apache.org Hacked

apache.org was down this morning due to a compromise. The attackers reportedly got in with a compromised SSH key used for backups. Info from Apache Foundation here. They are back up and running..

Emergency Internet Bill - Give Obama Power to Knock Private Companies off the Internet??

A bill proposed this spring giving the White House power to knock private sector companies off the Internet in a so-called "cyber security emergency" has civil liberties and Internet groups concerned. A new version has been drafted by aides of Democrat Jay Rockefeller from Virginia. CNET got their hands on a copy and says it's still troubling due to it's vagueness.
Details from CNET can be found here.

Highlights of IBM Security Report

August 26, Network World – (International) Trojan attacks up, phishing attacks down this year, IBM finds. Spam-based phishing attacks declined noticeably during the first half of the year, but cyber-criminals may simply be shifting to other technologies found to be more effective in stealing personal data, according to IBM in its semi-annual security threat report. “The decline in phishing and increases in other areas (such as banking Trojans) indicate the attackers may be moving their resources to other methods to obtain the gains that phishing once achieved,” is the explanation offered in the “IBM Internet Security Systems 2009 Mid-Year Trend & Risk Report.” It says Russia is the top country of origin for phishing e-mails, with 7.2 percent share, while China is the top hosting country for spam URLs. IBM’s semi-annual security report presents a broad view of trends based on its own analysis of volumes of sensor data, Web crawling technologies and other resources used to gather information through its Internet Security Systems division. In the first half of 2009, 55 percent of the new malware seen was Trojans, an increase of 9 percent over last year, the report says. Trojan malware, which includes components called downloaders and info- stealers, are mainly being used in the form of “public-available toolkits” that are “easy to use” by criminals, the report points out. The number of malicious Web links used to trick users into downloading malware or visiting dangerous sites has increased, up 508 percent in the first half of 2009 in comparison to the number discovered in the first half of 2008, says the report. The U.S. is the top country where such malicious Web links can be found, accounting for 36 percent of known malicious links, with China holding the second spot. Source: http://www.networkworld.com/news/2009/082609-ibm-malware-trojans.html

If You Use Google Chrome, Time To Upgrade..

August 25, CNET News – (International) Google patches severe Chrome vulnerabilities. Google has fixed two high-severity vulnerabilities in the stable version of its Chrome browser that could have let an attacker remotely take over a person’s computer. With one attack on Google’s V8 JavaScript engine, malicious JavaScript on a Web site could let an attacker gain access to sensitive data or run arbitrary code on the computer within a Chrome protected area called the sandbox, Google said in a blog post Tuesday. With the other, a page with XML-encoded information could cause a browser tab crash that could let an attacker run arbitrary code within the sandbox. Chrome 2.0.172.43 (click to download for Windows) fixes the issues and another medium-severity issue. Once Chrome is installed, it retrieves updates automatically and applies them when people restart the browser. Google won’t release details of the vulnerabilities until “a majority of users are up to date with the fix,” a engineering program manager said in the blog post. Source: http://news.cnet.com/8301-30685_3-10317320-264.html

Exploding IPods? Yikes!

August 18, San Francisco Chronicle – (International) Apple looking into reports of exploding iPhone/iPod Touches. Apple’s iPhones and iPod Touches are being examined by the European Commission after a few incidents in which the devices exploded. There are reportedly two incidents in France involving an iPhone and one in Britain with an iPod Touch. A spokesperson for the commission said that Apple was cooperating and labeled the incidents “isolated.” An Apple spokesperson told Reuters that the company was aware of the reports but would not comment until receiving more information. In one case, a teenager in France was hurt when an iPhone overheated, hissed and shattered, sending glass into the boy’s eyes. A similar incident in Britain reportedly occurred with an iPod Touch that exploded and flew into the air. KIRO TV in Seattle obtained 800 pages of documents from the Consumer Product Safety Commission that found there have been 15 reports of burn and fire-related incidents involving iPods. Last year, after the Japanese government warned of fire risks from iPod Nanos, Apple offered to replace batteries in some of the devices. Source here.

ITOC Data Set

U.S. Army ITOC has released to the public the data sets of their recent 2009 Inter-Service Academy Cyber Defense Competition, which puts the military academies up against an NSA Red Team. If you would like to download them, they are available here. Full download is about 14 Gigs worth. Enjoy!

New Network Forensics Puzzle

In the tradition of the Ed Skoudis Hacker Challenges, Jonathan Ham of the ISC has put out a Network Forensics Puzzle. Info on the ISC site here. this is more than just a little bit of fun for packet heads, this is free, hands on training.

IDS Faq

If you're new to network security and need basic info on IDS/IPS, here's a nice FAQ page from SANS on the subject.

WordPress Vulnerability

Vulnerabilities found in WordPress software of a nasty variety. Allows a reset of the administrator password. As blogs are used more and more for political reasons, and especially by people living under repressive regimes, this could be bad news for theses folks, even more than the blogger who writes about gardening or his love of jazz music. If you use the software, WordPress has released a security release version, 2.8.4, found here.