-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Google Pulling Out of China? Don't Bet On It
http://www.pcworld.com/article/186793/google_china.html?tk=rss_news
Hacking Risks Persist Even If Companies Withdraw From China
,----[ Quote ]
| Google and other enterprises still face a
| bleak computer security landscape that makes
| their companies vulnerable to hackers,
| whether they do business in China or not,
| analysts say.
`----
http://www.pcworld.com/article/186823/hacking_risks_persist_even_if_companies_withdraw_from_china.html?tk=rss_news
More Sources Claim Chinese Government Involvement in Cyberattacks on Google, Others
,----[ Quote ]
| More sources are now claiming the Chinese
| government is behind the recent cyberattacks
| against Google and 33 other Silicon Valley
| companies, reports security firm Verisign
| iDefense. The attacks, revealed yesterday
| via a posting on Google's official blog,
| were hacking attempts on the technology
| infrastructure of Google and other major
| corporations in sectors that included
| finance, technology, media and chemical,
| said Dave Girouard, president of Google
| Enterprise.
|
| [...]
|
| While July's attacks were detected early and
| were largely uneventful, December's attacks
| did find some success. In addition, these
| same sources claim that the files in both
| cases share similar characteristics. For
| example, both attacks used a backdoor Trojan
| in the form of a Windows DLL, and both share
| two similar hosts for the command-and-
| control (C&C) communication. In layman's
| terms, if the cyberattack was a ground
| assault during a war, the C&C would be the
| general barking out the orders. Also in both
| incidents, the IP addresses used for C&C are
| in the same subnet and only six addresses
| apart from each other. That means both
| attacks are likely to have been instigated
| by the same entity and may imply that the
| recent victims' technology infrastructure
| has been compromised since July.
`----
http://www.readwriteweb.com/archives/sources_claim_chinese_government_involvement_in_attacks.php
Google Attack Highlights Strength of Targeted Malware
,----[ Quote ]
| As the name suggests, the carefully crafted
| assaults differ from the net-cast-wide
| malware most often seen. A targeted attack
| specifically selects its victim and
| generally sends an e-mail using that
| person's name and perhaps business title.
| The body of the message might reference an
| attached list of business contacts, or
| describe it as an invoice, or use any other
| hook that would allay suspicion and convince
| the victim to double-click the attachment.
`----
http://www.pcworld.com/article/186824/microsoft_should_kill_IE.html?tk=rss_news
Hackers pluck 8,300 customer logins from bank server
http://www.theregister.co.uk/2010/01/12/bank_server_breached/
Recent:
A new approach to China
,----[ Quote ]
| Like many other well-known organizations, we
| face cyber attacks of varying degrees on a
| regular basis. In mid-December, we detected a
| highly sophisticated and targeted attack on
| our corporate infrastructure originating from
| China that resulted in the theft of
| intellectual property from Google. However,
| it soon became clear that what at first
| appeared to be solely a security incident--
| albeit a significant one--was something quite
| different.
|
| First, this attack was not just on Google. As
| part of our investigation we have discovered
| that at least twenty other large companies
| from a wide range of businesses--including
| the Internet, finance, technology, media and
| chemical sectors--have been similarly
| targeted. We are currently in the process of
| notifying those companies, and we are also
| working with the relevant U.S. authorities.
|
| Second, we have evidence to suggest that a
| primary goal of the attackers was accessing
| the Gmail accounts of Chinese human rights
| activists. Based on our investigation to date
| we believe their attack did not achieve that
| objective. Only two Gmail accounts appear to
| have been accessed, and that activity was
| limited to account information (such as the
| date the account was created) and subject
| line, rather than the content of emails
| themselves.
|
| [...]
|
| These attacks and the surveillance they have
| uncovered--combined with the attempts over
| the past year to further limit free speech on
| the web--have led us to conclude that we
| should review the feasibility of our business
| operations in China. We have decided we are
| no longer willing to continue censoring our
| results on Google.cn, and so over the next
| few weeks we will be discussing with the
| Chinese government the basis on which we
| could operate an unfiltered search engine
| within the law, if at all. We recognize that
| this may well mean having to shut down
| Google.cn, and potentially our offices in
| China.
`----
http://googleblog.blogspot.com/2010/01/new-approach-to-china.html
Related:
Bots rule in cyberspace
,----[ Quote ]
| USA TODAY REPORTS that on an average day, 40 per cent of the 800 million
| computers connected to the Internet are bots used to send out spam, viruses
| and to mine for sensitive personal data.
`----
http://www.theinquirer.net/gb/inquirer/news/2008/03/17/bots-rule-cyberspace
http://www.usatoday.com/tech/news/computersecurity/2008-03-16-computer-botnets_N.htm
Botnets Running Rampant
,----[ Quote ]
| How much money is being stolen by cybercriminals? No one knows, and no one
| even knows how to go about coming up with that number, IronPort's Peterson
| said.
`----
http://www.pcworld.com/businesscenter/article/144489/botnets_running_rampant.html
Online banking fraud 'up 8,000%'
,----[ Quote ]
| The UK has seen an 8,000% increase in fake internet banking scams
| in the past two years, the government's financial watchdog has warned.
|
| The Financial Services Authority (FSA) told peers it was "very concerned"
| about the growth in "phishing".
`----
http://news.bbc.co.uk/1/hi/uk_politics/6177555.stm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAktPmS4ACgkQU4xAY3RXLo7BPgCgpJPKTywPpc4C7f2/nZ55T+UG
TpUAn3BS9jq6Q5Y/3ld0SS+80sXztq1T
=16g4
-----END PGP SIGNATURE-----
|
|
