Keyword: backdoor

Brevity: Headers | « Text »
  • Chinese firm admits its hacked DVRs, cameras were behind Friday's massive DDOS attack

    10/24/2016 12:26:19 PM PDT · by MarchonDC09122009 · 15 replies
    PC World ^ | 10/23/2016 | Michael Kan
    Chinese firm admits its hacked DVRs, cameras were behind Friday's massive DDOS attack Botnets created from the Mirai malware were involved in Friday's cyber attack. Michael Kan -IDG News Oct 23, 2016 A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the U.S. on Friday. Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame. According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities...
  • Bill plans to ban iPhones from being sold in New York, Apple would face fines of $2,500 per device

    01/30/2016 10:53:46 AM PST · by Enlightened1 · 30 replies
    Biz PAC Review ^ | 01/30/16 | Eric Boehm
    A New York lawmaker has proposed a bill that would ban iPhones from being sold in the state, unless Apple provides special "back doors" that would allow law enforcement to spy on users. That's a double dose of the Nanny State: setting rules for what can be bought and sold, while giving the government an easier way to spy on residents' everyday activities. The bill is sponsored by State Assemblyman Matthew Titone, D-Staten Island, and it would mandate that iPhones and other cell phones sold in New York be "capable of being decrypted and unlocked." The bill has support, perhaps...
  • Apple implies FBI screwup: iPhone Apple ID password changed in govt possession

    02/19/2016 6:21:59 PM PST · by Swordmaker · 92 replies
    9 to 5 Mac ^ | February 19, 2016 | by Jordan Kahn
    Apple has now responded to a Department of Justice filing that we reported earlier today was attempting to force the company to comply with an FBI request for access to a locked iPhone belonging to a suspect in the San Bernardino attacks. In one statement to Reuters, an Apple spokesperson said the DOJ is "disregarding civil liberties in iPhone unlocking case," while in another it attempts to explain more of the back story regarding past events with the iPhone in question. CNBC reports an Apple exec called the motion "a way to argue the case twice before Apple can respond," a response...
  • Security Questions Linger As Juniper Removes Suspicious Dual_EC Algorithm [serious technobabble]

    01/11/2016 7:41:57 PM PST · by Fhios · 3 replies ^ | 1/11/2016 | Michael Mimoso
    Juniper Networks announced late Friday it was removing the suspicious Dual_EC_DRBG random number generator from its ScreenOS operating system. And while that’s heralded as a positive move considering Dual_EC’s dubious origins, there remain important and unanswered questions about Juniper’s decision to include what is considered to be a backdoored random number generator in its NetScreen VPNs, and why a number of strange coding and engineering decisions were made that could have facilitated the decryption of secure traffic.
  • Sen. Lindsey Graham Demands That Silicon Valley Offer Backdoors to Its Encrypted Information

    12/10/2015 9:39:29 AM PST · by Gandalf the Mauve · 49 replies
    re/code ^ | 12-9-2015 | Dawn Chmielewski
    Republican South Carolina Sen. Lindsey Graham renewed his calls on technology companies to give law enforcement entry into its encrypted information to fight terrorism. His message to Silicon Valley: "Change your business model tomorrow."... Companies like Apple and Google have bolstered encryption on smartphones because of heightened consumer privacy concerns in the wake of Edward Snowden's revelations that the government had been spying on its citizens. Graham said that’s a business decision.... Apple, Google and Facebook have all been under mounting pressure to create backdoor keys that would allow law enforcement access to encrypted communications. The companies maintain that this...
  • Hillary server had remote-control gateways wide open

    10/13/2015 8:50:51 AM PDT · by lbryce · 45 replies
    Hot Air ^ | October 13, 2015 | Ed Morrisey
    The only item missing from the secret e-mail server run by Hillary Clinton appears to be the welcome mat for hackers. According to the Associated Press, the Clintons set up remote-control operations of its server without ever bothering to build in the normal security that would accompany those functions in a professional setting if one could even find a professional setting that would allow those functions to operate at all: Clintons server, which handled her personal and State Department correspondence, appeared to allow users to connect openly over the Internet to control it remotely, according to detailed records compiled...
  • Memories Pizza (under attack by gay fascists on yelp)

    04/01/2015 9:24:40 AM PDT · by doug from upland · 40 replies
    yelp ^ | 4-1-15 but not an April Fools joke
    The gay fascists went crazy on yelp to destroy a business that dared to say it would not cater a gay wedding. Here is part of the story, then you can check out what they are doing on yelp. Gays no longer want to just lead their lives and be left alone. They really do want to destroy Christianity and any business that will not find what they do to be wholesome. ++++++++++++++++++++++++++++++++++++++++++++++++ FROM THE STORY:
  • DOJ warns Apple: iPhone encryption will lead to a child dying

    11/20/2014 12:57:41 AM PST · by Swordmaker · 60 replies
    MacDailyNews ^ | Wednesday, November 19, 2014 5:23 pm
    The No. 2 official at the Justice Department recently warned top Apple executives that stronger encryption protections added to iPhones would lead to a horrific tragedy, such as a child dying, because police couldnt access a suspects device, The Wall Street Journal reported Wednesday, Dan Goodin reports for Ars Technica. The beefed up protections, Apple recently disclosed, mean that even when company officials are served with a court order, they will be unable to retrieve potentially crucial evidence such as photos, messages, or contacts stored on iPhones and iPads, Goodin reports. Instead, the data can be accessed only by people...
  • Toss routers with hardcoded passwords, expert says

    08/28/2014 3:30:05 AM PDT · by palmer · 24 replies
    Network World ^ | Aug 27, 2014 4:26 AM PT | Antone Gonsalves
    Sometimes it is best to toss security-challenged technology, and that's the recommendation experts are giving to small businesses using a flawed router from a China-based manufacturer. Trend Micro reported this week that routers sold under the brand name of Netcore in China and Netis outside of the country contained a "backdoor" that could be easily accessed by a hacker to monitor Internet traffic. ...
  • Firefox once again proves to be the most vulnerable browser at Pwn2Own hackfest

    04/10/2014 10:33:23 PM PDT · by ari-freedom · 33 replies
    VR-Zone ^ | March 17, 2014 | Sam Reynolds
    CanSecWest wrapped up on Friday in Vancouver, and while there was a minor controversy over self-censorship of a talk said to be a blueprint for terrorists, the most watched part of the event once again proved to be the Pwn2Own hacking competition. Pwn2Own offered some serious cash incentives for teams to develop exploits for Chrome, Internet Explorer, Firefox and Safari. During the competition no browser proved invulnerable, but Firefox had the most security shortcomings with four separate exploits being developed for Mozillas browser. In comparison Internet Explorer, Chrome and Safari were all exploited only once... Historically Firefox has always been...
  • CODEVILLA: Governments secret backdoor to your email

    01/20/2014 12:26:25 PM PST · by ransomnote · 12 replies ^ | January 17, 2014 | By Angelo M. Codevilla
    The NSA orchestrated Internet vulnerabilities against the directive of Congress Every child learns not to touch a neighbors mailbox. Thats a federal crime, hes told, and for good reason. However, the transactions and love-hate letters that used to go through physical mailboxes now go through electronic ones. The U.S. government cannot protect their privacy. What the laws and customs that surround the U.S. mail once did is now done by encryption. Governments own role is problematic, because many of its various agencies want to look into our mailboxes by defeating encryption. We can understand how serious a matter this is...
  • WebMD received almost 5 million bucks for feds to promote Obamacare

    11/13/2013 6:41:41 AM PST · by SeekAndFind · 13 replies
    American Thinker ^ | 11/13/2013 | Thomas Lifson
    A performer who pays for good reviews from critics usually isn't any good, and that would seem to be the case for Obamacare, too. Except that it is the taxpayers, not the performer laying out the bribe money, and the magnitude of the bribe dwarfs even the most lavish junkets offered by Hollywood. The Washington Times has a blockbuster exclusive story: Two months before enrollment began in the Obamacare exchanges, the administration's top health care official heaped praise on WebMD for launching an online resource to help Americans navigate the complex law. The consumer health care site had the occasional...
  • Backdoor found in D-Link router firmware code

    10/14/2013 8:25:58 PM PDT · by NoCmpromiz · 18 replies
    Infoworld ^ | October 14, 2013 | Jeremy Kirk
    A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device's settings, a serious security problem that could be used for surveillance. Craig Heffner, a vulnerability researcher with Tactical Network Solutions who specializes in wireless and embedded systems, found the vulnerability. The affected models likely include D-Link's DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240 and possibly the DIR-615. The same firmware is also used in the BRL-04UR and BRL-04CW routers made by Planex, Heffner wrote. D-Link officials could be immediately reached for comment on Monday.
  • EXCLUSIVE: DHS Plans Backdoor Gun Registration?

    03/04/2013 6:51:56 PM PST · by Nachum · 5 replies
    Youtube ^ | 3/4/13 | The Dana Show
    Current Updates here Department of Revenue is working with the Department of Homeland Security to install new hard and software to obtain data on Missouri citizens and transfer this information to DHS and unnamed third parties, says Kinder. Kinder and the Stoddard County Prosceutor today took legal action and held a press conference outlining the infringement on civil liberties as posted by the DoR and DHS. The move by the departments is related to the Real ID. Griffin went to renew his driver's license and was disturbed by how, and with whom, his information was being shared. Kinder and...
  • Top Obama administration health reform law regulator to step down (Obamacare Rat abandons ship)

    06/15/2012 4:55:44 PM PDT · by jimbo123 · 12 replies
    Business Insurance ^ | 6/14/12 | Jerry Geisel
    Steve Larsen, who has played a key role in directing the Obama administration's efforts to implement the health care reform law, will resign, effective next month. Mr. Larsen left his position as Maryland insurance commissioner shortly after the passage of the Patient Protection and Affordable Care Act in 2010 to head what is now known as the Center for Consumer Information and Insurance Oversight.
  • Backdoor discovered on ZTE Score M Android smartphone

    05/14/2012 5:24:37 PM PDT · by Theoria · 2 replies ^ | 14 May 2012 | Matthew Humphries
    If anyone reading this owns a ZTE Score M Android smartphone, your device has been found to include a backdoor allowing root access without user authentication.The discovery of the backdoor comes via a post on the text storage website Pastebin. It has since been confirmed via Reddit by Justin Case of Cunning Logic and TeamAndIRC. He has confirmed with someone at ZTE that the backdoor does indeed exist and that a fix is in the works.The question that needs to be asked is, why is it there at all?Apparently the handset includes a hard-coded password that allows access to a...
  • White House Allowed Hilary Rosen Back-Door Lobbying Privileges

    04/15/2012 1:52:55 PM PDT · by Nachum · 7 replies
    Breitbart ^ | 4/15/12 | staff
    Hilary Rosen, the Democratic National Committee consultant who told CNN last week that Ann Romney had never worked a day in her life, has used her power with the White House to swing special lobbying privileges for her friends all without meeting reporting requirements. One senior Democrat told Ben White at Politico: Serious Dem operatives are aghast at Hilary Rosens misguided attack on Ann Romneys work history. She and others at PR firm SKD Knickerbocker have represented many clients that have raised hackles with senior White House staff. Its an open secret in the Dem consultant community that SKD...
  • Have RIM, Nokia & Apple provided Indian Military with backdoor access to cellular comm?

    01/08/2012 6:57:42 AM PST · by HangnJudge · 7 replies
    ZDNet ^ | 1-6-12 | Manan Kakkar
    In exchange for mobile presence in India, RIM, Nokia and Apple have allegedly provided backdoor access for the Indian intelligence to spy on communication. On January 6th reports of Symantec (makers of Norton Anitvirus) being hacked surfaced. The group of hackers behind the attack were from India.
  • FBI-Sponsored Backdoors

    10/13/2011 4:22:19 PM PDT · by FritzG · 13 replies
    Schneier on Security ^ | 07 Oct 2011 | Bruce Schneier
    From a review of Susan Landau's Surveillance or Security?: To catch up with the new technologies of malfeasance, FBI director Robert Mueller traveled to Silicon Valley last November to persuade technology companies to build "backdoors" into their products. If Muellers wish were granted, the FBI would gain undetected real-time access to suspects Skype calls, Facebook chats, and other online communicationsand in "clear text," the industry lingo for unencrypted data. Backdoors, in other words, would make the Internet -- and especially its burgeoning social media sector -- "wiretappable." This is one of the cyber threats I talked about last week: insecurities...
  • Obama to deport illegals by priority (TIMELY RE-POST - backdoor AMNESTY under to radar.)

    09/04/2011 10:54:36 AM PDT · by yoe · 1 replies
    The Washington Times ^ | August 18, 2011 | Stephen Dinan
    Bowing to pressure from immigrant rights activists, the Obama administration said Thursday that it will halt deportation proceedings on a case-by-case basis against illegal immigrants who meet certain criteria, such as attending school, having family in the military or having primary responsible for other family members care. The move marks a major step for President Obama, who for months has said he does not have broad categorical authority to halt deportations and said he must follow the laws as (Congress) has written them. But in letters to Congress on Thursday, Homeland Security Secretary (Janet Napolitano) said she does have discretion...
  • New Law Could Halt Obamas Backdoor Amnesty Plan

    09/04/2011 9:54:54 AM PDT · by yoe · 26 replies
    Judicial Watch ^ | 7/27/2011 | Staff
    Legislation has been introduced in Congress to stop President Obama from further implementing a backdoor amnesty program that has already suspended the deportation of thousands of illegal immigrants, including those with criminal convictions. The presidents stealth amnesty plan was first exposed last year after internal Homeland Security documents were obtained by the media. The first is a now-famous (memo) outlining a secret backup plan to grant illegal immigrants amnesty in case Congress doesnt pass legislation to do it. Devised by high-ranking officials at U.S. Citizenship and Immigration Services (USCIS), the plan calls for meaningful immigration reform absent legislative action and...
  • U.S. military could be shut down by secret 'back door'

    07/12/2011 6:34:15 PM PDT · by Evil Slayer · 46 replies
    wnd ^ | 7/12/11 | Joheph Farah
    Sources have confirmed that the U.S. Department of Defense over recent months purchased 59,000 microchips to use in Navy equipment that control everything from missiles to transponders, according to report in Joseph Farah's G2 Bulletin. But all of the chips turned out to be cheap knock-offs from China, and they ultimately were not installed, according to sources. Besides being subject to failure, the chips also were designed with a "back door" which would have allowed the chip, and the device it controlled, to be shut down remotely at any time, sources report. Had the flaw not been detected, the chips...
  • These Fake Chinese Microchips Were Made To Disarm U.S. Missiles(planted with Trojan horses)

    06/27/2011 9:08:28 AM PDT · by TigerLikesRooster · 71 replies
    Business Insider ^ | 06/27/11 | Robert Johnson
    These Fake Chinese Microchips Were Made To Disarm U.S. Missiles Robert Johnson | Jun. 27, 2011, 9:22 AM | 3,789 | 29 Last year, the U.S. Navy bought 59,000 microchips for use in everything from missiles to transponders that turned out to be counterfeits from China. Wired reports the chips weren't only low-quality fakes, they had been made with a "back-door" and could have been remotely shut down at any time. Apparently foreign chip makers are often better at making cheap microchips and U.S. defense contractors are loathe to pass up the better deal.
  • Jews get a meeting with Obama

    03/01/2011 3:21:54 PM PST · by ColdOne · 22 replies
    Politico44 ^ | 03/01/11 | MATT NEGRIN
    President Obama will meet with Jewish leaders at the White House on Tuesday, a group that represents orthodox Jews announced. The meeting will have a broad spectrum and will be focused on foreign policy, according to Nathan Diament, the public policy director of the Orthodox Union, who announced the meeting in a Twitter message. It will be facilitated by the Conference of Presidents, a group that represents more than 50 Jewish agencies in the country. The White House didnt list the meeting on Obamas public schedule for Tuesday.
  • For Obama, Tax Deal Is a Back-Door Stimulus Plan

    12/08/2010 9:18:01 AM PST · by Nachum · 9 replies
    New York Times ^ | 12/8/10 | David Leonhardt
    A year ago, President Obama and the Democrats made the mistake of assuming that an economic recovery was under way. This weeks deal to extend the Bush tax cuts shows that the White Houses top priority is avoiding the same mistake again even if it has to upset many fellow Democrats in the process. Mr. Obama effectively traded tax cuts for the affluent, which Republicans were demanding, for a second stimulus bill that seemed improbable a few weeks ago. Mr. Obama yielded to Republicans on extending the high-end Bush tax cuts and on cutting the estate tax below its...
  • Obama Administration Considers Bypassing Congress on Immigration Reform (Green Cards for Illegals)

    07/29/2010 8:30:12 PM PDT · by kristinn · 83 replies · 18+ views
    Pro Publica ^ | Thursday, July 29, 2010 | Marcus Stern
    The Obama administration, anticipating that Congress might not pass comprehensive immigration reform this year, is considering ways it could act without congressional approval to achieve many of the objectives of the initiative, including giving permanent resident status, or green cards, to large numbers of people in the country illegally. The ideas were outlined in an unusually frank draft memo prepared for Alejandro N. Mayorkas, director of the federal agency that handles immigration benefits, U.S. Citizen and Immigration Services (USCIS). The memo lists ways the government could grant permanent resident status to tens of thousands of people and delay the deportation...
  • Backdoor taxes to hit middle class

    02/02/2010 9:47:48 AM PST · by bigbob · 32 replies · 1,563+ views
    Reuters (via Yahoo Canada ^ | 2-1-2010 | Terri Cullen
    <p>NEW YORK ( --The Obama administration's plan to cut more than $1 trillion from the deficit over the next decade relies heavily on so-called backdoor tax increases that will result in a bigger tax bill for middle-class families.</p> <p>In the 2010 budget tabled by President Barack Obama on Monday, the White House wants to let billions of dollars in tax breaks expire by the end of the year -- effectively a tax hike by stealth.</p>
  • House Passes Health Reform Bill with Key LGBT Provisions

    11/08/2009 1:57:08 PM PST · by redreno · 17 replies · 1,184+ views
    HRC Backstory Human Rights Campaign ^ | November 7, 2009 11:22PM | Michael Cole
    Late this evening, the House passed the Affordable Health Care for America Act, H.R. 3962, by a vote of 220 to 215. While this is a historic step toward improving health care for all Americans, it is also a tremendous advance for the health needs of LGBT people. HRC lobbied the three committees involved in drafting the bill to include provisions that would help LGBT people in particular obtain the improved access to health care that the Act is designed to provide. Some of these measures have been part of HRCs legislative agenda as free-standing bills for many years. The...

    05/20/2009 12:04:48 PM PDT · by WayneLusvardi · 15 replies · 993+ views
    Pasadena Sub Rosa ^ | May 20, 2009 | Wayne Lusvardi
    Remember California Proposition 187, the 1994 ballot initiative dubbed the "Save Our State" initiative, designed to prohibit illegal immigrants from using social services, health care, and public education in California? It initially was approved by 54% of the voters but later in 1999 then Governor Gray Davis dropped the legal appeal in the courts, resulting in the invalidation of Prop. 187. Well, now current California Governor Arnold Schwarzenegger is in Washington, D.C., and he is apparently cutting a deal with the Health and Social Services Secretary Kathleen Sebelius to curtail mandated but unbudgeted health and social services. Here is how...
  • Obama Stealth Agenda for Change

    04/23/2009 6:50:51 AM PDT · by bsaunders · 303+ views
    Beyond the Cusp ^ | April 23, 2009 | Beyond the Cusp
    President Obama and a core cabal of far leftist Democrats are finding devious and covert ways of enacting their vision of a new America by circumventing the normal route for legislation. Their underhanded plans include stringent Gun Control, drastic Cap and Trade Carbon Caps, and Universal Government Health Care. Each has been slated for their unique plan tailored to mute all Republican, as well as any Democrat, objections or amendments. So, you ask, how are they going to get around any Republican Filibuster in the Senate and also remove any chance of amendments from either Democrats or Republicans in either...
  • Britain Leads EU Charge to Undermine US Climate Change Policy

    07/22/2006 6:12:32 AM PDT · by intl trader · 7 replies · 2,702+ views
    Financial Times ^ | July 17, 2006 | Lawrence Kogan
    In a startling report revealing a tale of transatlantic espionage not witnessed since the glory days of 007, the London-based Financial Times recently detailed how Britain, supposedly Americas closest European ally, has been leading a multi-year European undercover ('back-door') effort within the United States to undermine U.S. climate change policy. While this is not surprising, it does smack of interference with another nation's policies. It also happens to confirm prior ITSSD research, readily accessible on its website.
  • Microsoft plans better disclosures of tool (It Phones home Daily)

    06/07/2006 7:44:21 PM PDT · by zeugma · 21 replies · 623+ views
    Yahoo news ^ | 06-07-2006 | ALLISON LINN
    SEATTLE - Microsoft Corp. acknowledged Wednesday that it needs to better inform users that its tool for determining whether a computer is running a pirated copy of Windows also quietly checks in daily with the software maker. The company said the undisclosed daily check is a safety measure designed to allow the tool, called Windows Genuine Advantage, to quickly shut down in case of a malfunction. For example, if the company suddenly started seeing a rash of reports that Windows copies were pirated, it might want to shut down the program to make sure it wasn't delivering false results. "It's...
  • Microsoft Official: Malware Recovery Not Always Possible

    04/04/2006 6:41:25 PM PDT · by HAL9000 · 133 replies · 3,259+ views (Excerpt) ^ | April 4, 2006 | Rayn Naraine
    Excerpt - LAKE BUENA VISTA, Fla. In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at...
  • FR Folding@Home Project Update - We're in the Top 165 teams (A Tribute to Ronald Reagan)

    03/13/2006 8:55:21 AM PST · by soccer_maniac · 217 replies · 3,061+ views
    Folding@Home Official Stats ^ | 3-13-2006 | soccer_maniac
    Time for a new FreeRepublic folding@home thread. Our FreeRepublic team of 300+ members comprised primarily of Free Republic members in good standing have banded together to donate their excess CPU cycles to a worthy cause. Via distributed computing, millions of computers around the world, contribute directly to scientific research, in the quest for a greater understanding of diseases such as Alzheimer's, Cancer, and Mad Cow (BSE). Currently, the team is in 164th place (with 992 CPUs - nearly 19,000 completed Work Units and 2,982,241 points) This is an entirely voluntary program, and if you want to learn more, please see...
  • Microsoft: Vista won't get a backdoor

    03/04/2006 6:22:54 AM PST · by Panerai · 53 replies · 1,168+ views
    Cnet ^ | 03/03/2006 | By Joris Evers
    Windows Vista won't have a backdoor that could be used by police forces to get into encrypted files, Microsoft has stressed. In February, a BBC News story suggested that the British government was in discussions with Microsoft over backdoor access to the operating system. A backdoor is a method of bypassing normal authentication to gain access to a computer without to the PC user knowing. But Microsoft has now quelled the suggestion that law enforcement might get such access. "Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail. The...
  • Anti-Copying Malware Installs Itself With Dozens Of Games

    01/31/2006 10:09:57 AM PST · by steve-b · 14 replies · 655+ views
    BoingBoing ^ | 1/30/06 | Cory Doctorow
    A group of gamers has started a site to spread a pledge to boycott video-games that come with a dangerous anti-copying mechanism.... For example, here's one of the common problems brought by Starforce: under Windows XP, if packets are lost during the reading or writing of a disk, XP interprets this as an error and steps the IDE speed down. Eventually it will revert to 16bit compatibility mode rendering a CD/DVD writer virtually unusable. In some circumstances certain drives cannot cope with this mode and it results in physical hardware failure (Most commonly in multiformat CD/DVD writer drives). A sure...
  • US hacker pleads guilty to hijacking thousands of computers

    01/25/2006 5:35:35 AM PST · by Calpernia · 16 replies · 639+ views
    Middle East Times ^ | January 25, 2006
    LOS ANGELES, CA, USA -- A US computer hacker on Monday pleaded guilty to hijacking around 400,000 computers, including military servers, and infecting them with malicious software. In the first such prosecution of its kind, "botmaster" Jeanson Ancheta, 20, admitted infecting the computers with software that caused them to send spam, show ads and launch crippling attacks on Internet sites. In federal court in Los Angeles, Ancheta admitted conspiring to violate both the Computer Fraud Abuse Act and an anti-spam law, to causing damage to US defense computers and to hacking into computers to commit fraud. His plea comes after...
  • The Windows MetaFile Backdoor?

    01/16/2006 9:48:37 AM PST · by ShadowAce · 106 replies · 2,183+ views
    Security Now! ^ | 13 January 2006 | Steve Gibson/Leo LaPorte
    This is a transcript from a show Steve Gibson did with Leo LaPorte. The link to the audio is at the above link. Also, I will excerpt a little of the relevant information here.Steve: And so, you know, because I'm a developer when I'm not being a hacker, I wanted to understand - oh, and the other thing is, I want to write a robust testing application, you know, that always works all the time. So I wanted to know, like, okay, what bytes have to be set which way, what matters, what doesn't. Because, you know, that's the way...
  • WMF (Windows meta file) exploit

    01/02/2006 5:07:56 AM PST · by KeyWest · 49 replies · 2,054+ views
    The SANS Institute ^ | January 2, 2005 | Various
    Looking forward to the week ahead, I find myself in the very peculiar position of having to say something that I don't believe has ever been said here in the Handler's diary before: "Please, trust us." I've written more than a few diaries, and I've often been silly or said funny things, but now, I'm being as straightforward and honest as I can possibly be: the Microsoft WMF vulnerability is bad. It is very, very bad.
  • Microsoft To Patch Windows on January 10th; Attack Spreads

    01/03/2006 11:42:23 AM PST · by HAL9000 · 52 replies · 3,487+ views
    Dow Jones News Service (excerpt) ^ | January 3, 2006 | Chris Reiter
    Excerpt - NEW YORK -(Dow Jones)- Microsoft Corp. (MSFT) plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain. "Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence." "It's a problem that there's no known solution from Microsoft," said Alfred Huger, senior director of engineering at Symantec Corp.'s (SYMC) security response team. SANS Institute, via its Internet Storm Center, has taken the unusual...
  • Windows PCs face huge virus threat

    01/02/2006 3:54:03 PM PST · by Swordmaker · 204 replies · 7,105+ views
    Financial Times via Drudge ^ | January 2 2006 18:18 | By Kevin Allison in San Francisco
    Computer security experts were grappling with the threat of a newweakness in Microsofts Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses. The news marks the latest security setback for Microsoft, the worlds biggest software company, whose Windows operating system is a favourite target for hackers. The potential [security threat] is huge, said Mikko Hyppnen, chief research officer at F-Secure, an antivirus company. Its probably bigger than for any other vulnerability weve seen. Any version of Windows is vulnerable right now. The flaw, which allows hackers to infect computers using...
  • Potential new unpatched IE exploit ? ~ Yes...may affect other Browsers also...

    12/28/2005 2:55:03 PM PST · by Ernest_at_the_Beach · 69 replies · 3,196+ views
    Websense Security Labs ^ | Dec 28 2005 11:19AM | Websense Security Labs Blog Staff
    This alert is a follow-up to a post made yesterday on our blog: Websense Security Labs has discovered numerous websites exploiting an unpatched Windows vulnerability in the handling of .WMF image files. The websites which have been uncovered at this point are using the exploit to distribute Spyware applications and other Potentially Unwanted Soware. The user's desktop background is replaced with a message warning of a spyware infection and a "spyware cleaning" application is launched. This application prompts the user to enter credit card information in order to remove the detected spyware. The background image used and the "spyware...
  • Exploit Released for Unpatched Windows Flaw

    12/28/2005 5:45:47 PM PST · by Salo · 25 replies · 1,376+ views
    Washington ComPost ^ | 12/28/05 | Brian Krebs
    Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied.
  • Gaffer Tape Defeats Sony DRM Rootkit

    11/21/2005 8:24:30 AM PST · by steve-b · 28 replies · 1,588+ views
    The Register ^ | 11/21/05 | John Leyden
    Sony's controversial DRM technology - which installs rootkit-style software when users play Sony BMG CDs on Windows PCs - can be defeated easily with nothing more than a piece of masking tape, security researchers have discovered. Sony BMG has endured a public-relations and legal nightmare after it emerged digital rights management (DRM) software installed on some of its music CDs (First4Internet XCP program) created a handy means for hackers to hide malware from anti-virus scanning programs....
  • Sony Rootkits: A Sign Of Security Industry Failure (List of 52 CD Titles)

    11/18/2005 3:16:07 PM PST · by Eagle9 · 32 replies · 1,324+ views
    TechWeb News ^ | November 18, 2005 | Gregg Keizer
    Sony's controversial copy-protection scheme had been in use for seven months before its cloaking rootkit was discovered, leading one analyst to question the effectiveness of the security industry. "[For] at least for seven months, Sony BMG Music CD buyers have been installing rootkits on their PCs. Why then did no security software vendor detect a problem and alert customers?" asked Joe Wilcox, an analyst with JupiterResearch. "Where the failure is, that's the question mark. Is it an indictment of how consumers view security software, that they have a sense of false protection, even when they don't update their anti-virus and...
  • MS' Reaction to Sony's Rootkit Raises Some Questions

    11/17/2005 6:09:52 AM PST · by ShadowAce · 79 replies · 1,658+ views
    Groklaw ^ | 13 November 2005 | Pamela Jones
    When the news first broke in the mainstream press that Windows expert and blogger Mark Russinovich (he wrote a book about Windows for Microsoft) had found that Sony's anti-piracy efforts had gone too far and that Sony's DRM was installing an undetectable rootkit on customers' computers which they couldn't safely remove, the first reaction from Microsoft was guarded. They were concerned, they said, and were evaluating what, if anything, to do: Microsoft, which also ships an anti-spyware program, recently renamed "Windows Defender," hasn't yet decided whether it will also flag the Sony DRM software as malicious code, the spokesperson said....
  • Sony has infected over one-half million world wide nets incl U.S. Military

    11/15/2005 1:43:21 PM PST · by dickmc · 109 replies · 4,396+ views
    Welcome to Planet Sony ^ | 2005-11-15 09:28 | Dan Kaminsky
    More than one-half million networks infected by Sony including U.S. military and various countries. Dan Kaminsky, ,is the expert who broke this and did the work. His U.S. and Europe infection maps are shown below and are frightening. Dan did a hell of a good job. Search Google News for "sony numbers trouble" for more in an excellent article today that is very worth reading.
  • Microsoft sees 3 'critical' Windows security flaws

    08/09/2005 2:03:40 PM PDT · by Fractal Trader · 49 replies · 1,297+ views
    AP via ^ | 9 August 2005
    Microsoft Corp. warned users of its Windows operating system on Tuesday of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer. Computer security experts urged users to download and install the patches, which are available at "Users (should) apply the updates as quickly as possible," said Oliver Friedrichs, senior manager of Symantec Security Response, part of security software company Symantec Corp. SYMC.O. Microsoft said that vulnerabilities exist in its Internet Explorer Web browser, the most severe of which could allow an attacker to take complete control...
  • Microsoft fixes serious Windows flaws

    08/09/2005 2:56:44 PM PDT · by Panerai · 78 replies · 1,798+ views
    Cnet News ^ | August 9, 2005 | Joris Evers
    Microsoft on Tuesday issued alerts on several security flaws in Windows, the most serious of which could allow an attacker to gain control over a victim's computer. Microsoft released six security bulletins as part of its monthly patching cycle, three of which it deems "critical." The Redmond, Wash., software gives that rating to any security issue that could allow a malicious Internet worm to spread without any action required on the part of the user. One bulletin addresses three flaws in Internet Explorer. Of all the issues Microsoft offered fixes for Tuesday, these put users at most risk of attack,...
  • Spyware Phishing Now a World-Wide Epidemic

    07/19/2005 10:06:47 PM PDT · by ex-Texan · 16 replies · 906+ views ^ | 7/19/205 | Staff Writers
    Nova Scotia July 19, 2005 -- SpyCop today announced that the use of commercial monitoring spy software is on the rise in Internet phishing schemes, the latest scam used to steal personal information and even entire identities. The Anti-Phishing Working Group, web site at, explains: "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials... Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware." The commercial spy software market has made available over 525 payware spy programs which include URL recorders, keyloggers, chat...