Forgot your password?
typodupeerror

Please create an account to participate in the Slashdot moderation system

China

China Admits Anonymous Hacks Occured 33

Posted by Unknown Lamer
from the offenders-shall-perish dept.
New submitter SolKeshNaranek writes "After Anonymous hacked hundreds of Chinese government, company, and other general websites, China has acknowledged the attacks. Meanwhile, Anonymous China has not stopped its onslaught. 'A few targets have had their administrator accounts, phone numbers, and e-mail addresses posted publicly. Last but not least, on many of the hacked sites, the group even posted tips for how to circumvent the Great Firewall of China. While Anonymous was not specifically mentioned, it's obvious what China's Ministry of Foreign Affairs was referring to during a briefing on Thursday, given the events during the last week.'"
Spam

Twitter Files Suit Against Spam Software Authors 56

Posted by Unknown Lamer
from the viagra-spam-in-140-characters dept.
An anonymous reader writes, quoting Network World: "As with any platform that sees a meteoric rise in popularity, it's only a matter of time before spammers throw their hats in the ring and try and exploit the masses for financial gain and other sinister purposes. As the relatively new kid on the block, Twitter is still busying itself trying to tackle and ultimately prevent spammers from destroying the user experience. While Twitter's previous efforts centered exclusively on engineering-based solutions, the company today announced that they are also pursuing legal avenues to fend off spammers." From the Twitter blog: "With this suit, we’re going straight to the source. By shutting down tool providers, we will prevent other spammers from having these services at their disposal. Further, we hope the suit acts as a deterrent to other spammers, demonstrating the strength of our commitment to keep them off Twitter."
Security

The Optimum Attack Rate For SSH Bruteforce? Once Every Ten Seconds 167

Posted by Unknown Lamer
from the and-that's-why-you-use-denyhosts dept.
badger.foo writes "Remember the glacially slow Hail Mary Cloud SSH bruteforcers? They're doing speedup tweaks and are preparing a comeback, some preliminary data reported by Peter Hansteen appear to indicate. The optimum rate of connections seems to be 1 per ten seconds, smack in the middle of the 'probably human' interval."
Government

Waterboarding Whistleblower Indicted Under Espionage Act 338

Posted by Unknown Lamer
from the long-hoped-for-bullet-arrives dept.
wiredmikey writes "A former CIA officer was indicted on Thursday for allegedly disclosing classified information to journalists. The restricted disclosure included the name of a covert officer and information related to the role a CIA employee played in classified operations. The indictment charges John Kiriakou with one count of violating the Intelligence Identities Protection Act for allegedly illegally disclosing the identity of a covert officer and with three counts of violating the Espionage Act for allegedly illegally disclosing national defense information to individuals not authorized to receive it. The count charging violation of the Intelligence Identities Protection Act, as well as each count of violating the Espionage Act, carries a maximum penalty of 10 years in prison, and making false statements carries a maximum prison term of five years. Each count carries a maximum fine of $250,000."
Government

State Department CIO Interviewed About Post-Wikileaks Changes 24

Posted by Unknown Lamer
from the leakers-punished-by-death dept.
CowboyRobot writes, quoting Information Week: "Eighteen months after its diplomatic cables were exposed in the WikiLeaks breach, the State Department continues to lock down its confidential information, while increasing its use of using social media. The agency is deploying new security technology, including auditing and monitoring tools that detect anomalous activity on the State Department's classified networks and systems. State has also begun tagging information with metadata to enable role-based access to those who need it, and is planning to implement public key infrastructure on its classified systems by the summer of 2014. This is all taking place despite the recent announcement that the IT budget will be cut by nearly 5%."
Spam

Good News: A Sustained Drop In Spam Levels 75

Posted by timothy
from the vienna-sausages-are-also-pretty-good dept.
Orome1 writes "Industry and government efforts have dealt a significant blow to spam, according to a Commtouch report that is compiled based on an analysis of more than 10 billion transactions handled on a daily basis. The sustained decrease in spam over the last year can be attributed to many factors, including: Botnet takedowns, increased prosecution of spammers and the source industries such as fake pharmaceuticals and replicas. However, spam is still four times the level of legitimate email and cybercriminals are increasing their revenues from other avenues, such as banking fraud malware."
Bug

On Slashdot Video, We Hear You Loud and Clear 263

Posted by timothy
from the what've-you-got-against-synergystic-deliverables? dept.
You complained; we heard you. We're making some adjustments to our ongoing experiment with video on Slashdot, and are trying to get it right. Some of the videos just haven't gelled, to put it lightly, and we know it. We're feeling out just what kinds of videos make sense here: it's a steep learning curve. So far, though, besides a few videos that nearly everyone hated, we've also seen some wacky, impressive, fun technology, and we're going to keep bringing more of it, but in what we intend to be smarter doses, here on the Slashdot home page. (A larger selection will be available on tv.slashdot.org.) We're also planning to start finding and documenting some creative means of destruction for naughty hardware; suggestions welcome. We have also heard you when it comes to improving the core Slashdot site experience and fixing bugs on site. We're working on these items, too. As always, suggestions are welcome, too, for other things worth getting on camera or publishing on Slashdot.
Crime

Microsoft: 'Unlikely' Credit Card Details Lifted From Xbox 360s 105

Posted by timothy
from the faked-in-the-same-studio-as-the-moon-landings dept.
An anonymous reader writes with this excerpt from ZDNet: "Security researchers from two universities say they found how hackers can retrieve credit card data and other personal information from used Microsoft Xbox 360s, even if the console is restored back to factory settings and its hard drive is wiped. Microsoft is now looking into their story of buying a refurbished Xbox 360 from a Microsoft-authorized retailer, downloading a basic modding tool, gaining access to the console's files and folders, and eventually extracting the original owner's credit card information. Redmond is still investigating, but it's already calling the claims 'unlikely.'"
Desktops (Apple)

Flashback Trojan Hits 600,000 Macs and Counting 429

Posted by timothy
from the first-they-came-for-the-windows-machines dept.
twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."
Security

Ask Slashdot: My Host Gave a Stranger Access To My Cloud Server, What Can I Do? 176

Posted by samzenpus
from the was-that-the-wrong-thing-to-do? dept.
zzzreyes writes "I got an email from my cloud server to reset the admin password, first dismissed it as phishing, but a few emails later I found one from an admin telling me that they had given a person full access to my server and revoked it, but not before 2 domains were moved from my account. I logged into my account to review the activity and found the form the perpetrator had submitted for appointment of new primary contact and it infuriated me, given the grave omissions. I wrote a letter to the company hoping for them to rectify the harm and they offered me half month of hosting, in a sign of good faith. For weeks I've been struggling with this and figure that the best thing to do is to ask my community for advice and help, so my dear slashdotters please share with me if you have any experience with this or know of anyone that has gone through this. What can I do?"
Security

Viewfinity CEO Says Many Computer Users Are Overprivileged (Video) 95

Posted by Roblimo
from the striking-a-balance-between-extremes dept.
This isn't about your place in society, but about user privileges on your computers and computer networks. The more privileges, the more risk of getting hacked and having Bad People do Bad Things to your company's computers, right? So Leonid Shtilman's company, Viewfinity, offers SaaS that helps you grant system privileges in a more granular manner than just allowing "root" and "user" accounts with nothing in between.
China

Anonymous Claims To Have Defaced Hundreds of Chinese Government Sites 72

Posted by Unknown Lamer
from the fast-track-to-execution dept.
Hkibtimes writes, quoting the International Business Times: "The Anonymous hacking collective has landed in China, home of some of the most tightly controlled Internet access in the world, and defaced hundreds of government websites in what appears to be a massive online operation against Beijing. Anonymous listed its intended institutional targets on Pastebin and has now attacked them."
Hardware Hacking

AT&T Microcell Disassembly; Security Flaws Exposed 82

Posted by Unknown Lamer
from the bind-all-the-addresses dept.
CharlyFoxtrot writes "The geeks over on the fail0verflow blog took apart an AT&T Microcell device which is 'essentially a small cell-tower in a box, which shuttles your calls and data back to the AT&T mothership over your home broadband connection.' They soon uncovered some real security issues including a backdoor : 'We believe that this backdoor is NOT meant to be globally accessible. It is probably only intended to be used over the IPSEC tunnel which the picoChip SoC creates. [...] Unfortunately, they set up the wizard to bind on 0.0.0.0, so the backdoor is accessible over the WAN interface.'"
Security

FTC Fines RockYou $250,000 For Storing User Data In Plain Text 127

Posted by samzenpus
from the pay-up dept.
An anonymous reader writes "You probably don't remember the RockYou fiasco as it happened in late 2009. In case you don't, social game developer RockYou suffered a serious SQL injection flaw on its flagship website. Worse, the company was storing user details in plain text. As a result, tens of millions of login details, including those belonging to minors, were stolen and published online. Now, RockYou has finally settled with the Federal Trade Commission."
Robotics

TSA Shuts Down Airport, Detains 11 After "Science Project" Found 537

Posted by samzenpus
from the put-down-the-graduated-cylinder dept.
OverTheGeicoE writes "A group of students and a professor were detained by TSA at Dallas' Love Field. Several of them were led away in handcuffs. What did they do wrong? One of them left a robotic science experiment behind on an aircraft, which panicked a boarding flight crew. The experiment 'looked like a cell phone attached to a remote control car with some exposed wires protruding.' Of course, the false alarm inconvenienced more than the traveling academics. The airport was temporarily shut down and multiple gates were evacuated, causing flight delays and diversions."

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...