PhoneSnoop – DHS Warns Blackberry Users About App

The Department of Homeland Security’s U.S. Computer Emergency Readiness Team (US-CERT) is warning BlackBerry users about a spyware program that allows attackers to turn a target’s handset into a microphone that can be accessed remotely.

Source

From Search Security

The U.S. Computer Emergency Readiness Team is warning Blackberry users about new software that could be used by hackers to turn the smartphone into a listening device.

An application called PhoneSnoop can configure the phone’s speakerphone function to enable a hacker to listen to surrounding conversations remotely. The software uses a Blackberry API to intercept incoming calls. Once the software is downloaded and installed, the software is triggered by a simple phone call, placing the device into speakerphone mode.

Sheran Gunasekera, the developer of the snooping application, wrote on his blog that he wanted to shed light on the threats posed by careless use of Blackberry smartphones. Gunasekera said the application can be easily detected and is visible in the Blackberry user interface.

“While the BlackBerry remains one of the more secure devices out there, user awareness and education is paramount to remaining completely safe from spyware,” Gunasekera wrote.

Gunasekera posted a YouTube video demonstrating how PhoneSnoop works. He introduced the tool on Oct. 19, but only made the software available for download Oct. 23, tweaking it to allow users to create a customized trigger number.

The US-CERT warned Blackberry users to password protect their devices and only download software from trusted sources.

“This software allows an attacker to call a user’s BlackBerry and listen to personal conversations,” the US-CERT said. In order to install and setup the PhoneSnoop application, attackers must have physical access to the user’s device or convince a user to install PhoneSnoop.”

Read Full Article

GAO: Major Security Flaws at Federal Buildings

The police agency in charge of protecting thousands of federal buildings nationwide has failed to keep bomb-making materials out of several high-security facilities in the past year, according to a Government Accountability Office report released today. In the past year, investigators successfully smuggled bomb-making materials into ten high-security federal buildings, constructed bombs and walked around the buildings undetected, exposing weaknesses in security provided by the Federal Protective Service.

[...]

Investigators carried liquid explosives and low-yield detonators — materials investigators note are not normally carried into federal buildings. The GAO said security concerns prevent it from revealing the exact locations or cities of the affected facilities, but that eight of them were government owned, while two were leased. They included offices of a U.S. senator and House member, as well as offices for the departments of Homeland Security, Justice and State, the GAO reported. In one instance, the GAO obtained a building security tape showing an investigator walking through a security checkpoint with bomb making materials.

Read Full Article

Security Tight For Obama Visit To Cairo

US president Barack Obama has not yet decided whether his historic speech reaching out to the Muslim world will be delivered on June 4 from a lecture hall at Al Azhar University in Cairo or its main mosque. If the second, his address will take place in the presence of Grand Mufti Ali Gomaa, the Sunni Muslim world’s greatest religious authority. In any event, Al Azhar is the most eminent school of Islamic learning in the world and the US president therefore expects its impact to far outweigh his first address to Muslims from Istanbul.

His arrival from a meeting with Saudi King Abdullah in Riyadh on June 3 is planned to add extra weight to Obama’s dramatic outreach to Muslims, since the king officiates as Custodian of the Holy Places to Islam.

[...]

Giant transports have been landing at Cairo airport, unloading a fleet of armored vehicles, White House helicopters, counter-terror weapons and the vanguard of the 3,000 Secret Service officers backed by CIA and FBI personnel who will secure the US president during his stay in Egypt. Cairo will soon be in turmoil as forces are deployed from a command center at the American Embassy to control sections of downtown Cairo, with guard posts on the Nile River’s banks, the international airport, main railway terminals and approaches to the city.

Some 30,000 Egyptian security personnel including army units stationed in Cairo have been placed on special duty until the American president leaves. Their names and those of the welcoming party at Al Azhar University were submitted to the US presidential security center.

Obama is due to land in Cairo Thursday at 10 a.m., drive to the Abidin Palace to meet President Hosni Mubarak and proceed from there to Azhar University. His convoy will be escorted by vehicles equipped with sensors for detecting firearms and explosives and covered by Marine helicopters overhead.

Until the last minute, the president’s routes to the university have been withheld from Egyptian security authorities as a safeguard against leaks to hostile elements.

Source

Cheney, Obama – No Middle Ground on Gitmo Approach

The headlines will say two big, dueling speeches about the war on terror were delivered in Washington on Thursday, one by President Barack Obama and one by former Vice President Dick Cheney.

And that’s true, as far as it goes. But it would be more accurate to say that four quite different speeches were delivered.

Mr. Cheney gave one speech, a remarkably focused, blistering attack on those who criticize the Bush administration’s methods for detaining and interrogating terror suspects. Scathing in terminology, scornful in tone, Mr. Cheney took on those critics and gave not an inch of ground to them. He questioned both the integrity and wisdom of those, including the current president, who would reverse policies that he said have kept America safe for more than seven years since the 9/11 terror attacks.

Obama: I know some have argued that brutal methods like water-boarding were necessary to keep us safe. I could not disagree more. As commander-in-chief, I see the intelligence, I bear responsibility for keeping this country safe, and I categorically reject the assertion that these are the most effective means of interrogation.

Cheney: The interrogations were…legal, essential, justified, successful, and the right thing to do. The intelligence officers who questioned the terrorists can be proud of their work and proud of the results, because they prevented the violent deaths of thousands, if not hundreds of thousands, of innocent people.

Those who prefer their Washington policy debates to be cloaked in understatement or delicate euphemisms may have been taken aback by the ferocity of the Cheney rejoinder, which crackled in intensity, even while being delivered in the former vice president’s trademark monotone style.

Meanwhile, Mr. Obama, facing the trickier task of selling a policy to both parties, really gave three speeches wrapped in one. His first was meant to address critics on the right, who charge he has gone soft on terror and that his decision to close the military detention facility at Guantanamo Bay will bring to U.S. soil dangerous extremists.

via No Middle Ground on Gitmo Approach – WSJ.com.

Cheney: Obama Endangers The Nation

Former Vice President Dick Cheney on Sunday continued his verbal attack against President Obama, saying that the country is more vulnerable to a potential terrorist attack since the Obama administration took power.

Mr. Cheney said that administration’s dismantling of many of the policies and protections instituted by President George W. Bush after the September 11, 2001 terrorist attacks — including the planned closing of the Guantanamo Bay detention camp in Cuba and halting controversial prisoner interrogation techniques — have made the country more vulnerable to future attacks.

“That’s my belief,” Mr. Cheney said on CBS’ “Face the Nation.” “I think to the extent that those [Bush-era] policies were responsible for saving lives, that the administration is now trying to cancel those policies … means in the future we’re not going to have the same safeguards we’ve had for the last eight years.”

Source

Hard Drive Sold On eBay Held U.S. Missile Defence System Secrets

Highly sensitive details of a US military missile air defence system were found on a second-hand hard drive bought on eBay.

The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defence) ground to air missile defence system, used to shoot down Scud missiles in Iraq.

The disk also contained security policies, blueprints of facilities and personal information on employees including social security numbers, belonging to technology company Lockheed Martin – who designed and built the system.

Source

Conficker Downadup Virus April 1 – DHS Releases Computer Worm Detection Tool

UPDATE: The malicious Conficker Internet worm is trying to reach its creators more aggressively today. But nothing noticeable has happened.

The worm’s programming included a change in tactics on April 1. Infected computers were told to step up their attempts to “phone home” for commands. But chief research officer Mikko Hypponen at antivirus company F-Secure says that’s the only sign of life from the bug.

————-

The U.S. Department of Homeland Security (DHS) announced today the release of a DHS-developed detection tool that can be used by the federal government, commercial vendors, state and local governments, and critical infrastructure owners and operators to scan their networks for the Conficker/Downadup computer worm.

The department’s United States Computer Emergency Readiness Team (US-CERT) developed the tool that assists mission-critical partners in detecting if their networks are infected. The tool has been made available to federal and state partners via the Government Forum of Incident Response and Security Teams (GFIRST) Portal, and to private sector partners through the IT and Communications sector Information Sharing and Analysis Centers (ISACs). Additional outreach to partners will continue in the coming days.

Department cyber experts briefed federal Chief Information Officers and Chief Information Security Officers today, as well as their equivalents in the private sector and state/local government via the ISACs and the National Infrastructure Protection Plan framework.

“While tools have existed for individual users, this is the only free tool – and the most comprehensive one – available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm,” said US-CERT Director Mischel Kwon. ”Our experts at US-CERT are working around the clock to increase our capabilities to address the cyber risk to our nation’s critical networks and systems, both from this threat and all others.”

In addition to the development of this tool, DHS is working closely with private sector and government partners to minimize any impact from the Conficker/Downadup computer worm. This worm can infect Microsoft Windows systems from thumb drives, network share drives, or directly across a corporate network if network servers are not protected by Microsoft’s MS08-067 patch.

US-CERT recommends that Windows Operating Systems users apply Microsoft security patch MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx) as quickly as possible to help protect themselves from the worm. This security patch, released in October 2008, is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an infected system and install additional malicious software.

Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers.  The presence of an infection may be detected if users are unable to connect to their security solution Web site or if they are unable to download free detection/removal tools.

If an infection is suspected, the system or computer should be removed from the network.  In the case of home users, the computer should be unplugged from the Internet.

Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:

Symantec:

http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

Microsoft:

http://support.microsoft.com/kb/962007

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

Home users may also call Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance.

McAfee:

http://www.mcafee.com/us/threat_center/default.asp

US-CERT encourages users to prevent a Conficker/Downadup infection by ensuring all systems have the MS08-067 patch, disabling AutoRun functionality (see http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and maintaining up-to-date anti-virus software.

In addition, US-CERT recommends that computer users and administrators implement the following preparedness measures to protect themselves against this vulnerability, and also from future vulnerabilities:

• Keep up-to-date on security patches and fixes for your operating system. The easiest way to do this is to set your system to receive automatic updates, which will ensure you automatically receive security updates issued by Microsoft. If your system does not allow automatic updates, we recommend that you manually install the Microsoft security patch today through Microsoft Update at http://update.microsoft.com/microsoftupdate
• Install anti-virus and anti-spyware software and keep them up-to-date
• Enable a firewall which will help block attacks before they can get into your computer

To access the alerts for this vulnerability and for additional information on cyber security tips and practices, please visit www.us-cert.gov.

###

DHS – Source

Computer Virus Time Bomb Could Go Off April 1 – Conficker Virus

UPDATE: Department of Homeland Security has released Worm Detection Tool

The Conficker Internet worm could strike at infected computers around the world on April 1, a security expert warned Monday.

Conficker is a sophisticated piece of malicious computer software, or malware, that installs itself on a Windows PC’s hard drive via specially written Web pages. It then conceals itself on a computer.

Graham Cluley of the British security firm Sophos confirmed that Conficker is programmed “to hunt for new instructions on April 1.”

However, he added, “This does not mean that anything is going to happen, or that the worm is actually going to do anything. Simply, it is scheduled to hunt a wider range of Web sites for instructions on that date.”

One strange thing about Conficker is that no one yet has any idea what it is programmed to do.

In February, Cluley told The Times: “It’s as if someone is assembling an army of computers around the world, but hasn’t yet decided where to point them.”

A worst-case scenario for April 1 would be for all the world’s millions of infected computers to receive simultaneous instructions to attack, or to flood the Internet with spam e-mail.

via FOXNews.com – Computer Virus ‘Time Bomb’ Could Go Off April 1 – Science News | Science & Technology | Technology News.

Heightened Awareness Recommended For Railways Operating Along The US-Mexico Borde

GlobalIncidentMap.com Recommends Heightened Awareness For Railways Operating Along The US-Mexico Border

“Based on information from trusted Law Enforcement sources, we are recommending a heightened state of awareness for all railway operations along the USA-Mexico border, based on recent threats and observed activity”

No news links or additional information is available at this time.

via Global Incident Map.

Possible Pipe Bomb in Sparks Detonated, Road Closed

Minutes before the noon hour Tuesday, local law enforcement detonated a device that could have been a bomb.

Discovered on Stanford Way and Greg St. in Sparks, a device that looked like “a pipe with two caps” on the ends was exploded by a member of the Consolidated Bomb Squad, according to News 4 crews on the scene.

Law enforcement told News 4 they closed the surrounding roadways because of the discovery of the device.

Officials utilized a specialized robot to help deal with the object.

A civilian notified authorities of the presence of the device.

Source