Trailrunner7 writes "Saudi Aramco says that the virus attack that compromised tens of thousands of the company's workstations last month never endangered the company's oil production capabilities and that all of the affected systems have been brought back online and restored. The attack on Aramco has been linked by researchers to the Shamoon malware, but company officials did not comment on the nature or provenance of the malware. The attack hit Aramco, one of the larger oil producers in the world, on August 15 and the company soon took its main Web sites offline as it investigated the extent and nature of the compromise. A group of attackers calling itself the Cutting Sword of Justice took credit for the attack through a post on Pastebin, saying that the operation had destroyed data on 30,000 machines, including both workstations and servers. The company originally did not comment on the extent of the damage to its network, simply saying that it had suffered an attack and was in the process of cleaning it up. On Monday, company officials said that security staffers had restored all of the infected machines and that its operations were back to normal."
SlashBI: Your dashboard for the latest in business-intelligence news and analysis.
An anonymous reader writes "A member of the Anonymous hacktivist group appears to have taken down GoDaddy with a massive Distributed Denial of Service (DDoS). The widespread issue seems to be affecting countless websites and services around the world, although not for everyone. Godaddy.com is down, but so are some of the site's DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It's currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve."
A cascading hardware outage struck subscription payment provider Recurly last week, and that started a long example in how not to manage critical infrastructure. From the article: "Last Monday, the payment provider suffered an intermittent hardware failure, which prevented the company from processing either payments or refunds. The company says it serves over 1,000 customers, including Adobe, BrightCove, and Fox News Radio, processing recurring payments for subscriptions. By Friday, the company still hadn’t completely straightened out the mess, providing updates to customers using payment gateways such as Authorize.net and LinkPoint/First Data."
jfruh writes "What's the longest tech interview you've had to sit through — two hours? Eight? Ruby on Rails devs who want to work for Hashrocket need to travel to Florida and do pair-programming on real projects for a week before they can be hired. The upside is that you'll be put up in a beachfront condo for the week with your significant other; the downside is that you'll be doing real work for a week for little or no pay and no guarantee of a job slot."
CowboyRobot writes "Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs 'toll fraud' — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available."
way2trivial writes with this snippet from Information Week about a warning from Microsoft reminding Windows administrators that an update scheduled for October 9th will require a higher standard for digital certificates. "That warning comes as Microsoft prepares to release an automatic security update for Windows on Oct. 9, 2012, that will make longer key lengths mandatory for all digital certificates that touch Windows systems. ... Internet Explorer won't be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won't be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications."
dgharmon writes with word from the BBC that "A U.S. hacker who sold access to thousands of hijacked home computers has been jailed for 30 months. Joshua Schichtel of Phoenix, Arizona, was sentenced for renting out more than 72,000 PCs that he had taken over using computer viruses." Time is cheap: Schichtel admitted to giving access to those 72,000 computers for $1500.
AdmiralXyz writes "Even the darkest corners of the internet aren't immune to the Web 2.0 boom: BoingBoing reports that 4chan is working on the largest codebase update in its history. The new 4chan will include as standard the functionality of popular browser plugins for using the site, as well as a JSON API so- hooray?- anyone can have immediate access to the contents of 4chan for any purpose they like. This represents a significant update to the heretofore haphazard development process of 4chan, and opens up the possibility of third-party 4chan apps... though probably not on the App Store."
king.purpuriu writes "I'm a computer science high school student, and I'm looking for some work in IT freelancing. I have had a interest in computers and programming for a while, and I began learning on my own before high school. I would like to gain some experience (e.g. what the bulk of the jobs in various markets require, various technologies/frameworks and their usage) and possibly make some money on the side (not expecting too much; at this point, any non-negative amount will do). Key areas are web development, app programming and scripting. What solutions do you recommend? Any tips or tricks of which I should be aware? How should I deal with payment (in terms of fees and commissions; I'm from European country), and what type of work should I seek out? I would also be willing to do some small stuff for free in order to gain experience (small, static sites, small scripts, etc.)."
mpol writes "In the past, WhatsApp has been criticized over their insecure use of XMPP. Recently, new versions of their app have incorporated encryption. It seems the trouble isn't over yet for WhatsApp and its users. Sam Granger writes on his blog that WhatsApp is using IMEI numbers as passwords. This is at least the case with the Android app, but other platforms are probably using similar methods. Since someone's IMEI number is easily readable, this isn't really secret information that should be used for authentication."
mbone writes "A very interesting paper (PDF) has just hit the streets (or, at least, Physics Review Letters) about the Heisenberg uncertainty relationship as it was originally formulated about measurements. The researchers find that they can exceed the uncertainty limit in measurements (although the uncertainty limit in quantum states is still followed, so the foundations of quantum mechanics still appear to be sound.) This is really an attack on quantum entanglement (the correlations imposed between two related particles), and so may have immediate applications in cracking quantum cryptography systems. It may also be easier to read quantum communications without being detected than people originally thought."
First time accepted submitter brocket66 writes with this excerpt from BGR: "Three major revisions of Google's Android operating system have launched since the company released Android 2.3 more than 21 months ago in December 2010, but Gingerbread is still the most widely used version of Android by a wide margin. A study conducted early this year by graphic designer Chris Sauve projected that based on Android adoption trends up to that point, Android 2.3 Gingerbread would be the dominant version of Android in 2012 despite the fact that Android 3.0 Honeycomb and Android 4.0 Ice Cream Sandwich had already been released. Now, as the fourth quarter of 2012 approaches, data from Google's Android version distribution tracker confirms once again that those projections were accurate."
New submitter trokez writes "Symantec has monitored the activities of a group using a specific trojan (Hydraq/Aurora) since 2009. The particular group has been connected (by Symantec) to the attack on Gmail in China, but also other high-profile attacks. 'These attackers have used a large number of zero-day exploits against not just the intended target organization, but also on the supply chain manufacturers that service the company in their cross hairs. These attackers are systematic and re-use components of an infrastructure we have termed the "Elderwood Platform." The term "Elderwood" comes from the exploit communication used in some of the attacks. This attack platform enables them to quickly deploy zero-day exploits.' The attacks seems to focus on industry espionage, with the defense industry and its suppliers at the focus."
chicksdaddy writes "A malicious software researcher finds herself in company with First Lady Michelle Obama and science fiction author Neil Gaiman: booted from the Web by hard-headed copyright protection algorithms, according to the Naked Security blog. Mila Parkour, a researcher who operates the Contagio malware blog, said on Thursday that she was kicked off the cloud based hosting service Mediafire, after three files she hosted there were flagged for copyright violations and ordered removed under the terms of the Digital Millennium Copyright Act (DMCA). The files included two compressed and encrypted malicious PDF files linked to Contagio blog posts from 2010. The firm responsible for filing the DMCA take down notice was Paris-based LeakID, which describes itself as a 'digital agency ...founded by experts from the world of radio, television and Internet.' LeakID markets 'Leaksearch,' an 'ownership tool that will alert you within seconds if your content...is being pirated.' According to Parkour, Mediafire received a notice from LeakID claiming that it was 'acting on behalf of the copyright owners,' though the owners and presumed copyrighted content weren't named."
This presentation was given by Joshua Corman at CodenomiCON 2012 in Las Vegas, an invitation-only security mini-conference sponsored by the pen-testing company Codenomicon that ran concurrently with Black Hat USA 2012. Josh is Director, Security Intelligence, for Akamai, and is one of the instigators of Rugged Software. He sympathizes with Anonymous more than with corporate or government forces that are determined to bring order to everything, including the Internet, on their terms. We have no transcript for this video since we only have permission to embed it, not to alter or add to it. But it's well worth watching, including the accompanying slides. And if Joshua Corman is speaking anywhere near you, it's well worth your time to go see him.