Twitter hit by denial-of-service attack

(CNN) -- Internet attacks shut down the social networking site Twitter for about two hours on Thursday morning and caused glitches in other sites like Facebook and LiveJournal, a blogging site.

Some Twitter users expressed near-panic that the site was not working properly Thursday.

It's unclear if the attacks were coordinated against the social media sites.

Twitter says its site's blackout was caused by a "denial of service attack," which likely means a hacker used a herd of infected computers to send bad information to the site to overwhelmed it.

A post to Twitter's blog said its Web site was back online before noon ET, but the site's users still were reporting problems.

"We are continuing to defend against and recover from this attack," the message from the company says.

Facebook and other social networking sites appeared to be affected by Twitter's shut-down, too. Twitter runs applications through those sites and there was speculation that the glitches were related.

"Earlier this morning, we encountered issues within our network that resulted in a short period of degraded site experience for some visitors," said Facebook spokeswoman Kathleen Loughlin.

"No user data was at risk, and the matter is now resolved for the majority of users. We're monitoring the situation to ensure that users continue to have the fast and reliable experience they've come to expect from Facebook," she said.

Twitter's site went down around 9:30 a.m. ET on Thursday and was back online by about 11:30 a.m.

It's unclear who plotted the attack against Twitter and what their motives may have been. Internet attacks sometimes hit Web sites as they become popular. Security experts say financial motives often are behind modern cyber-attacks. Watch Mashable's Adam Ostrow on the Twitter outage

Twitter -- a micro-blogging site where users post 140-character messages to their followers -- has soared in popularity in recent months. According to comScore, a Web tracking firm, the site had 44 million unique visitors in June.

Thursday's incident highlights the degree to which people depend on online social networks to feel connected to the world.

Some Twitter and Facebook users expressed near-panic that the sites were not working properly. Others reacted with ambivalence.

This is not the first time Twitter has been hit with a cyber-attack. Last month, a hacker broke into the personal Google accounts of Twitter employees, stealing personal information and company financial reports and posting them online.

In an e-mail to CNN.com, Twitter co-founder Biz Stone said that incident is not related to Thursday's security breach.

"There's no indication that this attack is related to any previous activities. We are currently the target of a denial of service attack," Stone said in the e-mail.

"Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. We are defending against this attack now and will continue to update our status blog as we defend and later investigate."

Don DeBolt, director of threat research at CA, a computer security company, said it's too early to tell who or what may be behind the Twitter attack.

But he said denial-of-service attacks target specific Web sites.

"To be effective, [these attacks] need to be focused on a Web site or a series of Web sites," he said. "It's not going to be something where malware (harmful software) is going to be deployed and then randomly attacks Web sites."

John Harrison, a researcher with Web security firm Symantec, said it is very difficult to learn the identity of the attacker, or attackers, as they could be anywhere on Earth and the infected network could span several countries.

Logging on to sites such as Twitter while they are under attack only makes the situation worse because it adds to the overloading of the system, he said.

The U.S. Computer Emergency Readiness Team says it's impossible for Web developers to fully prevent such attacks. But everyday computer users can ensure that their machines aren't used in a coordinated attack like the one seen Thursday.

To protect their computers, consumers should update anti-virus software, create passwords that are difficult to crack and maintain computer firewalls, the agency says.

How to Prevent Your Website from Hackers?

Guidelines to secure your websites and web servers from being hacked.

Old scripts

Please remember that old installations are an open invitation for hackers. So, if you have installed Joomla or WordPress that you tried out a couple of months ago; please remove it. You should make sure that any script you install on your servers is of the latest version. It takes 5 seconds to hack an old version of Joomla, upload a shell script and have total control over your account.

Passwords

Never use easy to guess passwords or the same password more than once; if someone finds a password of yours they will try it everywhere else until they reach success. If someone finds your webmail password you’re pretty much guaranteed they’ll try it elsewhere – maybe in cPanel, maybe on your online banking!

Cloak Your Folders

You should keep a blank index.html in all of the folders inside your public_html; this will make sure the contents can’t be easily viewed on the internet. CPanel has this function, check out ‘Index Manager’. It’s always a good idea to keep your files and folders secret.

Password Protect Your Admin Folder

You should password protect the admin folder of any scripts you are using, this provides an extra layer of security and is highly recommended. You can do this in cPanel by clicking the Directory Protection link.

So You Got Hacked?

If you got clicked that something has happened, maybe some spam was sent from your account, or you found you were hosting a phishing site, the first step you need to take is changing your passwords. All of them – cPanel, email, site admin passwords, everything.

Next up, go through your web space and remove all old script installations, remember if you installed plugins in your scripts (modules for Joomla/WordPress etc) they can be hacked too! Make sure they’re up-to-date too.

You can check the Error Logs in cPanel for suspicious requests. Generally, a hacker leaves suspicious files around, so look for such files within your public_html folder. Once the files are found, take the details of those files, such as date and time that the file was uploaded, the file name, folder it was in, and inform your web host, so they can check through. Then delete the files.

Being hacked can happen to anyone at all, your security will always depend on its weakest point. If you don’t keep things up-to-date and secure, your site will be hacked and be used for criminal activity in one way or another – however, now is the perfect time to stop this from happening.

Stealing History Without Javascript

Making The Web has a demonstration of a neat trick to display your browser history even without the use of Javascript.

The trick is that it's not really scanning your history. The technique works by using CSS attributes which display whenever a site is visited. They use this in combination with a large list of popular web addresses. They display all of these addresses in an IFRAME with CSS attributes such that they will display only if visited, so the ones you've visited show up.

The main hole in the technique is that if a site is not in their list it won't show up in the history list they display. The other hole is that it's not clear that they can do a whole lot with the information if Javascript is not enabled, although the demo site claims to collect some data and display what it claims to be a "most visited pages" list. I'm not saying this is a lie, but I couldn't figure out from the source how they collected it.

There has been some controversy over whether the technique works with NoScript installed, as the author insists it does. I didn't test it with NoScript, but I did disable Javascript in the Firefox and confirmed that it was disabled, and the demo worked well.

Bifrost in Action

watch this>>>>

Microsoft fixes 9 vulnerabilities, but leaves one open to attack

Microsoft on Tuesday, July 14th, as part of its monthly patch procedure, released 6 new bulletins, repairing 9 security vulnerabilities. While the patch addressed two of the "zero-day" exploits -- Microsoft's DirectShow & Video ActiveX Control -- it left a third exploit vulnerable to hackers.

The bulletins fixed vulnerabilities in Windows, Microsoft Office, Virtual PC and Virtual Server and the Internet Security and Acceleration (ISA) server.

Of the 6 vulnerabilities, 3 were rated critical, while the remaining bulletins were marked as important. 8 of the 9 exploit codes were at the top of Windows' Exploitability Index, meaning that a hacker could consistently exploit those vulnerabilities.

While the patch fixed exploits in Microsoft Video's ActiveX Control -- a vulnerability which allowed for remote code execution when using Internet Explorer -- no correction was made for the vulnerability in the Office Web Components that allows hackers the ability to gain user rights to a computer.

To prevent exploit, Microsoft suggests users keep Office Web Components Library from running in Internet Explorer. Users can use Microsoft's "Fix it" to disable Office Web Components, or they can fix it themselves by configuring the kill bit for control in the registry.

Does Google's OS decrease or increase security risks?

Wednesday's two big technology stories--Google's Chrome-based operating system and cyberattacks against U.S. and South Korean government Web sites are oddly related. The stories are connected because if Google does well at gaining market share for its browser, we could see fewer successful attacks. Or maybe we'll see more attacks.

The reason hackers succeeded in launching denial-of-service attacks against government computers in the U.S. and South Korea is because they were able to enlist an army of "zombie" computers to carry out the attack. And what do those computers likely have in common? The vast majority of them likely run Microsoft Windows.

Whether Windows is inherently less secure than Mac OS X or Linux is debatable, but one thing is for sure--it's more popular and therefore a more attractive target to hackers. Indeed with nearly 90 percent of the world's PCs running Windows, it's something of a "single point of failure." Figure out how to infect Windows PCs and you can stage a very successful attack.

Linux--which is the underpinning of Google Chrome--is not entirely exempt from malicious software but historically Linux machines are less likely to be infected. So it stands to reason that the more machines running non-Windows software, the safer we'll all be.

But there's another side to this story. The Chrome OS will be far more Web-centric than Windows, which means that many--if not most--of its applications will be running over the Internet. What's more, people's data will be stored "in the cloud," much of it on servers run by Google. So while Google may help reduce Microsoft's potential as a single point of failure, it increases its own. If hackers were successful in launching an attack on Google, that would affect not only people's ability to use Google apps, but the integrity of their data.

Although there weren't any reported data breaches, there was a day in May of this year when Google sites were partially inaccessible as a result of a technical glitch. On that day, millions of people were unable to use Google services, including Google Docs and Spreadsheets. Say what you want about Microsoft, but even if the company totally shut down its Web operations, its operating system and PC applications would still run.

Personally, I'm a big believer in competition and like cloud computing, so I welcome Google's entry into the operating system arena. But like almost anything worthwhile, it's not without risk.

Hackers Stole $415,000 from Bullitt County Coffers

Cyber criminals from Ukraine reportedly filched $415,000 from Bullitt County's coffers in Kentucky (USA) during the end week of June 2009. Over 24 accomplices in the US aided the crooks along with a string of harmful codes that were designed to bypass the security measures installed by the banks.

Attorney of Bullitt County said that the problem started on June 22, 2009 when an unknown person had begun wiring money amounted $10,000 from the payroll of the county to 25 individuals' accounts across the country.

Attorney further stated that First Federal Savings Bank froze an account of the county on June 29, 2009 after the bank had found that the sum had already been transferred to a number of banks in the country. When First Federal became suspicious of something wrong, it started requesting those banks getting the transfers to begin reversing them.

Moreover, the county's bank told Attorney's office that by July 2, 2009, the bank's authorities would likely know the number of banks make the reversals of money. The bank officials also added that they thought part of the county's money might be recovered though it was not certain exactly how much.

Meanwhile, it appears that some type of PC virus made the illegal transfers, as attorney of Bullitt County said that employees of the county received e-mails carrying a password-stealing virus.

The virus enabled the culprit to gain access to extremely sensitive bank details and change passwords; thus, allowing him enter the account. The miscreant then carried out the transactions from Ukraine and distributed the sum to several US banks.

Besides, a BBB agent said that it didn't surprise him that anyone had become victim of a phishing fraud. He said the incident at Bullitt County should be an alert to all the government organizations owning bank accounts through online services.

Meanwhile, an investigation by the FBI has started and Bullitt County Attorney stated that finding the perpetrator could take some time. While an FBI spokesman suspected that the theft had worldwide connections, he couldn't say if any criminal had been identified.

Default Password Use Opened Telephone Networks to International Hacking Scheme

An international telephone network hacking scheme resulted in $55 million of hijacked calls,

Federal authorities in New Jersey have indicted three individuals in the Philippines who must now either be extradited or volunteer to come to the US to face charges. Cheap international calling time was sold through call centers in Italy. Italian authorities have also arrested 5 Pakistani nationals in connection with the scheme. Authorities indicate that the plan was somehow connected to funding terrorist plots.

The calls were made through corporate networks that the suspects hacked into using a brute force attack, finding access through PBXs that had default passwords.The indictment says that Pakistani operators of the Italian call centers paid the Philippine hackers $100 for each open PBX they found.

Default passwords are a common and easy way for hackers to attack systems. It's important for you to use strong passwords to protect your systems.

PC SECURITY

---------------------

PC Security Software: FREE (DOWNLOAD)

PC Security Product Reviews - Tests

Hacking NEWS

SECURITY NEWS

Malicious Communist Hack

According to security company Sophos the web site of the British Communist Party has been compromised and is serving malware.

Thousands of web sites have been hacked in recent weeks for similar reasons. The code on the web site is modified to execute malicious JavaScript code, identified by Sophos as Mal/Iframe-F.

t's a good idea to avoid the site for now. but it's as good an idea to avoid any of the other tens of thousands of compromised sites, and you don't know what they are. So the only real answer is to keep your browser and security software up to date.

Government Web Sites Under Attack

ANOTHER HACKERS ATTACK!!!!

Numerous US Government and other high-profile sites were the victims yesterday of a massive distributed denial of service attack.

Brian Krebs in the Washington Post notes that their site was one of those affected, but the main ones were US Government sites: the White House, the Department of Homeland Security, the Department of Defense, the FTC, the FAA, the Treasury and the State Department are listed. NASDAQ and the New York Stock Exchange were also hit.

An AP story from this morning claims that the attacks began on July 4 and that they have also targeted South Korean sites. It quotes South Korea's National Intelligence Service as claiming that North Korea or North Korean sympathizers in the south are behind them.

That the attacks are still affecting government sites—and they still appear to be based on some quick testing I just did—indicates a sophisticated attack, and the date July 4 is surely not a coincidence.