July 30, 2009 by Tim McDowell.

http://d.yimg.com/kq/groups/15523565/1322781786/name/TeaPartyCommercial.wmv

Posted in HLD | Print | No Comments »

July 30, 2009 by Tim McDowell.

A group of private and government organizations has launched a program to build the next generation of U.S. cyber defense leaders. The U.S. Cyber Challenge is looking for 10,000 young Americans with the skills to be cybersecurity practitioners, researchers, guardians, and cyberwarriors. The program will provide participants with competition, training, recognition and a chance to win scholarships. It is led by the Center for Strategic and International Studies and includes the Defense Department’s Cyber Crime Center, the Air Force Association and the SANS Institute.

Experts say there is an urgent need to expand the federal cybersecurity workforce. The Partnership for Public Service and Booz Allen Hamilton recently released a report that said the government will be unable to combat cyber threats without “a more coordinated, sustained effort to increase cybersecurity expertise in the federal workforce.” The study said the “pipeline of potential new talent is inadequate.”

Posted in CIP, HLD | Print | No Comments »

July 30, 2009 by Tim McDowell.

A security researcher has discovered a Trojan that is designed to extract account data from as many as 4,600 of the world’s most popular and wealthy businesses. In “one of the largest and most professional thieving operations on the Internet,” a Trojan called Clampi (also known as Ligats, llomo, or Rscan) has spread across Microsoft networks in a worm-like fashion, and may already have infected hundreds of thousands of corporate and home PC users, according to SecureWorks researcher Joe Stewart, one of the world’s foremost authorities on botnets and targeted attacks.

“We weren’t all that worried about Storm, and we weren’t all that worried about Conficker,” Stewart says. “This one you need to worry about.” The Trojan uses PsExec — a popular, lightweight Telnet replacement tool that lets one system execute processes on other systems — and a sophisticated process of encryption and packing to hide its origins and targets. So far, Stewart says, the Trojan appears to be targeting 4,600 Websites, of which he has identified approximately 1,400 in 70 countries. Among the industries being targeted are banks, credit card companies, stock brokerages, insurance, retail, advertising networks, and utilities.

Posted in CIP, State & Local | Print | No Comments »

July 30, 2009 by Tim McDowell.

Adobe Flash contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Flash Player, Reader, Acrobat, and other products that include Flash support are affected. By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment) or a PDF file, an attacker may be able to execute arbitrary code.

Until Adobe is able to offer a patch (expected later this week) US-CERT is recommending you disable Flash or selectively enable Flash content.

Posted in HLD | Print | No Comments »