February, 2010

Cabinet minister Ed Miliband was left embarrassed after apparently sending saucy messages to thousands of people on social networking site Twitter. Mr Miliband's unusually personal message, which was delivered to around 7,000 of his followers at breakfast time yesterday, boasted: 'hhey, i've been having better sex and longer with this here'.

Whitehall IT chiefs have been warned by the intelligence agency GCHQ that security problems with cloud computing could foil their plans to use the technology to slash the cost of public services. The assessment forms part of the first report of the Cyber Security Operations Centre (CSOC), seen by The Register.

TO the horror of Latvia's political establishment, a mysterious group of computer hackers is threatening to expose the incomes of top officials after stealing millions of government tax records.

The group, calling itself the People's Army of the Fourth Awakening, claimed to have downloaded more than 7.5 million documents, including VAT receipts and income tax returns from the State Revenue Service after exploiting a security loophole on its website.

Cryptographers have broken the proprietary encryption used to prevent eavesdropping on more than 800 million cordless phones worldwide, demonstrating once again the risks of relying on obscure technologies to remain secure.

The attack is the first to crack the cipher at the heart of the DECT, or Digital Enhanced Cordless Telecommunications, standard, which encrypts radio signals as they travel between cordless phones in homes and businesses and corresponding base stations. A previous hack, by contrast, merely exploited weaknesses in the way the algorithm was implemented.

Microsoft has warned Windows users to be on their guard against a piece of rogue antivirus software passing itself off as Microsoft Security Essentials. Security essentials 2010 is a piece of software Microsoft said installs a fake virus scanner on your machine and]monitors and blocks processes it doesn't like. The software will also block access to websites of antivirus and malware companies and flag up a warning message. You can see the list of blocked sites here.

Security essentials 2010 blocks access by downloading a Win32/Alureon component and another Layered Service Provider component, Microsoft's David Wood wrote on the company's Malware Protection Center blog. "This LSP monitors the TCP traffic sent by various Web browsers that the user might have installed, and blocks any traffic to certain domains," Wood said.

Claims made of a major vulnerability in the Microsoft Windows operating system have been refuted.

Jan Fry, head of PCI at ProCheckUp Labs, claimed that the findings by 2X Software, revealed exclusively by SC Magazine yesterday, were a 'little sensationalist'. Yesterday, 2X Software said that with a simple piece of code, an operating system from Windows 7/Server 2008 versions to Windows 2000/Server 2003 could be crashed with malicious applications installed.

Microsoft Corp. today withdrew its demand that Cryptome.org yank the "Microsoft Global Criminal Spy Guide" document from its site and said it had never intended for the whistleblower's domain to be knocked off the Web. "In this case, we did not ask that this site be taken down, only that Microsoft copyrighted content be removed," said a Microsoft spokeswoman in an e-mailed statement early today. "We are requesting to have the site restored and are no longer seeking the document's removal."

The document, a 17-page guide that Microsoft prepared to show law enforcement how to obtain information about users of its online services -- including Windows Live Hotmail, the Xbox Live gaming network and the Windows Live SkyDrive storage service -- was published by John Young, who runs Cryptome.org, on Feb. 20.

Security experts are split over the effectiveness of Microsoft's efforts to shut down a network of computers that spewed out 1.5 billion spam messages.

The firm persuaded a US judge to issue a court order to cripple 277 internet domains used by the Waledac botnet.

Botnets are armies of infected computers that send spam or malware.

"We aim to be more proactive in going after botnets to help protect the internet," said Richard Boscovich, the head of Microsoft's digital crime unit.

"We will do whatever it takes to look out for our customers and our brand. We hope it will spur similar actions," Mr Boscovich told the BBC.

Intel was targeted by "sophisticated" attacks last month, about the same time that Google reported its network had been breached, allegedly by Chinese hackers. In its annual report filed Monday with the U.S. Securities and Exchange Commission (SEC), Intel confirmed that it had been hit in January.

"We regularly face attempts by others to gain unauthorized access through the Internet to our information technology systems by, for example, masquerading as authorized users or surreptitious introduction of software," read the 10-K filing.

Adobe today shipped a patch for a critical vulnerability in its Download Manager utility, warning that hackers could exploit the issue to take full control of Windows computers. The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user's system, Adobe said in an advisory. The vulnerability affects Adobe Download Manager on Windows (prior to February 23, 2010).