Information Security News
ENMU-R ahead of the curve in cyber security
ENMU is the only two-year college in the state that meets InfoSec certification requirements, a standard set by the Committee on National Security Systems, an agency within the National Security Administration. The certificate program is a 19-credit ...
Using online anonymity services such as Tor or sending encrypted e-mail and instant messages are grounds for US-based communications to be retained by the National Security Agency even when they're collected inadvertently, according to a secret government document published Thursday.
The document, titled Minimization Procedures Used by the National Security Agency in Connection with Acquisitions of Foreign Intelligence, is the latest bombshell leak to be dropped by UK-based newspaper The Guardian. It and a second, top-secret document detail the circumstances in which data collected on US persons under foreign intelligence authority must be destroyed or can be retained. The memos outline procedures NSA analysts must follow to ensure they stay within the mandate of minimizing data collected on US citizens and residents.
While the documents make clear that data collection and interception must cease immediately once it's determined a target is within the US, they still provide analysts with a fair amount of leeway. And that leeway seems to work to the disadvantage of people who take steps to protect their Internet communications from prying eyes. For instance, a person whose physical location is unknown—which more often than not is the case when someone uses anonymity software from the Tor Project—"will not be treated as a United States person, unless such person can be positively identified as such, or the nature or circumstances of the person's communications give rise to a reasonable belief that such person is a United States person," the secret document stated.
by Peter Bright
For the past few months, Firefox alphas have been heuristically blocking certain cookies in a bid to protect user privacy and reduce the amount of online tracking by advertisers. Mozilla has not moved this blocking into the stable builds of its browser, however, because of problems with its effectiveness. The heuristics aren't perfect, so sometimes it blocks cookies it shouldn't block and other times lets cookies through that it should block.
A new project from Stanford University could provide the solution. The Cookie Clearinghouse intends to provide lists of cookies that should be blocked or accepted. Still in the planning stages, it will be designed to work in concert with the heuristics found in Firefox in order to correct the errors that the algorithmic approach makes.
Firefox's algorithm is simple. Essentially, if you visit a domain directly, that domain will be able to set cookies (first-party cookies) and it will continue to be permitted to set cookies even when visited indirectly (third-party cookies). For example, if you visit facebook.com, it will be allowed to set cookies both for explicit visits and whenever other sites embed Facebook content such as like buttons.
Australia's banks quietly swatting trojan
Australia's banks work around the clock to swat malware that steals from customers' accounts. Photo: Simon Rankin. Australia's banks have been quietly working with a Russian security and forensics firm to swat a nasty banking trojan crafted in the ...
Posted by bimal mehta on Jun 20Please unsubscribe me.
LinkedIn had its DNS "hijacked". There are no details right now, but often this is the result of an attacker compromissing the account used to manage DNS servers.But so far, no details are available so this could be just a simple misconfiguration.
The issue has been resolved, but If LinkedIn is "down" for you, or if it points to a different site, then you should flush your DNS cache.
It does not appear that Linkedin uses DNSSEC (which may not have helped if the registrar account was compromissed). Your best bet to make sure you connect to the correct site is SSL. But of course, "owning" the domain may allow the attacker to create a new certificate rather quickly.
As indicated in a comment below (and some twitter messages), other sites are affected as well. Please add a comment if you find any. The fact that multiple site's NS records are affected implies that this may not be a simple compromissed registrar account.
Current, appearantly accurate, DNS replies for LinkedIn:
dig +short A linkedin.com 18.104.22.168 dig +short NS linkedin.com ns4.p43.dynect.net. ns4.linkedin.com. ns3.p43.dynect.net. ns1.p43.dynect.net. ns2.p43.dynect.net. ns1.linkedin.com. ns3.linkedin.com. ns5.linkedin.com. ns6.linkedin.com. ns2.linkedin.com.
Ranks of Romanian cyber cops surge
SC Magazine Australia
The agency competed with local infosec firms to hire the country's famously mathematically-minded youth who would be equally well-equipped to forge a career plundering online transactions, jacking ATMs or hacking corporates. Seasoned cybercrime police ...
Posted by InfoSec News on Jun 20http://www.computerworlduk.com/news/security/3452438/bank-of-england-ranks-cyber-attacks-above-eurozone-crisis-as-biggest-threat/
Posted by InfoSec News on Jun 20http://rt.com/news/search-duckduckgo-popularity-nsa-956/
Posted by InfoSec News on Jun 20http://www.gulf-times.com/qatar/178/details/356891/qatar--%E2%80%98an-interesting-target%E2%80%99-for-cyber-criminals-,-says-security-expert
Posted by InfoSec News on Jun 20http://www.theregister.co.uk/2013/06/19/microsoft_bug_bounty_black_hat/
Posted by InfoSec News on Jun 20http://www.clinical-innovation.com/topics/policy/shasta-regional-slapped-275k-hipaa-fine