ClearSky Cyberdefense Forum

Richard Domingues Boscovich Senior Attorney, Microsoft Digital Crimes Unit:
Building on the recent successes of the Rustock andWaledac botnet takedowns, I’m pleased to announce that Microsoft has taken down the Kelihos botnet in an operation codenamed “Operation b79” using similar legal and technical measures that resulted in our previous successful botnet takedowns.

http://blogs.technet.com/b/microsoft_blog/archive/2011/09/27/microsoft-neutralizes-kelihos-botnet-names-defendant-in-case.aspx

Researchers at Trend Micro have uncovered yet another large-scale, sophisticated and ongoing series of targeted attacks that have compromised nearly 1,500 computers in 61 countries.

http://www.v3.co.uk/v3-uk/news/2111303/trend-micro-uncovers-lurid-apt-attacks-thousands-computers-ussr

http://blog.trendmicro.com/trend-micro-exposes-lurid-apt/

http://blog.trendmicro.com/lurid-attribution-isnt-easy/

Mitsubishi Heavy Industries Ltd said on Monday its computers had been hacked into, with one newspaper saying the target was Japan’s biggest defence contractor’s factories for submarines, missiles and nuclear power plant components.

http://www.reuters.com/article/2011/09/19/mitsubishiheavy-computer-idUSL3E7KJ0BD20110919

Agency outlines strategies for developing energy-delivery systems that are resilient even in the face of cyberattack.

http://energy.gov/sites/prod/files/Energy%20Delivery%20Systems%20Cybersecurity%20Roadmap_finalweb.pdf

http://www.informationweek.com/news/government/security/231601606

Gathered at a Cold War bunker, a yet-unnamed Russian youth organization is being conjured into life. Its mission? To launch an online information war to prevent an Arab Spring-type uprising in Russia.

On Wednesday, the project’s participants came together at Moscow’s Cold War Museum – also known as Bunker-42 – hidden 65 meters under Taganka, reports the Nezavisimaya Gazeta (NG) newspaper.

http://rt.com/politics/secret-organization-information-war-623/

Another CA ? The company is still investigating whether bogus certificates were created in its name. Had that happened, cyber criminals would have been able to spy on users accessing supposedly secure sites.

http://www.bbc.co.uk/news/technology-14879998

New Research :
With the success of Web applications, most of our data is
now stored on various third-party servers where they are pro-
cessed to deliver personalized services. Naturally we must
be authenticated to access this personal information, but
the use of personalized services only restricted by identi-
cation could indirectly and silently leak sensitive data. We analyzed Google Web Search access mechanisms and found that the current policy applied to session cookies could be used to retrieve users' personal data. We describe an at-
tack scheme leveraging the search personalization (based on
the same sid cookie) to retrieve a part of the victim's click
history and even some of her contacts. We implemented a
proof of concept of this attack on Firefox and Chrome Web
browsers and conducted an experiment with ten volunteers.
Thanks to this prototype we were able to recover up to 80%
of the user's search click history.
http://arxiv.org/PS_cache/arxiv/pdf/1108/1108.5864v1.pdf

As millions of people around the world pause to remember the heart-wrenching moments of Sept. 11, 2001, hundreds of hackers, spammers and cyber-criminals are launching their own 9/11 assaults – on computers, web sites and social networks worldwide. And next week may bring on the largest wave of 9/11 hacks and scams ever.

http://www.malwarecity.com/blog/spammers-hackers-prepare-round-of-attacks-for-sept-11-1134.html