Hello There, Guest! (LoginRegister)

Post Reply 
Conficker Cyber Attack??... Damn Russians
Author Message
GGniner Offline
All American
*

Posts: 4,370
Joined: Feb 2007
Reputation: 38
I Root For:
Location:
Post: #1
Conficker Cyber Attack??... Damn Russians
http://www.cbsnews.com/stories/2009/03/2...7053.shtml

lay off the internet porn boys, the Russians are watching and plotting something. Hopefully the banks are watching this stuff closely.
(This post was last modified: 03-30-2009 05:35 PM by GGniner.)
03-30-2009 05:32 PM
Find all posts by this user Quote this message in a reply
Advertisement


smn1256 Offline
I miss Tripster
*

Posts: 28,878
Joined: Apr 2008
Reputation: 337
I Root For: Lower taxes
Location: North Mexico
Post: #2
RE: Conficker Cyber Attack??... Damn Russians
(03-30-2009 05:32 PM)GGniner Wrote:  http://www.cbsnews.com/stories/2009/03/2...7053.shtml

lay off the internet porn boys, the Russians are watching and plotting something. Hopefully the banks are watching this stuff closely.

Pretty nasty stuff especially when you combine it with Ghostnet
03-30-2009 07:40 PM
Find all posts by this user Quote this message in a reply
WoodlandsOwl Offline
Up in the Woods
*

Posts: 11,813
Joined: Jun 2005
Reputation: 115
I Root For: Rice Owls
Location:

New Orleans Bowl
Post: #3
RE: Conficker Cyber Attack??... Damn Russians
Just what we need right now. Update your anti-virus tonight.
03-30-2009 07:41 PM
Find all posts by this user Quote this message in a reply
GGniner Offline
All American
*

Posts: 4,370
Joined: Feb 2007
Reputation: 38
I Root For:
Location:
Post: #4
RE: Conficker Cyber Attack??... Damn Russians
what may be worse, if true, is the story within this report about the Hackers who got busted and then quickly released from jail and then PRAISED by the Newspaper for stealing Americans money.
03-30-2009 09:29 PM
Find all posts by this user Quote this message in a reply
Advertisement


I45owl Offline
Hall of Famer
*

Posts: 18,374
Joined: Jun 2005
Reputation: 184
I Root For: Rice Owls
Location: Dallas, TX

New Orleans Bowl
Post: #5
RE: Conficker Cyber Attack??... Damn Russians
Two quick notes: there exists a classic white paper on why any virus/worm reported in the media is necessarily more BS than real threat (but I can never find the link when I need it). Nevertheless, it's worth reading.

If anti-virus vendors have been tracking this since November and you feel the need to update your AV now, get used to the fact that you no longer have any control over your identity, if indeed this threat is the one that does you in.
03-31-2009 09:50 AM
Find all posts by this user Quote this message in a reply
Rebel
Unregistered

 
CrappiesNew Orleans Bowl
Post: #6
RE: Conficker Cyber Attack??... Damn Russians
Quote: National Cyber Alert System

Technical Cyber Security Alert TA09-088A


Conficker Worm Targets Microsoft Windows Systems

Original release date: March 29, 2009
Last revised: March 30, 2009
Source: US-CERT


Systems Affected

* Microsoft Windows


Overview

US-CERT is aware of public reports indicating a widespread
infection of the Conficker/Downadup worm, which can infect a
Microsoft Windows system from a thumb drive, a network share, or
directly across a corporate network, if the network servers are not
patched with the MS08-067 patch from Microsoft.


I. Description

Home users can apply a simple test for the presence of a
Conficker/Downadup infection on their home computers. The presence
of a Conficker/Downadup infection may be detected if a user is
unable to surf to their security solution website or if they are
unable to connect to the websites, by downloading detection/removal
tools available free from those sites:

*
http://www.symantec.com/n...ker_worm&inid=us_ghp_
link_conficker_worm
* http://www.microsoft.com/...uses/worms/conficker.mspx
* http://www.mcafee.com

If a user is unable to reach any of these websites, it may indicate
a Conficker/Downadup infection. The most recent variant of
Conficker/Downadup interferes with queries for these sites,
preventing a user from visiting them. If a Conficker/Downadup
infection is suspected, the system or computer should be removed
from the network or unplugged from the Internet - in the case for
home users.


II. Impact

A remote, unauthenticated attacker could execute arbitrary code on
a vulnerable system.


III. Solution

Instructions, support and more information on how to manually
remove a Conficker/Downadup infection from a system have been
published by major security vendors. Please see below for a few of
those sites. Each of these vendors offers free tools that can
verify the presence of a Conficker/Downadup infection and remove
the worm:

Symantec:

http://www.symantec.com/b...writeup.jsp?docid=2009-01
1316-0247-99

Microsoft:
http://support.microsoft.com/kb/962007

http://www.microsoft.com/protect/compute...icker.mspx

Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance.

US-CERT encourages users to prevent a Conficker/Downadup infection by
ensuring all systems have the MS08-067 patch (see
http://www.microsoft.com/technet/securit...067.mspx),
disabling AutoRun functionality (see
http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and
maintaining up-to-date anti-virus software.


IV. References

* Microsoft Windows Does Not Disable AutoRun Properly -
<http://www.us-cert.gov/cas/techalerts/TA09-020A.html>

* Virus alert about the Win32/Conficker.B worm -
<http://support.microsoft.com/kb/962007>

* Microsoft Security Bulletin MS08-067 - Critical -
<http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx>

* MS08-067: Vulnerability in Server service could allow remote code
execution -
<http://support.microsoft.com/kb/958644>

* The Conficker Worm -
<http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm>

* W32/Conficker.worm -
<http://us.mcafee.com/root/campaign.asp?cid=54857>

* W32.Downadup Removal Tool -

<http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-0
11316-0247-99>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA09-088A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-088A Feedback VU#827267" in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2009 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
03-31-2009 09:53 AM
Quote this message in a reply
I45owl Offline
Hall of Famer
*

Posts: 18,374
Joined: Jun 2005
Reputation: 184
I Root For: Rice Owls
Location: Dallas, TX

New Orleans Bowl
Post: #7
RE: Conficker Cyber Attack??... Damn Russians
I'm not saying that it's not a real virus. Looking at the article, many of the techniques and features of this virus are not new. What I'm suggesting is that since it is known and has been known for several months, the AV sigs have been out for some time ... the ultimate repercussions of viruses that hit the media like this are almost likely nothing close to the warnings. IF there were no AV sigs AND no-one was aware of the problem with this virus, then it may well be that it could cause a lot of harm.

IF you are still worried, SHUT OFF YOUR PC NOW! and (ONLY if you're confident that you won't be talking to CYBORGS) call all of your banks and credit cards and close your accounts IMMEDIATELY.

All of that said, don't be an idiot and plug your PC directly into the internet without any protection, but the results of this are likely to be roughly the same as Y2K.

Trivia - name a RUN-FOR-THE-HILLS CYBER ATTACK that caused billions of dollars in damage after the media ran stories about it... (I'm shooting in the dark, but am fairly confident of the results). It's the ones that you don't know about until the forensic results are in that are typically dangerous.

No fair if the virus is the media story:
http://www.cityscope.net/hoax1.html Wrote:Subject=Good Times

Thought you might like to know...

Apparently , a new computer virus has been engineered by a user of
America Online that is unparalleled in its destructive capability.
Other, more well-known viruses such as Stoned, Airwolf, and
Michaelangelo pale in comparison to the prospects of this newest
creation by a warped mentality.

What makes this virus so terrifying is the fact that no program
needs to be exchanged for a new computer to be infected. It can be
spread through the existing e-mail systems of the InterNet.

Luckily, there is one sure means of detecting what is now known as
the "Good Times" virus. It always travels to new computers the
same way - in a text e-mail message with the subject line reading
simply "Good Times".
Avoiding infection is easy once the file has
been received - not reading it. The act of loading the file into
the mail server's ASCII buffer causes the "Good Times" mainline
program to initialize and execute.


The program is highly intelligent - it will send copies of itself
to everyone whose e-mail address is contained in a received-mail
file or a sent-mail file, if it can find one. It will then proceed
to trash the computer it is running on.

The bottom line here is - if you receive a file with the subject
line "Good TImes"
, delete it immediately! Do not read it! Rest
assured that whoever's name was on the "From:" line was surely
struck by the virus. Warn your friends and local system users of
this newest threat to the InterNet!
It could save them a lot of
time and money.
03-31-2009 10:56 AM
Find all posts by this user Quote this message in a reply
Advertisement


I45owl Offline
Hall of Famer
*

Posts: 18,374
Joined: Jun 2005
Reputation: 184
I Root For: Rice Owls
Location: Dallas, TX

New Orleans Bowl
Post: #8
RE: Conficker Cyber Attack??... Damn Russians
(03-31-2009 09:53 AM)Rebel Wrote:  
Quote:III. Solution

Instructions, support and more information on how to manually
remove a Conficker/Downadup infection from a system have been
published by major security vendors. Please see below for a few of
those sites. Each of these vendors offers free tools that can
verify the presence of a Conficker/Downadup infection and remove
the worm:

Symantec:

http://www.symantec.com/b...writeup.jsp?docid=2009-01
1316-0247-99

Microsoft:
http://support.microsoft.com/kb/962007

http://www.microsoft.com/protect/compute...icker.mspx

Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance.

US-CERT encourages users to prevent a Conficker/Downadup infection by
ensuring all systems have the MS08-067 patch (see
http://www.microsoft.com/technet/securit...067.mspx),
disabling AutoRun functionality (see
http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and
maintaining up-to-date anti-virus software.

Sure 'nough, even my old windows/2000 pc has the right patch installed by the windows patch-o-matic.

BTW, this is the CERT equivalent of saying take a bath at least twice a week and brush your teeth after every meal ... "Apply patches".
03-31-2009 11:15 AM
Find all posts by this user Quote this message in a reply
GGniner Offline
All American
*

Posts: 4,370
Joined: Feb 2007
Reputation: 38
I Root For:
Location:
Post: #9
RE: Conficker Cyber Attack??... Damn Russians
it probably depends on if you are too gullible and click on links in emails addressed to you, which happens to many non-Tech savy types. and the example shown on the 60 Minutes thing isn't so much a stretch.

and those browsing porn regularly, especially now with Streaming video options.


it does make for a good TV piece to get everyone worried about something.
03-31-2009 11:25 AM
Find all posts by this user Quote this message in a reply
I45owl Offline
Hall of Famer
*

Posts: 18,374
Joined: Jun 2005
Reputation: 184
I Root For: Rice Owls
Location: Dallas, TX

New Orleans Bowl
Post: #10
RE: Conficker Cyber Attack??... Damn Russians
(03-31-2009 11:25 AM)GGniner Wrote:  it probably depends on if you are too gullible and click on links in emails addressed to you, which happens to many non-Tech savy types. and the example shown on the 60 Minutes thing isn't so much a stretch.

and those browsing porn regularly, especially now with Streaming video options.


it does make for a good TV piece to get everyone worried about something.

If it gets you to think "should I really use the model of my car as a password?", then it does a good thing. Likewise, if you spend a moment and wonder "what happens if a hacker running a botnet decides to encrypt everything on my hard drive and offer to sell the encryption key back to me for $100,000 ... do I have my important files backed up somewhere?".

It's always possible that one day the world will rue the day that 60 minutes does an expose that correctly predicts a cyber disaster - something that is probably a few weeks in the making at a minimum - but, generally the aspects that allow them to do a report are also the aspects that mean the threat is already contained.

(This was written yesterday, but I forgot to post... it's 8:30 am - do you know where your computer is?)
04-01-2009 08:22 AM
Find all posts by this user Quote this message in a reply
Advertisement


I45owl Offline
Hall of Famer
*

Posts: 18,374
Joined: Jun 2005
Reputation: 184
I Root For: Rice Owls
Location: Dallas, TX

New Orleans Bowl
Post: #11
RE: Conficker Cyber Attack??... Damn Russians
http://blog.wired.com/27bstroke6/2009/04...dooms.html Wrote:Conficker Doomsday Worm Sells Out For $49.95
By Kevin Poulsen April 09, 2009 | 2:08:25 PMCategories: Cybarmageddon!
[Image: conficker_war_room.jpg]
Last night the dreaded Conficker worm finally got the update we've been waiting for since April 1. But cyber Armageddon will have to wait another day. The botnet, as predicted here, is now dedicated to spam.
(If you think that's going to keep us from running our awesome Conficker War Room banner, you're nuts.)
Further disappointing doomsayers, the new download -- which seems to have been first spotted by Trend Micro -- took place through Conficker's longstanding peer-to-peer functionality, rather than the DNS lookups that gave us that delicious April 1 ticking clock. Kaspersky Labs' analysis of the new payload concludes this morning that Conficker is now serving victims a fake anti-virus product that offers to remove malware for $50.
The worm also downloaded an existing e-mail worm called Waledac, which steals passwords and sends spam. Both worms "are now present on infected machines as part of the gigantic botnet designed to conduct spam mailings," Kaspersky writes.
The last thing the internet needs is more spam. But you have to give Conficker credit for not believing its own press. And I'm personally grateful that it brought to mind a moment from the original Die Hard film.
"You want money? What kind of terrorists are you?"
(Laughing) "Who said we were terrorists?"
04-09-2009 05:39 PM
Find all posts by this user Quote this message in a reply
SumOfAllFears Offline
Grim Reaper of Misguided Liberal Souls
*

Posts: 18,213
Joined: Nov 2008
Reputation: 58
I Root For: America
Location:
Post: #12
RE: Conficker Cyber Attack??... Damn Russians
I thought this was good.

Conficker Eye Chart

http://www.confickerworkinggroup.org/inf...chart.html

If you cannot all of the images you got it.
04-11-2009 09:20 AM
Find all posts by this user Quote this message in a reply
smn1256 Offline
I miss Tripster
*

Posts: 28,878
Joined: Apr 2008
Reputation: 337
I Root For: Lower taxes
Location: North Mexico
Post: #13
RE: Conficker Cyber Attack??... Damn Russians
(04-11-2009 09:20 AM)SumOfAllFears Wrote:  I thought this was good.

Conficker Eye Chart

http://www.confickerworkinggroup.org/inf...chart.html

If you cannot all of the images you got it.

If this thing really works then I'm good for now. Thanks, Sum.
04-11-2009 10:23 AM
Find all posts by this user Quote this message in a reply
I45owl Offline
Hall of Famer
*

Posts: 18,374
Joined: Jun 2005
Reputation: 184
I Root For: Rice Owls
Location: Dallas, TX

New Orleans Bowl
Post: #14
RE: Conficker Cyber Attack??... Damn Russians
Quote:With daily reports of severe breaches in national cybersecurity and devastating cyber-attacks on government infrastructure, many journalists are in dire need of a manual to enlighten their writing on the subject. Here are my ten(rather cynical) tips to make your cyberwarfare story succeed.


1. You need a catchy title. It pays to cannibalize on some recent tragic event from the real world; adding "cyber" to its name would usually trigger all the right associations. Studies show that references to "digital Pearl Harbor","cyber-Katrina", and "electronic 9/11" are most effective, particularly for stories involving electricity grids or dams. Never make any explicit attempts to explain the bizarre choice of your title– you need to leave enough ambiguity out there for your readers to "connect the dots" themselves. This is a win-win: readers love solving important cyberspy puzzles - and you could get away without doing any analysis of your own. Quoting real facts would spoil the puzzle-solving experience; plus, the fewer facts you quote, the harder it would be to debunk your story!

...

worth a quick read...

05-deadhorse
04-14-2009 01:05 PM
Find all posts by this user Quote this message in a reply
Post Reply 




User(s) browsing this thread: 1 Guest(s)


Copyright © 2002-2024 Collegiate Sports Nation Bulletin Board System (CSNbbs), All Rights Reserved.
CSNbbs is an independent fan site and is in no way affiliated to the NCAA or any of the schools and conferences it represents.
This site monetizes links. FTC Disclosure.
We allow third-party companies to serve ads and/or collect certain anonymous information when you visit our web site. These companies may use non-personally identifiable information (e.g., click stream information, browser type, time and date, subject of advertisements clicked or scrolled over) during your visits to this and other Web sites in order to provide advertisements about goods and services likely to be of greater interest to you. These companies typically use a cookie or third party web beacon to collect this information. To learn more about this behavioral advertising practice or to opt-out of this type of advertising, you can visit http://www.networkadvertising.org.
Powered By MyBB, © 2002-2024 MyBB Group.