*Y'know, maybe the Chinese are TOTALLY INNOCENT and all these misdeeds are being wreaked by sneaky Lithuanian hacker gangs.
*Yeah, uh, right.
From SANS of course:
TOP OF THE NEWS
–Clinton Speech Addresses Internet Censorship/Google
(January 21, 2010)
US Secretary of State Hillary Clinton said in a speech on Thursday,
January 21 that her department will introduce several initiatives aimed
at fighting Internet censorship. It will also develop ways to help
citizens of countries where content is blocked circumvent the barriers
put in place so that they can have unfettered access to information.
Clinton also reiterated the US's intent to file a formal protest over
the alleged attacks that targeted email accounts of human rights
activists and will look to the "Chinese government to conduct a thorough
review" of the attacks against Google.
http://www.nytimes.com/2010/01/22/world/asia/22diplo.html
http://www.computerworld.com/s/article/9146898/Clinton_U.S._gov_t_will_push_harder_against_Web_censorship?source=rss_security
https://www.wired.com/dangerroom/2010/01/secstate-clinton-on-net-freedom-tear-down-this-virtual-wall/
http://www.cnn.com/2010/TECH/01/21/clinton.internet/index.html
–India Says Attack on Government Computers Came From China
(January 19, 2010)
India's security advisor said that Indian government computers were
attacked on December 15, the same day that some US companies reported
having been attacked. The attack on the Indian computers came through
a maliciously crafted PDF file that arrived as an attachment to an
email. A Chinese foreign ministry spokesperson called allegations that
the attack originated in China "groundless."
http://www.cio.in/topstory/report-india-claims-it-was-also-hacked-chinese
http://news.yahoo.com/s/afp/20100119/tc_afp/chinaindiainternettechnologydiplomacy
–Chinese Search Engine Baidu Sues Domain Registrar Following DNS Attack
(January 19 & 20, 2010)
Chinese search engine company Baidu has filed a lawsuit against a US
domain registrar following a DNS attack that redirected computer users
from Baidu's site to a page that claimed the attack was the work of the
Iranian Cyber Army, the same group that launched an attack on Twitter
late last year. The site itself was not harmed in the attack. The
lawsuit alleges gross negligence and seeks damages. The domain
registrar, Register.com, says the suit is entirely without merit.
http://www.theregister.co.uk/2010/01/20/baidu_dns_hack_lawsuit/
http://www.computerworld.com/s/article/9146218/China_s_Baidu_sues_US_domain_registrar_after_hack?source=rss_security
http://news.cnet.com/8301-1023_3-10437763-93.html
–Researchers Finds Evidence in Attack Code Used on Google That
Points to China
(January 19, 20 & 21, 2010)
A security researcher says he has found evidence linking the recent
attacks on Google to China. Analysis of the software used in the
attacks revealed that it contains an algorithm from a Chinese technical
paper that was published only on Chinese-language websites.
http://www.nytimes.com/2010/01/20/technology/20cyber.html?ref=technology
http://gcn.com/articles/2010/01/20/google-china-cyber-attacks.aspx
http://www.computerworld.com/s/article/9146239/Security_researcher_IDs_China_link_in_Google_hack?source=CTWNLE_nlt_dailyam_2010-01-20
http://www.theregister.co.uk/2010/01/21/aurora_attack_origins/
http://www.secureworks.com/research/blog/index.php/2010/1/20/operation-aurora-clues-in-the-code/
–Microsoft Issues Out-of-Cycle Patch for Zero-Day IE Flaw Used
in Google Attacks
(January 21, 2010)
Microsoft has released an emergency, out-of-cycle patch to fix the
zero-day memory corruption vulnerability in Internet Explorer (IE) that
was used in attacks against Google and other US companies in the last
few weeks. At first, the vulnerability was limited to attacks on IE 6,
but the code has been modified so that it presents a threat to newer
versions of the browser as well; Symantec is reporting that malicious
code attempting to exploit the vulnerability has been detected on
hundreds of websites. Microsoft has acknowledged that it first learned
of the vulnerability last August.
http://www.theregister.co.uk/2010/01/21/ie_emergency_patch_released/
http://www.computerworld.com/s/article/9147058/Microsoft_patches_IE_admits_it_knew_of_bug_last_August?source=rss_security
http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx
[Editor's Note (Northcutt): We depend on vendors like Microsoft to
develop safe software and release a patch in a timely faship when a
critical vulnerability is discovered. To have known about this in August
and not to have patched it is a breach of trust with their customers.
That said, Microsoft and Adobe are clearly not going to change. How many
years have we been reading about vulnerabilities in Internet Explorer?
Prudent businesses need to start thinking about a backup plan, an
alternative to today's massively complex Internet browser based
services, for instance a browser that does not support any scripting.
When Firefox was first released, it did not support Active X and yet it
survived and prospered, I am able to do most things with NoScript, but
NoScript is a plugin in another massively complex piece of software
(Firefox) that also has had a large number of vulnerabilities. A display
only browser might be an idea whose time has come.]
