Tech News
Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to \"SecurID\" electronic keys from EMC Corp\'s RSA security division, said the person who was not authorized to publicly discuss the matter. It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network that hackers will be unable to penetrate. The Pentagon, which has about 85,000 military personnel and civilians working on cybersecurity issues worldwide, said it also uses a limited number of the RSA electronic security keys, but declined to say how many for security reasons. The hackers learned how to copy the security keys with data stolen from RSA during a sophisticated attack that EMC disclosed in March, according to the source. EMC declined to comment on the matter, as did executives at major defense contractors.
A new report claims that hackers angry at Sony will attempt hacking the company’s data bases again over the weekend. The Sony affair continues to get tangled. Cnet reports that a group of hackers is planning another wave of attacks on company servers, as retaliation for Sony’s handling of the large hack during which details of 100 million clients were stolen. If in that case there isn’t proof that the information was published somewhere, this time hackers are planning to release some of it, or all of it, online. The hackers claim they already have access to some of the company’s servers. It is not yet clear whether these are the same people that hacked company servers originally and Cnet are not saying which group they belong to. Yesterday Sony accused Anonymous by being behind the attempts to harm its servers, but Anonymous deny any association to the hack. The attack on Sony began about three weeks ago, after the company announced it reached a settlement with hacker George Hutz that was partly responsible for the hack of the PlayStation. Sony succeeded in getting Hutz to cease advertising the hack and make a commitment that he will not hack any Sony devices in the future – a compromise that wasn’t acceptable on Anonymous and other groups that claimed Hutz had every right to hack a device he purchased legally.
A massive SQL injection attack campaign has been spotted by Websense researchers, and the number of unique URLs affected by it has risen from 28,000 when first detected yesterday, to 380,000 when the researchers last checked. The injected script redirects users that have landed on the various infected pages to the domain in the script, which then redirects them further to a website simulating an anti-malware check and peddling a rogue AV solution. Both sites are currently offline, say the researchers, but the attackers have started using other domains for redirection, and will likely keep changing them up. The researchers also noted that some iTunes URLs have been injected with the script, but that Apple has done a good job in securing the site against this kind of attacks. "The way iTunes works is that it downloads RSS/XML feeds from the publisher to update the podcast and list of available episodes. We believe that these RSS/XML feeds have been compromised with the injected code. The good thing is that iTunes encodes the script tags, which means that the script doesn\'t execute on the user\'s computer," they explained.
IDG News Service - Oracle\'s MySQL.com customer Web site was compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site\'s users. Taking credit for the hack were \"TinKode\" and \"Ne0h,\" who wrote that the hack resulted from a SQL injection attack. They did not provide further details. The vulnerable domains were listed as www.mysql.com, www.mysql.fr, www.mysql.de, www.mysql.it and www-jp.mysql.com. According to a post on the Full Disclosure bug mailing list on Sunday, MySQL.com ran a variety of internal databases on an Apache web server. The information posted included a raft of password hashes, some of which have now been cracked. Among the credentials in a dump of the information posted on Pastebin were passwords for a number of MySQL database users on the server, and the admin passwords for the corporate blogs of two former MySQL employees. The bloggers were former director of product management Robin Schumacher, and former vice-president of community relations, Kaj Arnö. Schumacher is now director of product strategy at EnterpriseDB, while Arnö is now executive vice president for products at SkySQL. Schumacher\'s blog had not been touched since June 2009, Arnö\'s not since January 2010. Oracle, which took control of MySQL with its acquisition of Sun Microsystems in April 2009, did not have an immediate comment. A security company that monitors websites for hacking attacks, Sucuri, advised users with an account on MySQL.com, to change their passwords as soon as possible, especially if they use the same passwords across multiple sites.
The sudden drop in activity of a major spam producer was the result of a larges co-ordinated attack on spammers, it has emerged. At 15:30 GMT on 16 March, a network of spam-producing computers, known as Rustock, suddenly stopped. Raids on the network\'s infrastructure were trigged by a long-running investigation by Microsoft. During raids, servers that acted as Rustock\'s command and control systems were seized. In 2010, the Rustock botnet - a collection of infected machines - was the most prolific producer of spam on the internet, at its peak accounting for nearly half of all spam sent globally - some 200 billion messages a day. Click Comments to see full story.
The release of Internet Explorer 9 beta garnered a lot of attention and positive reviews. Cribbing from Chrome\'s UI and significantly boosting speed over previous iterations of the browser, IE9 looks like a real winner. Too bad Microsoft left Windows XP users — more than half of all Windows users — out in the cold. In a statement to The Register, Ryan Gavin, senior director of IE business and marketing, said Windows XP users couldn\'t download IE9. Not now; not ever. Instead, Microsoft plans to \"continue to focus on how we do a great job with Windows 7,\" Gavin said. (Msnbc.com is a joint venture of Microsoft and NBC Universal.) According to recent stats, Windows XP represents the vast majority of the OS market with more than 53 percent. Windows 7 has only 22 percent. The roadblock here is that XP doesn\'t have the capabilities required to support thehardware acceleration and HTML5 features of IE9. The hardware acceleration in IE9, according to The Register, comes courtesy of DirectX 10 — an update to the DirectX program that does not run on Windows XP unless it\'s been \"modified.\" But quick Web search shows a handful of sites where DirectX 10 can be downloaded onto machines running XP, which leads me to believe that eventually someone will find a way to dump IE9 on XP, whether Microsoft likes it or not.