Security Bytes: Blog beatdown blamed on antispam vendor

Meanwhile: Ohio University announces a data breach; an antispyware activist sues Yahoo; Linux gets buggier and Vista security comes under the microscope.

Antispam company denies it helped bring down blogs
Menlo Park, Calif.-based Blue Security Inc. denies claims it inadvertently caused a massive denial-of-service attack against popular blog-host sites TypePad and LiveJournal after coming under fire by a renegade spammer.

In a news release issued Thursday, the antispam company said last week's "sophisticated attacks" were orchestrated by a rogue cracker named PharmaMaster, carrying through on earlier threats to take down the company and the Internet if it didn't allow his spam to get through. The company has adamantly rebuffed the notion it was the victim of a denial-of-service attack. "The attacks started with a strike on the Internet backbone itself, causing the Blue Web site to become inaccessible to visitors outside Israel, while remaining available for Israeli visitors," CEO Eran Reshef said in a statement. The company's research work is performed in Israel.

Once the spammer launched the attack, Blue Security closed its site and posted a note on its blog. It claims PharmaMaster then decided to go after any site associated with the antispam company. "This attack caused five top-tier hosting providers in the U.S. and Canada, a major DNS provider and a popular blog site to go down for several hours," Reshef said. A security chief for Internet monitoring and routing analysis firm Renesys Corp. of Manchester, N.H., told InformationWeek that Blue Security changed its DNS record to reroute traffic to its blog, hosted by San Francisco-based Six Apart Ltd.'s TypePad site. It never warned Six Apart of the 1 to 3 million packets per second hitting its servers, causing the sudden spike in bad traffic to overwhelmed the blog host's servers and knock millions of TypePad and LiveJournal blogs offline for several hours.

Ohio University begins notifying alumni of server breach
Ohio University in Athens, Ohio has begun sending e-mails to 137,800 individuals and organizations to inform them that its alumni database, which contains personal information, including Social Security numbers, had been compromised -- perhaps as far back as 13 months ago. Faculty and staff hired before January 2004 also were affected, the school said in a news report. The server had been taken offline more than a year ago, so the compromise wasn't discovered until last week when IT staff noticed it was being used to launch a denial-of-service attack. A second server within the university's Innovation Center business incubator also was breached April 21, compromising patent data. The FBI discovered the theft while investigating another incident.

Yahoo sued for deceptive advertising scheme, spyware connection
A well known antispyware activist has filed a class-action lawsuit against Yahoo for manipulating its allegedly fraudulent advertising network. Ben Edelman filed the suit in New Jersey, alleging Yahoo's Overture pay-per-click network -- known formally as Yahoo Search Marketing -- routinely breached its contract with advertisers by bundling ads in spyware to produce pop-ups and gaining credit from traffic to sites without bona fide content that's part of its syndication contract. In addition, Edelman claims the ISP uses "typo-squatting" to route users to ad-based sites based on misspelled URLs, again to earn click-through payment credits. It also is accused of lacking controls to prevent competitors from clicking ads to hike the price a rival will pay for click-throughs. Edelman noted Yahoo has worked closely to generate income for adware vendor Direct Revenue LLC, a business relationship disclosed in a recent lawsuit against Direct Revenue filed by the New York attorney general. Yahoo told eWeek the company plans to "vigorously defend our position."

Linux kernel getting buggier
More security holes are appearing in version 2.6 of the Linux kernel and something needs to be done about it, according to the Linux production kernel's lead caretaker. "I believe the 2.6 kernel is slowly getting buggier. It seems we're adding bugs at a higher rate than we're fixing them," Andrew Morton said during a discussion at the LinuxTag 2006 conference in Wiesbaden, Germany, on Friday. His comments appeared in a ZDNet story about the conference. Morton said he hasn't proven the increased vulnerabilities from a statistical standpoint, but he said he's receiving more flaw reports. If he is able to confirm the increasing defect rate, he said he may temporarily halt the kernel development process to spend time sealing holes. "A little action item I've given myself is to confirm that this increasing defect rate is really happening," he said. "If it is, we need to do something about it." Specifically, kernel developers would need to focus more time fixing bugs. "We may possibly have a bug fix-only kernel cycle, which is purely for fixing up long-standing bugs," he said.

Windows Vista will affect security market
A new report from Boston-based Yankee Group says the security features in Windows Vista will essentially eliminate the need to use separate antispyware and firewall software. Vista will also have a significant impact on the $3.6 billion market for Windows security products, the report said. "Yankee Group expects Vista to significantly shrink the aftermarket for antispyware and desktop firewalls," wrote analyst Andrew Jaquith in the report. Vista may also reduce the need for disk encryption, device control and certain types of host intrusion prevention software, Jaquith added. But Yankee Group doesn't believe Vista will have a significant effect on the antivirus software space because it doesn't include antivirus functionality. For that, the software giant will begin selling its Windows Live OneCare antivirus program separately next month.

Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close