What happens to say a electricity grid that is managed by SCADA? Is it possible to orchestrate weather based resource terrrorism like the recent event in Brazil? Not a few days ago, a blackout across the southern half of Brazil sends 50 million people into darkness and prompts a major police mobilisation amid fears of an opportunistic crime wave.

Source: http://www.news.com.au/story/0,,26335596-401,00.html

So a “cyber” hacker sits in a remote location, usually outside of the target country itself, finds some holes in the SCADA’s security, and 50 million people are thrown into a state of confusion and fear about their safety. To contextualise this, more than double the Australian population put together was affected by one SCADA system failing to deliver 17000 megawatts.

In Australia, we are heading towards the SCADA control of our electricity grid. What measures are being taken by law enforcement agencies to ensure that our SCADA systems are safe?

What is the risk posed to ‘weather-fragile’ individuals like the elderly and ill, in a seriously hot period of weather when a hacker decides to mount a DOS/malicious attack on a SCADA system?

He is being charged with:

- unauthorised modification of computer data, supply and possession of a computer virus with intent to commit a serious computer offence,
- unlawful possession of a computer system, theft and
- trafficking a controlled substance.

“The arrest has resulted in the acquisition of intelligence which can be utilised to identify further offenders,” said Detective Inspector Jim Jeffrey of SAPOL.

Could this uncover a ring of hackers in Adelaide?

AdeladeNow Story: http://www.news.com.au/adelaidenow/story/0,22606,25923434-5006301,00.html

http://www.wqow.com/Global/story.asp?S=9988833

Technorati Tags: students, hacking, school database

Things to consider to have a fighting chance:

1. Keep your PC up to date. If running Linux, make sure you keep up with the system updates (especially the critical updates). On a Windows box, ensure that Updates are enabled.
2. An anti-virus software must be installed. I suggest AVG. Even on a linux machine you should run anti-virus software to prevent the propagation of viruses to Windows based machines.
3. Install some form of Spyware Removal Tool.
4. It seems Microsoft’s Internet Explorer is at the top of the list of “most hacked” browser. Firefox and Chrome are far less susceptible to attacks, making them safer browsers. Use them instead.
5. Secure your wireless network. Try to use WPA2-PSK at the very least with a more secure pseudo-random generated key. A good key generator is found here.
6. Ensure a firewall of some sort is running. Windows Firewall is the absolute bare minimum.

It seems, after all that, it sometimes comes down to just plain common-sense sometimes. A lot of trojans and viruses make their way into your system when certain executables are run. If you receive a file by email, always check the extension on the file. For example, spears.jpg.vbs is not a picture but a vbscript that could be potentially dangerous.

Technorati Tags: computer hacking, viruses, safe use, firewall, anti-virus, black hat, white hat, secure, passwords

1. Cross-Site Printing (2007 issue)
   
2. CUPS Detection
3. CSRFing the uTorrent plugin
4. Clickjacking / Videojacking
5. Bypassing URL Authentication and Authorization with HTTP Verb Tampering
6. I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)
7. Safari Carpet Bomb
8. Flash clipboard Hijack
9. Flash Internet Explorer security model bug
10. Frame Injection Fun
11. Free MacWorld Platinum Pass? Yes in 2008!
12. Diminutive Worm, 161 byte Web Worm
13. SNMP XSS Attack (1)
    
14. Res Timing File Enumeration Without JavaScript in IE7.0
15. Stealing Basic Auth with Persistent XSS
16. Smuggling SMTP through open HTTP proxies
17. Collecting Lots of Free ‘Micro-Deposits’
18. Using your browser URL history to estimate gender
19. Cross-site File Upload Attacks
20. Same Origin Bypassing Using Image Dimensions
21. HTTP Proxies Bypass Firewalls
22. Join a Religion Via CSRF
23. Cross-domain leaks of site logins via Authenticated CSS
24. JavaScript Global Namespace Pollution
25. GIFAR
26. HTML/CSS Injections - Primitive Malicious Code
27. Hacking Intranets Through Web Interfaces
28. Cookie Path Traversal
29. Racing to downgrade users to cookie-less authentication
30. MySQL and SQL Column Truncation Vulnerabilities
31. Building Subversive File Sharing With Client Side Applications
32. Firefox XML injection into parse of remote XML
33. Firefox cross-domain information theft (simple text strings, some CSV)
34. Firefox 2 and WebKit nightly cross-domain image theft
35. Browser’s Ghost Busters
36. Exploiting XSS vulnerabilities on cookies
37. Breaking Google Gears’ Cross-Origin Communication Model
38. Flash Parameter Injection
39. Cross Environment Hopping
40. Exploiting Logged Out XSS Vulnerabilities
41. Exploiting CSRF Protected XSS
42. ActiveX Repurposing, (1, 2)
43. Tunneling tcp over http over sql-injection
44. Arbitrary TCP over uploaded pages
45. Local DoS on CUPS to a remote exploit via specially-crafted webpage (1)
46. JavaScript Code Flow Manipulation
47. Common localhost dns misconfiguration can lead to “same site” scripting
48. Pulling system32 out over blind SQL Injection
49. Dialog Spoofing - Firefox Basic Authentication
50. Skype cross-zone scripting vulnerability
51. Safari pwns Internet Explorer
52. IE “Print Table of Links” Cross-Zone Scripting Vulnerability
53. A different Opera
54. Abusing HTML 5 Structured Client-side Storage
55. SSID Script Injection
56. DHCP Script Injection
57. File Download Injection
58. Navigation Hijacking (Frame/Tab Injection Attacks)
59. UPnP Hacking via Flash
60. Total surveillance made easy with VoIP phone
61. Social Networks Evil Twin Attacks
62. Recursive File Include DoS
63. Multi-pass filters bypass
64. Session Extending
65. Code Execution via XSS (1)
66. Redirector’s hell
67. Persistent SQL Injection
68. JSON Hijacking with UTF-7
69. SQL Smuggling
70. Abusing PHP Sockets (1, 2)
71. CSRF on Novell GroupWise WebAccess

Technorati Tags: top 70 list, hacking methods, hackers, list

Source: Jeremiah Grossman

The hackers were able to get guest names, credit card numbers and expiration dates as well as data from the card’s magnetic stripe.  That magnetic stripe information, sometimes called a card verification value (CVV) code, is critical if the thieves want to make fake credit cards.

Technorati Tags: network security, hacking, wyndham, credit cards, daisy chain hack

Source: www.networkworld.com

GovTrip is used by several U.S. government agencies, including the EPA and the departments of Energy, Health and Human Services, the Interior, Transportation, and the Treasury, to make travel reservations, as well as to reimburse workers for travel expenses.

You would have to ask why federal agencies would need to expose a travel website to the WWW when they have their own intranets.

Technorati Tags: hacking, hackers, govtrip, government travel website, malicious software

Source: www.computerworld.com

Their research uses a visualisation tool to “view” files in a system being forensically analysed. In this manner, a file that is considered unknowned from its filename can be identified by the way it looks. A MS Word file will look different to say a JPEG file. To do this traditionally would require the analyst to use two viewers.

The researchers  say, “Visualization has the potential to dramatically change the field of computer forensics. Each time we created a new visualization tool there were always surprising insights. Visualizations create windows on data that hasn’t ever been readily visible, much to the dismay of people trying to hide information in the dark corners of a computer.”

Technorati Tags: black hat, computer forensics, Erik Dean, forensic analysis, Greg Conti, military academy, visual forensics

Source: http://www.law.com/jsp/legaltechnology/pubArticleLT.jsp?id=1202428248638

Technorati Tags: dtd, malware, phishing, valentines day, virus

Source: http://www.news.com.au/story/0,,25045134-5015723,00.html

The hackers (presumed from Romania), went public in a blog post. They claimed that after launching a SQL injection attack on Kaspersky’s U.S. support site, they were able to access a customer database that included e-mail addresses and software activation codes.

Roel Schouwenberg,  a Kaspersky senior antivirus researcher,  confirmed that the database was hacked via a SQL injection attack, but he reiterated that only the database’s table labels had been accessed by the hackers, not the data itself. “A more advanced hacker could have gotten access to the information,”  Schouwenberg acknowledged, “including activation codes for the product and e-mail addresses. But that didn’t happen.”

A combination of vulnerable code crafted by an unnamed third-party vendor and poor code review by Kaspersky was to blame, thus an Application Security issue.

Kaspersky has hired Next Generation Security Software Ltd.’s David Litchfield, one of the world’s experts on SQL injection attacks and database security, to do an independent audit of the company’s systems.  Considering that if Kapersky had been using Rational Appscan to look after their site, they would have been notified during a scan of the vulnerability and other issues without having to extend to external “experts” in SQL injection.

SQL Injection seems to be the major choice by hackers to compromise applications through the web frontend. Rational Appscan can test and identify SQL Injection vulnerabilities in a given system being tested.

Technorati Tags: Kapersky Labs, hackers, sql injection, customer data, compromised, breached, anti-virus

Source: www.computerworld.com