Weekly brief, January 18 2010

A group calling itself the Iranian Cyber Army hacked the DNS entry for Chinese search engine giant Baidu, poisoning it so that it pointed to a defaced site. And Germany's BerliOS open source portal also got hit, although that attack actually changed the home pages on its own servers. The attackers accused the open source consortium of not investing enough in security measures.

ATM skimming is on the rise, according to reports. Banks in North Carolina and Florida got hit. 300 members of Raleigh's State Employees Credit Union had their accounts pilfered after skimming devices grabbed their credit card details.

Lincoln National Corporation has reported that up to 1 200 000 individuals' records were rendered vulnerable to compromise thanks to flaws in the portfolio information systems run by its subsidiaries. Employees were sharing user names and passwords, the firm found.

Researchers have cracked a much more recent version of A5, the GSM encryption standard. A5/3, which hasn't gone into commercial use yet, is open to a theoretical attack, they say, although it would be more difficult to implement practically because of the large number of plaintexts that would need to be collected.

Porn dialers are coming back - this time to mobile phones, according to researchers from CA. This technology, which used to hit computer users with dial-up modems, is now being used to send high-cost SMS messages to attackers' accounts from mobile devices.

Oracle patched 24 critical vulnerabilities in its January Critical Patch Update. Conversely, Microsoft released just one software update for its patch Tuesday release this month. It fixed a vulnerability in the embedded OpenType font engine that could allow remote code execution. However, it confirmed a hole in Internet Explorer that was used in zero-day attacks against various technology companies, including Google.

Researchers at clearing house and directory services firm Neustar worked with ISPs to take down the Lethic botnet.

US school districts are being increasingly targeted by cybercriminals, say reports, which say that New York's Duanesburg district was the victim of an attempted attack earlier this month. Perhaps they should use more encryption - a global survey from Check Point found that only 27% of respondents used the technology to protect their data. We certainly hope that Kaiser Permanente's Northern Californian branch did. It had to write and apologize to 15 500 customers after an employee took their records home on an external drive - and had it stolen from their car. Information on the drive included full name and Kaiser Permanente medical record number, and depending on the individual, may have included other information such as their date of birth or age, gender, phone number, and date and other general information related to their care and treatment, the sheepish firm said.

Talking of encryption, Google is now defaulting to SSL connections for its Gmail service. But it still isn't doing that for Google Docs and Spreadsheets.

What’s Hot on Infosecurity Magazine?