Weekly brief October 26, 2009


The Guardian newspaper's website (which has a large US readership) found itself compromised, and said that approximately half a million users' data may have been put at risk. However, the US site wasn't affected.

The Chinese are spying more than ever in cyberspace according to a report released by a Congressional Advisory Panel. In an apparently unrelated event, China's top military intelligence official visited the US and bemoaned the Pentagon's leaking of information about a Chinese submarine that shadowed a US aircraft carrier in 2006.

The FTC has fined data brokerage firm ChoicePoint US$275 000 for a breach last year that exposed the personal information of 13 750 people.

Roane State Community College lost the names and social security numbers for almost 11 000 people on a stolen data storage device. 5000 social security numbers, without accompanying names, were also lost.


Nigeria, long a center for 419 scammers, has apparently shut down 800 scam websites in an operation called 'Project Eagle Claw'.

The FBI is working with the UK's Serious Organised Crime Agency to try and hit cybercrime operators, including malware writers, bulletproof hosting services, and digital currency exchanges. The latter serve as money exchange services for the black economy.


Joseph Hatfield and Jahmeelah Sullins of Sacramento, CA, were charged with credit card fraud after using more than 100 cloned cards to steal more than $50 000.

Gregory William Fair of Falls Church, Virginia has been given a 41-month sentence for selling pirated software on eBay.


UCSniff, a tool that monitors VoIP and video conversations, now lets users do so in real time rather than after the call has concluded. That'll be handy for open public WiFi networks, then.

SANS published a neat tool for reversing MD5 and SHA1 hashes using a database of existing pre-compiled values garnered from password databases.


Vulnerability management firm Rapid7 has bought pen testing framework Metasploit.

Keith Alexander finally got the official nomination as director of the National Security Agency, just in time for James Blandford's review of a new book about the NSA. Blanford, who has himself written about the NSA, reviews The Secret Sentry: The Untold History of the National Security Agency.

The White House has just relaunched its site using open source. It chose Drupal for its systems, and was immediately attacked for choosing a system with pages of documented vulnerabilities.

What’s hot on Infosecurity Magazine?