases. Victims include Fortune 500 companies, financial institutions, government agencies, and legal firms. more»

Website of Georgian President Under Attack, Political Motivation Suspected

For over 24 hours the website of President Mikhail Saakashvili of Georgia, a former Soviet republic, has been down as a result of a distributed denial of service (DDoS) attack. This attack appears to have a political motivation, says Jose Nazario of Arbor Neworks. "Tensions between Russia and Georgia appear to be running high lately." According to The Shadowserver Foundation, a security watchdog group, the site (www.president.gov.ge) began coming under attack very early Saturday morning (Georgian time). more»

Many Systems Open to Attack Through Channels Enabled to Support IPv6 Traffic

It may be years before the new internet protocol IPv6 takes over from the current IPv4, but a security researcher is warning that many systems -- corporate and personal -- are already open to attack through channels that have been enabled on their machines to support IPv6 traffic, according to the Wired report by Kim Zetter. Joe Klein, a security researcher with Command Information, says many organizations and home users have IPv6 enabled on their systems by default but don't know it. They also don't have protection in place to block malicious traffic, since some intrusion detection systems and firewalls aren't set up to monitor IPv6 traffic, presenting an appealing vector through which outsiders can attack their networks undetected. more»

Obama Says Cybersecurity Would Be Top Priority in His Administration

Sen. Barack Obama, the U.S. presidential candidate outlined in a speech yesterday, what he envisioned for a cyber-security infrastructure that would protect the nation's computer networks and strengthen science and computer education programs. "I'll declare our cyber-infrastructure a strategic asset, and appoint a national cyber adviser who will report directly to me. We'll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information -- from the networks that power the federal government, to the networks that you use in your personal lives." more»

Security Experts Caution Against Latest Strom Warm Campaign Claiming U.S Invasion of Iran

Recent blast of emails linked to Strom Warm attempt to exploit client-side vulnerabilities by stating that the U.S. army has invaded Iran. The email is also reported to contain links to videos. The text reads:

“Just now US Army’s Delta Force and U.S. Air Force have invaded Iran. Approximately 20000 soldiers crossed the border into Iran and broke down the Iran’s Army resistance. The video made by US soldier was received today morning. Click on the video to see first minutes of the beginning of the World War III. God save us.” more»

Lithuanian Government and Corporate Websites Attacked

Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups, reports Brian Krebs of the Washington Post. According to reports, Lithuanian officials did not directly accuse Russian hackers of initiating the attacks which are said to have come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, VA, as linked the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II. more»

U.S. Military Wants to Patrol the Internet

The U.S. military is looking for a contractor to patrol cyberspace, watching for warning signs of forthcoming terrorist attacks or other hostile activity on the Web. "If someone wants to blow us up, we want to know about it," Robert Hembrook, the deputy intelligence chief of the U.S. Army's Fifth Signal Command in Mannheim, Germany, told United Press International. "The purpose of the services will be to identify and assess stated and implied threat, antipathy, unrest and other contextual data relating to selected Internet domains," says the solicitation. more»

Turkish Hacker Group Strikes Again, This Time Victims are ICANN and IANA

The same Turkish Hacking Group, NetDevilz, responsible for the hacking and defacement of the popular photo sharing site, Photobucket, has been reported to have briefly succeeded in accessing ICANN and IANA domain names yesterday, June 26, 2008, and redirecting them to a page containing the message: "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"... more»

Cisco, IBM, Intel, Juniper and Microsoft Announce Consortium to Address Global Security Threats

Five leading IT vendors have announced the creation of the Industry Consortium for Advancement of Security on the Internet (ICASI), a nonprofit organization that intends to let vendors and customers work together on global IT security threats and resolve them in a government-neutral way. ICASI's founding members include, Cisco, IBM, Intel, Juniper and Microsoft. ICASI will target "global, multivendor cyber threats" to reduce their impact on end users. The group's statement says these attacks target multiple products or protocols in products, giving them a broader impact. These attacks pose problems not only for end user customers, but also for vendors, the group says. more»

Cyberattacks Will Be Disruptive, Not Destructive, Says Howard Schmidt

In a recent interview by Krish Raghav, from Wall Street Journal's LiveMint.com, Howard Schmidt, an information networks expert and a senior cyber-security adviser in the Bush administration, talked about several hot Internet issues, including net neutrality and cyber-attacks. In this report, Raghav starts with the following statement: "In the last 12 months, some 10 Indian government ministry websites have been targets of cyber-attacks. Recently, security experts with Boston-based Core Security Technologies said such attackers could "gain control
of countries' water treatment plants, natural gas pipelines and other critical utilities". more»