See Richard Stiennons threat blog at www.threatchaos.com ...With botnets everywhere, DDoS
attacks get cheaper
NASA network security torched
October 8, 2009
GAO
says NASA has been successfully targeted by cyber attacks 1,120 times
in the past two years and significant holes still remain
http://www.networkworld.com/community/node/46208?t51hb&hpg1=mpPhishing attack targets Hotmail
October 5, 2009
Thousands of accounts on web-based e-mail system
Hotmail have been compromised in a phishing attack, software giant
Microsoft has confirmed.
BBC News has seen a list of more
than 10,000 e-mail accounts, predominantly originating from Europe, and
passwords which were posted online.
Microsoft said it had launched an investigation.Phishing involves using fake websites to lure people into revealing details such as bank accounts or login names."We
are aware that some Windows Live Hotmail customers' credentials were
acquired illegally and exposed on a website," said a Microsoft
spokesperson. "Upon learning of the issue, we immediately
requested that the credentials be removed and launched an investigation
to determine the impact to customers."
Quick change
Graham
Cluley, consultant at security firm Sophos, told BBC News the published
list may just be a subset of a longer list of compromised accounts."We still don't know the scale of the problem," he told BBC News.Technology
blog neowin.net was the first to publish details of the attack. It said
the accounts were posted on 1 October to pastebin.com, a website
commonly used by developers to share code.Although the details
have since been removed, BBC News and Neowin has seen a list of 10,028
names beginning with the letters A and B.BBC News has confirmed that the accounts are genuine and predominantly originate in Europe.The
list included details of Microsoft's Windows Live Hotmail accounts with
email addresses ending hotmail.com, msn.com and live.com. Mr Cluley advised Hotmail users to change their password as soon as possible."I'd also recommend that people change the password on any other site where they use it," he said. Around 40% of people use the same password for every website they use, he added.
Hotmail is currently the largest web-based e-mail service.
By Jonathan Fildes
Technology reporter, BBC News
Brazil: Birthplace of banking trojans...
http://blogs.usatoday.com/technologylive/2009/02/brazil-birthpla.html
Brazil has emerged as one of the most hostile online
environments in the world; in particular, it has become a hotbed for innovation
in banking trojans, says Gunter
Ollmann, senior researcher at IBM Internet Security Systems.
DNS Poisoning Attack Against Major Brazilian ISP...
http://news.softpedia.com/news/DNS-Poisoning-Attack-Against-Major-Brazilian-ISP-110226.shtml
The broadband Internet service of NET Serviços de Comunicação
(NET Communications Services), called NET Vírtua, was the target of unnamed
attackers earlier this month. According to Brazilian media outlet Globo.com, NET's DNS cache has been poisoned to serve a
banking trojan to Virtua costumers, as well as to hijack their online banking
details.
NET Vírtua reported a number of over two million customers on the Brazilian
market during the last trimester of 2008. The company plans to introduce
broadband connection at speeds of 60 Mbps across Brazil during this year. A
company spokesperson told Globo that 1% of its customer base was affected by
this attack.
Cyber sentinel: can e-commerce in Latin America be made safe?
Argentina's
Decidir.com believes its information protection and fraud screening services
are the answer...
http://findarticles.com/p/articles/mi_m0OQC/is_1_2/ai_100439772/
Cyber security and the pipeline control system.
http://www.allbusiness.com/transportation/pipeline-transportation/11800626-1.html
we have suffered many acts of sabotage at the terminals, the refineries, and
even to some wellheads in Lake Maracaibo. There were even instances of computer
hacking which did a lot of damage since much of the operation is centrally
controlled by computer."
Details of the cyber attacks on PDVSA's systems were slow to emerge, but it
seemed that hackers were able to penetrate the SCADA system responsible for
tanker loading at a marine terminal in eastern Venezuela. Once inside, the
hackers erased the programs in the programmable logic controllers (PLCs)
operating the facility, preventing tanker loading for eight hours. Fortunately
for PDVSA, the tactics of attackers were unsophisticated, making detection of
the problem relatively easy, and backups of the PLC programs were unaffected,
making recovery straightforward.