QinetiQ , a UK-based defense contractor, has its fingers all over some of the US Defense Department’s most sensitive systems. The company’s subsidiaries provide robots, diagnostic systems, intelligence systems for satellites, drones, and even “cyber-security” to the US Department of Defense. The parent company, which was created as a privatized spinoff of the British Defense Evaluation and Research Agency—what was the UK’s equivalent of the US Defense Advanced Research Projects Agency—is often cited as the inspiration for James Bond’s “Q.” But for at least three years, QinetiQ was apparently unintentionally supplying its expertise to another customer: China. In multiple operations, hackers tied to the People’s Liberation Army have had the run of QinetiQ’s networks, stealing sensitive data from them and even using them to launch attacks on the systems of government agencies and other defense contractors. E mails uncovered by the hack of security firm HBGary revealed that Chinese hackers had the run of the company’s networks starting in 2007. Bloomberg’s Michael Riley and Ben Elgin report that in one effort that lasted for over three years, “Comment Crew”—the group tied to the recent hacking of the New York Times and other news organizations, plus a host of attacks on other defense contractors and technology businesses—managed to gain access to “most if not all of the company’s research.” The company was notified on multiple occasions by government agencies of ongoing breaches, starting with a report from the Naval Criminal Investigative Service in December of 2007 that “a large quantity of sensitive information” was being stolen from two computers at the company’s US subsidiary, QinetiQ North America (QNA). A month later, NASA informed QNA that one of the company’s computers was being used in a cyberattack on its network. Read 1 remaining paragraphs | Comments
Tag: technology lab
Microsoft tells Windows 7 users to uninstall faulty security update (Updated)
Microsoft has pulled a Windows 7 security update released as part of this month’s Patch Tuesday after discovering it caused some machines to become unbootable. Update 2823324 , which was included in the MS13-036 bulletin , fixed a “moderate-level vulnerability” that requires an attacker to have physical computer access to be able to exploit a targeted computer, Dustin Childs, a group manager in the Microsoft Trustworthy Computing group, wrote in a blog post published Thursday evening. The company has now pulled it from the bulletin and is advising at least some Windows users who have installed it to uninstall the update following the guidance here . MS130-26 was one of nine bulletins released on Monday to fix 13 separate vulnerabilities. “We’ve determined that the update, when paired with certain third-party software, can cause system errors,” Childs wrote. “As a precaution, we stopped pushing 2823324 as an update when we began investigating the error reports, and have since removed it from the download center.” Read 3 remaining paragraphs | Comments
Visit link:
Microsoft tells Windows 7 users to uninstall faulty security update (Updated)
BlackBerry wants SEC to investigate “false reports” of Z10 returns
Yesterday, brokerage firm Detwiler Fenton claimed that more people were returning BlackBerry Z10s than had bought them at retail in the first place. Today, BlackBerry responded , saying not only that the Detwiler report was incorrect, but that it was going to ask the Securities and Exchange Commission in the US and the Ontario Securities Commission in Canada to review the report. Of the reports, BlackBerry CEO Thorsten Heins said, “Return rate statistics show that we are at or below our forecasts and right in line with the industry. To suggest otherwise is either a gross misreading of the data or a willful manipulation. Such a conclusion is absolutely without basis and BlackBerry will not leave it unchallenged.” The smartphone company also noted that Detwiler refused to make its report or methodology available. How more phones could be returned than were sold isn’t clear. Detwiler Fenton is the same firm that predicted that Microsoft would sell 2-3 million Surface Pro units in the fourth quarter of 2012, despite the fact that Microsoft explicitly said the device wouldn’t ship until three months after the Surface RT’s October launch. Read 2 remaining paragraphs | Comments
More here:
BlackBerry wants SEC to investigate “false reports” of Z10 returns
How whitehats stopped the DDoS attack that knocked Spamhaus offline
Unlike Unicast-based networks, Anycast systems use dozens of individual data centers to dilute the effects of distributed denial-of-service attacks. CloudFlare As an international organization that disrupts spam operators, the Spamhaus Project has made its share of enemies. Many of those enemies possess the Internet equivalent of millions of water cannons that can be turned on in an instant to flood targets with more traffic than they can possibly stand. On Tuesday, Spamhaus came under a torrential deluge—75 gigabits of junk data every second—making it impossible for anyone to access the group’s website (the real-time blacklists that ISPs use to filter billions of spam messages were never effected). Spamhaus quickly turned to CloudFlare, a company that secures websites and helps mitigate the effects of distributed denial-of-service attacks. This is a story about how the attackers were able to flood a single site with so much traffic, and the way CloudFlare blocked it using a routing methodology known as Anycast. Read 8 remaining paragraphs | Comments
View article:
How whitehats stopped the DDoS attack that knocked Spamhaus offline
Guerilla researcher created epic botnet to scan billions of IP addresses
Aurich Lawson (after Aliens) In one of the more audacious and ethically questionable research projects in recent memory, an anonymous hacker built a botnet of more than 420,000 Internet-connected devices and used it to perform one of the most comprehensive surveys ever to measure the insecurity of the global network. In all, the nine-month scanning project found 420 million IPv4 addresses that responded to probes and 36 million more addresses that had one or more ports open. A large percentage of the unsecured devices bore the hallmarks of broadband modems, network routers, and other devices with embedded operating systems that typically aren’t intended to be exposed to the outside world. The researcher found a total of 1.3 billion addresses in use, including 141 million that were behind a firewall and 729 million that returned reverse domain name system records. There were no signs of life from the remaining 2.3 billion IPv4 addresses. Continually scanning almost 4 billion addresses for nine months is a big job. In true guerilla research fashion, the unknown hacker developed a small scanning program that scoured the Internet for devices that could be logged into using no account credentials at all or the usernames and passwords of either “root” or “admin.” When the program encountered unsecured devices, it installed itself on them and used them to conduct additional scans. The viral growth of the botnet allowed it to infect about 100,000 devices within a day of the program’s release. The critical mass allowed the hacker to scan the Internet quickly and cheaply. With about 4,000 clients, it could scan one port on all 3.6 billion addresses in a single day. Because the project ran 1,000 unique probes on 742 separate ports, and possibly because the binary was uninstalled each time an infected device was restarted, the hacker commandeered a total of 420,000 devices to perform the survey. Read 16 remaining paragraphs | Comments
Read the original post:
Guerilla researcher created epic botnet to scan billions of IP addresses
Cisco switches to weaker hashing scheme, passwords cracked wide open
Password cracking experts have reversed a secret cryptographic formula recently added to Cisco devices. Ironically, the encryption type 4 algorithm leaves users considerably more susceptible to password cracking than an older alternative, even though the new routine was intended to enhance protections already in place. It turns out that Cisco’s new method for converting passwords into one-way hashes uses a single iteration of the SHA256 function with no cryptographic salt. The revelation came as a shock to many security experts because the technique requires little time and computing resources. As a result, relatively inexpensive computers used by crackers can try a dizzying number of guesses when attempting to guess the corresponding plain-text password. For instance, a system outfitted with two AMD Radeon 6990 graphics cards that run a soon-to-be-released version of the Hashcat password cracking program can cycle through more than 2.8 billion candidate passwords each second. By contrast, the type 5 algorithm the new scheme was intended to replace used 1,000 iterations of the MD5 hash function. The large number of repetitions forces cracking programs to work more slowly and makes the process more costly to attackers. Even more important, the older function added randomly generated cryptographic “salt” to each password, preventing crackers from tackling large numbers of hashes at once. Read 7 remaining paragraphs | Comments
Continue reading here:
Cisco switches to weaker hashing scheme, passwords cracked wide open
911 tech pinpoints people in buildings—but could disrupt wireless ISPs
NextNav’s enhanced 911 technology locates people within buildings—but may interfere with millions of existing devices. NextNav Cell phones replacing landlines are making it difficult to accurately locate people who call 911 from inside buildings. If a person having a heart attack on the 30th floor of a giant building can call for help but is unable to speak their location, actually finding that person from cell phone and GPS location data is a challenge for emergency responders. Thus, new technologies are being built to accurately locate people inside buildings. But a system that is perhaps the leading candidate for enhanced 911 geolocation is also controversial because it uses the same wireless frequencies as wireless Internet Service Providers, smart meters, toll readers like EZ-Pass, baby monitors, and various other devices. NextNav , the company that makes the technology, is seeking permission from the Federal Communications Commission to start commercial operations. More than a dozen businesses and industry groups oppose NextNav (which holds FCC licenses through a subsidiary called Progeny), saying the 911 technology will wipe out devices and services used by millions of Americans. Read 37 remaining paragraphs | Comments
Read this article:
911 tech pinpoints people in buildings—but could disrupt wireless ISPs
Most PC security problems come from unpatched third-party Windows apps
If you’ve got 99 security problems, odds are Microsoft’s not one—or at least it’s just a minority of them. In its annual review of software vulnerabilities , security software firm Secunia found that 86 percent of vulnerabilities discovered on systems scanned by its software in the 50 most popular Windows software packages in 2012 were attributable to third-party developers and not to Microsoft’s Windows operating system or applications. And for most of these vulnerabilities, a patch was already available at the time they were discovered. Of the top 50 most used Windows packages—including the Windows 7 operating system itself, 18 were found to have end-point security vulnerabilities, a 98 percent increase over five years ago. Of those 18 packages, Google’s Chrome and the Mozilla Firefox browser were the biggest culprits, with 291 and 257 detected vulnerabilities respectively. Apple iTunes came in third, with 243 detected vulnerabilities. The remainder of the top ten offenders were: Adobe Flash Player: 67 Oracle Java JRE SE: 66 Adobe AIR: 56 Microsoft Windows 7: 50 Adobe Reader: 43 Microsoft Internet Explorer: 41 Apple Quicktime: 29 Of the vulnerabilities documented in Secunia’s database, 84 percent had already been patched by vendors when they were discovered on systems. “This means that it is possible to remediate the majority of vulnerabilities,” said Secunia Director of Product Management Morten R. Stengaard. “There is no excuse for not patching.” Read on Ars Technica | Comments
View original post here:
Most PC security problems come from unpatched third-party Windows apps
For first time, US military says it would use offensive cyberweapons
For the first time ever, the Obama administration has publicly admitted to developing offensive cyberweapons that could be aimed at foreign nations during wartime. According to an article published Tuesday night by The New York Times , that admission came from General Keith Alexander, the chief of the military’s newly created Cyber Command. He said officials are establishing 13 teams of programmers and computer experts who would focus on offensive capabilities. Previously, Alexander publicly emphasized defensive strategies in electronic warfare to the almost complete exclusion of offense. “I would like to be clear that this team, this defend-the-nation team, is not a defensive team,” Alexander, who runs both the National Security Agency and the new Cyber Command, told the House Armed Services Committee on Tuesday. “This is an offensive team that the Defense Department would use to defend the nation if it were attacked in cyberspace. Thirteen of the teams that we’re creating are for that mission alone.” Read 3 remaining paragraphs | Comments
Excerpt from:
For first time, US military says it would use offensive cyberweapons
Microsoft comes to its senses, allows Office 2013 to move PCs
In a substantial regression from the terms offered for Office 2010, the original Office 2013 license died with your PC . You couldn’t install a retail copy of Office on a new PC, even if you removed it from the old one. But after much public outcry, Microsoft has relented . The Office 2013 terms and conditions are being updated so that transfers are allowed. You’ll be allowed one transfer every 90 days unless the transfers are due to hardware failures. (In that case they can be made immediately.) The change is effective immediately, but it will take some time before it trickles out to the activation servers. If you’re transferring Office 2013 to a different PC and activation fails, you’ll have to call customer support. Microsoft insists that the support people know the score and will be able to activate you manually. Read on Ars Technica | Comments
Visit site:
Microsoft comes to its senses, allows Office 2013 to move PCs