Technology in your hands.

At 4 in the morning of May 1, 2005, deputies from the El Paso County Sheriff’s Office converged on the suburban Colorado Springs home of Richard Gasper, a TSA screener at the local Colorado Springs Municipal Airport. They were expecting to find a desperate, suicidal gunman holding Gasper and his daughter hostage.

“I will shoot,” the gravely voice had warned, in a phone call to police minutes earlier. “I’m not afraid. I will shoot, and then I will kill myself, because I don’t care.”

“I will shoot.” Listen to the Colorado Springs hostage hoax.

But instead of a gunman, it was Gasper himself who stepped into the glare of police floodlights. Deputies ordered Gasper’s hands up and held him for 90 minutes while searching the house. They found no armed intruder, no hostages bound in duct tape. Just Gasper’s 18-year-old daughter and his baffled parents.

A federal Joint Terrorism Task Force would later conclude that Gasper had been the victim of a new type of nasty hoax, called “swatting,” that was spreading across the United States. Pranksters were phoning police with fake murders and hostage crises, spoofing their caller IDs so the calls appear to be coming from inside the target’s home. The result: police SWAT teams rolling to the scene, sometimes bursting into homes, guns drawn.

Now the FBI thinks it has identified the culprit in the Colorado swatting as a 17-year-old East Boston phone phreak known as “Li’l Hacker.” Because he’s underage, Wired.com is not reporting Li’l Hacker’s last name. His first name is Matthew, and he poses a unique challenge to the federal justice system, because he is blind from birth…

Read Full Story

Malware writers are increasingly tailoring attacks to specific regions, languages and applications..

Security firm McAfee warned that locally targeted malware comprises up to half of all attacks in some areas.

Dave Marcus, security research and communications manager at McAfee Avert Labs, said: “You have the guys that are local for their region, and then you’ve got the bigger organisations.

“The situation is still developing, but we could not have had this conversation two years ago.”

An example of localised malware can be found in Japan. Financially motivated malware throughout the rest of the world is overshadowed in Japan by malware which focuses on destruction and data theft via peer-to-peer applications.

Read Full Article here

The hacking group Cult of the Dead Cow has released a tool that should make Google hacking a little easier for novices.

Called Goolag, the open-source software lets hackers use the Google search engine to scan Web sites for vulnerabilities.

This is something that hackers have been doing for years, but it can be tricky work– involving custom scripts and tools that sift through the mountain of data available via Google.

The Cult of the Dead Cow is best known for creating the Back Orifice software 10 years ago, which could be used to remotely control a Windows machine.

Like Back Orifice, the software could be used by both legitimate security professionals and criminals. Goolag comes with an easy-to-use graphical interface. It is based on techniques developed by Computer Sciences Corp. researcher Johnny Long, a well-known computer hacker who has spent years documenting the way that Google’s search engine can be used to uncover security vulnerabilities in the Web sites it indexes.

Read Full Article here

Ben Edelman’s Valentine’s Day missive to C-NetMedia is definitely not a love letter. In a detailed report posted on Thursday, the spyware researcher, attorney, and assistant professor at Harvard University accused the Alabama-based anti-spyware company of deceptive business and marketing practices, and of selling ineffective security software.

C-NetMedia could easily be confused with CNET Networks; in fact, the two companies have nothing to do with each other.

As Edelman points out, C-NetMedia profits from confusion. It had paid for a sponsored link that appears on Google searches for “spybot.” SpyBot Search & Destroy happens to be a popular anti-spyware tool. C-NetMedia’s sponsored link leads to SpywareBot.com/SpyBot, a Web link that could easily be mistaken for the official SpyBot Search & Destroy site. C-NetMedia’s ad text — “Official Site - Search & Destroy Spyware. Download Spyware Bot Now!” — magnifies the confusion.

Read Full Article

Web browsing and searching are becoming increasingly risky activities, according to a report published by Google on Tuesday.

“In the past few months, more than 1% of all search results contained at least one result that we believe to point to malicious content and the trend seems to be increasing,” said Niels Provos, a security engineer at Google, in a blog post.

Provos said that in the year and a half since Google began tracking malicious Web pages, the company has found more than 3 million unique URLs on more than 180,000 Web sites that attempt to install malware on visitors’ computers.

Read Full Article

Here’s a heads-up on the evolving security threats we can expect to see in the coming year, including emerging menaces such as badvertising, adsploits, anti-social networking, lieware, and whaling.

By the end of 2008, McAfee Avert Labs predicts it will have identified some 550,000 malicious programs, a 54% increase from 2007. With all the new malware emerging, we can expect new terminology to describe these constantly morphing threats. Here, then, is our only slightly tongue-in-check attempt to predict some of the rising threats in 2008 and the language that may be employed to describe those threats.

Full Article

Microsoft is planning to release 12 security bulletins next week, the company said Thursday. The latest dozen fixes to Microsoft’s software are scheduled for release on Feb. 12. Microsoft plans to hold a Webcast on Feb. 13 to address customer questions.

Microsoft’s February Patch Day will offer information about seven critical and five important vulnerabilities. The affected Microsoft software includes Active Directory, ADAM, IIS, Internet Explorer, Jscript, Office, VBScript, Visual Basic, Windows, Works, and Works Suite.

There’s something for Mac users, too: Microsoft plans to address a vulnerability in Microsoft Office 2004 for Mac. While the company has not yet said what this vulnerability is, it probably has something to do with the Excel bug that surfaced in mid-January. The company issued a security advisory on Jan. 15 stating that it was investigating reports of a flaw in Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac…
Full Article

Mozilla on Friday released Firefox 2.0.0.12, an updated version of the upstart browser that has won over roughly one out of every five Internet users worldwide. The 2.0.0.12 update addresses 10 security advisories, three of which Mozilla classifies as critical.

One of the critical advisories has to do with the way that images are handled on Web pages with designMode frames, an HTML property that allows Web documents to be edited. The vulnerability could potentially be exploited to steal a user’s browsing history, crash Firefox, or execute arbitrary code. The second critical advisory has to do with memory corruption crashes in the browser engine used by Firefox and other Mozilla products like Thunderbird. The third outlines a flaw that could allow JavaScript privilege escalation and the ability to execute arbitrary remote code.

In its 2007 security report, Secunia analyzed a limited set of vulnerabilities that were disclosed publicly, before vendor notification, and found that Mozilla on average patched Firefox flaws more quickly thanMicrosoft patched holes in Internet Explorer.

Full Article

Apple’s OS X, Microsoft Windows, and Linux operating systems are to be pitted against each other in an ethical hacking contest in Vancouver next month. Run by the organizers of the CanSecWest Vancouver 2008 security conference, the competition is a repeat of the “PWN to Own” contest at CanSecWest in 2007, when security researchers competed to win a MacBook Pro and $10,000. The prize was shared between security researchers Dino Dai Zovi and Shane Macauley for their successful use of a zero-day QuickTime vulnerability, which they used to compromise the MacBook. The vulnerability was subsequently found to also affect Windows platforms.

The hacking competition at CanSecWest 2008 will pit the Linux, Leopard OS X, and Vista operating systems against each other, according to CanSecWest organizer Dragos Ruiu.

“The fur is flying right now about which is more secure–Linux, Vista, or Leopard,” Ruiu said on Thursday. “Linux guys have their propaganda, Windows guys are saying this and that, Apple guys have buried their heads in the sand as usual. I guess the proof is in the pudding.”Full Article Here

The Web site for Indian antivirus vendor AvSoft Technologies has been hacked and is being used to install malicious software on visitors’ computers, security researchers said last week.

The download section of AvSoft’s S-cop Web site hosts the malicious code, according to Roger Thompson, chief research officer with security vendor AVG. “They let one of their pages get hit by an iFrame injection,” he said. “It shows that anyone can be a victim…. It’s hard to protect Web servers properly.”

The technique used on the site has been seen in thousands of similar hacks over the past few months. The attackers open an invisible iFrame Window within the victim’s browser, which redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim’s computer.

The malicious software is a variant of the Virut virus family…

Full Article Here