Image Source : Silicon.com

London: A group of computer scientists have come up with a system that deciphers the templates a botnet uses to create spam, and these templates are then used to teach spam filters what to look for. This can be used to block the most common kind of spam.

Most spam messages originate in networks of compromised computers, called botnets, and owners are unaware that the machines quietly run malicious software in the background that pump out spam, reports New Scientist. But researchers have now come up with a system that deciphers the templates a botnet is using to create spam, and these templates are then used to teach spam filters what to look for.

The system, developed by a team at the International Computer Science Institute in Berkeley, California, and the University of California, San Diego, works by exploiting a trick that spammers use to defeat email filters. As spam is churned out, subtle changes are typically incorporated into the messages to confound spam filters. Read more ……

More News at KRISARU News

Microsoft Corp. on Thursday released a patch to protect Internet Explorer users from attacks like “Operation Aurora” which targeted Google Inc.’s China business and caused widespread Internet panic.

“This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer,” the world’s largest software company said in a statement on its Web site.

This security update includes all supported versions of the Internet Explorer browser, and will be automatically installed for the majority of customers who have enabled automatic updating. Read more ……

More News at KRISARU News

Google China Hacking | Image Source : technology.timesonline.co.uk

A coordinated hacking campaign targeting Google, Adobe Systems and more than 30 other companies raises serious concerns, U.S. Secretary of State Hillary Clinton said Tuesday.

In a statement released late Tuesday night, Clinton said that the U.S. government is taking the attack — which Google said came from China — very seriously. “We have been briefed by Google on these allegations, which raise very serious concerns and questions,” she said. “We look to the Chinese government for an explanation.”

Sources familiar with the situation say that more than 30 U.S. companies, including Adobe Systems, were hit by this targeted attack, which Google first discovered in mid-December. Using an attack that exploited an unpatched bug in widely used software, the attackers were able to gain footholds in these companies and siphon out valuable intellectual property.

In Google’s case the attackers also gained access information about the e-mail accounts of Chinese dissidents.

Google apparently feels strongly that China is behind the attack because the company said Tuesday that the event helped convince the company that it “should review the feasibility of our business operations in China.”

The company now says it will no longer censor search results on Google.cn, a move that could put it out of business in China.

Google’s competitor, Yahoo, also condemned the attacks. “We stand aligned with Google that these kinds of attacks are deeply disturbing and strongly believe that the violation of user privacy is something that we as internet pioneers must all oppose,” the company said in a statement.

A company spokeswoman declined to say whether or not Yahoo had been hit by the attack as well.

Yahoo doesn’t directly do business in China. It sold its Yahoo! China business to Alibaba.com in 2005, but it is a major shareholder in that company. Read more ……

More News at KRISARU News

Image Source : Siliconindia.com

The millions of Twitter buffs are at dismay as Twitter gets hacked for the fourth time consecutively, this year. The last time it was hacked in August this year, Twitter said in its status blog that it was ‘defending against a denial-of-service attack,’ in which hackers command scores of computers to a single site at the same time, preventing legitimate traffic from getting through. This time the site seems to be hacked by an Iranian Cyber Army.

It marks an already difficult week for Twitter. Its application Twitterfeed had a data migration only this weekl, leaving many users with a reduced service. The new hack is nothing but an added woe. The problem started around one hour back. The site, which has been hacked for the fourth time this year, is offline and the message reads, “This site has been hacked by Iranian Cyber Army.

The message at the bottom of the hacked page, which has been translated by Tech Crunch, goes on to say, “U.S.A. Think they are controlling and managing Internet by their access, but they don’t. We control and manage Internet by our power, so do not try to stimulation Iranian peoples to… NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA? WE PUSH THEM IN EMBARGO LIST Take Care.”

Hacker Halted USA is a complete and comprehensive information security conference, with information security experts from all around the world presenting intriguing topics and discussing global security threats, as well as world class trainers leading top notch security training classes @ Hacker Halted | Academy.

The objective of Hacker Halted is to raise the awareness towards increased education and ethics in information security.

The global series of Hacker Halted is owned by EC-Council, a leading information security certification body, and the creators of the world-renowned Certified Ethical Hacker program as well as other certification programs.

We are proud to announce that some of the most respected information security experts globally are going to be presenting thought provoking sessions at the conference.

Keynote Speakers

Howard Schmidt, CEO of ISF, was the ex-vice chair of the President’s Critical Infrastructure Protection Board and the special advisor for cyberspace security for the White House in December 2001, and then served as chair from January 2003 until May 2003 when he retired. Other high-level security positions he held previously included the top security jobs at eBay and chief security strategist for the U.S. CERT Partners Program of the National Cyber Security Division of the Department of Homeland Security.

Ira Winkler, President of ISAG, is recognized as one of the world’s experts in Internet security, information warfare, information-related crime investigation, and industrial espionage. He is a specialist in penetration testing, where he infiltrates companies, both technically and physically, to find and repair an organization’s weaknesses.

David Litchfield Jnr, Chief Research Scientist of NGS Software, isrecognized as one of the world’s leading authorities on database security. He is the author of Oracle Forensics, the Oracle Hacker’s Handbook, the Database Hacker’s Handbook and SQL Server Security and is the co-author of the Shellcoder’s Handbook. He is a regular speaker at a number of computer security conferences. David is a CHECK team leader and holds SC clearance.

Our impressive list of speakers includes the likes of:

• Michael Malin – EVP, Mandiant
• Mark Harris - Director, Sophos Labs
• Pamela Fusco – Director, FishNet Security
• James Aquilina – Executive Managing Director, Stroz Friedberg
• Peter Berghammer – CEO, Copernio
• Tom Bowers – Managing Director, Security Constructs
• Jeff Bardin – Managing Director, Threadstone 71
• Arshan Dabirsiaghi - Director, Aspect Security
• Yaniv Miron – Independent Consultant
• Iftach Ian Amin – Director, Aladdin
• Edward L. Haletky – AstroArch Consulting
• Tim Pierson – President, DataSentry Inc
• Trey Ford – Director, White Hat Security Inc
• Alex Lanstein – Senior Security Researcher, FireEye Inc
• Paul A. Henry – Forensics & Recovery LLC

and more…

Sanjay Bavisi, President of EC-Council, said, “We are excited by the prospects of having so many superstars within the Information Security domain presenting at our conference. All these bodes well for a truly magnificent and valuable event for our audience.”

Find out more about Hacker Halted USA 2009 HERE. Register early to enjoy attractive discounts. Hackers Are Ready. Are you?

Hacker Halted Academy offers some of the most sought after information security certification and technical training classes, led by world class trainers. Make Miami your next destination to be certified, to obtain quality information security knowledge and the place to enhance your technical skills.

EC-Council Certified Members Enjoy Special Discounts!

Click HERE to find out more about Hacker Halted | Academy.

List of training classes available:

1. Ethical Hacking & Countermeasures
2. Advanced Penetration Testing
3. Computer Hacking Forensic Investigations
4. Secure Coding and Application Security
5. CISSP Exam Prep
6. CISM Cyber Kung Fu
7. CISA Exam Prep
8. IT Risk Management & Governance Certification
9. Ultimate Hacking
10. Ultimate Hacking Wireless
11. IAM/IEM Standards
12. Implementing ISO 27001
13. Web Application Hackers Course
14. Advanced Application Security Testing
15. Building Secure Web Services
16. Incident Response: Real Cases, Real Solutions

Register early and enjoy attractive discounts. Participants of Hacker Halted | Academy will also receive a free conference pass to Hacker Halted USA conference. So hurry! Register now.

Hackers Are Ready. Are you?

Source: Hacker Halted Pressroom