I can't believe that came from your mouth!
Cyber
All-things related to Cyber Security
HBGary Acquired by Mantech
Feb 28th
HBGary has some good products to handle memory dumps and disk recovery of malware, but their corporate image was severely tarnished with by the hack by Anonymous last year. News came out tonight that HBGary is going to be absorbed by Mantech, a large services and security company that operates in the DC area. A Google image search for HBGary shows mostly Anonymous related images, as is the one below:
From BusinessWire here:
ManTech International Corporation has signed a definitive agreement to acquire the business of HBGary, Inc. of Sacramento, Ca. The transaction, structured as an asset purchase and subject to certain closing conditions, is expected to be completed in March.
HBGary provides a comprehensive suite of software products to detect, analyze, and diagnose Advanced Persistent Threats (APT) and targeted malware. The company has an impressive list of commercial customers in the financial services, energy, critical infrastructure and technology sectors. The business will be an integral part of ManTech’s broad cyber security offering.
I hope that Mantech will be able to integrate the HBGary suite of products, rescue its tarnished image and still keep the great free tools available for use to researchers and cyber incident responders.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!)
Loading ...
Tyler Clementi Trial Begins
Feb 25th
Tyler Clementi was a gay Rutgers violinist who hate-crimed himself by throwing his gay ass off a tall bridge. Since you can’t bring the dead to justice, his roommate, Dharun Ravi, is being charged with a “bias crime” for using a security device to determine that his roommate was banging an older dude in his dorm room. This unknown older gay man’s identity is being protected for some reason (probably a school official), but the jury pool has been selected and the trial is about to begin.
Trying to blame Ravi for the actions of a mentally ill person?
From the DailyMail here:
A prosecutor told jurors Friday that it was no mistake that a Rutgers student used a webcam to spy on his roommate’s intimate encounter with another man.
‘The defendant’s acts were deliberately planned to invade Tyler’s privacy,’ First Assistant Middlesex County Prosecutor Julia McClure told jurors to open the hate crime trial of Dharun Ravi, ‘and to deprive him of his dignity.’
Nineteen-year-old Ravi faces 15 criminal charges, including invasion of privacy and bias intimidation, a hate crime punishable by up to ten years in state prison. The case spurred a national conversation about how young gays are treated when news of it broke in September 2010 after Ravi’s roommate, Tyler Clementi, committed suicide.
To convict Ravi of bias intimidation, prosecutors would need to show he acted because he was anti-gay. The trial is going forward because Ravi, 19, rejected a plea bargain offer that would have let him avoid any jail time and receive the state’s help if federal authorities tried to deport him to India, where he was born.
The prosecution knows it can’t get a conviction of Ravi. His co-defendant, Molly Wei took a plea deal that basically amounts to counselling, three years probation, and no criminal record. They tried the same bargain for Ravi. But the prosecution knows it has no crime here. A webcam is a legitimate security device installed in Ravi’s room. There are no laws against “stripping dignity” from people committing sodomy on one another.
And face it, Clementi was mentally ill. The suicide proves it. How can you punish one of his acquaintances for the death due to mental illness? The prosecution is going after thought crime and it simply can’t hold up in court.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Kim Dotcom Lost Two Pounds in Prison
Feb 22nd
Megaupload’s Kim Dotcom was released from prison on bail. He says he will fight extradition to the US, but has already had all of his cash, prizes, cars, and precious things seized.
From the Telegraph here:
The founder of the filesharing website Megaupload, Kim Dotcom, was granted bail and released on Wednesday after a New Zealand judge determined that authorities have seized any funds he might have used to flee the country.
Dotcom, who US authorities allege facilitated millions of illegal downloads through his company, has been in custody since his arrest on Jan 20.
US authorities claim Megaupload cost movie makers and songwriters some half a billion dollars in lost copyright revenue. They are trying to extradite Dotcom, 28, and three of his colleagues on racketeering charges.
New Zealand authorities have seized millions of dollars in investments and assets owned by Dotcom, including luxury cars and artworks.
Pretty sure Dotcom is guilty of copyright violations in this case, but the idea of having property seized by one country for crimes committed in another is pretty chilling, even if the practice is normal.
Like This Post? Rate it and tell your friends! Click the Share button below.
(1 votes, average: 6.00 out of 6) Loading ...Shep Flips His Lid Over AT&T Throttling
Feb 17th
This dude makes bank at Fox and he is losing his mind over his AT&T data plan and its overages and bandwidth throttling. He declares its like getting free crack for a year and then having to pay?
I get overages on occasion, but its 10 bucks per gig. Not too bad. My biggest complaints with AT&T is their saturated networks in large urban areas and airports.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
1-800 Flowers Ruined Valentines Day for Thousands
Feb 16th
I used 1-800 Flowers just once. They delivered the bouquet and vase I ordered via DHL, and the vase was broken and the flowers were crappy. I figured that’s just what they always do, and the money I wasted on it served as a lesson to pick out fresh flowers from a local florist. But on Valentines Day, thousands more people learned my same lesson, and they took to twitter to complain.
From the WaPo here:
Love hath no fury like a flower customer scorned. For any heartbroken man or woman out in the world who feels they are having a rough Valentine’s Day, take a moment to pause and think about the plight of Rachel, Stephanie and Tene.
Who, might you ask, are Rachel, Stephanie and Tene? They are the names signed to dozens of tweets that went out Feb. 14 from the besieged Twitter feed @1800Flowers. The social media team behind the account is tasked with responding over and over and over again to angry customers wondering where their delayed Valentine’s Day orders were.
And there are some hilarious twitpics associated with the 1800flowers account too:
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Cryptome.Org Hacked- Hosted Scripts for Drive-By Malware UPDATE! Javascript Captured
Feb 14th
Cryptome.Org was compromised by some type of PHP vulnerability, adding a download script to each of its pages on the webserver. The compromised pages produced the following AV alerts to visitors- click the photo to embiggen:
Cryptome confirmed each page had been modified here:
(13 Feb 2012) 5,000 more files found infected, still checking, but it looks as though every HTML file on Cryptome was infected. Sneaky: files inside directories and sub-directories were changed to add the SCRIPT with date of change but without changing the directory date. Not clear how access was gained through our ISP. Access logs do not show the infection activity. Any ideas how that was done and how to prevent recurrence: cryptome[at]earthlink.net
ArsTechnica goes on to report that Cryptome seems to think they were breached via the PHPmyadmin configuration page on their server.
A breach that caused Cryptome.org to infect visitors with virulent malware was one of at least six attacks reported to hit high-profile sites or services in the past few days. Others affected included Ticketmaster, websites for Mexico and the state of Alabama, Dutch ISP KPN, and the Microsoft store in India.
Cryptome, a repository of leaked documents and other information concerning free speech, privacy and cryptography, was attacked by hackers who left code on its servers that attempted to infect visitors using Windows PCs with a trojan spawned by the Blackhole Toolkit, the website reported on Sunday.
Cryptome founder John Young said in an e-mail that he believes the attackers were able to infect his website with a poisoned PHP file by exploiting a weakness in security or server software provided by Network Solutions, which hosts the Cryptome website.
If Cryptome was running a standard type of PHP enabled blog, such an attack would be a bit easier- a PHP based attack can compromise the mysql database and the malcode could be easily injected onto each page. But Cryptome doesn’t use PHP. Perhaps they actually do have PHP, but only as an addon available via their webserver administration console software.
The last time Cryptome was hacked, the name of Justin Perras came up- he was jailed for the Lexis Nexis hack back in the day.
Thanks to @AoSHQ Doom.
UPDATE!!
Coincidentally enough, I began to receive AV popups of my own related to the Blackhole malware. My AV of choice is the excellent Microsoft Security Essentials.
I examined the details and found out that one of my RSS feeds that I track was prepending a malicious script to RSS feed page that is served by Internet Explorer. I carved out the script and submitted it to Jsunpack. As is often the case, jsunpack didn’t detect the decoded javascript as malicious, but reading through the eval commands, it is clear that the software attempts to insert an iframe and create a drive-by download. Below is the decoded javascript. Click the image to embiggen.
It is also worthy to note that this threat employs dynamic DNS to prevent anyone from simply blackholing the IP address. And if the threat is widespread enough to begin to infect the RSS feeds of popular blogs, this one is going to be a big deal in the security sector in the next several weeks.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...SNL Pokes Fun at Verizon 4G LTE
Feb 12th
This is pretty funny from Hulu.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Sounds Like My Meetings
Feb 11th
Dilbert sums up why I’ve been having some rough meetings lately.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Beating This Meme to Death: Shit IT Security Nerds Say
Feb 10th
I work in IT security and it is a daily chore not to whomp nerd ass with a spare laptop battery. Their pitiful foam larping swords and their nerf guns are no match for three IBM Lenovo batteries ducttaped to the end of an axe handle. This video is a pretty good demonstration why that impulse is so tempting.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
American Psychiatric Association: No Such Thing As Aspergers
Feb 10th
Freaky, soulless, self-absorbed asshats, yes. Aspies, no. The APA is doing away with a clinical diagnosis of Aspergers since no one can figure out what the hell it is or if it actually exists. There will just be autism on a graduated scale.
In this famous action sequence, a selfish child that has no soul conceives of an idea that he is afflicted with a special disease that will excuse all of his horrible selfish behavior.
From the DailyBeast here:
Asperger’s, Overdiagnosed, Ill Defined, May Not Be a Syndrome Much Longer
Psychiatrists working on the latest edition of their profession’s diagnostic manual are thought to be tightening the definition of autism and dispensing with Asperger’s completely.
It’s a reasonable question to ask in the midst of the furor over the American Psychiatric Association’s proposed changes to the way autism spectrum disorders are diagnosed. According to the plan, the APA’s Diagnostic and Statistical Manual of Mental Disorders, the profession’s standard diagnostic reference for mental disorders will not contain Asperger’s syndrome at all. Instead, all diagnoses of autism—of which Asperger’s is currently considered a subset—will be collapsed together onto one spectrum, and rated in gradations from mild to severe.
For all its clinical and cultural resonance, Asperger’s syndrome is still only a recent addition to the American diagnostic vocabulary. In the 18 years since it arrived, no one has been able to agree on what it is.
So Gary McKinnon, famed Aspergers sufferer who is using his self-diagnosis to prevent being extradited to the United States to face criminal charges, is now considered by the APA to be merely “daft” rather than having a real disease. Eat it, AssPies.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Don’t Piss Off Your Gun-Toting Dad Who Works in IT
Feb 9th
A Dad, Tommy Jordan, becomes very disappointed with his daughter after finding a hurtful post on her Facebook wall. Stick with this video to the end. Epic parenting.
Tommy Jordan’s Facebook page is here.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...DDoS Tool Samples
Feb 7th
Arbor put this awesome compilation of 50 DDoS tools together along with this nifty video.
Some of these tools are gamer related, but most deal with botnet herding. To see the whole list go to Arbor’s site here.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Micron’s CEO Steve Appleton Rides the “John Denver Experience”
Feb 4th
Steve Appleton’s company Micron sure did make some good memory chips. And it earned Steve enough dough to allow him to indulge in risky hobbies, like flying in crappy airplanes that were known to have safety issues. He crashed and died just like other rich millionaires (Steve Fossett, JFK Jr.) who have no business pretending to be pilots.
Cartman Joins NAMBLA
Get More: SOUTH
PARKmore…
From DailyMail here:
The CEO of memory chip maker Micron died yesterday morning in a tragic accident when the small experimental fixed-wing plane he was piloting crashed at an airport. A recording of a conversation Steve Appleton had with air traffic controllers just moments before his death shows his panic as he desperately radioed: ‘I’d like to turn back in and, uh, land… coming back in’.
Mr Appleton, 51, a professional stunt plane pilot and former motocross racer, was the only person in the plane when it crashed at the Boise airport in Idaho. Trading in Micron stocks has been halted. Authorities received reports of a small aircraft that was on fire before it landed on Friday morning.
It’s not the first time Mr Appleton has been in a small plane crash, and questions have been raised in the past about whether the head of a large corporation should be engaging in such a dangerous hobby.
His amateur-built plane was a single-engine Lancair. Aircraft of this type have recently caught the attention of national aircraft safety authorities, who are in the midst of a study of their safety.
Know why so many self made millionaires die in plane crashes? Because they can afford flying lessons and get themselves a stupid airplane.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Microsoft Hits G-Mail Over Keyword Snooping
Feb 2nd
Microsoft released a YouTube video making fun of the G-Mail man who snoops through your email to target you with ads. And with more and more companies beginning to outsource their email to G-Mail, it is nice to see that there are alternatives out there.
I’ve used G-Mail for a corporate environment, and it was okay. Best things were the mobility, ease of access and fast searching capability. Drawback is that it was Google, with the ad-targeting, the questionable privacy tactics and the reports of breaches.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Google Maps Sued by Looters
Feb 2nd
French cartographers are pissed that Google is giving away their maps for free. They have been unable to sell any of their own maps because they simply can’t run a business, so they went the way of Atlas Shrugs and sued under some Dog Eat Dog clause. Now Google owes these crappy cartographers and their crooked lawyers about 660 Thousand bucks.
From CNET here:
You may like that Google Maps is free, but a French court says it’s actually anticompetitive.
A Paris court earlier this week ordered Google France and its parent company Google to pay plaintiff Bottin Cartographes 500,000 euros (about $660,000) for providing its free mapping services to businesses across the country. The court also required Google to pay a 15,000 euro fine for its practice.“We proved the illegality of (Google’s) strategy to remove its competitors,” Jean-David Scemmama, attorney for Bottin Cartographes, a company that provides mapping services to businesses, told the AFP in an interview earlier this week. “The court recognized the unfair and abusive character of the methods used, and allocated Bottin Cartographes all it claimed. This is the first time Google has been convicted for its Google Maps application.”
Bottin has been arguing its case against Google for two years, claiming the search giant was engaging in anticompetitive practices by using its free service to take control over the online-mapping industry.
I can see the need for some companies to purchase professionally created maps, and Google isn’t providing those, so I really can’t see how these guys have a case. Google ought to just buy the company and start selling professional paper maps to businesses world wide.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Pinterest Now Hogging the Internet Bandwidth
Feb 1st
I have to apply lots of filters to common internet noise on my job so that I can get down to the forensically interesting traffic. Typically I filter out facebook, netflix, software updates and lots more, but Pinterest is quickly rising up to the top of the list of things I don’t need to see.
And according to this article at Mashable, Pinterest drives more internet traffic now than YouTube, Reddit, Google+, and LinkedIn.
Pinterest is social media’s rising star — and now has the traffic stats to prove it.
The darling network of brides-to-be, fashionistas and budding bakers now beats YouTube, Reddit, Google+, LinkedIn and MySpace for percentage of total referral traffic in January, according to a Shareaholic study.
Pinterest accounted for 3.6% of referral traffic, while Twitter just barely edged ahead of the newcomer, accounting for 3.61% of referral traffic. In July 2011, Pinterest accounted for just 0.17% of referral traffic, proving the site’s blockbuster growth.
Facebook reigns king of referrals, accounting for more than one-quarter (26.4%) of traffic, 4.3% of which comes from Facebook Mobile. After Pinterest, Facebook is experiencing the most referral growth, gaining almost one percentage point in December.
This study is just about referral traffic, not total bandwidth. Netflix is still the king in that category. Don’t know what Pinterest is? Its twitter for chicks. All pictures, no words. And if you are a dude on Pinterest, I’m sure you give other guys hugs and cry at RomComs.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
Julian Assange Wants to Flee to Sealand
Feb 1st
Julian Assange is running scared. He is due to be extradited to Sweden to face charges of rape, but he wants to move his Wikileaks servers to a maritime location thinking that would put him outside of the law’s reach. Is Sealand still for sale?
From CNET here:
WikiLeaks investors are currently working on completing a deal to buy a boat that would house the controversial site’s servers in international waters, Fox News is reporting today, citing sources. By moving the servers offshore, WikiLeaks, which currently has servers in Sweden and Iceland, among other countries, believes that it will be able to evade U.S. law enforcement and save its founder Julian Assange from prosecution.
According to Fox News, one of its sources “within the hacker community” said that by moving the servers offshore, the site would be governed by maritime law, making Assange “safe” from prosecution.
“He’s not an idiot,” the source reportedly said of Assange to Fox News. “He’s actually very smart.”
Julian Assange is not an idiot. Know who else can operate outside of national laws on the open waters?
I’d love to see an act of piracy on the open waters taking out Julian and his Wikileaks minions. Avast!
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
FDA Sued By Stupid Scientists Who Can’t Read
Jan 30th
The FDA used its sophisticated network monitoring tools to reconstruct emails and documents sent via an external unauthorized email account, and ultimately the scientists who were bypassing FDA content filters were fired. Now they are suing the FDA for “spying on them” and doing so “secretly” despite the fact they see this every time they boot their FDA workstation:
(FDA) - The startup screen on FDA computers warns employees, “you have no reasonable expectation of privacy,” including any communication accessed or sent from the machine. This specific message has appeared since at least December 2010.
From the WaPo here:
The Food and Drug Administration secretly monitored the personal e-mail of a group of its own scientists and doctors after they warned Congress that the agency was approving medical devices that they believed posed unacceptable risks to patients, government documents show.
The surveillance — detailed in e-mails and memos unearthed by six of the scientists and doctors, who filed a lawsuit against the FDA in U.S. District Court in Washington last week — took place over two years as the plaintiffs accessed their personal Gmail accounts from government computers.
Information garnered this way eventually contributed to the harassment or dismissal of all six of the FDA employees, the suit alleges. All had worked in an office responsible for reviewing devices for cancer screening and other purposes.
Scientists who violate an obvious monitoring policy really have no legitimate complaint. Don’t want to be monitored? Use an SSH tunnel- at least until you get caught doing that too.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
DHS Monitoring Twitter; Ejects Chavs From US
Jan 30th
Alternate title of this post: When Idiots Converge. Leigh Bryan, a 24 YO doofus from Ireland, and probable chav, tweeted that he was going to “destroy america” and “dig up” Marilyn Monroe’s corpse. Upon landing in LAX, he was intercepted by customs and searched and then told that he was not allowed entry onto US soil. It seems he was watchlisted by DHS idiots who don’t understand that pasty white guys from the UK use terms like “destroy” to mean “get wasted.”
From the Mail here:
Two British tourists were barred from entering America after joking on Twitter that they were going to ‘destroy America’ and ‘dig up Marilyn Monroe’. Leigh Van Bryan, 26, was handcuffed and kept under armed guard in a cell with Mexican drug dealers for 12 hours after landing in Los Angeles with pal Emily Bunting. The Department of Homeland Security flagged him as a potential threat when he posted an excited tweet to his pals about his forthcoming trip to Hollywood which read: ‘Free this week, for quick gossip/prep before I go and destroy America‘.
After making their way through passport control at Los Angeles International Airport (LAX) last Monday afternoon the pair were detained by armed guards. Despite telling officials the term ‘destroy’ was British slang for ‘party’, they were held on suspicion of planning to ‘commit crimes’ and had their passports confiscated.
Federal agents even searched his suitcase looking for spades and shovels, claiming Emily was planning to act as Leigh’s ‘look out’ while he raided Marilyn’s tomb. Bar manager Leigh, from Coventry, and Emily, 24, from Birmingham, were then quizzed for five hours at LAX before they were handcuffed and put into a van with illegal immigrants and locked up overnight.
‘When we arrived at the prison I was shoved in a cell on my own but after an hour two huge Mexican men covered in tattoos came in and started asking me who I was. ‘They told me they’d been arrested for taking cocaine over the border. When the food arrived on the tray they took it all and just left me with a carton of apple juice.‘
They spent 12 hours in separate holding cells before being driven back to the airport where they were put on a plane home via Paris.
Aww, poor baby only got apple juice.
Yes, its kinda absurd that DHS thinks that they are catching terrorists by reading tweets. Its refreshing to see them fail at this as badly as their airport screening prevents terror too. As long as DHS continues to pretend that white males plant bombs, they will fail at their task.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Symantec to Customers: Only a Fool Would Use PCAnywhere Now
Jan 26th
Symantec released a whitepaper that quickly glosses over that they were pwn3d back in 2006 and lost the source code to their flagship products. Now they are recommending that the software be turned off unless you really, really can’t do without it, but if you get h4x0red don’t blame them.
The whitepaper says:
Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006. We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere.
With this incident pcAnywhere customers have increased risk. Malicious users with access to the source code have an
increased ability to identify vulnerabilities and build new exploits. Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information. General security best practices include endpoint, network, remote access, and physical security, as well as configuring pcAnywhere in a way that minimizes potential risks.At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks. For customers that require pcAnywhere for business critical purposes, it is recommended that customers understand the current risks, ensure pcAnywhere 12.5 is installed, apply all relevant patches as they are released, and follow the general security best practices discussed herein.
I don’t know how much marketshare PCAnywhere maintains nowadays- most Windows desktops and servers ship with a free remote desktop client, and most customers I encounter today use either citrix or desktop sharing services like WebEx. But this whole episode is still an embarrassment to big yellow.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
