netsecurity database

"AN ACT
To advance cybersecurity research, development, and
technical standards, and for other purposes"

passed House of Representatives of the United States of America in Congress

Cybersecurity Enhancement Act of 2010

The Tor project developers have advised users to update their Tor anonymity software to version 0.2.1.22 or 0.2.2.7-alpha as soon as possible. This is because, in early January, two of the project's seven directory authorities (moria1 and gabelmoo) as well as the metrics.torproject.org statistics server were found to have been hacked. Moria also contains the developers' Git and sub-version repositories.

Read more...

Security advisory from Tor-project:

You should upgrade to Tor 0.2.1.22 or 0.2.2.7-alpha:
https://www.torproject.org/download.html.en

In early January we discovered that two of the seven directory
authorities were compromised (moria1 and gabelmoo), along with
metrics.torproject.org, a new server we'd recently set up to serve
metrics data and graphs. The three servers have since been reinstalled
with service migrated to other servers.

We made fresh identity keys for the two directory authorities, which is
why you need to upgrade.

Source

While there is no News or pressrelease on internetX-website, heise security reports, that on Wednesday, a severe distributed denial-of-service attack (DDoS) nearly brought down the German company’s domain name service.

read more

Russian Cyber Gang Suspected of Stealing Tens of Millions; Bank Denies Breach

BY SIOBHAN GORMAN AND EVAN PEREZ

The Federal Bureau of Investigation is probing a computer-security breach targeting Citigroup Inc. that resulted in a theft of tens of millions of dollars by computer hackers who appear linked to a Russian cyber gang, according to government officials.

...

THE WALL STREET JOURNAL

Suspected North Korean hackers may have gained access to a war plan devised by South Korea and the U.S. in preparation for an emergency, including details of specific operational scenarios, intelligence agencies believe.

Expressing concern about reports that children can easily access explicit content in online virtual worlds, in March 2009 Congress directed the Federal Trade Commission to conduct a study of such worlds, examining the types of content available and the methods virtual world operators use to restrict minors’ access to explicit content. Accordingly, the Commission conducted an empirical survey of the explicit content offerings in 27 online virtual worlds, selected as a cross section of worlds specifically intended for young children, worlds that appealed to teens, and worlds intended only for adult participation. The Commission also obtained information directly from six specific virtual worlds. This Report presents the results of the Commission’s inquiry, focusing only on content found in online virtual worlds, and not on explicit content that children might encounter generally on the Internet.

...

A REPORT TO CONGRESS- DECEMBER 2009 from FEDERAL TRADE COMMISSION.

#!/bin/sh

if test -e /var/lock/ixblacklist.lck
then
exit
else
touch /var/lock/ixblacklist.lck
cd /my_workdir
# files holen
wget -o /var/log/getixblacklist.log -O /my_workdir/nixspam.blackmatches http://www.ix.de/nixspam/nixspam.blackmatches
# nach ip sortieren und doubletten rauswerfen
cat nixspam.blackmatches | cut -d' ' -f2 | sort -u >nixspam.ips

mv /my_workdir/nixspam.ips /my_workdir/nixspam.ips.working
touch /my_workdir/nixspam.ips
cat /my_workdir/nixspam.ips.working |
while read line; do
# every single IP gets passed to my script as argument
/whereverscriptislocated/my_processing_script.sh $line;
done
cat /my_workdir/nixspam.ips.working >>/my_workdir/unique_ips.done
rm /var/lock/ixblacklist.lck
fi

...
Further investigation has shown that the following plugins were indeed compromised:

* sasql-3.2.0
* multilogin-2.4-1.2.9
* change_pass-3.0-1.4.0

Parts of these code changes attempts to send mail to an offsite server containing passwords. We cannot establish a timeline of when these plugins were compromised. If you are a user of these plugins, it is strongly recommended you download a fresh copy from the plugins repository.

...

squirrelmail.org

Forschungsprogramm und Projekte der strafrechtlichen Abteilung

... Network Solutions identified unauthorized code on servers supporting some of its ecommerce merchants’ websites

...

it was determined that the code may have been used to transfer data on certain transactions for approximately 4,343 of our more than 10,000 merchant websites to servers outside the company. The code may have captured transaction data from approximately 573,928 cardholders for certain date periods this spring.

read more here

Versions(1.3.8 and older) of the Open Source Shopping System are affected.

Patch to be found on zen-cart.at.

--- snip ---
Maintenance

We are sorry to report that we have been attacked through a 0-day-exploit in our PHPList installation (responsible for the mailing list about new releases). phpBB.com will remain unavailable while we work to recover. No vulnerabilities have been found in the phpBB software itself.

You can download phpBB here: http://www.ohloh.net/p/phpbb

You can get support at the temporary support forums or on IRC:
chat.freenode.net #phpbb

A more detailed explanation about the incident.

– the phpBB team
--- snip ---

read story on independent.co.uk

to all friends, beta-users, users and visitors.

Even to spammers and hackers attacking our servers.

new BKA law in committee

In order to fight international terrorism the research, storage and exchange of communication data was extended. Monitoring of private workstations by means of 'trojan like software tools' is permitted with only a few exceptions that affect members of parliament and partly lawyers.

voting results from Bundestag.

greenpeace reports about investigation progress.

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

A german business magazine reports, that more than 20 Mio. bank records of german citizens (thats round about every third existing one) were offered to them for buying at a price level of 12 Mio EU.

A delivered CD is reported to contain 1.2 Mio records with personal data, bank account and credit rating.

2987th JUSTICE and HOME AFFAIRS Council meeting - Brussels, 27-28 November 2008

-- quote--
Derzeit stehen die InterNetX Infrastruktur bzw. große Teile des DNS im
Fokus eines massiven DDoS Angriffes. Durch Einsatz komplexer Regelwerke
ist derzeit aber eine begrenzet Bandbreite verfügbar. Dies nimmt jedoch
Einfluss auf die Erreichbarkeit des DNS.

Ein DDoS Angriff ist eine Attacke von außen, die zum Ziel hat, einen oder
mehrere Dienste eines Hosts lahm zu legen. Mehr Informationen darüber
finden Sie unter diesem Link: http://de.wikipedia.org/wiki/DDoS

Das Angriffsvolumen liegt derzeit bei ca. 40.000 Hosts und einer Gesamt-
bandbreite von über 20 Gbit/s. Das InterNetX Team ist in Zusammenarbeit
mit zahlreichen Backbonebetreibern um eine zeitnahe Lösung bemüht.
--- /quote ---