ISD Podcast Episode 154 for June 17, 2010. This podcast is our contribution back to the community where we will discuss the vulnerabilities of interest, information security related news hopefully providing you a few laughs and a little knowledge.
Announcements:
MyHardDriveDied.com:
- MHDD Data Recovery Class current dates and locations:
- Atlanta, GA – July 12th-16th
- Dallas, TX – October 11th – 15th
- Washington, DC – December 6th – 10th
- Cost is $3500 for all classes to reserve and register, call (678) 445-9007, email: smoulton@nicservices.com or go to http://www.myharddrivedied.com Use the Discount Code: isdpodcast for a $300 discount.
SANS Mentoring Program:
- Jason Lawrence will also be putting on the SANS Mentor Forensics 508 – Computer Forensics and Investigations course in Sandy Springs starting Tuesday, October 12, 2010 – Tuesday, December 14, 2010 (http://www.sans.org/mentor/details.php?nid=21538). Use the Discount Code: isdpod15 for a 15% discount.
Atlanta ISSA:
- ISSA International Conference – September 16, 2010 (http://www.issa.org/page/?p=105)
- SANS 560: Network Penetration Testing and Ethical Hacking – September 17-22, 2010 (http://www.sans.org/atlanta-2010-cs2/description.php?tid=3142)
- SANS 577: Virtualization Security Fundamentals – September 17 & 18 (http://www.sans.org/atlanta-2010-cs2/description.php?tid=3807)
9am-5pm US ET
Hilton Atlanta Airport Hotel
1031 Virginia Avenue
Atlanta, GA 30354
Ohio Information Security Forum:
Event Date: July 10th, 2010
Location: SCC Research Park, Auditorium
Time: 8:30AM-5:30PM
Friends of the Podcast:
Webhosting services: WebSpeedway
Student Hacker Information Technology Podcast: ShitCast
ChrisJohnRiley: http://blog.c22.cc
Stories of Interest:
News item 1: http://news.techworld.com/security/3226965/fake-facebook-app-hands-over-access-to-your-profile/
A rogue Facebook app is spamming newsfeeds and tricking users into handing over profile access. According to security firm Sophos, hundreds of thousands of Facebook users have already fallen victim to the rogue application, this one identified as a video claiming to show a teacher nearly killing a boy.
With the lure of the message “Teacher nearly kills a 13-year-old boy. SHOCKING!,” the rogue app can take control over the victim’s Facebook profile page and spread by appearing on the victim’s Facebook wall, according to security company Sophos.
News item 2:http://www.msnbc.msn.com/id/37703822/ns/local_news-indianapolis_in/
Computer hackers accessed the home e-mail account of Indiana University South Bend’s arts dean over the weekend and sent dozens of e-mails to students and others containing links to a drug designed to treat sexual dysfunction.
Arts dean Marvin Curtis says he noticed the problem Saturday and placed a notice on his Facebook wall to alert friends that he had found a computer virus on his laptop and that e-mails linking to Viagra marketing sites were not from him. Curtis says he has downloaded antivirus software and hopes that fixes the problem.
News item 3: http://www.prisonplanet.com/new-bill-gives-obama-kill-switch-to-shut-down-the-internet.html
The federal government would have “absolute power” to shut down the Internet under the terms of a new US Senate bill being pushed by Joe Lieberman, legislation which would hand President Obama a figurative “kill switch” to seize control of the world wide web in response to a Homeland Security directive.
Lieberman has been pushing for government regulation of the Internet for years under the guise of cybersecurity, but this new bill goes even further in handing emergency powers over to the feds which could be used to silence free speech under the pretext of a national emergency.
“The legislation says that companies such as broadband providers, search engines or software firms that the US Government selects “shall immediately comply with any emergency measure or action developed” by the Department of Homeland Security. Anyone failing to comply would be fined,” reports ZDNet’s Declan McCullagh.
The 197-page bill (PDF) is entitled Protecting Cyberspace as a National Asset Act, or PCNAA.
Technology lobbying group TechAmerica warned that the legislation created “the potential for absolute power,” while the Center for Democracy and Technology worried that the bill’s emergency powers “include authority to shut down or limit internet traffic on private systems.”
The bill has the vehement support of Senator Jay Rockefeller, who last year asked during a congressional hearing, “Would it had been better if we’d have never invented the Internet?” while fearmongering about cyber-terrorists preparing attacks.
The largest Internet-based corporations are seemingly happy with the bill, primarily because it contains language that will give them immunity from civil lawsuits and also reimburse them for any costs incurred if the Internet is shut down for a period of time.
