W32.Wergimog is a worm that attempts to spread through removable drives and opens a back door. When I looked into its variants, I found an interesting sample, which I named W32.Wergimog.B. Both samples are based …
View full post on National Cyber Security
W32.Wergimog is a worm that attempts to spread through removable drives and opens a back door. When I looked into its variants, I found an interesting sample, which I named W32.Wergimog.B. Both samples are based …
View full post on National Cyber Security
View full post on News ≈ Packet Storm
View full post on National Cyber Security
This is the picture that led the FBI to a catch prolific hacker allegedly responsible for releasing the personal information of scores of police officers throughout the United States.
View full post on anonymous hacker – Yahoo! News Search Results
View full post on National Cyber Security
Pastebin’s status as the favoured website on which to post evidence of stolen or hacked data could become a thing of the past with the news that its owner plans to filter content more carefully.
In an email interview with the BBC, current owner Jeroen Vader admitted that the site now examined an average of 1,200 abuse reports a day via its notification system and needed to hire more staff to cope with this volume of traffic.
The site was also becoming a target itself and now received DDoS attacks almost every day, he said.
“February was a terrible month, so many attacks. It was a real nightmare to run the site. The longest one went on for more than 48 hours,” said Vader.
The site’s biggest challenge remains its reputation as a repository for stolen data as evidenced by numerous incidents since Vader took the site over in early 2010.
The sale was partly motivated by the infamous hack that gave Pastebin unwanted public attention in 2009 when it was used to publish the logins for thousands of Gmail, Hotmail, Yahoo and AOL webmail users.
Since then, it has become associated with an increasing number of data-sharing attacks, including the Comodo hacker’s famous SSL raids on various certificate authorities, the publication of credit cards culled from Saudi Arabian credit card users, and the theft of 100,000 Facebook user logins.
However, its most famous moments were undoubtedly connected to its regular use by LulzSec and Anonymous hacking groups to publicise attacks.
Equally, it has been used to publish details of important security vulnerabilities such as the one that affected Dropbox last June, which is where Pastebin’s tricky modus operandi becomes apparent. It is designed to be a repository for open information exchange, a sort of technical or coder’s version of Wikileaks. That this is often being abused is inherent to its open model.
“I am looking to hire some extra people soon to monitor more of the website’s content, not just the items that are reported,” Vader told the BBC.
“Hopefully this will increase the speed in which we can remove sensitive information. This will give us more time to look at trending items in detail if they haven’t been reported yet.”
Pastebin also shared IP address information if it was requested by the police using a valid court order, he said.
View full post on National Cyber Security » Computer Hacking
A hacker released the source code for antivirus firm Symantec’s pcAnywhere utility on Tuesday, raising fears that others could find security holes in the product and attempt takeovers of customer computers.
The release followed failed email negotiations over a $50,000 payout to the hacker calling himself YamaTough to destroy the code.
The email thread was published on Monday, but the hacker and the company said their participation had been a ruse. YamaTough said he was always going to publish the code, while Symantec said law enforcement had been directing its side of the talks.
The negotiations also might have bought Symantec time while it issued fixes to the pcAnywhere program, which allows customers to access their desktop machines from another location.
“Symantec was prepared for the code to be posted at some point and has developed and distributed a series of patches since January 23 to protect our users against known vulnerabilities,” said company spokesman Cris Paden.
Symantec had taken the extraordinary step of asking customers to stop using the software temporarily until it readied the patches. It issued fixes for “known vulnerabilities” in version 12.5 of the software on January 23 and fixes for versions 12.0 and 12.1 on Friday January 27.
Paden said that Symantec had contacted its customers and that it had not lost any customers. He said that if they were running up-to-date, patched versions they should not face increased risk.
Symantec also expects hackers to release other source code in their possession, 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security. “As we have already stated publicly, this is old code, and Symantec and Norton customers will not be at an increased risk as a result of any disclosure,” Paden said.
The emails over the $50,000 payoff was widely circulated, with some mocking the world’s largest standalone security company for its apparent attempt to buy protection.
But the company said the emails were in fact between the hacker and law enforcement officials posing as a Symantec employee.
“The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation,” Paden said, adding that no money was paid.
Paden declined to name the law enforcement agency, saying it could compromise the investigation.
Symantec had previously confirmed the hacker, part of a group called Lords of Dharmaraja and affiliated with Anonymous, was in possession of source code for its products, obtained in a 2006 breach of the company’s networks.
The email exchange released by the hacker, who claims to be based in Mumbai, India, shows drawn-out negotiations with a purported Symantec employee starting on January 18.
The email negotiations echoed conversations in past years, viewed by Reuters, in which police agencies directed talks between victims and hackers.
“We can’t pay you $50,000 at once for the reasons we discussed previously,” said one email from a purported Symantec employee Sam Thomas, who offered to pay the full amount at a later date.
“In exchange, you will make a public statement on behalf of your group that you lied about the hack.”
A common tactic of the FBI and others investigating extortionists and kidnappers is to seek to break down the amount of money sought by the suspects into multiple smaller payments.
This stretches out the negotiation, giving authorities more insight into the suspect and more time in which to make an arrest. It also lessens the risk to any victim inclined to pay the entire amount demanded.
Most important, it creates more transactions, each one of which provides a trail of records and human beings that can be traced as the police seek their quarry.
The hacker said he never intended to take the money.
“We tricked them into offering us a bribe so we could humiliate them,” YamaTough told Reuters.
In recent weeks, the hacker has posted segments of code for Norton Utilities and other programs. A software maker’s intellectual property, specifically its source code, is its most precious asset.
Symantec’s Norton Internet Security is among the most popular software available to stop viruses, spyware, and online identity theft.
Copyright 2012 Thomson Reuters. Click for restrictions.
Article source: http://www.msnbc.msn.com/id/46295876/ns/technology_and_science-security/
View full post on National Cyber Security » Computer Hacking
A hacker released the source code for antivirus firm Symantec’s pcAnywhere utility on Tuesday, raising fears that others could find security holes in the product and attempt takeovers of customer computers.
The release followed failed email negotiations over a $50,000 payout to the hacker calling himself YamaTough to destroy the code.
The email thread was published on Monday, but the hacker and the company said their participation had been a ruse. YamaTough said he was always going to publish the code, while Symantec said law enforcement had been directing its side of the talks.
The negotiations also might have bought Symantec time while it issued fixes to the pcAnywhere program, which allows customers to access their desktop machines from another location.
“Symantec was prepared for the code to be posted at some point and has developed and distributed a series of patches since January 23 to protect our users against known vulnerabilities,” said company spokesman Cris Paden.
Symantec had taken the extraordinary step of asking customers to stop using the software temporarily until it readied the patches. It issued fixes for “known vulnerabilities” in version 12.5 of the software on January 23 and fixes for versions 12.0 and 12.1 on Friday January 27.
Paden said that Symantec had contacted its customers and that it had not lost any customers. He said that if they were running up-to-date, patched versions they should not face increased risk.
Symantec also expects hackers to release other source code in their possession, 2006 versions of Norton Antivirus Corporate Edition and Norton Internet Security. “As we have already stated publicly, this is old code, and Symantec and Norton customers will not be at an increased risk as a result of any disclosure,” Paden said.
The emails over the $50,000 payoff was widely circulated, with some mocking the world’s largest standalone security company for its apparent attempt to buy protection.
But the company said the emails were in fact between the hacker and law enforcement officials posing as a Symantec employee.
“The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation,” Paden said, adding that no money was paid.
Paden declined to name the law enforcement agency, saying it could compromise the investigation.
Symantec had previously confirmed the hacker, part of a group called Lords of Dharmaraja and affiliated with Anonymous, was in possession of source code for its products, obtained in a 2006 breach of the company’s networks.
The email exchange released by the hacker, who claims to be based in Mumbai, India, shows drawn-out negotiations with a purported Symantec employee starting on January 18.
The email negotiations echoed conversations in past years, viewed by Reuters, in which police agencies directed talks between victims and hackers.
“We can’t pay you $50,000 at once for the reasons we discussed previously,” said one email from a purported Symantec employee Sam Thomas, who offered to pay the full amount at a later date.
“In exchange, you will make a public statement on behalf of your group that you lied about the hack.”
A common tactic of the FBI and others investigating extortionists and kidnappers is to seek to break down the amount of money sought by the suspects into multiple smaller payments.
This stretches out the negotiation, giving authorities more insight into the suspect and more time in which to make an arrest. It also lessens the risk to any victim inclined to pay the entire amount demanded.
Most important, it creates more transactions, each one of which provides a trail of records and human beings that can be traced as the police seek their quarry.
The hacker said he never intended to take the money.
“We tricked them into offering us a bribe so we could humiliate them,” YamaTough told Reuters.
In recent weeks, the hacker has posted segments of code for Norton Utilities and other programs. A software maker’s intellectual property, specifically its source code, is its most precious asset.
Symantec’s Norton Internet Security is among the most popular software available to stop viruses, spyware, and online identity theft.
Copyright 2012 Thomson Reuters. Click for restrictions.
Article source: http://www.msnbc.msn.com/id/46295876/ns/technology_and_science-security/
View full post on National Cyber Security » Computer Hacking
A hacker has released stolen source code from Symantec Corp., one of the largest computer security firms, after a phony set of ransom negotiations failed, according to the company.
The source code is part of a Symantec product called pcAnywhere, which allows users to log into and control home or work computers from remote locations. Access to the code could in theory give hackers insight into how to seize computers that use the software.
Symantec said the source code was for 2006 products that had since been updated with newer code. Even so, the company said, it had contacted customers in recent weeks to get them to apply software upgrades that could address known security problems.
The hacker, going by the name Yamatough, appeared to release a tranche of the code onto the controversial file-sharing site Pirate Bay on Tuesday, just as Symantec disclosed that ransom talks with the hacker were conducted by law enforcement personnel posing as a Symantec employee.
On Tuesday, a series of emails apparently between Yamatough and a Symantec employee were posted on the website pastebin.com. The emails revealed a back and forth over how to arrange an alleged $50,000 ransom payment in return for the hacker’s agreement to return the code without publishing it.
Symantec says the negotiations were a ruse conducted by law enforcement after the company contacted authorities.
“Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property,” spokesman Cris Paden wrote in a statement.
The email subterfuge was “all part of their investigative techniques for these types of incidents,” he added, noting that the company could not disclose which law enforcement agency was involved while the investigation was ongoing.
Symantec said the code was stolen in a 2006 hacking, and affected four products: Norton Antivirus Corporate Edition, Norton SystemWorks, Norton Internet Security and pcAnywhere.
“Of those four products, only pcAnywhere is still sold,” Paden wrote. “All of the others have been phased out and discontinued — or, in the case of Norton Internet Security, it has been completely, totally rebuilt.”
The company urged any users of its pcAnywhere product to apply the security fixes immediately.
Article source: http://www.latimes.com/business/technology/la-hackers-post-source-code-from-symantec-remote-login-software-20120207,0,3686964.story?track=rss
View full post on National Cyber Security » Computer Hacking
Vigilante hacker collective Anonymous made public personal information of Oakland, Calif. city officials Tuesday, in response to what the group calls violent behavior toward Occupy Oakland protestors.
View full post on anonymous hacker – Yahoo! News Search Results
View full post on National Cyber Security
OAKLAND (CBS/AP) — The hacker group Anonymous appears to have posted the addresses and other personal information of Oakland city officials to the Internet.
The information went up on Tuesday on a website attributed to the group. An accompanying note expresses anger over police action against members of Occupy Oakland and budget cuts finalized by the city.
Mayor Jean Quan, Police Chief Howard Jordan and City Council members were among those whose information was included in the posting.
Occupy Oakland protesters and police clashed last month when protesters tried to take over a vacant building in the city. Police used tear gas to disperse the crowds and arrested hundreds of people.
Also last month, the City Council finalized $28 million in budget cuts that included about 80 layoffs.
(Copyright 2012 by CBS San Francisco. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)
Article source: http://sanfrancisco.cbslocal.com/2012/02/07/hacker-group-posts-addresses-of-top-oakland-officials/
View full post on National Cyber Security » Computer Hacking