"Israeli hackers boasted Thursday about breaking into the website of Izz al-Din al-Qassam, Hamas military wing, which now displays a white screen and words in Arabic announcing technical difficulties. The hacker group, which calls itself Fanat al-Radical (the fanatical radicals), also said that it broke into additional terror organizations sites and those of various leftist movements. In a Ynet interview, a group representative who refused to reveal his name said, We searched for relevant sites with the criteria we look for, whether leftist or anti-Zionist, and looked for loopholes. Our emphasis was always on the al-Qassam site. "The criteria are defined as anti-Zionist or anti-Jewish sites that support or assist in harming Zionism and the existence of Israel as a Zionistic, Jewish state."
The message they left :
"Hacked by XcxooXL and FENiX from Fanat Al Radical Greets: Sn4k3 Contact: Fanat.al.Radical@gmail.com "
These script kiddies using SQL injection vulnerabilities within the affected sites, since they indeed managed to deface several other as well, seem to have also participated in the 2006 cyber conflict sparkled due to the the kidnapping of three soldiers. One of their defacements remains still active (aviv.perffect-x.net/deface.html)
"We will stand against the Islam until the kidnapped soldiers, Gilad Shalit, Eldad Regev and Ehod Goldvaser will be return, We will attack arabic servers and site which support the Islam and protest against the zionism"
What if every script kiddie with a SQL injection scanners goes into politics? It's a mess already.
A technology director who was fired from her job has been accused of hacking in to the organ donation company where she worked and deleting donor information and accounting files.
22:33 Tech heavyweights launch security response consortiumInteresting bit of news coming out of the FIRST Conference in Vancouver today: Five big-name IT firms have created a non-profit consortium aimed at “proactively driving excellence and innovation in security response.”
The group — called ICASI (Industry Consortium for Advancement of Security on the Internet) — counts Cisco, IBM, Intel, Juniper Networks and Microsoft Corp [...] >>>
20:35 OMG: 30 years of AD&DI just had a startling realization: This weekend marks thirty years that I’ve been playing Advanced Dungeons and Dragons. How do I know? Because this weekend is my birthday and I spent all of my birthday money from my 12th birthday on buying the only D&D book that was out at the [...] >>>
Often, when you see me blogging, Im talking about the important work we do with the researcher community. However, in addition to work with researchers, were always looking for ways to foster work with others in the industry and share best practices.
As I sit here today at the annual FIRST Conference and think about the future of security response, Im excited to tell you about ICASI (Industry Consortium for the Advancement of Security on the Internet), a new non-profit organization that will enhance global IT security by proactively driving excellence and innovation in security response.
Microsoft has come together with Cisco, IBM, Intel and Juniper Networks to provide a trusted forum for addressing global, multi-product security threats. ICASI addresses a gap in security response by allowing leading IT vendors to share sensitive information in a secure forum so they can tackle security challenges together and help reduce risks to the global infrastructure and better protect all customers.
More information on the ICASI Web site at www.icasi.org, so I would encourage you to visit that site for additional details. Theres more to come, so stay tuned to the ICASI site for updates.
Thanks!
Andrew
Director, MSRC
*This posting is provided "AS IS" with no warranties, and confers no rights.*
18:33 Looking forward to Black Hat 2008Black Hat 2008 is fast approaching, and I’m really looking forward to it. And as a bit of a teaser, there’s a “Forbidden Sneak Peek” webinar this afternoon. Unluckily, I’ll be boarding a plane somewhere about half way through the presentation, but I’m hoping to get a good enough signal in the airport [...] >>>
Reg security debates El Reg invites you to tighten up your security as we hook up with some of the industry's biggest names and you - the UK's biggest technology community - for two live and fully interactive events exploring the latest menaces and threat-busting initiatives. Whether you're a CTO, developer, consultant or home user, if the security of your IT is important to you make sure these two are in your diary.
11:06 Backdoording Cyber Jihadist Ebooks for Surveillance PurposesIt appears that cyber jihadists are striking back at the academic and intelligence community, by binding their propaganda Ebooks with malware, then distributing them across different forums, thanks to a recently analyzed Ebook entitled "The Al-Qaeda network's timely entrance in Palestine" distributed by the Global Islamic Media Front - hat tip to Warintel.
If it were posted by a newly joined forum member, it would have logically raises the suspicion that it's in fact intelligence agencies spreading malware infected Ebooks around cyber jihadist forums, but it's since this one in particular is being distributed by what looks like a hardcore cyber jihadist, it brings the discussion to a whole new level.
What are they trying to achive? Abuse the already established trust of their readers and cyber jihadist supporters in order to snoop on their Internet activities, or it's the academic and intelligence community they are trying to monitor? In times when botnets can be rented and created on demand, they seem to be more interested in infecting their enemies. Moreover, I suspect that prior to the forum posting, private messages and emails were automatically sent to notify members whose number of posts at the forum greate outpace those of average observers, perhaps the target in such an attack.
The malware is detected by 9 out of 33 antivirus scanners as Trojan.Midgare.gra. Consider reading a previous post on "Terror on the Internet - Conflict of Interest" as well as through the related posts summarizing all the cyber jihadist research I've conducted so far.
07:52 And this is why I like ScribeFireYesterday I complained on the blog that ScribeFire had been acting funny and eating parts of my post. Actually, in a lot of cases, it had been the majority of the posts it ate. Later in the morning, I got a comment on the post from Christopher Finke saying they think they know [...] >>>
The Mac security scene is heating up, with the discovery in recent weeks of a serious vulnerability in OS X and at least two Trojan horse programs that target the Apple OS.
In cast you didn't see it, the Microsoft Security Response Center (MSRC) team just announced the release of three tools to help customers fend off SQL injection attacks: UrlScan 3.0 Beta (see Wade Hilmo's blog for more), a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, the UrlScan helps prevent potentially harmful requests. Microsoft Source Code Analyzer for SQL Injection (MSCASI) CTP (see the SQL Security blog for more), a tool that can be used to detect ASP code susceptible to SQL injection attacks. Scrawlr (see HP's security blog for more), a free scanner, developed by HP Web Security Research Group in conjunction with Microsoft, which will allow customers to identify whether their Web sites might be susceptible to SQL injection.
