Peter Bernard & Ray Reyes of Tampa Bay Online report...

TAMPA - The state attorney general's newest CyberCrime office opened Wednesday in Tampa, an initiative the agency said will bolster efforts to nab sexual predators online.

"There is nothing more important in our state than protecting our children from these sick predators," Attorney General Bill McCollum said at the opening of the Child Predator CyberCrime Unit.

It's at 3507 E. Frontage Road, south of Spruce Street and east of Memorial Highway.

At Wednesday's ribbon-cutting ceremony and news conference, investigators demonstrated how they hunt child predators online. Investigator Grettel Chavarria said that when she chats online, she assumes the identity of a 13-year-old girl.

Tampa's CyberCrime unit includes a prosecutor, local law enforcement officers and victim's advocates who work together to apprehend Internet predators and educate the community about online safety, the state attorney general's office said.

Full Story Here

Rep. Joe Pitts expounds on the importance of protecting ourselves in cyber space in the following article in the Pottstown Mercury Online... Go Joe!

Here's an excerpt.

"If I told you that Chinese hackers gained access to the computers in the offices of U.S. Representatives and stole personal information about Chinese dissidents and human rights violations, you may think I have been watching too much Hollywood.

But this is all too real, and it represents a growing national security problem.

In fact, two of my colleagues and friends, Rep. Frank Wolf (R-VA) and Rep. Chris Smith (R-NJ), just revealed this week that computers in their offices were compromised by cyber attacks, and the source of the attacks was China.

Both Wolf and Smith have been outspoken critics of China's human rights abuses, which made them natural targets for Chinese hackers.

These attacks are significant breaches of security, and they sound an alarm here on Capitol Hill that we are not as secure as we may believe.

Cyber security has emerged as one of the most important fronts in the effort to secure our nation.

As more and more of our information and critical infrastructure is stored and transmitted digitally, it has become increasingly important that we as a nation take the necessary steps to ensure that information is not compromised.'

Read The Full Story Here

An Australian Credit Union has partnered with a security software company to focus on protecting their customers from malware that could steal passwords & allow unauthorized bank account access to cyber thieves.

Bananacoast Community Credit Union explained in a press release today.

"While we have many layers of security, the weak link in the chain is usually the home or business computer.

Often people don't even have the basics such as firewalls or anti virus software installed on their computer.

By offering TrustDefender to all our customers through our website - free of charge - we know that our customers will have the additional security of having their banking sessions quarantined while they transact," he added.

TrustDefender performs a security health check on the consumer's PC or mobile computing device during the click through period to the login page.

This security health check can identify any unknown crimeware that may exist on the consumer's machine which has not otherwise been identified by their firewall or antivirus software before the consumer logs into any online website and enters his / her password, security token keys and other ID protocol"

As I've often said the weakest link in any banks cyber security is their clients computers as they access their accounts online.

That's why I highly recommend a product that I've personally developed specifically to protect my clients computer activity.

SpyCop Cloak will literally render all computer activity invisible to bots, keyloggers, spyware, trojans, worms & viruses.

It will even protect against unknown threats simply by using 'proprietary stealth cloaking algorythm' with military grade encryption.

Bankers should take notice of Bananacoast Community Credit Union forward thinking approach to cyber security.

It's good to see that Presidential candidate John McCain has noticed the security of the United States is hinging on electronic security.

In today's world we must start with cyber security and work out from there.

Our infrastructure is totally dependent on electronic databases which not only run our country but guard our major utilities without which we would be decimated.

McCain speech yesterday to over two thousand Sheriffs & Deputy Sheriffs called for far more Federal investment in Cyber Security.

The transcripts from his speech are as follows...

"Law enforcement professionals know best what they need in the field.

And today, what's often needed most are more personnel and better technologies for tracking criminals, gathering data, and sharing vital information.

We need to make certain that every agency is working with others where necessary, so that the miscommunications and missed opportunities before 9/11 are never repeated.

To protect our energy supply, air and rail transport, banking and financial services, we need to invest far more in the federal task of cyber security.

In this new century, and especially with the threat of terrorist attacks, every state, local, and federal agency concerned with public safety should have access a shared repository of information.

In the case of any suspected terrorist, we must make certain that law enforcement knows who they are, where they are, and what they're up to."

Transcript Here

So you want to become a hacker and learn how to access data that can be used to make you rich?

Better yet, if you're a member of a foreign government like China, Russia or al qaeda,  & need to brush up on your hacking skills, now you can get trained stateside.

Certified Ethical Hacker Training:

Learn social engineering or how to author DDoS attacks. How about creating buffer overflows or even virus creation and more...

Now ANYONE who has a desire to learn the dark arts of creating havoc on the Internet, can actually graduate with honors.

Easily learn hacking skills directly from 'CEH Certified Ethical Hacker Training Course' taught by ACE

Here is the description of the course from The Academy of Computer Education. CEH - Certified Ethical Hacker Training

Certified Ethical Hacker (CEH) Version 6 is a five-day course that explores the tactics commonly used to penetrate a network.

The courseware maps to EC-Council’s certification exam 312-50, and includes the official EC-Council Certified Ethical Textbook Volumes 1 & 2, an accompanying Lab Manual, a Linux OS CD, and 2 CD’s containing over 300 of the latest hacking tools and exploits.

This certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

CEH candidates will be immersed into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

Candidates will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks.

No real network is harmed.

Candidates then learn how intruders escalate privileges and what steps can be taken to secure a system.

Candidates will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Learn the art of penetration testing (pen testing) in order to create network intrusion vulnerability prevention plans.

Topics Covered

• Developing the hacker's mind
  
• Network surveying
  
• Port scanning System identification/OS fingerprinting
  
• Vulnerability research and verification 
• Service identification
  
• Internet application testing
  
• Document grinding
  
• Recognizing security issues within an organization
  
• Performing legal assessments on remote/foreign networks
  
• Examining an organization for weaknesses as through the eyes of an industrial spy or a competitor
• Implementing the right tools for each task of the Methodology
  
• Competitive Intelligence
  
• Exploiting vulnerabilities remotely
  
• Examining appropriate countermeasures to thwart malicious hacking CEH Audience
  

The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Certified Ethical Hacker Pre-Requisite

A Certified Ethical Hacker candidate should have at least two years of information technology security experience, a strong working knowledge of TCP/IP, and a basic familiarity with Linux. CEH Certification Exams

This course helps you prepare for EC-Councils certification exam 312-50.

The examination consists of 125 questions and the passing score is 70%.

All students who complete the class receive a test voucher that covers the entire price of the 312-50 exam.

**The CEH certification exam is included in the price of the course.

The exam is taken at ACE on the last day of class.

Program & Cost Structure for CEH Course Total Programs: 1 Total Exam: 1 Total Hours: 40 (lecture & lab) Total Program Cost: $2995.00 (includes CEH Certification Exam)

A friend tells you where to get software you should have to purchase FREE.

Your dark side takes over and you visit the "secret" website and get the latest hottest copy of Halo or Adobe Photoshop.

You can't believe your good fortune !

You download & install your precious find and everything works just like you knew it would...

What you didn't know is along with your free game or software was bundled a keylogger, spy program, worm or bot and everything you do on your computer is being captured & recorded.

Credit card info, emails, chats, passwords & banking information is now the property of a cyber thief.

Here's a case in point taken from the Star Tribune

...He initially spread the virus by creating a bogus Web site that offered free installation of Limewire, which is similar to Napster music-sharing software.

When people tried to download the software, they also downloaded the Nugache Worm, which embedded itself within the Windows operation system.

Later, as he developed his system, Milmont was able to spread the worm using instant messaging spam, which directed the recipients to a Web site infected with the virus.

Eventually, Milmont gained control of a massive system of zombie computers known as a"botnet," or computer robot network.

"On average, (the) defendant controlled 5,000 to 15,000 computers at any given time," according to the court record.

The moral of this story is only download from manufacturers websites or you could end up the victim of identity theft or worse.

I highly recommend you get a copy of SpyCop Cloak, just in case you're already infected.

Botnets are one of the most dangerous online security threats today where it is estimated that 40% of the 800 million computers on the Internet unsuspectingly distribute spam, steal private data, launch crippling denial-of-service attacks, and spread new infections.

Botnets are difficult to detect and even more challenging to stop as their dynamic and adaptive capabilities empower them to self-propagate through their own established peer-to-peer networks and evade conventional detection techniques by covertly relocating the command server and spam load to another, as-yet-undiscovered, bot.

Conventional Security Approaches are Obsolete

By design, botnets are very effective in defeating conventional anti-spam technologies because the emails are covertly sent from trusted sources, rendering today’s anti-spam technologies such as reputation systems and blacklists obsolete.

Likewise, traditional content filtering solutions are failing as botnets continue to use innovative forms of image spam, pdf spam and audio files, etc. to bypass filters.

As these innovative forms of spam are typically five to ten times larger than a text-based message, the problem intensifies as email servers and network bandwidth becomes overloaded with the growing size and volume of spam, disrupting the efficient delivery of legitimate email.

Network Profiling Technology Eliminates Botnet Threats at the Connection Level

Utilizing global network intelligence, Engate’s advanced network profiling technology delivers unprecedented real-time visibility into malicious sources from around the world. Engate’s anti-botnet solution employs patented network profiling, source verification, and anti-forgery techniques to identify and block email-borne botnet attacks in real-time and at the protocol layer, while allowing legitimate email to pass to the recipient.

Engate uniquely profiles every IP address within the network, segregates legitimate mail servers from all other network hosts, and establishes proprietary ’smart rules‘ that have the unique ability to immediately identify compromised computers, detect protocol fraud, and intelligently reject illicit connections at the network level.

Engate’s global intelligence is instantly aware of new computers that become members of botnets and stops the distribution of email-borne threats at the protocol level, before it reaches the enterprise gateway and has a chance to compromise IT resources, slow down network performance, crash servers and invade privacy.

Full Story

With 62% of purchases occurring on the Internet, the majority of security software products are being acquired online with over half of those online purchases being made directly through the manufacturer Web site, according to Security Software Topical Report, the most recent study from leading market research company,

The NPD Group, that offers detailed insight into consumers’ perceptions and awareness of security software products, covering ownership, purchase dynamics and general opinions about consumers’ concerns with computer threats.

According to the report, free security software downloads compete directly with paid security software, with 36% of all security software downloads being downloads of a free product and 42% being paid digital downloads.

Of those security software products purchased at a physical location, 62% were made directly off the shelf, 25% came with the purchase of a new PC and 11% were made through a retailer’s tech bench.

The computer threat and/or security issue that most concerns consumers is viruses (80%) followed by identity theft (73%). Surprisingly, only 34% of households with kids under the age of 18 are concerned with what their kids are accessing on the Internet.

Various software features have a high level of awareness with virus protection and spyware protection topping the list but only 32% are aware of what a virus signature update is. Over half of those aware of virus signatures would prefer to receive updates as frequently as every day.

Many of those who do not currently have security software on their home computer stated it is because they either don’t care or don’t feel they need security software.

However, better prices and knowledge of existing viruses on their computers were two key motivators for previous non-owners of security software to purchase it for their home computer.

“Even though the most common reason for installing security software on one’s PC is to be proactive and prevent anything from happening, the fact that there are some consumers who either don’t care or are willing to wait until after they are infected before they do anything provides a lot of opportunities for retailer and publisher alike to tap into an entirely new set of consumers,” said Michael Redmond, industry analyst, The NPD Group.

Full Story

Fears about identity theft and financial fraud are top global concerns for consumers, according to the latest results of the Unisys Security Index. Identity theft is the primary security concern cited among respondents in nine out of 14 countries, while misuse of credit or debit card information ranks as the first or second greatest fear in 12 out of the 14 countries.

The Unisys Security Index presents a social indicator that measures consumer concern in relation to four areas of security: national, financial, Internet and personal safety. Unisys conducted the first global research in August 2007, as part of a bi-annual study to gauge consumer sentiment about security issues in 14 countries. The current research includes responses from 13,296 people, polled between March and April 2008.

Compared to last year, the Unisys Security Index declined three points to 134, representing a moderate level of overall concern about security issues worldwide. (The Unisys Security Index measures consumer sentiment on a scale of zero to 300, with 300 representing the highest level of perceived anxiety). Fears about identity theft and financial fraud also were the top concerns in August 2007.

Within the four specific areas studied, the current results show overall concern about financial security ranks the highest (143 out of 300), followed by personal security and national security (tied at 138), and Internet security (118). Other key findings include:

• Compared to 2007 global findings, the current Unisys Security Index again shows that consumer concern is highest in Asia - specifically Hong Kong (189), Singapore (176), and Malaysia (164) – as well as the growing economy of Brazil (169).
• Hong Kong residents cite security fears at or near the highest concern level in all four areas (the country’s total score is 189), particularly fear of becoming victims of bank card fraud (243), meeting basic financial obligations (188) and being subject to health epidemics (214).
• With the exception of Germany, which is the only European country that registers high concern about security issues, Europeans generally have less fears than people in the rest of the world; apprehension varies with low to moderate rankings, depending on the country.
• French consumers are least concerned worldwide, with fears at or near the lowest level of concern in all four areas. France’s score as a whole is a mere 76.
• Since the baseline global survey in August 2007, Unisys Security Index scores have risen markedly in Spain (+23), Singapore (+17), and Hong Kong (+10). Conversely, the research shows the greatest decline in security concerns in Australia (-21), the United Kingdom (-21) and Brazil (-19).
• Seven countries demonstrate significant concern (i.e., a Unisys Security Index score equal to or greater than 150) about national security and health epidemics, including Brazil (200), Malaysia (192), Singapore (188), Hong Kong (184), U.S. (167), Spain (166) and Germany (163).
• Compared to August 2007, segments of the population in the United States and Hong Kong experience more stress about meeting basic financial obligations, such as paying credit card bills and mortgage payments.

“Such drastic differences among regions proves that security is a local issue, despite the many threats that extend across geographic borders without discrimination,” said Tim Kelleher, vice president, Enterprise Security at Unisys. “People’s perceptions, concerns and needs are directly influenced by cultural norms, and the manner in which security is or is not managed by governments, businesses and other key local influencers.”

Full Story

Dutch police have arrested a 20-year-old man suspected of hacking on the internet and stealing the details of 50 000 credit cards, Dutch court said on Friday.

According to the Dutch Ministry of the Interior, the 20 year old hacker had managed to "burn 13 million Euros playing poker online and shopping for notebooks, flat screens and MP3 players" before being caught.

The man, detained in Maastricht on last Tuesday, is also alleged to have hacked into the server of a US videogame-maker and stolen a copy of the game 'Enemy Territory: Quake War' while it was in development.

Police seized the man's computer and a gun during their search of his home.

He is thought to have used the credit card identities, obtained through a British ticketing agency, to make numerous online purchases, racking up $20-million of infrastructure damage along the way.

Full Story

In an article by Andy Greenberg In Forbes Online, he interviews David Rice the author of a new book called Geekonomics: The Real cost of Insecure Software.

Rice makes some very valid points.

He feels there should be a tax on software of all kinds that hasn't been properly tested for security before it hits the marketplace.

My opinion is, that there definitely needs to be some sort of official grading system or standard, for a software company to create a safe & secure product for all of us.

Here's an excerpt from the interview...

Call David Rice the Ralph Nader of cyber security.

Rice's book, Geekonomics: The Real Cost of Insecure Software, is a kind of hacker's take on Unsafe at Any Speed, a manifesto that calls the software industry to account for its careless attitude toward security, just as Nader took the auto industry to task for its abysmal safety standards in 1965.

Rice blames the software industry for a litany of hidden costs, ranging from the infrastructure needed to fix hackable bugs in software to recent data breaches at the U.S. State Department and the Pentagon--even a Boeing 747 crash in 2005 that resulted from software glitches. All told, he places the total economic cost of security flaws in software at around $180 billion a year.

Rice's controversial solution? Create a tax on software based on the number and severity of its security bugs. Even if that means passing those costs to consumers, Rice, an instructor at the SANS Institute and a former cryptographer for the NSA and the Navy, believes that a tax is the only way to push the software industry to mend its buggy ways. Forbes.com spoke with Rice about his idea of a "vulnerability tax" and his accounting for the hidden costs of cybercrime.

Forbes.com: Why create a tax on software based on its security flaws?

Rice: This is about holding the manufacturer responsible. When you look at what hackers do, they're really just trying to discover defects with tests that the software manufacturers could be performing themselves. It's up to the manufacturer to determine how much they want to test the software before it's released.

Full Article Here

Here is a seemingly unbiased study the European Union made regarding cyber security in all its multifaceted glory...

Security Economics and The Internal Market

1 Executive Summary

Network and information security are of significant and growing economic importance.

The direct cost to Europe of protective measures and electronic fraud is measured in billions of euros; and growing public concerns about information security hinder the development of both markets and public services, giving rise to even greater indirect costs.

For example, while we were writing this report, the UK government confessed to the loss of child-benefit records affecting 25 million citizens.

Further revelations about losses of electronic medical information and of data on children have called into question plans for the development of e-health and other systems.

Information security is now a mainstream political issue, and can no longer be considered the sole purview of technologists.

Fortunately, information security economics has recently become a live research topic: as well as collecting data on what fails and how, security economists have discovered that systems often fail not for some technical reason, but because the incentives were wrong.

An appropriate regulatory framework is just as important for protecting economic and other activity online as it is offline.

This report sets out to draw, from both economic principles and empirical data, a set of recommendations about what information security issues should be handled at the Member State level and what issues may require harmonisation – or at least coordination.

In this executive summary, we draw together fifteen key policy proposals.

We held a consultative meeting in December 2007 which established that almost all of these proposals have wide stakeholder support.

We believe they will provide a sound basis for future action by ENISA and the European Commission. Recommendations

1: There has long been a shortage of hard data about information security failures, as many of the available statistics are not only poor but are collected by parties such as security vendors or law enforcement agencies that have a vested interest in under- or over-reporting.

Crime statistics are problematic enough in the traditional world, but things are harder still online because of the novelty and the lack of transparency.

For example, citizens who are the victims of fraud often have difficulty finding out who is to blame because the incidents that compromised their personal data may have been covered up by the responsible data controllers.

These problems are now being tackled with some success in many US states with security-breach reporting laws, and Europe needs one too.

We recommend that the EU introduce a comprehensive security-breach notification law.

2: Our survey of the available statistics has led us to conclude that there are two particularly problematic ‘black holes’ where data are fragmentary or simply unavailable.

These are banks and ISPs. On the banking side, only the UK publishes detailed figures for elec-

Full PDF

If you have Microsoft Internet Explorer 6 I strongly urge you to update to Microsoft Internet Explorer 7

There is a publicly available proof-of-concept code for a new vulnerability in Microsoft Internet Explorer 6

What that means is a remote, unauthenticated attacker could execute a script that would allow them to steal cookies, hijack a web session, or steal authentication credentials.

You can get Microsoft Internet Explorer 7 here

I use Mozilla Firefox myself as I like the interface better and for better or worse it seems the bad guys are always targeting Microsoft products, so if I can use something with a lower profile I generally do

You can get Firefox 3 here

Right now, hackers around the world are writing programs that are searching for unprotected areas of code, finding them and silently slipping past security.

Then, they use their imaginations: recording the keystrokes of unsuspecting users, crashing programs, overloading websites, ripping off passwords, stealing account numbers constantly, silently, anonymously.

And their reach increases every time a new computer plugs in... Philip Nice Trumpet Magazine 

Do you ever get the uncomfortable feeling that someone was watching everything you do on your computer?

Even if you've never had that feeling... here's why you should be concerned. 

One single Botnet called Storm Worm easily infected close to 10 million computers worldwide.

Storm Worm, only one of thousands of malicious programs let loose on the Internet, is just one example of what cyber criminals are creating & loading onto computer systems worldwide.

Why?

To make EASY money.

Everything you do on your computer is worth hard cold cash to both legitimate companies & cyber criminals alike.  Cyber thieves are after your money, your credit card numbers, your passwords, your bandwidth, literally anything and everything they can turn into cash or sell for profit ! 

Even legitimate companies want to know what your shopping habits are, what you search for on Google... and they will pay for that information. 

Some companies aren't to fussy on how they get this information 

Marketing intelligence is big business. 

Whether you like it or not, YOU ARE A TARGET ! 

According to Finjan Inc a hardware security company.
 
"The increase in Web-based attacks is staggering. Industry figures include a growth of more than 200% of Web-based malware, with an increase of over 800% in backdoor and password-stealing malware

" Did I mention governments from around the world, who are now ramping up for cyber warfare. 

Many governments are just beginning to learn what can be gleaned from sifting through computer data. 

But there is hope... SpyCop Cloak TM For Windows launching is specifically designed to instantly render any computer activity INVISIBLE to Hackers, Spyware, Trojans, Keyloggers, Bots, Adware,& more with a click of your mouse.

This product is set for launch on July 3 2008.

In the interest of full disclosure, SpyCop Cloak is my product.

I've been working on it for a long time and now it's finally being released.

If you could only get one security product to keep your business or family computer activity safe, I highly recommend SpyCop Cloak !

Though the Defense Department doesn't see China as a strategic adversary, the country's military buildup and lack of openness in how it's going about it has officials wondering about Chinese leaders' intentions, senior Pentagon officials told the House Armed Services Committee today.

James J. Shinn, assistant secretary of defense for Asian and Pacific security affairs, and Air Force Maj. Gen. Philip M. Breedlove, vice director for strategic plans and policy for the Joint Chiefs of Staff, testified on the topic. Their testimony revolved around three key questions from the Defense Department's recently submitted China Military Power Report:

-- What are the Chinese doing in terms of their military modernization and buildup?

-- What does it mean for the United States and its allies in the region?

-- What are the Defense Department and the U.S. government doing to react?

According to the report, the Chinese have engaged in a sizeable and sustained increase in military expenditures over the past few years. Their official budget is reported to be about $60 billion, but the Defense Department estimates that it's twice that, Shinn said.

The buildup is across all of China's services, Shinn added. "It's comprehensive in the sea, land and air forces. It's also particularly significant that it includes its nuclear as well as the conventional forces," he continued.

Shinn noted China's heavy investment in personnel, recruiting and training, which in previous years was not as big a factor as the overall numbers of its forces. The Chinese also are devoting much effort into logistics and the command and control apparatus, he said.

China's buildup reflects a deliberate and well-thought-through strategy to invest in asymmetric warfare, cyber warfare, and counter-space capabilities, Shinn told the House panel, and also has sophisticated cruise missile and under-sea warfare programs.

The buildup means the United States and its allies in the region could be at risk, because the increasing capabilities may alter China's intentions, which currently seem to be peaceful, Shinn said. The increasing capacity may present the Chinese leadership with more options, he noted.

"As the Chinese nuclear forces increase their size and survivability, we don't know if [their intention] is going to alter," he explained. "We are very careful about inferring intent as to expanding capability. Part of the reason for the deep seriousness of the report is that one must always plan for the worst."

Therefore, he said, DoD will continue pressing intelligence collection and analysis to understand Chinese leaders' intentions for their country's increased capabilities. The United States will continue to train, equip and posture Pacific forces and work closely with regional allies to strengthen their capabilities, he said.

Shinn also stressed the importance of U.S. forces engaging and maintaining dialogue with the Chinese government and leaders of the People's Liberation Army to learn more about them and their intentions. The Defense Department does not currently see China as a strategic adversary, but rather as a competitor in some respects and a partner in others, he said.

"China's rise certainly presents a variety of opportunities and challenges, but the Chinese are definitely not destined to be an adversary," he told the committee.

Breedlove affirmed Shinn's comments, noting that cooperation continues to progress between the United States and China in areas of mutual interest such as humanitarian assistance, disaster relief, and military environmental protection.

"An encouraging sign [of cooperation] was China's reception of relief supplies delivered to the needy Chinese by our military aircraft during this past winter's storms and most recent earthquake," Breedlove said.

China's military modernization is no surprise, given the country's impressive economic growth, the general said.

"[The United States] continues to communicate to China that our desire for greater transparency and openness is to gain a better understanding of their strategic intent," he said. "We believe it is clearly in the interest of all to avoid any misunderstanding or miscalculation. We continue to watch the situation closely and respond in a matter that brings peace and stability."

Air Force Cyber Command officials have announced their intent to spread out its headquarters staffing among nine locations so it can meet the 45 percent manning requirements needed for initial operations. 

"Normally, a major command headquarters will house all its staff functions at one place, but because the final basing decision for AFCYBER has not been determined, the command will operate in a virtual environment," said Maj. Gen. William T. Lord, AFCYBER (P) commander. 

He said this action will allow some personnel to be assigned to Barksdale Air Force Base, La.--the interim HQ location for the command--and minimize relocation actions at the other places for the rest of the proposed 450-person HQ staff. Of the original 540 positions allocated for AFCYBER HQ staffing, about 90 of those positions were moved to man positions in the 24th Numbered Air Force and subordinate wings. 

Thus the command will assign about 240 positions and fill them during the summer so it can declare initial operations capability by Oct. 1. It is not known at this time whether the rest of the 450 authorizations will also be assigned to the identified locations, to new ones after that date, or be on hold until the final basing location is decided. 

"We'll be operating in this virtual construct until the final basing decisions are made, which is expected to be announced by Sept of 2009. At that time the Air Force may be decide to keep AFCYBER in this construct, relocate all its staff to one place or perhaps a combination of the two," said Gen. Lord. "What this virtual command will do for us is minimize environmental impacts to all involved while be able to move forward in building this command. The virtual construct is not intended to foreclose or presuppose any options for permanent basing." 

During this process there are no new billets being created and there are no net increases in the number of people at these locations. Movements will result from a limited number of Permanent Change of Station actions, or, as in most cases, Permanent Change of Assignments (same base but different organization) and through Temporary Duty assignments. 

The numbers listed at the locations represent the authorizations being assigned as HQ staff at the time the command declares IOC. 

The locations and proposed numbers for authorizations are: 

Barksdale AFB, La. - 36 billets. As the current location of the provisional command, the interim capability for the HQ staff will remain there until the final basing location is established. This will facilitate integrations with the Air Force Network Operations Center, a new 608th Air Operations Center and the command structure that provides forces to combatant commands. 

Scott AFB, Ill. - 69. Many of the A1-manpower and personnel functions, as well as the A6-communications functions are currently being done by members assigned to the Air Force Communications Agency. Those authorizations will be recoded to support the headquarters functions. 

Langley AFB, Va. - 58. Billet transfers will come from both the Air Combat Command and Global Cyberspace Integration Center. Much of the A5-Plans and Requirements and A8-Strategic Plans and Programs functions for cyberspace already occur here. 

Lackland AFB, Texas - 43. This is the location of the Air Force Information Operations Center and the 67th Network Warfare Wing. This will allow for the leveraging of the A2-intelligence and the A3-Air, Space and Information Operations capabilities. 

Tinker AFB, Okla. - 5. The 3rd Combat Communications Group and the 38th Engineering and Installation Group are located here. Along with HQ, A3 and A6 functions, there will also be elements of A4-Logistics that will work contracting issues for combat communications and engineering and installation requirements. 

Wright-Patterson AFB, Ohio - 13. This is where the most significant Air Force procurements are channeled as well as the leading Air Force Research and Development Center for cyberspace. The command will leverage its A4 and A7-Installations and Mission Support functions here. 

Hanscom AFB, Mass. - 7. This is the location for major research and development operations as well as the program office for a large number of communications and cyberspace initiatives. 

Griffiss ANGB (Rome Labs), N.Y. - 2. Rome Labs currently conducts leading research for information operations and cyber warfare and these authorizations will take advantage of R&D efforts to advocate for the development of cyber capabilities. 

Peterson AFB, Col. - 7 (tentative). Discussions are underway for achieving capabilities with space-related resources. 

"Again, this represents the minimum capability required to activate the command and gain units," said the general. "We must move forward to provide people the right chain of command, the right leadership and be able to meet the Air Force's timeline on schedule."

ATLANTA, GA--(Marketwire - June 25, 2008) - The volume of malicious spam in circulation has more than tripled in one week, according to new research from Marshal's TRACE team. This sharp increase can be largely attributed to the Srizbi botnet, which is currently responsible for 46 percent of all spam sent. Malicious spam jumped from 3 percent of total spam traffic at the start of June to 9.9 percent the following week.

'Malicious spam' is spam that isn't designed to sell a product or service, but is intended specifically to infect recipients' computers with malware. It typically involves a social engineering ploy to lure recipients into thinking it is harmless or related to something of interest, such as free pornography or an invitation to view a greeting card from a friend. It usually includes a URL link to a website hosting malware. Often the malware is falsely presented as a video or game that the recipient is tricked into activating.

"The Srizbi botnet is behind much of this increase in malicious spam," said Phil Hay, lead threat analyst with Marshal's TRACE team. "Srizbi's criminal controllers are currently on a major expansion drive. The more computers infected by Srizbi bots the more money they can make."

The most common campaign Srizbi is using at present is a 'stupid' theme that tries to hook users by including the first part of their email address in the subject line along with the suggestion that they look stupid in a video. Users are often quick to investigate the potentially embarrassing footage before they consider the true malicious nature of the message.

Another recent campaign from Srizbi is based on the social networking phenomenon of connecting to old acquaintances online. It targets the Classmate.com service by using its name in malicious spam with subject lines such as "You have one new message. Classmates" and "Friends waiting for you Tomorrow! Classmates." Once the recipient clicks on the link, they are taken to a fake page that resembles the actual Classmates.com website where they are directed to run a supposed Flash video player. When users click on the link, they are prompted to download an executable file that infects their computer.

"This kind of social engineering tactic is nothing new," said Hay. "What is significant is the rapid increase in the volume. It once again demonstrates the incredible power and dominance that the major spamming botnets have over email traffic. Very few legitimate businesses could triple their email capacity at the push of a button. But this is the advantage that the illegal control of thousands of computers gives the spammers."

"We see Srizbi as one of the biggest threats to Internet users today," said Hay. "We are trying to work with other security researchers to raise the profile of Srizbi and the threat it represents. In contrast, the Storm botnet receives more research and media attention, yet its impact is now bordering on insignificant. When Storm became a high-profile target, Microsoft had great success in removing it from thousands of infected PCs with their Malicious Software Removal Tool. Now, Srizbi needs to become a similar priority for security researchers."

"In the meantime, users should be wary of emails that make personal offers such as online friend connections or include inflammatory personalised subjects such as 'you look stupid in this video,' particularly if they don't recognise the sender," he said.

Marshal's charts and statistics depicting botnet activity over time can be found on the TRACE Center: http://www.marshal.com/trace/spam_statistics.asp.

About the Marshal TRACE Team

TRACE (Threat Research and Content Engineering) is a group of Marshal security analysts who constantly monitor and respond to Internet security threats through the TRACE website at www.marshal.com/trace. TRACE services are provided as part of standard product maintenance that includes updates to Marshal's unique, proprietary anti-spam technology, SpamCensor. TRACE analyzes spam, phishing and Internet security trends and provides frequent automated updates to Marshal customers. It also provides "Zero Day" security protection against new email and virus exploits the day they emerge.

Researchers at Cenzic discovered the Cross-Site Scripting (XSS) vulnerability in Yahoo! Mail.

The vulnerability was discovered using a Yahoo! Messenger desktop application.

If a hacker successfully exploits this vulnerability, they can gain active access to the victim's account through stealing of the session IDs. An attacker can also execute operations in Yahoo! Mail.

"This vulnerability exposed millions of Yahoo! users to the possibility of identity theft," said Mandeep Khera, vice president of marketing for Cenzic. "Luckily, it was caught early by Cenzic's dedicated experts, whose sole job is to perform ongoing research to find vulnerabilities in various Web applications.

As in all cases of identified vulnerabilities, our team then worked with the exposed company, Yahoo! in this case, to make sure the applications were fixed."

Vulnerability Description

If the attacker is using the Yahoo! Messenger desktop application 8.1.0.209 to chat with the victim, and the victim is using the Messenger support in the new Yahoo! Mail Web application, it will cause a new chat tab to open in the victim's browser.

While chatting, the attacker can change their status to "invisible," causing a message of "offline" in the chat tab of the victim.

The vulnerability occurred when the attacker then changed status, and sent a custom message containing a malicious string in the form of a status message of "online," with the script executed in the context of Yahoo! Mail on the victim's machine.

This allowed an attacker to get active access to the victim's session ID, and in turn steal their Yahoo! identity, exposing sensitive personal information stored in their Yahoo! account.

Under the guidelines of its responsible vulnerability disclosure policy, the Cenzic Intelligent Analysis team alerted Yahoo! of the issue in May. Yahoo! acknowledged the issue and issued a fix as of June 13.

It is Cenzic's policy to give at-risk vendors ample time to resolve the issue before disclosing the details so that the at-risk site is not attacked.

About Cenzic

Cenzic is the next-generation Web application security assessment and risk management solutions leader.

The Cenzic suite of application security solutions fits the need of any company from remote, Software as a Service (ClickToSecure®), for testing one or more applications, to a full enterprise-wide solution (Cenzic Hailstorm® Enterprise ARC) for effectively managing application security risks across an enterprise.

Always an innovator, Cenzic has integrated Hailstorm with VMware to enable testing of production Web applications through virtualization -- making Cenzic the only company in the industry with a complete solution for assessing Web applications in all stages from development to production.

In addition, Cenzic solutions, targeted at financial services, e-retail, high-tech, energy, healthcare and government sectors, are the most accurate, comprehensive and extensible in the industry, empowering organizations to stay on top of unrelenting application security threats.

CUPERTINO, Calif., June 24, 2008 /PRNewswire

Trend Micro Incorporated (TSE: 4704), a global leader in Internet content security, reported today that residents of the Atlanta metropolitan region are not using Wi-Fi hotspots, even though the city is the fourth highest metropolitan area for Wi-Fi availability and the highest rated "wired" city in the nation(1).

The study, which surveyed over 500 Atlanta residents on their Internet usage habits and attitudes towards cyber-surfing safety, found that very few of them are taking advantage of available Wi-Fi within the Atlanta region. While all survey participants responded that they use the Internet on a regular basis, less than 20 percent take advantage of the city's ubiquitous Wi-Fi networks.

The study also found that 52 percent of Atlantans surveyed think viruses are a major threat to their computers. Those participating in what would normally be considered risky online activities (such as browsing Web sites, making online purchases, visiting social networking sites and banking online) are more concerned with viruses even though they are more easily preventable than Web threats. While viruses can cause great inconveniences, cybercriminals have created an underground malware economy that costs companies and consumers millions of dollars each year through identity and data theft.

With a comprehensive Internet security product, most online activities can be relatively safe. Trend Micro offers the following tips in looking for the right consumer security product:

-- Make sure the security product offers a strong protection against Web threats such as bots, Trojans, Web downloaders and keyloggers, any of which can lead to identity and data theft.

-- Look for an anti-spyware feature that is designed to remove adware and spyware that marketing and advertising companies dump on computers to covertly spy on surfing habits and collect market data. These programs can also slow down computer performance.

-- A security product should also have firewall capabilities -- a cyber-barrier that keeps destructive elements and intrusions away from the network. It inspects all network traffic passing through the system, guarding it from viruses, hackers, spam and other Internet threats.

-- Viruses can still do damage so a product should also have an antivirus feature that's consistently updated. Viruses are constantly mutating and the only way to protect a computer is with an up-to-date antivirus software program.

"Atlanta residents have a great opportunity to safely use the Internet from a variety of public locations and can take more advantage of it," said Carol Carpenter, vice-president of consumer marketing at Trend Micro. "The proper security protection against viruses and Web threats will help everyone, including Atlantans, confidently utilize their city's Wi-Fi offerings."

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at http://www.trendmicro.com/go/trendwatch to learn more about the threats. Trend Micro's flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. A transnational company, with headquarters in Tokyo, Trend Micro's trusted security solutions are sold through its business partners worldwide. Please visit http://www.trendmicro.com.

(1) "America's Most Wired Cities," Forbes Magazine, 10 January 2008.

SOURCE Trend Micro Incorporated

http://www.trendmicro.com

Chinese human rights activists have appealed to the international community to press for the release of cyber-dissident Huang Qi, who was arrested in Sichuan province on 10 June on a charge of illegally possessing state secrets.

Deng Taiqing, an activist based in Shanxi province said Huang may have had confidential documents but they were not state secrets.

“In my view, a state secret has to do with the army or national defence,” he said. “Huang Qi tended to print confidential documents but they had nothing to do with state secrets.”

Deng added that he thought the authorities arrested Huang because they feared his activities after the Sichuan earthquake and the growing influence of his website, 64Tianwang.

A Beijing-based activist also criticised the gravity of the charges brought against Huang and insisted they were baseless.

Another Internet user sent an open letter to the Chinese authorities in which he said many Chinese citizens were aware of the case.

He urged the authorities not to mistreat Huang and called for his release.