Report

Wired: SAO PAULO — Despite widespread speculation at the time, a massive power outage that left 18 out of the 26 Brazilian states in the dark for up to six hours last year was not the result of a cyber attack, according to a classified diplomatic cable published by WikiLeaks last week. The Nov. 10, 2009, blackout came just two days after the CBS News magazine 60 Minutes reported that an earlier outage in the Brazilian state of Espirito Santo in 2007 was the work of hackers. And it came just one day after Threat Level reported that, no, it wasn’t. ...

The U.S. Federal Trade Commission (FTC) has accepted a preliminary staff report that lays out a framework for Internet privacy and suggests a “do not track” mechanism – possibly a persistent cookie installed on browsers. The agency was careful to point out that the commissioners see privacy measures as a balancing act. The news release quotes FTC chairman Jon Leibowitz: “Technological and business ingenuity have spawned a whole new online culture and vocabulary – email, IMs, apps and blogs – that consumers have come to expect and enjoy. The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice. We believe that’s what most Americans want as well.” ...

According to The Telegraph, German prosecutors are accusing two local hackers of breaking into the computers of over 50 pop stars, including Lady Gaga, Kelly Clarkson, Justin Timberlake and Ke$ha. (Wouldn’t you have to be pretty brave to blackmail Lady Gaga? She can be, um, scary. ) Ralf Haferkamp, from the Duisburg prosecutor’s office, said in an interview with Deutsche Welle that the hackers, two boys of 17 and 23 from the West of Germany, infected the machines with malware in order to steal all sorts of files. ...

At first glance, two recent security stories, the Stuxnet attack on Iran’s nuclear industry and the WikiLeaks breach of US State Department communications, don’t seem to have much in common, but they do. They are united by a vector, a method of transmission and that vector is removable media. I am sure that the Iranians felt pretty secure with air-gapped systems, but like a spark from the burning house next door that finds its way into your shingles, the right USB found its way into the right PC and then suddenly all those uranium enrichment centrifuges running at 807-1210 hz started to act funny and fail in unexpected and reportedly fairly energetic ways (you can see some pics of failed centrifuges here http://web.mit.edu/charliew/www/centrifuge.html and here http://www.chem.purdue.edu/chemsafety/NewsAndStories/CentrifugeDamages.htm). ...

Avira TechBlog: We discovered a new ransomware threat which is downloaded by a Trojan of the Oficla family. This downloaded threat replaces the MBR (master boot record) of the hard disk with its own MBR which asks the user for a password and thus blocks the loading of the operating system. Upon starting the Oficla Trojan and successive execution of the downloaded payload the system will be rebooted and the user will be presented the ransom notice. ...

The Anonymous group takes revenge after legal decision against Pirate Bay founders v3.co.uk: An online collective known as Anonymous has carried out a distributed denial-of-service (DDoS) attack on the International Federation of the Phonographic Industry (IFPI) after the trade body welcomed the new court ruling against the founders of The Pirate Bay. The Swedish appeals court decision saw the jail terms of the men reduced but their fines increased in a move that IFPI chief executive Frances Moore argued should be the end of the debate around the issue. ...

A security man stands next to an anti-aircraft gun as he scans Iran’s nuclear enrichment facility in Natanz, 300 kilometers [186 miles] south of Tehran, Iran, in April 2007. Wired: In what appears to be the first confirmation that the Stuxnet malware hit Iran’s Natanz nuclear facility, Iranian President Mahmoud Ahmadinejad said Monday that malicious computer code launched by “enemies” of the state had sabotaged centrifuges used in Iran’s nuclear-enrichment program. ...

Controversial whistleblower website WikiLeaks was hit by another massive distributed denial of service (DDoS) attack earlier this morning. On Sunday, the site was taken down for several hours via a sustained DDoS attack, just hours before the release of thousands of secret U.S. documents. Responsibility for Sunday’s attack was claimed by a single hacker, the Jester, though many are skeptical that it was the work of just one person. Today’s attack, which was initially focused on http://cablegate.wikileaks.org/, has been much more intense. At 9:00 a.m. ET, WikiLeaks tweeted, “DDOS attack now exceeding 10 Gigabits a second.” ...

Mashable: The distributed denial of service (DDoS) attack that took down WikiLeaks as the site published secret U.S. embassy cables over the weekend could be the work of a single hacker, working for his own agenda. The hacker, called the Jester (or th3j35t3r), describes himself as a “hacktivist for good” and posts the message “TANGO DOWN” after a successful attack, together with a link of the sites he takes down. The focus of his attacks, the Jester claims in his Twitter Bio, is “obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, oppressive regimes and other general bad guys.” ...

Mashable: Bing is getting an early start on the “best of 2010” lists, releasing its compilation of the year’s most popular search terms a little more than a month before the New Year. Reality TV star Kim Kardashian tops the list, which is dominated by celebrities; in fact, seven of the top 10 terms are people, as you can see in the list: Kim Kardashian Sandra Bullock Tiger Woods Lady Gaga Barack Obama Hairstyles Kate Gosselin Walmart Justin Bieber free Kardashian’s online dominance extends beyond searches, however. You may recall that a recent study pegged her as the celeb that gets the most traffic to their website via Twitter (despite not having the largest audience). ...