A lightning strike has taken down both Microsoft BPOS and Amazon’s EC2 web services.
In Dublin, the strike caused an explosion that also took down backup power systems causing loss of cloud computing services for up to 7 hours.
Microsoft has been criticised recently for the amount of downtime in the BPOS system and this latest problem will no doubt cause more red faces.
Redmond recently fessed up that outages in Office 365 (Microsoft’s next incarnation of their cloud offering) ‘will happen’
The passwords of 44,000 ?inactive? accounts for addons.mozilla,org have been inadvertently exposed. But Mozilla say it?s nothing to worry about.
Chris Lyon, Mozilla’s director of infrastructure security posted the following on the Mozilla Security Blog: "On December 17th, Mozilla was notified by a security researcher that a partial database of addons.mozilla.org user accounts was mistakenly left on a Mozilla public server."
Lyon noted that although this may seem pretty shocking, the passwords were all for inactive accounts and that Mozilla can account for every download of the database. The passwords were also of the md5b variety and have all now been deleted, disabling the accounts.
Lyon said that since the 9th of April 2009 ?accounts use a more secure SHA-512 password hash with per-user salts. It is important to note that current addons.mozilla.org users and accounts are not at risk."
Affected users were informed of the breach by e-mail. A Larry Seltzer responded to Lyon?s post with the following comment: "I got the e-mail a while before this blog post or anything else about the matter was on the web. The e-mail looked legit, but…"
Ha.
Fax machine?s have become the new target of Pro-Wikileaks hacktivists. Previously it was the websites of firms who had withdrawn their service from Wikileaks that had been targeted.
The new Leakflood mission has encouraged activists to send faxes to Amazon, MasterCard, Moneybookers, PayPal, Visa and Tableau Software. The group has published a list of fax numbers with a view to members sending over extracts from the leaked cables and letters from or pictures of Guy Fawkes. Those who took part were advised to use the free MyFax service and to keep it anonymous.
The campaign started on Monday at 13:00 and finished Tuesday at 16:00. It?s also been reported that patriot hackers who oppose the operation have launched a counter attack on the IRC servers where the Pro-Wikileacks hacktivists go the strategise. The anonops.eu domain which listed the location of the IRC servers has been attacked and is currently offline.
An anonymous campaign against the Church of Scientology used the Fax-flooding tactic in the early stages of it?s campaign. It?s unclear whether this strategy was successful or not. And even more so when it comes to the Fax-bombing of Amazon.
A second denial of service attack hit Wikileaks on Tuesday. This follows attempts on Sunday to wipe the site from the face of the web in the run-up to the controversial release of hundreds of thousands of US diplomatic cables.The sites twitter feed confirmed the attack on Tuesday afternoon.
Arbor Networks, DDoS mitigation experts, analysed the attack and found that it ran at a just 2-4Gbps for several hours. The attack was modest in comparison to other attacks this year which have hit 10Gpbs and above. But still severe enough for Wikileaks to move it?s systems back to Amazon?s cloud structure to get out of the line of fire.
Craig Labovitz, an Arbor Networks analyst wrote: "Overall, at 2-4 Gbps, the Wikileaks DDoS attack was modest in the relative scheme of recent attacks against large web sites, Though, TCP and application level attacks generally require far lower bps and pps rates to be effective."
It?s unclear as to the source/s of the attack. Abbor?s analysis however, does support the theory that more sophisticated application-level attacks are behind Wikileak?s downtime on Sunday.
A hacker known as Jester, who has a history of attacking jihadist site, has claimed the attack as his. Saying that he used low level application layer attacks to take the site out rather than relying on fake traffic from a large botnet. Arbor networks say this claim is ?consistent? with the data they collected.
This attack has had no effect on the flow of information from the leaked cables however. Even when the site was down the worlds press was making it?s leaked documents available.
British nuclear power station Haysham 1 suffered an ?unplanned outage?, one of two reactors had to be taken offline. EDF, who own the power station, have categorically denied any link to the Stuxnet worm.
Suggestions that the sophisticated Stuxnet worm was to blame, has been prompted by the fact that parts of the site are run by Siemens S7 systems. An EDF spokeswomen has said the suggestion are nothing more than "conspiracy theories", saying that: "I can confirm that on Heysham 1 there is no Siemens S7 equipment in any safety-related applications. There is absolutely no link between the cause of Heysham 1′s trip yesterday and any ‘cyber security’ issues".
EDF have not given an details on the cause of the ongoing outage, as regulation forbid it. These regulations have been put in place to prevent distortion of the energy market, based on when electricity production will resume.
It was discovered earlier this year by security researchers, that Stuxnet exploits vulnerabilities in Windows and the type of Siemens control system used at Heysham.
The EU information security agency have described Stuxnet as "a new class and dimension of malware." leading many to believe it was created by a state intelligence agency, perhaps in order to disrupt Iran?s civilian and military nuclear programme. Microsoft and Seimens have since released patches to secure their software.
There has not been any evidence to date that Stuxnet has affected any British facilities.
The privacy rules on Facebook aren?t as tight as they would have users believe. The Wall street Journal revealed that some of it?s most popular apps siphon off personal information internet tracking out fits and ad firms.
According to WSJ, 25 companies have received identifiable details about users from their Facebook apps. Which effectively breaks the terms laid down by the site. The breach affects a huge number of Facebook app users. Even those with the most rigorous privacy setting on their profiles have had their details exposed. The 10 most popular apps, such as Texas HoldEm Poker and Farmville, have been transmitting users? IDs to external firms. Farmville was also found to be transmitting the personal details of users? friends.
Facebook, said to have around 500 million users, told WSJ that new tech was being brought in to deal the breach. RapLeaf Inc, was found to have linked the IDs it had taken from Facebook to it?s own database if internet users, that it then sells on to other companies. The company insisted that this wasn?t an intentional action. Joel Jewitt, the company?s biz development veep, told WSJ, ?We didn?t do it on purpose.?
Facebook have released the Following statement:
As part of our work to provide people with control over their information, we’ve learned that the design and operation of the Internet doesn’t always provide the greatest control that is technically possible.
"For example, in the Spring, it was brought to our attention that Facebook user IDs may be inadvertently included in the URL referrer sent to advertisers.
Here, WSJ has uncovered the same issue on Facebook Platform, where a Facebook user ID may be inadvertently shared by a user’s internet browser or by an application delivering content to a user.
While knowledge of user ID does not permit access to anyone’s private information on Facebook, we plan to introduce new technical systems that will dramatically limit the sharing of User ID’s [sic].
This is an even more complicated technical challenge than the similar issue we successfully addressed last spring, but one that we are committed to addressing. Our technical systems have always been complemented by strong policy enforcement, and we will continue to rely on both to keep people in control of their information.
It is important to note that there is no evidence that any personal information was misused or even collected as a result of this issue. In fact, all of the companies questioned about this issue said publicly that they did not use the user IDs or did not use them to obtain personal info.
It makes you wonder if Facebook new about this breach all along, but just hadn?t bothered to fix it yet. It?s also of note that Facebook has tried to distance itself from the implication that the data could have been used by the companies that received the data. A separate statement was issues to it?s third-party developers. It partly wags the finger at them, but also asserts that the press have exaggerated things.
The end result is that the company is trying to down play the breach, but has kind of contradicted this by admitting that it needs to fix its technology to prevent a similar thing from happening in the future.
Symantec have finally secured their some what surreal HackIsWack competition website.
Symantec have collaborated with rapper Snoop Dogg to raise awareness about malware and identity theft. the site is intended to provide a forum for a rap competition. Users post their own videos of their cyber-crime related raps. A whopping 22 videos have been posted on the site so far.
Apparently this isn?t the first time this kind of thing has happened. HackIsWack has been described as the most comically inept campaign since Don?t Copy that Floppy. Which was a failed rap/security colab from the early 1990s.
The irony of it all is that when the site went live it was riddled with security holes, including a cross site scripting flaw that lent it?s self to the rickrolling attack. Hilarious for us but incredibly embarrassing for the security giant Symantec. A statement was released over the weekend by Symantec, it said the following:
Symantec was made aware of reported vulnerabilities to the Norton Hack is Wack microsite, and we quickly took the necessary steps to enhance security on the site. We have found no evidence to date that any intrusion into the site or other areas of Symantec?s network or website have occurred.
To date, Symantec can confirm that no company or customer data has been compromised or exposed. Symantec takes the security of our website and microsites very seriously, and we have taken the necessary steps to resolve this issue.
But no clues as to why they went live seriously flawed and untested site. The rickrolling XSS was the most talked about flaw on the site, but security blogger Mike Bailey, has lovingly compiled a list of the multitude of flaws that was present on the site at the time. like the caching of sensitive data and upload security issues, plus more:
Hack is Wack site is chock full of holes. For example, there’s the publicly available, indexed cache directory with all that SQL, JSON and other data. There’s the XSS vulns (HTML5 only, though it should be simple enough to rewrite), CSRF holes, and the Flash upload issues in the video upload script (a Joomla module that appears to have been used without any quality control or review despite the fact that it’s currently in Alpha)
The rickrolling has now gone from the site, and Symantec say they have cleaned up the rest too. So, enjoy!
Algerian hackers made a slight mistake when they defaced the website of an English stately home instead of the website for Belvoir Fortress in Israel.
The cyber-jihadis of Dz-seC, a previously unknown group, commandeers the website of Belvoir Castle in order to post and an anti-Zionist rant and an image of the Algerian national flag.
Belvoir Fortress in Israel was a Christian outpost in the time of the crusades, Belvoir castle was a Royalist stronghold during the English civil war. and these days is best know for it?s annual teddy bears? picnic.
a Belvoir Castle spokesman, when speaking with the daily telegraph: ?We’ve nothing to do with the Middle-East, I just help to organise the teddy bears’ picnic. It does make more sense that they meant to target the fortress in Israel rather than the castle in Leicestershire.?
Belvoir Castle?s website has since been restored since the attack of the geographically misguided jihadists.
AV-test.org is a group with over 25 years experience in anti-virus research and data security. And they have awarded Microsoft Security Essentials their certificate of approval. A total of 19 AV and security applications were tested, all but 4 got certified: Trend Micro Internet Security Pro 2010, BullGuard Internet Security 9.0, Norman Security Suite 8.0 and McAfee Internet Security 2010.
The team at AV-Test said: "During April, May and June 2010 we continuously evaluated 19 security products using their default settings. We always used the most current publicly available version of all products for the testing. They were allowed to update themselves at any time and query their in-the-cloud services. We focused on realistic test scenarios and challenged the products against real-world threats. Products had to demonstrate their capabilities using all components and protection layers."
The products were tested in the following categories:
AV applications were scored between 0.0 (worst)-6.0 (best). Security Essentials scored 4.0 for protection, 4.5 for repair and 5.5 for usability.
The Windows Security Blog was pleased with the certification and said the following:
"the most important validation of AV quality comes from independent certification organizations like VB100, AV-Test and others. With the current version of Microsoft Security Essentials and the new version now available in beta, our commitment remains constant: to provide security you can trust that is easy to use and provides protection that runs quietly and efficiently in the background, ensuring a great Windows user experience."
The top three AV applications were Panda Internet Security 2010, Norton Internet Security 2010 and Kaspersky Internet Security 2010. but none got higher than a score of 5.5.
Symantec researchers have outted an Android gaming App that tracks user?s locations so that they can be secretly monitored in real time.
Known as Tapsnake, the free app is an Android version of the old school video game. but that?s not all it is, every 15 minutes it uploads GPS coordinates from the users device to a server that can be monitored by people who are running an app called GPS Spy. Made by the same developer, this app will cost you $4.99.
Symantec?s advisory warns: ?GPS Spy then downloads the data and uses this service to conveniently display it as location points in Google Maps. This can give a pretty startling run-down of where someone carrying the phone has been.?
Tapsnake has seen 1,000 to 5,000 downloads, while GPS spy 100 to 500. This discovery comes after a suspicious wall paper app was downloaded millions of times. Which is now believed to be the first in the wild SMS Trojan for the platform.
Researchers have pointed out that an stalker would need to have physical access to the device of the user being targeted. Since account details must be inputted into the device running Tapsnake. Android always notifies users installing apps about the types of resources it will access. So those that innocently install the application, if paying attention, will have reason to be suspicious.
Symantec has made the decision to class the app as malicious due to the fact that it doesn?t disclose it?s snooping features. They also pointed out that the app continues to run in the background after being killed by the user. very unsavoury behaviour indeed!
We moved the PTB systems platform to Windows Server 2012 Hyper-V.. It's great.. Some great improvements in the product. Recommended!
PTB are trying out Windows 8 ready for a company wide rollout. Has anybody else rolled it out yet?
We've been working on our cloud portfolio and have just added it to our website!! take a look - http://t.co/DuJ09Cwe
We now have the silver Microsoft desktop comptenecy by passing another set of exams and completing 3 customer references... well done team!
