Category: News

The service was launched by a well-known security researcher who goes by the name of Moxie Marlinspike.

Hackers have known for some time that these WPA-PSK networks are vulnerable to what’s called a dictionary attack, where the hacker guesses the password by trying out thousands of commonly used passwords until one finally works.

WPA Cracker customers get access to a 400-node computing cluster that employs a custom dictionary, designed specifically for guessing WPA passwords.

If they find the $34 price tag too steep, they can use half the cluster and pay $17, for what could be a 40-minute job.

The service could save security auditors a lot of time, but it will probably make it easier for senior management to understand the risks they’re facing, said Robert Graham, CEO of penetration testing company Errata Security.

http://news.techworld.com/security/3208347/new-cloud-hacking-service-steals-wi-fi-passwords/

The United States marked October as a month of cybersecurity awareness, but analysts said the rest of the world still needs to catch up on the full implications of new security risks posed by technologies that are open to attack by hostile forces.

This [enhanced information exchange betweem the suppler and the customer] will enable utilities to combat fraud, introduce effective real-time management of the grid and slow down their investment in new energy generation capabilities, a DS2 study said.

However, any vulnerability in the smart grid could have an impact on that utility’s energy distribution grid, which could result in power cuts, and could be used by hackers and fraudsters to gain access to consumers’ private personal information.

So, alongside high-speed communications and robust features, what the smart grid also requires is cybersecurity — the protection required to ensure the confidentiality, integrity and availability of the electronic information communication system.

It said that expansion of the networks increases the complexity of the grid, which could expose it to potential attackers and unintentional errors.

http://www.upi.com/Business_News/Security-Industry/2009/12/08/Smart-grids-may-be-prone-to-cyberattacks/UPI-30271260314731/

Felahy, his wife Marwah Felahy, and her brother Mustafa Abdul Aljaff operated several microchip brokerage companies that imported chips from Shenzhen, in China’s Guangdong province. They would buy counterfeit chips from China or else take legitimate chips, sand off the brand markings and melt the plastic casings with acid to make them appear to be of higher quality or a different brand, the U.S. Department of Justice said in a press release. He is expected to be sentenced next year in U.S. District Court for the District of Columbia.

Two years ago, the Defense Advanced Research Projects Agency funded a program called Trust in Integrated Circuits, to investigate the problem. The next year, the U.S. Federal Bureau of Investigation (FBI) broke up a distribution network for counterfeit Cisco Systems routers, seizing $3.5 million worth of components.

http://www.computerworld.com/s/article/9141438/Man_pleads_guilty_to_selling_fake_chips_to_US_Navy?source=CTWNLE_nlt_dailyam_2009-11-25

He also made known that the most sophisticated adversaries are capable of altering software and hardware destined for the US during their passage through the global supply chain route, can remotely intrude on US networks, monitor communication and position insiders within those networks, and that all this may “provide them with pre-positioned capabilities to conduct computer network attacks.”

The Cyber Division’ latest success was the Operation Phish Phry.

At the consumer level, the FBI organized the Internet Crime Complaint Center (IC3), whose website is the leading national cyber crime incident reporting portal.

http://www.net-security.org/secworld.php?id=8537

“We don’t believe we’ve seen cases of cyber-warfare,” said Dmitri Alperovitch, vice president of threat research at McAfee.

There have been unauthorized penetrations into government systems since the early ARPANET days and it has long been known that the US critical infrastructure is vulnerable.

However, experts are putting dots together and seeing patterns that indicate that there is increasing intelligence gathering and building of sophisticated cyber-attack capabilities, according to the report titled “Virtually Here: The Age of Cyber Warfare.” “While we have not yet seen a ‘hot’ cyber-war between major powers, the efforts of nation-states to build increasingly sophisticated cyber-attack capabilities and in some cases demonstrate a willingness to use them, suggest that a ‘Cyber Cold War’ may have already begun,” the report says.

Because pinpointing the source of cyber-attacks is usually difficult if not impossible, the motivations can only be speculated upon, making the whole cyber-war debate an intellectual exercise at this point. For instance, Alperovitch speculates that the July 4 attacks denial-of-service on Web sites in the US and South Korea could have been a test by an foreign entity to see if flooding South Korean networks and the transcontinental communications between the US and South Korea would disrupt the ability of the US military in South Korea to communicate with military leaders in Washington, DC, and the Pacific Command in Hawaii.

http://en.mercopress.com/2009/11/18/cyber-war-is-here-and-to-stay-ask-us-china-russia-israel-and-france

The unorthodox console approach has been so effective that agents are scouring eBay to find the best deal on another 40 consoles to round out their collection.

Agents need computing power to break these codes because while a search warrant allows them to seize incriminating documents or digital evidence, the Fourth Amendment grants suspects the right to withhold their password information.

http://www.gamepro.com/article/news/212992/federal-government-using-ps3-to-crack-pedophile-passwords/