Given the interest in the perspective, I'm continuing to share my daily reads for the last week and a half. Catch up with previous summaries, and see the big picture as well.
01. The fine art of shoulder surfing - Many hackers download their tools but traditionalists skilled in shoulder surfing still pose a threat. to Security on july 2
02. VCs discuss the next big things - Cell phone gambling in China and other wireless trends are what venture capitalists at Brainstorm were talking about. to Investing Mobile on july 2
03. Life After Privacy - Personal information is no longer personal. The only question is: who gets to see it? to Security Privacy on july 2
04. Spy Agency Sought U.S. Call Records Before 9/11, Lawyers Say - The U.S. National Security Agency asked AT&T Inc. to help it set up a domestic call monitoring site seven months before the Sept. 11, 2001 attacks, lawyers claimed June 23 in court papers filed in New York federal court. to Intelligence Surveillance Wiretapping Terrorism NSA on july 2
05. MySpace, a place without MyParents - Scott Granneman looks at the mass hysteria surrounding MySpace social security issues, examines a collection of frightening reports, and then discusses the real issue of parenting and parental supervision behind keeping our children safe. to Security NewMedia MySpace on july 2
06. Limiting Vulnerability Exposure through effective Patch Management: threat mitigation through vulnerability remediation - This document aims to provide a complete discussion on vulnerability and patch management. It looks first at the trends relating to vulnerabilities, exploits, attacks and patches. These trends provide the drivers of patch and vulnerability management. to Vulnerabilities 0day on july 2
07. 'Blue Pill' Prototype Creates 100% Undetectable Malware - Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD's SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying.. to Malware Rootkit Technology on july 2
08. Hacker attacks hitting Pentagon - "This stuff is enormously important," said John P. Stenbit, the Pentagon's chief information officer until 2004. "If the keys get into the wrong hands, all kinds of bad things happen. to Defense InformationWarfare on july 2
09. Data Mining Myspace Bulletins - I was able to whip together a small C program that generates urls, retrieves the bulletin, and saves the html to a file. Once all of the data has been downloaded, it's easy to parse through using a tool like grep. to Security NewMedia MySpace on july 2
10. How A Trigger Set Off A Logic Bomb At UBS PaineWebber - A forensics investigator testifying at the computer sabotage trial of a former systems administrator for UBS PaineWebber detailed how each line of code in the trigger helped set off a devastating logic bomb. to Insider Malware on july 2
11. On the Economics of Information Security - Papers - The Fifth Workshop on the Economics of Information Security (WEIS 2006). to Security Leadership on july 2
12. What's Wrong with This Picture? - A messy desk is a vulnerable desk. We've created one with 20 egregious violations of a good policy. See if you can find them. to Security Workplace on july 2
13. Space attack on satellites could be devastating - If the US does not protect its Earth-orbiting satellites, the equivalent of a car bomb in space could take the economy back to the 1950s, according to witnesses testifying in Washington DC earlier this week. to Military Satellite Space SPAWAR on july 2
14. Air Force to spend $450K datamining blogs for war on terror - The Air Force Office of Scientific Research recently began funding a new research area that includes a study of blogs. Blog research may provide information analysts and warfighters with invaluable help in fighting the war on terrorism. to Intelligence Terrorism Surveillance Technology on july 2
15. How Did U.S. Assess Iraqi Bioweapon Production? - One of the most vivid allegations made by the U.S. government regarding Iraqi weapons of mass destruction was the claim that Iraqi had developed mobile laboratories for the production of biological weapons. to Intelligence on july 2
16. Month of Browser Bugs - I will publish one new vulnerability each day during the month of July as part of the Month of Browser Bugs project. to Vulnerabilities 0day Metasploit on july 3
17. IM's Hidden Dangers - But unlike water-cooler chatter, IMs leave a trail—one that can be tracked by employers, regulators, and law-enforcement officials. And like e-mail, IMs are considered legal documents. to IM Compliance on july 6
18. Trend Micro Execs Face Probe - Agency may charge CEO and her husband with trading in shares of his former company, SINA. Trend Micro reported revenues of $621.9 million in 2005, compared with $587.4 million in 2004. The company currently has nearly 3,000 employees around the world. to Investing AntiVirus on july 6
19. Blast from the past: '50s Nevada A-bombs light LA's night sky - In the early 1950s, several above-ground atom bomb tests at the Nevada Proving Ground were visible in Los Angeles. This photo and five similar ones from 1951-1955 are from the Los Angeles Public Library Photo Database. to Defense Nuclear Technology on july 6
20. FOIA at Forty - The fortieth anniversary of the Freedom of Information Act, signed into law by President Johnson on July 4, 1966, was marked with the release of several interesting and informative publications.
to FOIA on july 6
21. Early Days On The Anti-Virus Front: A Personal Perspective - An anti-virus programmer reminisces about the people and the organizations that were pivotal in the earliest days of the war against computer viruses.
to Malware AntiVirus on july 6
22. The Blue Pill Hype - The working prototype I have (and which I will be demonstrating at SyScan and Black Hat) implements the most important step towards creating such malware, namely it allows to move the underlying operating system, on the fly, into a secure virtual machine. to Malware Rootkit Innovation on july 6
23. New PoC virus can infect both Windows and Linux - The virus is interesting, said analysts on Kaspesky's Viruslist website, because it is capable of infecting ELF, the file format used for Linux systems, and PE, Windows' file format. to Malware on july 6
24. Iranian intelligence services ban access to Azerbaijani websites - He reported that the ban aims at depriving Iranian Azerbaijanis of the contact with the international community. to Censorship Intelligence Iran on july 6
25. Can the N.Y. Times Be Charged Under the Espionage Act? - Can The New York Times be prosecuted for their story about the government's secret terrorist finance tracking program? to Intelligence Espionage Terrorism FreeSpeech on july 6
26. Text messaging censorship: PITA, BFD, or BTHOM? - Text messaging and the first level of censorship begins at the phone. While it's certainly possible to enter any word using the alphabetic method in which a=2, b=2-2, c=2-2-2, d=3 and so on, it isn't very convenient. to Censorship Mobile on july 6
27. Iran Accuses Academic Of Espionage For U.S. - Iran today accused jailed academic Ramin Jahanbegloo of having spied for the United States, with the aim of toppling the ruling Islamic system. to Intelligence Espionage Iran on july 6
28. Italian intelligence officials arrested over CIA kidnap - Italian police arrested two officials with Italy's military intelligence agency on Wednesday on suspicion of helping the CIA in the alleged kidnapping of a terrorism suspect in Milan, judicial sources said. to Intelligence Espionage CIA on july 6
29. New York Times Draws Criticism Over Decision to Reveal Intelligence Program - Executive editor of the New York Times Bill Keller and former director of the NSA Admiral Bobby Inman debate the newspaper's publication of the Bush administration's surveillance of banking records and the process in deciding what is fit to print. to FreeSpeech on july 6
30. Hackers May Lose Nuclear Option - The risk was illustrated in 2003, when the Slammer worm penetrated a network at the idled Davis-Besse nuclear plant in Ohio, disabling a safety monitoring computer for nearly five hours. to SCADA Nuclear Cyberterrorism Malware on july 7
31. 3 arrested in Coca-Cola trade secret scheme - "As the health of our enterprise continues to strengthen and the breadth of our innovation pipeline continues to grow, our ideas and our competitive data carry increasing interest to those outside our business." to Insider Espionage on july 7
32. Proactive Protection: a Panacea for Viruses? - The first in a series of articles that discuss the newest technologies used by antivirus companies which focuses on proactive technologies. to Malware Innovation on july 7
33. Japan to speed up installation of missile defense system - The envisioned missile defense system will detect launches of ballistic missiles with Aegis and other sophisticated radar systems and shoot them down with the sea-based Standard Missile-3 and the land-based Patriot Advanced Capability-3. to Defense Military on july 7
34. FCC CALEA Wiretap Rule for Broadband and VOIP - This document addresses the assistance capabilities required, pursuant to section 103 of the (CALEA- for facilities-based broadband Internet access providers and providers of interconnected Voice over Internet Protocol (VoIP). to Security Terrorism Intelligence Wiretapping CALEA VoIP Compliance on july 7
35. Tensions Ramping up with North Korea - "The U.S. was hell bent on espionage over military objects of the DPRK in March when it staged large-scale RSOI and "Foal Eagle" joint military exercises, bringing about the dark cloud of nuclear warfare." to Defense Military Reconnaissance on july 7
36. Over 1,200 Cases of U.S. Aerial Espionage - Translated 2004 News Items - Involved in the aerial espionage were latest reconnaissance planes of different missions including U-2, RC-135, E-8C, E-3, RC-7B, RC-12, RF-4, P-3 and EP-3. to Espionage Military Reconnaissance on july 7
37. Interview : An Ethical Hacker Protects the World Cup Network - Dr. Tom Porter is the mastermind behind the security for the World Cup network and a lifetime hacker himself. He shares his thoughts about network security, hacking and protecting the World Cup network. to Security Interview Leadership on july 7
38. Google’s Microsoft Syndrome - Google has fixed a security flaw in its RSS reader that could have allowed hackers to steal users’ personal information, but experts warned Thursday that the online giant could increasingly become a magnet for hackers, displacing Microsoft as the No. 1 target to Vulnerability Google NewMedia Web on july 7
39. Hefty bill for online click fraud - Online advertisers paid more than $800m last year for fraudulent clicks on their ads and more than a quarter of them have reduced their spending as a result, according to a study by the Outsell media research firm. to NewMedia Advertising Investing on july 7
40. BitDefender Ships Anti-Rootkit Beta - The anti-virus vendor, based in Bucharest, Romania, on July 7 lifted the wraps off a new anti-rootkit utility that promises to spot and delete stealthy software programs that are used by malicious hackers to hide malware. to Malware AntiVirus Rootkit Technology on july 7
41. VPN market to hit $29bn by 2009 - The virtual private network (VPN) services market was worth $23bn (£12.5bn) in 2005 and is expected to grow another 22 per cent to hit $29bn (£15.8bn) by 2009, according to an industry analyst. to Security VPN Investing on july 7
42. US managers accused of industrial espionage - Three former US car industry executives have been accused of selling trade secrets to the Chinese. to Espionage Insider on july 7
43. Mod terror documents found in ditch - According to the newspaper, it includes phone numbers for the UK's most important military figures, such as the Defence Secretary, Chief of Defence Staff and Director of Special Force. to Security on july 7
44. Authorities say gangs using Internet - Some of the country's most notorious street gangs have gotten Web-savvy, showcasing illegal exploits, making threats, and honoring killed and jailed members on digital turf. to PSYOPS on july 7
Independent Contractor. Bitcoin: 15Zvie1j8CjSR52doVSZSjctCDSx3pDjKZ Email: dancho.danchev@hush.com OMEMO: ddanchev@conversations.im | OTR: danchodanchev@xmpp.jp | TOX ID: 2E6FCA35A18AA76B2CCE33B55404A796F077CADA56F38922A1988AA381AE617A15D3D3E3E6F1
Saturday, July 08, 2006
Delicious Information Warfare - 27/07
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com