Category: News

Last week, the Ecuadorian government held talks with the British Labour party to try to strike a deal to send Assange to Sweden to end the political impasse, which has seen the Australian whistleblower holed up in the Ecuadorian embassy since claiming asylum in June last year. But until Assange is released, possible candidates could include Kristinn Hrafnsson, Icelandic investigative journalist or maybe WikiLeaks activist Jacob Appelbaum, who has represented the organization in the past.

It is speculated that “Project K” may be linked to Assange’s Australian party which he launched last month, as it needs to gather 500 members before it can officially register with the Australian Electoral Commission ahead of September’s election.

Link: http://leaksource.wordpress.com/2013/04/01/wikileaks-announcement-special-project-k-press-conference-april-8th-national-press-club/

“Our analysis shows that of the more than 26,000 malware samples analysed, 70 per cent retained distinct identifiers or behaviours that can be useful for real-time control and blocking,” the report said.

The report said web-based applications were significantly more successful at avoiding traditional antivirus and remaining unknown for extended periods of time.

Link: http://www.scmagazine.com.au/News/337908,antivirus-apps-knocked-in-malware-report.aspx?utm_source=feed&utm_medium=rss&utm_campaign=SC+Magazine+News+feed

Things remained calm for a few days before kicking off again with even greater intensity – to the extent that collateral damage was seen against services such as Netflix, the New York Times reports.

A blog post by CloudFlare, written last week before the latest run of attacks, explains the mechanism of the attack against Spamhaus and how it can be usde to amplify packet floods.

The basic technique of a DNS reflection attack is to send a request for a large DNS zone file with the source IP address spoofed to be the intended victim to a large number of open DNS resolvers. … The attackers’ requests themselves are only a fraction of the size of the responses, meaning the attacker can effectively amplify their attack to many times the size of the bandwidth resources they themselves control.

…The requests were likely approximately 36 bytes long (e.g. dig ANY ripe.net @X.X.X.X +edns=0 +bufsize=4096, where X.X.X.X is replaced with the IP address of an open DNS resolver) and the response was approximately 3,000 bytes, translating to a 100x amplification factor. “Because the attacker used a DNS amplification, the attacker only needed to control a botnet or cluster of servers to generate 750Mbps – which is possible with a small sized botnet or a handful of AWS instances,” it explains.

Link: http://www.theregister.co.uk/2013/03/27/spamhaus_ddos_megaflood/

.“The Anonymous hackers can certain cause local pockets of disruption, but these disruptions are going to be localized to networks where their attack machines are located, or where their ‘reflectors’ are located”, said Robert Graham of Errata Security.

“Just because I say Anonymous can’t do it doesn’t it mean it can’t be done,” the security expert said on Errata’s blog.

Link: http://bgr.com/2012/03/28/anonymous-hackers-plan-to-shut-down-the-internet-this-saturday/

In general, the term “private cloud” means using cloud computing technologies in a company’s own data center. This still uses hardware hosted by Amazon, but adds extra security to make it behave more like a private datacenter.

If Amazon were really to enter the private cloud business, this could be a big threat to VMware and Citrix, the two biggest players in this market.

Whether Amazon has had a massive change of heart about private clouds or not, gaining the CIA as a customer is a major coup. Competitors like IBM, HP, and Rackspace say their clouds are more reliable and far more secure than Amazon’s.

Link: http://www.businessinsider.com/cia-600-million-deal-for-amazons-cloud-2013-3

“It fixes critical vulnerabilities that could be used for machine takeover in all versions of Internet Explorer from 6 to 10, on all platforms including Windows 8 and Windows RT,” says Qualys CTO Wolfgang Kandek.

It affects Silverlight whether deployed on Windows or Mac OS X operating systems, where it is used to run media applications such as Netflix, Kandek says.

“It is puzzling to see such a high rating for this software that typically requires opening of an infected file in order for the attack to work. It will be interesting to see the attack vector for this vulnerability that warrants the ‘critical’ rating,” he says.

Three of the bulletins are rated important and include two that could allow data to leak and one that could allow attackers to elevate privileges on an exploited machine. Important bulletins include vulnerabilities that could lead to compromised confidentiality, integrity or availability of user data, or of the integrity or availability of processing resources, Microsoft says.

Link: http://www.arnnet.com.au/article/455814/microsoft_patch_tuesday_targets_internet_explorer_drive-by_attacks/