Defense in Depth

One year ago, the Estonian government moved a war memorial honoring Russian-Estonians who died fighting the Nazis, a move that may have triggered what some believe is the first instance of a sustained, international cyberwar.

Now, Gadi Evron, a former Israeli Government CERT manager who was in Estonia at the time of the attacks, has revisited the events with an article in the Georgetown Journal of International Affairs and reprinted here online (PDF).

Evron said what could be described as a "flash mob" created the disturbances in the Estonian Internet during May 2007. "Not only did the … Read more

For years, biometric finger scanners have been used in ATMs and at the cash register. But there are problems with finger scanners. Researchers have demonstrated how a flat photograph or molded fingertip can easily fool these devices into giving a false approval. And while face recognition is improving, especially 3D facial mapping, these devices aren't yet in wide use today.

Fujitsu PalmSecure is another option. Already in use in hospitals and government offices, the device reads the hand's vein pattern using near-infrared light. On this week's Security Bites podcast, I spoke with Joel Hagberg, vice president of … Read more

In a joint operation with Romanian authorities on Monday, U.S. Department of Justice officials announced racketeering and other charges against 38 individuals living in the United States and Romania.

In addition, the Justice Department executed nine arrest warrants, while Romanian authorities simultaneously executed several search warrants. Total losses associated with today's arrests and charges, unsealed in California and Connecticut, are said to be in the millions of dollars.

Speaking in Bucharest, Romania, Deputy Attorney General Mark R. Filip stressed the importance of multinational agencies working together to fight international crime.

Filip said the nine people arrested were charged … Read more

A new attack on PayPal could have allowed users who thought they were on a trusted page to access a fraudulent page and possibly expose personal information. On Friday, Finnish researcher Harry Sintonen reported the vulnerability on an IRC chat room.

In an interview with Netcraft, Sintonen said the issue was critical. "You could easily steal credentials." He added that in this case you can't trust the URL http://www.paypal.com.

A few weeks ago PayPal announced it would block users whose browsers did not support EV SSL. Sintonen, who is credited with finding an XSS attack on Barack Obama's Web site … Read more

Visitors to AOL's main portal page may have seen a headline "Disgraced 'Oprah' Author Is Back" circulating, but those who clicked may have infected their computers, says Roger Thompson, Chief Research Officer of AVG Technologies.

Thompson said anyone clicking on the headline link would be taken to a legitimate forum page discussing James Frey's latest book, Morning. However, some of the blog posts on that page contained a link to a video site. In order to view the video associated with that post, the user would have to accept the installation of the video codec.

Upon … Read more

While Operation CyberStorm is intended to improve our ability to defend against a foreign cyberattack, the Air Force is talking openly about our ability to launch a preemptive attack in cyberspace.

In the May 2008 issue of Armed Forces Journal, Col. Charles W. Williamson III wrote that "America needs a network that can project power by building an af.mil robot network (botnet) that can direct such massive amounts of traffic to target computers that they can no longer communicate and become no more useful to our adversaries than hunks of metal and plastic. America needs the ability to … Read more

Following the February 5 presidential primary, several county clerks in New Jersey asked an independent researcher to study the vote results on the state's electronic voting machines. The vendor, Sequoia, has threatened legal action, but so far hasn't taken any. Initial results suggest that there were some inconsistencies in vote tallies, although none were enough to reverse the election results themselves.

Since last year, several states have requested audits of electronic voting systems. In California, the audits resulted in some systems being scrapped for the 2008 presidential primaries. As we turn our attention to the fall 2008 presidential … Read more

Recent attacks on legitimate Web sites may have left some end users vulnerable. But on Monday, Check Point Software Technologies released ZoneAlarm ForceField, which might provide some with the safe surfing protection they need.

ZoneAlarm ForceField sells for $29.95 (for a single user license) or $49.95 (for a three-user license) and currently works only with Internet Explorer 7, Firefox 2, and the Firebox 3 beta. In tests at CNET, ZoneAlarm ForceField did not work with Apple Safari for Windows or Opera 9. Installation doesn't require a reboot. When you open your Internet browser, the edges will be … Read more

Spammers are going legit, and they're using Yahoo e-mail authentication servers to do it, said Mark Sunner, chief security analyst with MessageLabs.

Most people use the Web interface for Yahoo Mail, which attaches a banner of advertising on the e-mail somewhere within the message. Yahoo also provides a service, Yahoo Plus, that allows the sender to use SMTP and traditional e-mail clients such as Outlook Express or Thunderbird. Mail sent via SMTP passes through Yahoo's servers, signing the mail as legit using the Yahoo Domain Keys Identified Mail (DKIM) service.

What this does is strip out the usual … Read more