A programmer writing trojans for the Swiss government has published his code to open source.
Ruben Unteregger has worked for a long time as a software-engineer for the Swiss company ERA IT Solutions. His job there was to code malware that would invade PCs of private users, and allow the wiretapping of VoIP calls — in particular, calls made through Skype. In the German-speaking areas of the country, the Trojans were called ‘Bundestrojaner’ because the Swiss government was involved with their development and use.
Surveillance blimps provide an eye in the sky.
The US Army this week showed off its latest high-tech blimp laden with powerful radar systems capable of detecting incoming threats 340 miles away. The helium-filled blimps or aerostats are designed to hover over war zones or high-security areas and be on guard for incoming missiles or other threats… the $1.4 billion JLENS is a large, unpowered elevated sensor moored to the ground by a long cable… they can stay aloft up to 30 days at a time providing 24-hour per day coverage over an extended area… aerostat with round-the-clock video and sound surveillance capability was parked several thousand feet above Kabul to monitor last week’s elections in Afghanistan… Military scientists in April got the go ahead to build a roughly 1/3-scale model of a stratospheric airship that if completed in-scale will basically house a floating 15-story radar system capable of detecting and tracking everything from small cruise missiles and unmanned aerial vehicles to soldiers and small vehicles under foliage up to 300 kilometers away.
Lots of coverage of a hacking ring that allegedly stole at least 130m accounts from big retail companies.
Albert Gonzalez, 28, of Miami, who once worked with the US secret service, is accused of working with two unidentified Russian conspirators to hack into the databases of retail chains, selling the information around the world… Gonzalez — known online as “soupnazi” — was formerly employed by the US secret service to track down hackers, but was found to have been passing information on investigations to criminals… They used an SQL injection attack to steal the data and used computers in California, Illinois, New Jersey, Latvia, Ukraine, and the Netherlands for storing malware and stolen data and launching attacks… They also allegedly installed backdoors and sniffers to intercept data in real time as it was processed by the victims and tried to hide their actions by accessing the victim networks through proxy computers, modifying their software so as to evade detection by antivirus programs and programming it to delete traces of the malware from victim networks, according to the indictment… Mr. Gonzalez had lived a lavish lifestyle in Miami, once spending $75,000 on a birthday party for himself…
Security breach at Network Solutions, the original global domain name registrar.
Network Solutions is investigating a breach on its servers that may have led to the theft of credit card data of 573,928 people who made purchases on… 4,343 of its nearly 10,000 e-commerce sites… It affects 573,928 cardholders whose name, address, and credit card number were exposed between March 12 and June 8… Credit card transactions were intentionally diverted by an unknown source from certain Network Solutions servers to servers outside… Affected consumers will get 12 months of free credit-monitoring services.
Research (pdf via Schneier) arguing that a six-digit PIN is the optimal web password provided a ‘three-strikes’ rule is in place.