Next Page >>
governments
While you were sleeping and focusing on COFEE...
Microsoft Discloses Government Backdoor on Windows Operating Systems
Wednesday, April 30th, 2008 @ 6:00 am | Privacy, News
http://www.infiltrated.net/?p=92
Microsoft may have inadvertently disclosed a potential Microsoft backdoor for law
enforcement earlier this week. To explain this all, here is the layman term of a backdoor
from Wikipedia:
> To: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
> Subject: Microsot DID DISCLOSE potential Backdoor
>
> While you were sleeping and focusing on COFEE...
>
> Microsoft Discloses Government Backdoor on Windows Operating Systems
> Wednesday, April 30th, 2008 @ 6:00 am | Privacy, News
> http://www.infiltrated.net/?p=92
>
> Microsoft may have inadvertently disclosed a potential Microsoft
> backdoor for law
The same is true here.
>While penalties for "hacking" (why can't anyone use the appropriate
>term, cracking?), have become more severe in China, unfortunately
>those outside the jurisdiction of China's laws have nothing to worry
>about because the Chinese government is not working with other
>governments to pursue these people.
It is also plausible that the things done by China-based crackers
may further the socio-political and economic aims of the Chinese
government, whether or not these crackers are actually sponsored
#!/usr/bin/python
import zlib
msg = """
Society in every state is a blessing, but government even in its best
state is but a necessary evil
in its worst state an intolerable one; for when we suffer, or are
exposed to the same miseries by a
government, which we might expect in a country without government, our
calamities is heightened by
Classifications:
* Attack Method: Credential/Session Prediction
* Country: USA
* Outcome: Identity Theft
* Vertical: Government
The Secret Service has arrested at least 6 people in an investigation that
involves information theft at an Ohio court web site, which is actively used
for identity theft. At least one known identity theft case resulted in
$40,000 loss to the victim.
Classifications:
* Attack Method: Credential/Session Prediction
* Country: USA
* Outcome: Identity Theft
* Vertical: Government
The Secret Service has arrested at least 6 people in an investigation that
involves information theft at an Ohio court web site, which is actively used
for identity theft. At least one known identity theft case resulted in
$40,000 loss to the victim.
> Classifications:
>
> * Attack Method: Credential/Session Prediction
> * Country: USA
> * Outcome: Identity Theft
> * Vertical: Government
>
> The Secret Service has arrested at least 6 people in an investigation that
> involves information theft at an Ohio court web site, which is actively used
> for identity theft. At least one known identity theft case resulted in
> $40,000 loss to the victim.
Classifications:
* Attack Method: Credential/Session Prediction
* Country: USA
* Outcome: Identity Theft
* Vertical: Government
The Secret Service has arrested at least 6 people in an investigation that
involves information theft at an Ohio court web site, which is actively used
for identity theft. At least one known identity theft case resulted in
$40,000 loss to the victim.
In the last days news and government web sites in Georgia suffered DDoS
attacks. While these attacks seem to affect the Georgian Internet, it is still
there.
Facts:
1. There are botnet attacks against .ge websites.
2. These attacks affect the .ge Internet infrastructure, but it's reachable.
3. It doesn't seem Internet infrastructure is directly attacked.
4. Every other political tension in the past 10 years, from a comic of the
Prophet Muhammad to the war in Iraq, were followed by online supporters
> price, as well as free from commercial and political influence. The
> OSSTMM seemed to have all the features of being the answer for securing
> the world except that it had never been formally recognized…until now.
>
> With such fanatical devotion from experts and the underground, the
> OSSTMM soon gained the attention of governments from city to state to
> national which is how it eventually got to the ISO. ISO is the acronym
> of the International Standards Organization. Headquartered in Geneva,
> Switzerland, ISO is the collection of people who create manuals
> standardizing all sorts of things like paper sizes (ISO 216), what
> determines a water-resistant watch (ISO 2281), how to properly conduct
I'm not sure how blocking a country's traffic is racist. This would
seem to me that the people saying this believe that only one race
lives in that country. I agree with blocking China's traffic in the
situations where you can do so without negative impact.
The question that China's government should be asking is "Why are
people choosing to use servers located in China to perform these
attacks?". The answer to that question likely has something to do with
consequences. You see, for the most part people are driven by
consequences. If there are bad consequences to performing the attacks
from servers in the U.S. but there aren't any bad consequences to
default file system ACLs, a non-administrative local attacker can launch
the attack against virtual machines where VMware Tools were installed on
non-default locations, e.g., on a non-system drive. Additionally, the
attack is always possible on pre- Windows XP systems such as Windows 2000.
Additional details are available to interested corporate and government
customers under NDA, as public disclosure would reveal too many details on
the vulnerability and unduly accelerate malicious exploitation.
Mitigating Factors
commercial and political influence. The OSSTMM seemed to have all the
features of being the answer for securing the world except that it had
never been formally recognized…until now.
With such fanatical devotion from experts and the underground, the
OSSTMM soon gained the attention of governments from city to state to
national which is how it eventually got to the ISO. ISO is the acronym
of the International Standards Organization. Headquartered in Geneva,
Switzerland, ISO is the collection of people who create manuals
standardizing all sorts of things like paper sizes (ISO 216), what
determines a water-resistant watch (ISO 2281), how to properly conduct
A systematic attack could deploy malicious code to a large number of
virtual Windows workstations in a short period of time, possibly as an
Internet worm.
Additional details are available to interested corporate and government
customers under NDA, as public disclosure would reveal too many details on
the vulnerability and unduly accelerate malicious exploitation.
Mitigating Factors
Security-Assessment.com is Australasia's leading team of Information
Security consultants specialising in providing high quality Information
Security services to clients throughout the Asia Pacific region. Our
clients include some of the largest globally recognised companies in
areas such as finance, telecommunications, broadcasting, legal and
government. Our aim is to provide the very best independent advice and
a high level of technical expertise while creating long and lasting
professional relationships with our clients.
Security-Assessment.com is committed to security research and
development, and its team continues to identify and responsibly publish
to be updated when nessesary. The provided rootcerts packages has
been upgraded using the latest certdata.txt file from the mozilla
cvs repository, as of 2009/12/03.
In Mandriva a number of additional CA root certificates has been
added such as ICP-Brasil (Brazil government CA), cacert.org, IGC/A CA
(French government CA). The IGC/A CA one was recently added upstream
in the mozilla certdata.txt file.
The rootcerts package provides the /etc/pki/tls/certs/ca-bundle.crt
file which most sofwares in Mandriva, and where appliable is sharing
------------------------------------------------------------------------
Information technology has become crucial to almost every part of
society. IT infrastructures have become critical in the world-wide
economy, the financial sector the health sector, the government's
administration, the military, and the educational sector.
Although security usually gets involved in the design process of IT
systems nowadays, the process of maintaining security in the operation
of IT infrastructures, in most cases, still lacks the appropriate
------------------------------------------------------------------------
Information technology has become crucial to almost every part of
society. IT infrastructures have become critical in the world-wide
economy, the financial sector the health sector, the government's
administration, the military, and the educational sector.
Although security usually gets involved in the design process of IT
systems nowadays, the process of maintaining security in the operation
of IT infrastructures, in most cases, still lacks the appropriate
CERT/CC acknowledges reception of the advisory on a phone call
. 2008-04-10:
AusCERT notifies Core that so far it has not been able to contact the
vendor and asks for approval to disseminate the information to the
Australian government and other national and international entities
overlooking national infrastructure security. AusCERT also asks if CORE
intends to publish the advisory and if so requests some time to be able
to notify affected organizations. Meanwhile AusCERT indicates that it
will continue to try to work with the vendor.
it.
First of all, neither I, nor (well as far as I know) anybody here have seen
any evidence that attacks have originated from Russia. I certainly have no
doubt that there may have been adresses located in Russian IP-pools
attacking our government networks, but well we are professionals here, and
we do understand what do botnets mean, do we ?
What concerns the story about blogs and forum activities, well pardon, CNN
also showed pictures of happening in Estonia, so did BBC, EuroNews, MTV3
that gives me no arguments to claim that CNN is behind all that :)
> it.
>
> First of all, neither I, nor (well as far as I know) anybody here have seen
> any evidence that attacks have originated from Russia. I certainly have no
> doubt that there may have been adresses located in Russian IP-pools
> attacking our government networks, but well we are professionals here, and
> we do understand what do botnets mean, do we ?
> What concerns the story about blogs and forum activities, well pardon, CNN
> also showed pictures of happening in Estonia, so did BBC, EuroNews, MTV3
> that gives me no arguments to claim that CNN is behind all that :)
>
documents, XML, and EDI transactions over the Internet and private
IP networks.
The SecureTransport managed file transfer suite was built with
security in mind
from the ground up. SecureTransport provides corporate and
government organizations
with an enterprise-class managed file transfer service supporting a
broad and flexible
set of open Internet standards. Winner of the 2006 "Best Intellectual Property
Protection" award from SC Magazine, SecureTransport securely manages
file transfer
by the program committee.
== Topics ==
We are interested in bleeding edge security research directly from leading
researchers, professionals, academics, industry, government and the
underground security community. Please do not submit specific single
expoits (which might be fixed by the time of the conference) and
"yet-another-PHP-hack" or the like. Exploit frameworks, general approaches,
"defective by design" resp. "defective by implementation" and high impact
exploits have a much higher chance ;)
------------------------------------------------------------------------
Information technology has become crucial to almost every part of
society. IT infrastructures have become critical in the world-wide
economy, the financial sector the health sector, the government's
administration, the military, and the educational sector.
Although security usually gets involved in the design process of IT
systems nowadays, the process of maintaining security in the operation
of IT infrastructures, in most cases, still lacks the appropriate
subsection (8)(B)(ii) is kinda vague- apparently, if the FCC decides
that an email server is a "replacement for a substantial portion of
the local telephone exchange service and that it is in the public
interest to deem such a person or entity to be a telecommunications
carrier for the purposes of this tile", then anybody who runs an email
server would be required to make provisions for government wire-tapping.
so... did the FCC declare email servers to be part of the telephone
service, and nobody noticed?
subsection (8)(C)(i) explicitly says that "information services" are
services and explicitly exempts information services. Furthermore, there is
this exception:
(3) ENCRYPTION- A telecommunications carrier shall not be
responsible
for decrypting, or ensuring the government's ability to decrypt, any
communication encrypted by a subscriber or customer, unless the
encryption
was provided by the carrier and the carrier possesses the
information
------------------------------------------------------------------------
Information technology has become crucial to almost every part of
society. IT infrastructures have become critical in the world-wide
economy, the financial sector the health sector, the government's
administration, the military, and the educational sector.
Although security usually gets involved in the design process of IT
systems nowadays, the process of maintaining security in the operation
of IT infrastructures, in most cases, still lacks the appropriate
Hushmail Team has posted its response on 29th Dec to Cryptome:
"Hush Communications Corporation, the company that provides the Hushmail.com email service, is not owned, wholly or in part, by any government agency."
Response from Safe-mail.net Team is the following:
"1. We never had any contacts, direct or indirect, with the NSA or any other
government agency anywhere in the world.
2. All software we use is in-house development.
3. We have never shared our technology with any other party."
[HSC] eGov Content Manager Cross Site Scripting Vulrnability
The eGov Manager was designed to simplify the efforts of government staffers
who are responsible for posting public documents, news updates, events, managing
staff directories and online services. This issue is due to a failure in the
application to properly sanitize user-supplied input. Attackers may exploit this
issue via a web client. An attacker may leverage this issue to have arbitrary
script code execute in the browser of an unsuspecting user in the context of
the affected site. This may help the attacker steal cookie-based authentication
credentials and launch other attacks. A successful exploit could allow an attacker
About Context Information Security
----------------------------------
Context Information Security Limited is a specialist information security consultancy based in London and Frankfurt. Context promotes the holistic approach to information security and helps clients to identify, assess and control their exposure to risk within the fields of IT, telephony and physical security. Context employs experienced information security professionals who are subject-matter experts in their various technical specialisms. Context works extensively within the finance, legal, defence and government sectors, delivering high-end information security projects to organisations for which security is a priority.
Web: www.contextis.co.uk
Email: disclosure@contextis.co.uk
Next Page>>
|
