As announced on a Fedora mailing list, some Fedora servers were illegally accessed and “a small number of OpenSSH packages” were singed by the intruder. The servers were taken offline quickly after the breach was discovered.
As a security precaution, Red Hat has changed the signing keys for Fedora, updated OpenSSH packages and also issued OpenSSH blacklist scripts that allow admins to check to see if any of the affected packages are installed on their systems.
If you are running any Fedora or Red Hat systems, you might want to check them out just to be safe.
Filed in News by edsmiley | August 23, 2008 | Comments
We tossed him a shirt while he was at the IOActive party just before we ventured up to the Core Impact party in Ceasars Palace. Thanks for your support Dan!
So the Air Force, which prides themselves for being the most technical branch of all the armed forces, has decided to suspend its efforts on building their latest Cyber Command. Not sure if any of you recall the latest AF recruitment commercials geared around cyber security, but it would be safe to say that those will not be airing until the Air Force works out some kinks.
“The Secretary and Chief of Staff of the Air Force have considered delaying currently planned actions on Air Force Cyber Command to allow ample time for a comprehensive assessment of all AFCYBER requirements and to synchronize the AFCYBER mission with other key Air Force initiatives,” the service said in a statement released Thursday.
Makes you wonder why ample time wasn’t dedicated in the first place for a “comprehensive assessment.”
In case you don’t have a television, radio, or even the Internet, which means you wouldn’t be reading this. One of the greatest cyber crimes of all time has finally come to a halt, or so they think…
Eleven people in the US city of Boston have been charged with credit card fraud. The US authorities say the suspects stole the data from more than 40 million credit cards.
The hackers obtained the information by installing software in computers and databases of banks and major store chains. They also drove through residential districts with a laptop to hack into personal computers with wireless connections.
Prosecutors speak of the biggest credit card swindle in US history. The suspects, who have US, Estonian, Ukrainian, Belarus and Chinese nationalities, allegedly embezzled tens of millions of dollars.
So while I’m sitting at DEFCON 16 enjoying a “free” bar tab, I wonder if I’ll see it show up my own credit card since I could quite possibly be funding one of these parties and not even know until it’s too late. Oh well, that’s what the fraud department is for right…
If you haven’t already heard about the meetup and are going to Defcon, there will be a meetup on Saturday, August 9th in the skybox which the folks at i-hacked.com reserved. You can find the full information at mubix’s site located here.
While I won’t be attending Defcon, three of our crew will be. Chris Mills, Jay Mueller, and Rob Fuller. Keep an eye out for them as at some point they will likely be wearing their SecuraBit T-Shirts and passing out free stickers. Jay should have a backpack full of t-shirts to sell should you want one. I am sending off the box today to him, so any further donations to the site for them will be filled by him either by shipping it to you or giving it to you in person at Defcon.
Episode 8 will be delayed until the Wednesday after Defcon, though we expect at least one more SecuraByte in the interim.
