Computer Press!

China’s digital onslaught on US systems is not new news. There have always been the lingering questions though if the attacks were from individual hacker groups or if they were state sponsored. Recent Wikileaks documents seem to point to the latter.

According to recent secret cables provided to Reuters, the attacks have been traced back to the military:

“Secret U.S. State Department cables, obtained by WikiLeaks and made available to Reuters by a third party, trace systems breaches — colorfully code-named “Byzantine Hades” by U.S. investigators — to the Chinese military. An April 2009 cable even pinpoints the attacks to a specific unit of China’s People’s Liberation Army.”

Scammers who try to trick victims into downloading fake antivirus software can strike almost anywhere. On Sunday they hit the website of Kaspersky Lab, a well-known antivirus vendor.

Someone took advantage of a bug in a Web program used by the Kasperskyusa.com website and reprogrammed it to try and trick visitors into downloading a fake product, Kaspersky confirmed Tuesday. Kaspersky didn’t identify the flaw, but said it was in a “third-party application” used by the website.

TARING alluringly into the camera with dazzling blue eyes and a rather daring outfit is the Russian student accused of a plot to defraud British and US banks of millions.

Kristina Svechinskaya, 21, has been dubbed the “world’s sexiest computer hacker” after being charged with being part of a gang aiming to steal $223 million. Wearing leather boots and skin-tight jeans, she wept during a court appearance this week. She was expected to appear in court again yesterday, charged with conspiracy to commit bank fraud and false use of passports. If convicted, she could be jailed for up to 40 years.

Microsoft has published The enhanced Mitigation Experience Toolkit (EMET) which is designed to help prevent hackers from gaining access to computer systems.

Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the latest updates have been applied or who get attacked before an update is even available, the results can be devastating: malware, loss of PII, etc.

Security mitigation technologies are designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. EMET allows users to manage these technologies on their system and provides several unique benefits:

A hacker who calls himself Kirllos has obtained and is now offering to sell 1.5 million Facebook IDs at astonishingly low prices — $25 per 1000 IDs for users with fewer than 10 friends and $45 per 1000 IDs for users with more than 10 friends — according to researchers at VeriSign’s iDefense. Looking at the numbers, Kirllos has stolen the IDs of one out of every 300 Facebook users. Information for sale includes login credentials; whether or not the e-mail addresses and passwords are legitimate is currently unknown. Typically, this information would be sold for between $1 and $20 per account, according to data from Symantec. Currently, around 700,000 accounts have been sold. The threads where the accounts are being sold have been removed, as far as we are able to tell.