Cody Taylor

narramissic writes “A report released Friday by a group of cyber-security experts from greylogic finds it is very likely that the Foreign Military Intelligence agency (the GRU) and Federal Security Service (the FSB) directed cyber attacks on Georgian government servers in July and August of 2008. ‘Following a complex web of connections, the report claims that an Internet service provider connected with the Stopgeorgia.ru web site, which coordinated the Georgian attacks, is located next door to a Russian Ministry of Defense Research Institute called the Center for Research of Military Strength of Foreign Countries, and a few doors down from GRU headquarters.’ But Paul Ferguson, a researcher with Trend Micro who has reviewed the report, says it’s a ‘bit of a stretch’ to conclude that the Georgia attacks were state-sponsored. ‘You can connect dots to infer things, but inferring things does not make them so,’ he said. One other interesting allegation in the report is that a member of the Whackerz Pakistan hacking group, which claimed responsibility for defacing the Indian Eastern Railway Web site on Dec. 24, 2008, is employed by a North American wireless communications company and presents an ‘insider threat’ for his employer.”

Read more of this story at Slashdot.

Beezlebub33 writes “A new petition has been filed under the GSNO (Generic Names Supporting Organization) of ICANN to create a new constituency the CyberSafety Constituency. Existing constituencies include ‘Commercial and Business,’ ‘gTLD,’ ‘Registrars,’ ‘Non-commercial,’ etc. The new proposed one on CyberSafety is in the ‘interest of balancing free speech and anonymity with the values of protection and safety in developing Internet policy within ICANN.’ If that doesn’t raise red flags all by itself, consider that the person submitting it is Cheryl B. Preston. She’s listed in the petition with the organization Brigham Young University, but she’s part of CP80. She’s suggested limiting content on port 80 to the ‘right’ things, and other stuff can go on other ports, so it can be appropriately filtered by the authorities. Guess who gets to decide what goes on which ports?”

Read more of this story at Slashdot.

Eukariote writes “A paper and exploit code detailing a privilege escalation attack on Intel CPUs has just been published. The vulnerability, uncovered by security researchers Joanna Rutkowska (of Blue Pill fame), Rafal Wojtczuk, and, independently, Loic Duflot, makes use of Intel’s System Management Mode (SMM). Quote: “The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM.” The implications of this exploit are severe.”

Read more of this story at Slashdot.

CWmike writes “Internet Explorer 8 has shipped in its final version and is ready to take on its rivals. Preston Gralla reviewed it and says the latest version of Microsoft’s browser leapfrogs its closest competition, Firefox 3, for basic browsing and productivity features — it has better tab handling, a niftier search bar, a more useful address bar, and new tools that deliver information directly from other Web pages and services. IE8 has also been tweaked for security and includes a so-called ‘porn mode,’ new anti-malware protection, and better ways to protect your privacy. The most noticeable new features? Accelerators and Web Slices. Think of an Accelerator as a mini-mashup that delivers information from another Web site directly to your current browser page. Web Slices deliver changing information from a Web page you’re not actively visiting directly to IE8. There’s one big problem for many, though. No add-ins, and there doesn’t appear to be such an ecosystem on the horizon. So if you’re a fan of add-ins and customizing the browser itself, writes Gralla, Firefox is superior. But for the actual browsing experience, IE8 has the upper hand — for now.”

Read more of this story at Slashdot.

Iran has become the latest country to edge towards ditching Windows in favour of Linux, even if its refusal to abide by copyright laws means that the country does not pay a penny to Bill Gates.

snydeq writes “The Electronic Privacy Information Center filed a 15-page complaint asking the FTC to force Google to stop offering online services that collect data until the presence of adequate privacy safeguards is verified. The EPIC also wants Google to disclose all data loss or breach incidents, citing several incidents where data held by Google was at risk, the most recent of which occurred earlier this month with its Google Docs. The EPIC complaint [PDF] also listed other security flaws in Gmail and Google Desktop, a desktop indexing program, and urged Google to donate million to a public fund that will support research into technologies such as encryption, data anonymization and mobile location privacy.” EPIC has raised privacy concerns about Google before, and about Windows XP as well.

Read more of this story at Slashdot.

angry tapir writes “Diebold has released a security fix for its Opteva automated teller machines after cyber-criminals apparently broke into the systems at one or more businesses in Russia and installed malicious software. Diebold learned of the incident in January and sent out a global security update to its ATM customers using the Windows operating system. It is not releasing full details of what happened, including which businesses were affected, but said criminals had gained physical access to the machines to install their malicious program. Arrests have reportedly been made.”

Read more of this story at Slashdot.

1 a bee writes “With the White House claiming national security grounds for failing to release ACTA related information, including negotiating documents and even the list of participants, the spotlight is now on just who does have access. Turns out, according to James Love, hundreds of advisers, many of them corporate lobbyists, are considered ‘cleared advisers.’ The list looks a who’s who of captains of industry.”

Read more of this story at Slashdot.

Lorien_the_first_one brings word that in Europe, a breakthrough for post-4G communications has been announced. A public-private consortium known as IPHOBAC has been developing new communications technology that is near commercialization now. Quoting: “With much of the mobile world yet to migrate to 3G mobile communications, let alone 4G, European researchers are already working on a new technology able to deliver data wirelessly up to 12.5Gb/s. The technology — known as ‘millimeter-wave’ or microwave photonics — has commercial applications not just in telecommunications (access and in-house networks) but also in instrumentation, radar, security, radio astronomy and other fields.”

Read more of this story at Slashdot.

Apple on Thursday evening made available to its developer community yet another pre-release of Mac OS X 10.5.7, which stands to be the seventh maintenance and security update to the company’s Leopard Operating system in less than 18 months.