[SecurityRatty] Lattest Articles

Houghton Mifflin Harcourt Server Breached In Mass Web Attack

Wed, 09 Jul 2008 04:56:34 +0000

Houghton Mifflin Harcourt (HMH), a publishing company based in Boston, will begin notifying individuals whose information may have been compromised by a worldwide Internet-based attack that affected one of its websites. On April 25, 2008, HMH’s Information Security group learned of a worldwide Internet-based attack that affected one of its non-e-commerce websites. HMH has reported this [...]

A Blast from the Past: Processing Patterns for Predictive Business, March 2006

Wed, 09 Jul 2008 03:22:26 +0000

For readers interested in complex event processing and a few of the challenges the industry faces, here is a presentation from 28 months back called Processing Patterns for Predictive Business. This presentation was delivered at the first Workshop on Event Processing - Presentations at IBM Research Labs, Yorktown Heights, March 14-16th 2006.

The same key points of that presentation are still relevant today:

1. Event-Decision Processing is Computationally Intensive

2. CEP requires a Number of Technologies:

Distributed Computing, Publish/Subscribe and SOA
Hierarchical, Cooperative Inference Processing
High Speed, Real Time Processing with State Management
Event-Decision Architecture for Complex Situations and Events
There is no single “CEP Solution” or “CEP Product” (in the market place then, and today)

3. CEP needs a Common Vocabulary and Functional Architecture based on Mature, Industry-Standard Inference Models

4. Processing and Integration Patterns for CEP need to be Developed and Formalized

Since March of 2006 a number of other challenges has surfaced. I will elaborate on this challenges in a future post.

Google relents, adds privacy link to spartan homepage

Tue, 08 Jul 2008 23:10:06 +0000

Google has agreed to add a "privacy" link to its famously pure home page, but on the condition that the total word count remains the same. What gets the boot?...

Net Neutrality: Five Facts Everyone Must Know

Tue, 08 Jul 2008 19:10:05 +0000

The term net neutrality, unless you’re a tech geek, conjures up thoughts of fair trade, international policy or possibly anti-fishing zones. Here's a clarification the oft confusing technical jargon slimmed down to only the necessary information:

Several Vendors Including Microsoft Patch Multiplatform DNS Vulnerability

Tue, 08 Jul 2008 18:49:43 +0000

Deficiencies in the Domain Name System (DNS) protocol may leave affected systems vulnerable to DNS cache poisoning attacks. If an attacker can successfully conduct a cache poisoning attack, they may be able to cause a nameserver’s clients to contact the incorrect, and possibly malicious, hosts for particular services. This may allow an attacker to obtain [...]

New 2600 Meet in Louisville, KY

Tue, 08 Jul 2008 16:22:53 +0000

Announcing the forming of a new 2600 meeting in the Louisville, KY, New Albany/Jeffersonville/Clarksville, IN and the surrounding area. We are looking for old faces and new faces to come and join us in discussion and hopefully projects in all things hacking. From computer security, to programming, to penetration testing and exploiting. It has been far too long since Louisville and its surrounding area have seen a group of security talent and we want to change that. If you want to be a regular, have a general interest or just want to converse with fellow techies please join us for our inaugural meeting.

When: Thursday July 31, 2008 @ 6:30pm
Where: Highland Coffee behind the Blockbuster near Bardstown road and Grindstead in Louisville, KY.
Google Map Link

Contact me if you think you can attend.

Storm Worm's U.S Invasion of Iran Campaign

Tue, 08 Jul 2008 16:07:39 +0000

The Storm Worm-ers are keeping themselves busy, with two campaigns in less than a week, following the latest on the 4th of July. Now, they are spreading rumors of a U.S invasion in Iran :

"Just now US Army's Delta Force and U.S. Air Force have invaded Iran. Approximately 20000 soldiers crossed the border into Iran and broke down the Iran's Army resistance. The video made by US soldier was received today morning. Click on the video to see first minutes of the beginning of the World War III. God save us."

The campaign is using the following domains :
statenewsworld .com
morenewsonline .com
dailydotnews .com
dotdailynews .com
newsworldnow .com

All registered by the same individual :
ONLINE CO REANIMATOR (dfgdgf@gmail.com)
REVA 13-27 Deribaska 3565,198346 DZ Tel. +321.3568872

Sample detection rate :
iran_occupation.exe
Scanners Result: 4/33 (12.13%)
File size: 118273 bytes
MD5...: 19ab8f1dddb743c1dc2924cb61d3f877
SHA1..: e0915f377020479ba95ffed0fcb07a2b2aec72f4

Storm Worm domains used in recent campaigns, still parked on infected hosts :

superlovelyric .com
bestlovelyric .com
makingloveworld .com
statenewsworld .com
wholoveguide .com
gonelovelife .com
loveisknowlege .com
lovekingonline .com
lovemarkonline .com
wholefireworksonline .com
morenewsonline .com
makingadore .com
greatadore .com
yourfireworksstore .com
loveoursite .com
dayfireworkssite .com
musiconelove .com
knowholove .com
whoisknowlove .com
theplaylove .com
lovelifecash .com
wantcherish .com
shelovehimtoo .com
makeloveforever .com
bellestarfireworks .com
yourfireworks .com
worldbestfireworks .com
greatfireworkslaws .com
dailydotnews .com
dotdailynews .com
wholovedirect .com
newsworldnow .com
thefireworksjuly .com
grupogaleria .cn
polkerdesign .cn
nationwide2u .cn
activeware .cn
grupogaleria .cn
likethisone1 .com
lollypopycandy .com
nationwide2u .cn
polkerdesign .cn
verynicebank .com
thefireworksjuly .com
wholefireworksonline .com
worldbestfireworks .com
yourfireworks .com
bellestarfireworks .com
dayfireworkssite .com
greatfireworkslaws .com
yourfireworksstore .com

The "best" is yet to come.

Related posts :
Storm Worm Hosting Pharmaceutical Scams
All You Need is Storm Worm's Love
Social Engineering and Malware
Storm Worm Switching Propagation Vectors
Storm Worm's use of Dropped Domains
Offensive Storm Worm Obfuscation
Storm Worm's Fast Flux Networks
Storm Worm's St. Valentine Campaign
Storm Worm's DDoS Attitude
Riders on the Storm Worm
The Storm Worm Malware Back in the Game

Software project managers should allow for experimentation

Tue, 08 Jul 2008 15:23:28 +0000

Software projects are creative processes that involve trial and, yes, error, argues PM expert Bas de Baar. However, these errors should be opportunities for learning, not project killers.

Diane Greene Ousted from VMware

Tue, 08 Jul 2008 15:09:35 +0000

VMware and EMC announced today that co-founder Diane Greene is leaving her post as CEO of the virtualization giant, effectively immediately. Former Microsoft executive, Paul Maritz, head of EMC’s cloud computing division, will replace her. (img credit Fortune Magazine/Joe Pugliese)

There’s speculation that falling VMware share prices, with no end in sight because of “poor revenue outlook” is the reason for the ouster.

Hmm. The stock went public at $29, went as high as $125 and is now at $40.26 (and falling as I write), almost a 40% premium over the first offering. Say what you will about the recently launched Microsoft Hyper-V and the Citrix offering that we never hear about, but VMware is the dominant virtualization player (and likely to remain so for at least some time given Microsoft’s track record with new product releases) in an exploding market. Gartner predictions are that the installed base of VMs will grow more than 10x between 2007 and 2011 and that by 2012 the majority of x86 server workloads will be running in a VM.

The future still looks pretty rosy for VMware – perhaps they’ll be taking a smaller chunk of the pie, but the pie’s getting much bigger. And all indications pointed to VMware moving up the stack and providing more management solutions (and more revenue streams) for the x86 virtualization market they helped to build.

So why the change? And why now? Is it a coincidence that it’s an ex-Microsoft exec taking over just as Hyper-V ships? Can only someone who knows the Microsoft Way combat the Microsoft Way? Remember this is the guy who wrote that Microsoft should “cut off Netscape’s air supply”.

So, good idea to say that Microsoft execs are better than VMware execs just as the Hyper-V juggernaut gets rolling? If I didn’t know better, I’d say this is the latest example of a MS FUD campaign…

ShareThis

If you want to use my data, pay me!

Tue, 08 Jul 2008 14:06:56 +0000

Ah, the sweet smell of less than honorable business tactics.

clipped from gawker.com

Online Marketers Want To Spy On Your Private Moments

A company called NebuAd (free advice to them: think of a less sinister name) is under fire right now because its software tracks you everywhere you go on the internet, then records that info and puts it all together and to sell to advertisers. And—surprise—the people who run NebuAd used to be in the honorable business of crafting adware, that launches deceptive pop-up ads on your screen. Useful members of humanity! Lots of marketers would really love to use this stuff, but they’re not sure if the public will go for it. So how is NebuAd assuaging privacy concerns?