US Consulate site hacked
,----[ Quote ]
| According to Sophos, the web site of the US Consulate General in St
| Petersburg, Russia, has been used as part of an IFRAME exploit.
|
| The exploit, which was subsequently cleaned from the Consulate General site,
| quietly linked to a pair of sites that exploit various browser
| vulnerabilities to install malware on visitors' systems.
`----
http://www.itwire.com/content/view/14431/1054/
It's no longer possible to see if these iframes came from a Windows server, but
Windows malware was served either way.
China accused of cyberattacks on New Zealand
,----[ Quote ]
| The allegations come only a week after the Chinese foreign ministry denied
| that the Chinese government had endorsed attacks on the computer networks of
| Germany, the United States and the United Kingdom.
`----
http://www.news.com/China+accused+of+cyberattacks+on+New+Zealand/2100-7348_3-6207678.html?part=rss&tag=2547-1_3-0-20&subj=news
Related:
Chinese cyber-attacks allegedly launched against British government departments
,----[ Quote ]
| The British NISCC warned of trojan attacks from Asia back in June 2005.
`----
http://www.heise.de/english/newsticker/news/95514/from/rss09
Indian Bank Restores Site After Malware Attack
,----[ Quote ]
| The bank has closed the site on Friday after it found that the site had been
| hacked,
`----
http://news.yahoo.com/s/pcworld/20070904/tc_pcworld/136716
Chinese military hacked into Pentagon
,----[ Quote ]
| The Chinese military hacked into a Pentagon computer network in June in the
| most successful cyber attack on the US defence department, say American
| officials.
`----
http://www.ft.com/cms/s/0/9dba9ba2-5a3b-11dc-9bcd-0000779fd2ac.html
German constitutional protection authorities foresee "secret service
procurement offensive"
,----[ Quote ]
| ...if Chinese attackers really had penetrated government computers, this
| would pose a risk even if no confidential data was involved. "It is possible
| to find out many things in this way - appointments, responsibilities, who is
| working on what - this is the first step in carrying out classical
| espionage," said Möller.
`----
http://www.heise.de/english/newsticker/news/95236/from/rss09
Politicians want to be informed on Chinese Trojan attacks
,----[ Quote ]
| Ruprecht Polenz (CDU), chairman of the Committee on Foreign Affairs,
| said: "If there is clear evidence that the Chinese state is responsible for
| these attacks, we cannot let the matter rest." According to a Spiegel report,
| the Federal Office for the Protection of the Constitution assumes that
| experts of the Chinese army have conducted the online espionage attacks
| against the Federal Chancellery, the ministry of economics, the ministry of
| research and also the ministry of foreign affairs.
`----
http://www.heise.de/english/newsticker/news/94983/from/rss09
China Crafts Cyberweapons
,----[ Quote ]
| The Defense Department reports China is building cyberwarfare
| units and developing viruses.
`----
http://www.pcworld.com/article/id,132284-pg,1/article.html(News)
Windows Security Hell - Another Victim: Bank of India
,----[ <3824653.5drpDRRNaJ@xxxxxxxxxxxxxxx> ]
| Everything was fine, but they must have read Microsoft's 'quick facts' and
| changed (at the expense of the customers).
|
| http://toolbar.netcraft.com/site_report?url=http://www.bankofindia.com
|
| 67.15.253.6 Windows Server 2003 Microsoft-IIS/6.0 21-May-2007
| 64.39.18.73 Windows 2000 Microsoft-IIS/5.0 22-Jan-2005
| 204.176.140.102 Linux Apache/1.3.27 Unix Red-Hat/Linux PHP/4.1.2
| mod_perl/1.24
| 14-Jan-2003
| 204.176.140.102 Linux Apache/1.3.22 Unix Red-Hat/Linux PHP/4.0.6
| mod_perl/1.24
| 12-Sep-2002
| 204.176.140.102 Linux Apache/1.3.22 Unix Red-Hat/Linux PHP/4.0.1pl2
| mod_perl/1.24 27-Jun-2002
| 204.176.140.102 Linux Apache/1.3.12 Unix Red Hat/Linux mod_ssl/2.6.6
| OpenSSL/0.9.5a PHP/4.0.1pl2 mod_perl/1.24 28-Jun-2001
| 204.176.140.102 unknown Apache/1.3.12 Unix Red Hat/Linux mod_ssl/2.6.6
| OpenSSL/0.9.5a PHP/4.0.1pl2 mod_perl/1.24 27-Jun-2001
| 204.176.140.102 Linux Apache/1.3.12 Unix Red Hat/Linux mod_ssl/2.6.6
| OpenSSL/0.9.5a PHP/4.0.1pl2 mod_perl/1.24 22-Jan-2001
| 204.176.140.102 Linux Apache/1.3.6 Unix PHP/3.0.7 17-Nov-2000
|
| Here is what happened days ago:
|
| Breaking: Bank of India seriously compromised
|
| http://sunbeltblog.blogspot.com/2007/08/breaking-bank-of-india-seriously.html
|
| How the Online Trust Model is Broken - The Bank of India.com attack
|
| ,----[ Quote ]
| | Manually entering the addresses into a browser will load some of them,
| | suggesting that those upstream malware sources are active (others have
| | already been shut down).
| `----
|
|
http://www.beskerming.com/commentary/2007/08/31/265/How_the_Online_Trust_Model_is_Broken_-_The_Bank_of_India.com_attack
`----
|
|
