An anonymous reader writes "7,500 Black Hat USA 2012 attendees may have been surprised to get a fake password reset e-mail sent to accounts they used to register for the conference. Black Hat has apologized and explained the lame phishing spam attempt."

mikejuk writes "Support Vector Machines (SVMs) are fairly simple but powerful machine learning systems. They learn from data and are usually trained before being deployed. SVMs are used in security to detect abnormal behavior such as fraud, credit card use anomalies and even to weed out spam. In many cases they need to continue to learn as they do the job and this raised the possibility of feeding it with data that causes it to make bad decisions. Three researchers have recently demonstrated how to do this with the minimum poisoned data to maximum effect. What they discovered is that their method was capable of having a surprisingly large impact on the performance of the SVMs tested. They also point out that it could be possible to direct the induced errors so as to produce particular types of error. For example, a spammer could send some poisoned data so as to evade detection for a while. AI based systems may be no more secure than dumb ones."

wiredmikey writes "Dutch authorities have pulled the plug on two secondary servers used by the Grum botnet, a large botnet said to produce about 17% of the world's spam. According to researchers from FireEye, the backup C&C servers were located in the Netherlands, and once word of their existence was released, Dutch authorities quickly seized them. While any C&C server takedown is a win, the impact may be minimal, as the two primary servers are fully active, and the datacenters hosting them are unresponsive to fully documented abuse reports. That being said, FireEye's Atif Mushtaq noted that the botnet does has some weak spots, including the fact that Grum has no failback mechanism, has just a few IPs hardcoded into the binaries, and the botnet is divided into small segments, so even if some C&Cs are not taken down, part of botnet can still remain offline. The removal of the C&C servers shines light on how quickly some law enforcement agencies work, given that proof of their existence is just over a week old."

An anonymous reader writes "Spammers used to depend on email recipients to tie the noose around their own necks by inputing their personal and financial information in credible spoofs of legitimate websites, but with the advent of exploit kits, that technique is slowly getting sidelined. Prompted by the rise in numbers of spam runs leading to pages hosting exploit kits, Trend Micro researchers have recently been investigating a number of high-volume spam runs using the Blackhole exploit kit. According to them, the phishing messages of today have far less urgency and the message is implicit: 'Your statement is available online'; or 'Incoming payment received'; or 'Password reset notification.'" One thing that's long worried me is that the bulk of spammers and malware writers may hire copywriters with a better grasp of English than most of the ones I see now. "I send you this file in order to have your advice" was funny, because it stuck out.

An anonymous reader writes "Microsoft engineer Terry Zink has discovered Android devices are being used to send spam. He has identified an international Android botnet and outlined the details on his MSDN blog. A closer look at the e-mails' header information shows all the messages come from compromised Yahoo accounts. Furthermore, they are also stamped with the 'Sent from Yahoo! Mail on Android' signature. Google has denied the allegations. 'The evidence does not support the Android botnet claim,' a Google spokesperson said in a statement. 'Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using.'"

New submitter DavidGilbert99 writes "Security experts have discovered what is claimed to be the first ever piece of malware to be found in the Apple App Store. While Android is well known for malware, Apple has prided itself on being free from malicious apps ... until now. The app steals your contact data and uploads it to a remote server before sending spam SMS messages to all your contacts, but the messages look like they are coming from you."

Tmack writes "The last time we had a leap second, sysadmins were taken a bit by surprise when a random smattering of systems locked up (including Slashdot itself) due to a kernel bug causing a race condition specific to the way leap seconds are handled/notified by ntp. The vulnerable kernel versions (prior to 2.6.29) are still common amongst older versions of popular distributions (Debian Lenny, RHEL/CentOS 5) and embedded/black-box style appliances (Switches, load balancers, spam filters/email gateways, NAS devices, etc). Several vendors have released patches and bulletins about the possibility of a repeat of last time. Are you/your team/company ready? Are you upgraded, or are you going to bypass this by simply turning off NTP for the weekend?" Update: 07/01 03:14 GMT by S : ZeroPaid reports that this issue took down the Pirate Bay for a few hours.

Omnifarious writes "China (along with other member nations) is trying to push a proposal through a little known UN agency called the International Telecommunications Union (aka ITU). This proposal contains a wide variety of problematic provisions that represent a huge power grab on the part of the UN, and a severe threat to a continued global and open Internet. From the article: 'Several proposals would give the U.N. power to regulate online content for the first time, under the guise of protecting against computer malware or spam. Russia and some Arab countries want to be able to inspect private communications such as email. Russia and Iran propose new rules to measure Internet traffic along national borders and bill the originator of the traffic, as with international phone calls. That would result in new fees to local governments and less access to traffic from U.S. "originating" companies such as Google, Facebook and Apple. A similar idea has the support of European telecommunications companies, even though the Internet's global packet switching makes national tolls an anachronistic idea.'"

New submitter halcyon1234 writes "I'm currently cutting the webhost cord, and setting up a simple webserver at home to host a couple hobby websites and a blog. The usual LAMP stuff. I have just enough knowledge to be dangerous; I know how to get everything set up and get it up to date, but not enough to be sure I'm not overlooking common, simple security configurations. And then there's the issue of new vulnerabilities being found that I'm not even aware of. The last thing I want is to contribute to someone's botnet or spam relay. What readings/subscriptions would you recommend for security discussions/heads up? Obviously I already read (too much) Slashdot daily, which I credit for hearing about some major security issues. Are there any RSS feeds or mailing lists you rely on for keeping up to date on security issues?"

Here is a breakdown of R, Octave and Python, and how analysts can rely on open-source software and online learning resources to bring data-mining capabilities into their companies. The article breaks down which of the three is easiest to use, which do well with visualizations, which handle big data the best, etc. The lack of a budget shouldn't prevent you from experiencing all the benefits of a top-shelf data analysis package, and each of these options brings its own set of strengths while being much cheaper to implement than the typical proprietary solutions.

First time accepted submitter Shalmendo writes "My client needs to monitor traffic on his LAN, particularly going out to the internet. This will include websites like Facebook, Myspace, and similar, including from mobile devices. So far, based on the network education I have, I've concluded that it might be best to get a tap (And some kind of recording system with wireshark, probably a mini-barebone), or replace the existing Linksys router with a custom built mini barebone system with linux routing software and appropriate storage capacity etc to record traffic internally. (either way it looks like I will need to put together a mini barebone system for some purpose) My client is trying to protect his family from scammers and other unsavory types, and isn't savvy in this matter, so i'm doing it for him. What I need is a way to record the traffic at a singular point, like modem/router areas, or similar, and a way to scrape out Facebook, Myspace, and other messages. It also appears that the client's family is using iPhones and some game called 'words' which has message capability. Is it possible to scrape messages out of that game's packets, or are they obfuscated? Can I write a script? What software would you recommend? Linux routing OS? Can we sniff packets and drop them on the internal hard drive? or would a tap be better? How do I analyze and sort the data afterwards? my client needs easily read evidence (Such as text or screenshots) he can use as proof in discussion with his family to try and intercede in any potentially harmful transactions. In other words, how can I Achieve this goal? I have basic and medium training in computer networking, so I can make my own cables and such, but I've never worked on this exact kind of project before, and thought it might be better to query slashdot instead of do my own research from scratch. After days of discussion with the client, it's not plausible to put monitoring software in the devices on the network (due to legal issues and a few other factors), so I concluded a network tap or other device would be the best way to capture and study what's going on."

theodp writes "A day after taking Facebook public, CEO Mark Zuckerberg changed his Facebook status to 'married' after wedding longtime girlfriend and recent med school grad Priscilla Chan on Saturday. No word if Zuckerberg heeded Donald Trump's prenup advice."

jfruh writes "Adscend Media, which has been making up to $20M a year from so-called 'likejacking' spam on Facebook, has reached an agreement with the Attorney General of Washington to stop those activities and pay $100,000 in court costs. Among other nefarious techniques, Adscend would overlay Facebook 'like' buttons with provocative photos to spread links to ads from which Adscend would earn referral fees. Adscend also settled out of court with Facebook for an undisclosed amount."

Chuq writes "Tasmanian Liberal candidate for Bass, Andrew Nikolic, was the subject of a satirical article by NewExaminer on Facebook. Nikolic didn't like it, which is understandable. However he then went to considerable lengths to identify the people who liked the article, find out their employers (via their Facebook profiles) and 'name and shame' them on a follow-up post on his own page. Andrew Nikolic has a history of poorly handling conflicting views on his Facebook page, resulting in creation of another page, 'Andrew Nikolic blocked me.'"

bhagwad writes "Apparently Robert Scoble tried to post a long comment on Facebook only to have a message pop up saying 'This comment seems irrelevant or inappropriate and can't be posted. To avoid having your comments blocked, please make sure they contribute to the post in a positive way.' If true, this is huge. For one the self-moderating system of comments has always been the rule so far. And with countries like India rooting for the pre-screening of content and comments, is Facebook thinking of caving into these demands?" Facebook says there's a more innocuous explanation: namely, that the comment triggered a spam filter.

An anonymous reader writes "While the celebs are already charging big money for their Tweets, an Aussie startup is ranking everyday people and turning them into product salespeople. After a successful start Down Under they have now hit Silicon Valley, but will Americans embrace selling to their friends?" From the article: "In a nutshell, individuals sign up to the Social Loot website and are assigned companies to promote to their circle of online friends. They are then paid on a sliding scale based on the amount of traffic their posts generate, and the quality of referrals and number of resulting sales. This is tracked by a code embedded in the links promoted by Social Loot’s spruikers."

First time accepted submitter jackandtoby writes "Whether you buy into global warming or not, you can have a go at being Charlton Heston and raise sea levels on a biblical scale thanks to NASA's online flood maps. Click away and cause your own Sim Flooding."

wytcld writes "Sending an individually-written e-mail to my state senator resulted in an automated response saying that since she receives hundreds of e-mails a day, there might be no personal response, but please don't take that to mean she hasn't read my e-mail. So I contacted her again suggesting that was a pretty poor answer. Most of the e-mails she receives are mass mailings coordinated by various interest group websites. Why doesn't she put those to the side, I asked, and prioritize response to individual e-mails from constituents who've taken the time to actually write? Her response? She often can't tell the difference at first, so spends time drafting responses to the first instances of group e-mail spam, and gets diverted from responding to those who really write her. Are there tools out there which a politician can use to identify the incoming group-think blasts and put them to to side? It's easy enough to imagine sorting by repeated content or headers, if I ran the mail server, but I'm looking for packages already out there that a state-level representative, with no staff to speak of, might use to cut through the mess and prioritize communication with constituents who care enough about an issue to draft their own thoughts."

An anonymous reader writes "Rachel Marone has been a victim of cyberstalking for over 10 years. In 2011, she had a project on Kickstarter shut down because of the high volume of spam posted by the stalker in the comment section of the project. Recently, Marone's manager spoke to Kickstarter again to see how she could avoid having a new project banned if the cyberstalker showed up again. They replied, 'If there is any chance that Rachel will receive spam from a stalker on her project, she should not create one. We simply cannot allow a project to become a forum for rampant spam, as her past project became. If this happens again, we will need to discard the project and permanently suspend Rachel's account.' On her website, Marone sums up the situation thus: 'I am being told that I cannot crowdfund because I am a stalking victim. ... With so many women being stalking targets this does not seem reasonable to me.'"

An anonymous reader writes, quoting Network World: "As with any platform that sees a meteoric rise in popularity, it's only a matter of time before spammers throw their hats in the ring and try and exploit the masses for financial gain and other sinister purposes. As the relatively new kid on the block, Twitter is still busying itself trying to tackle and ultimately prevent spammers from destroying the user experience. While Twitter's previous efforts centered exclusively on engineering-based solutions, the company today announced that they are also pursuing legal avenues to fend off spammers." From the Twitter blog: "With this suit, we’re going straight to the source. By shutting down tool providers, we will prevent other spammers from having these services at their disposal. Further, we hope the suit acts as a deterrent to other spammers, demonstrating the strength of our commitment to keep them off Twitter."