Report

FoxNews: International hacking group Anonymous took at least 10 Australian government websites offline briefly Tuesday in a series of escalating attacks over proposed changes to privacy laws. The Australian arm of the group has warned it will continue the attacks on “.gov.au” sites until plans to force ISPs to store user data and make it further available to security services are shelved. The attacks started after Prime Minister Julia Gillard answered policy questions via webcam in an online Google+ Hangout session on Saturday but the sites targeted so far are all run by the Queensland State Government. ...

H-Online: Spammers are currently sending large volumes of spam to users of cloud storage service provider Dropbox. The H’s associates at heise Security have so far received four different pieces of German-language spam at an email address used solely to register with Dropbox, and some of their readers have reported the same problem; similar reports can also be found on the Dropbox forums. In almost all cases, the spam is for suspicious-looking online casinos. ...

Late last week, NVIDIA confirmed that the database for its forums web site had been broken into by unauthorized third parties, with data from more than 400,000 registered users affected. A hacker group calling itself “Team Apollo” has now claimed responsibility for the breach which caused NVIDIA to take the site down. As proof, they have published email addresses and password hashes for approximately 800 users from the database on Pastebin, with more, apparently, to follow. If the data proves to be genuine, NVIDIA’s statement that the password hashes were salted would be contradicted: the database excerpt includes the hash b018f55f348b0959333be092ba0b1f41 three times in the list, the result of md5('nvidia123'). ...

ZDNet: Phandroid’s AndroidForums.com has been hacked. The database that powers the site was compromised and more than 1 million user account details were stolen. If you use the forum, make sure to change your password asap. Read the whole story at ZDNet: http://www.zdnet.com/android-forums-hacked-1-million-user-credentials-stolen-7000000817/

Copied from LA-Times: A man who hacked the email accounts of celebrities should pay movie star Scarlett Johansson $66,179.46 in compensation, federal prosecutors said. The hacker also should serve 71 months in prison and pay a total of $150,000 in compensation to all his victims, prosecutors said in court papers filed this week. Christopher Chaney, 35, of Jacksonville, Fla., who pleaded guilty in Los Angeles federal court to nine counts of computer hacking, for two years hacked almost daily into email accounts of 50 people in the entertainment industry. ...

Microsoft has released an unscheduled, non-patch day update for Windows to update the Windows Update function itself. However, according to reports from readers, the Windows Update Agent update does not always run smoothly; The H’s associates at heise Security also ran into problems on their test systems. A staggered dissemination of the update has been taking place over the past three to four days. Users who run Windows Update are confronted with a message which says that an update for Windows Update needs to be installed before the system can check for other updates. ...

v3.co.uk: Card processing firm Global Payments has provided more detail on the attack on its computer systems earlier this year, warning that the attackers may have had access to unspecified personal data. Global Payments confirmed the attackers had access to details of 1.5 million cards, but it said the attack had now been contained. Global Payments also revealed the attacks had gained access to servers containing personal information “from a subset of US merchant applications”. While it could not ascertain whether the data had been copied, it would be notifying affected customers in the coming days. ...

The H-Online: In response to the Flame worst-case scenario, Microsoft has now integrated a custom block list feature for its certificate store under Windows. The feature was deployed as part of this month’s Patch Tuesday. The Flame worm had spread via Windows Update feature by manipulating the certificates that were intended to protect Windows updates from tampering. As described in a Microsoft Security Response Center (MSRC) blog post, the latest modification automatically causes compromised certificates to be regarded as untrusted. To achieve this, the certificate store checks a Microsoft-maintained list on a daily basis for certificates that are no longer trustworthy. Certificate Authorities are required to inform the company of any revoked certificates, which will then be added to the list. According to a Windows PKI blog post, this method is considerably faster than the deployment of Certificate Revocation Lists (CRLs). ...

The H-Online: There have still been no official statements on the causes and extent of the recent password leaks at LinkedIn, eHarmony and Last.fm. A credible source is now reporting that the published 2.5 million Last.fm MD5 hashes, for example, are just the tip of a 17 million hash iceberg. That iceberg has reportedly been circulating since summer 2011.16.4 million of these – 95 per cent – have, the source claims, already been cracked, a claim which, for unsalted hashes, is entirely credible. ...

The H-Online: A list with several million passwords belonging to users of the music community site Last.fm has been posted on the internet. The site owners have posted a statement saying that the company is investigating the leak and that all users of the service should change their passwords immediately. This is the third major compromise of a popular web site’s passwords in as many days. The H’s associates at heise Security are in possession of a list containing approximately 2.5 million password hashes. Like the recently leaked data from eHarmony, these are unsalted MD5 hashes that are trivial to crack in today’s world of fast CPU and GPU hardware and specialised techniques such as using rainbow tables. At least one million of these hashes have already been cracked and the clear text passwords have also been posted on the internet. The hashes that were leaked from LinkedIn were generated using the SHA-1 algorithm. ...