Hackers destroyed a pump used by a US water utility

Hackers destroyed a pump used by a US water utility after gaining unauthorized access to the industrial control system it used to operate its machinery. Five computer screenshots posted early Friday purport to show the user interface used to monitor and control equipment at the Water and Sewer Department for the City of South Houston, Texas.

''This is arguably the first case where we have had a hack of critical infrastructure from outside the United States that caused damage,'' a managing partner at Applied Control Solutions, Joseph Weiss, said.

The network breach was exposed after cyber intruders burned out a pump. ''No one realised the hackers were in there until they started turning on and off the pump,'' he said.

It said hackers apparently broke into a software company's database and retrieved usernames and passwords of various control systems that run water plant computer equipment.Using that data, they were able to hack into the Illinois plant.

The U.S. Department of Homeland Security and the Federal Bureau of Investigation are examining the matter, said DHS spokesman Peter Boogaard.

"At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," he said, declining to elaborate further. An FBI spokesman in Illinois did not return phone calls seeking comment.

US military's offensive operations in cyberspace to shoot Hackers

The US military is now legally in the clear to launch offensive operations in cyberspace, the commander of the US Strategic Command has said. The Pentagon has just sent a report to Congress where it says that it has the right to retaliate with military force against a cyber attack.


Air Force General Robert Kehler said in the latest sign of quickening U.S. military preparations for possible cyber warfare that "I do not believe that we need new explicit authorities to conduct offensive operations of any kind".

US Strategic Command is in charge of a number of areas for the US military, including space operations (like military satellites), cyberspace concerns, 'strategic deterrence' and combating WMDs.


"When warranted, we will respond to hostile acts in cyberspace as we would to any other threat to our country," the DoD said in the report. "All states possess an inherent right to self-defense, and we reserve the right to use all necessary means – diplomatic, informational, military, and economic – to defend our nation, our allies, our partners, and our interests."


This means that if anyone carries out a decent attack on the Pentagon website, the Navy Seals will land on his roof, run through his house shooting anything that moves and bury the body at sea. US security agencies are also training a crack team of highly skilled cyber forensics experts and are working with international partners to share information about cyber threats, including malicious code and the people behind it, it said.

Patches Released for BIND Denial-of-service Vulnerability

There's a new vulnerability in the popular BIND name server software that is causing various versions of the application to crash unexpectedly after logging a certain kind of error. The Internet Systems Consortium (ISC), an organization that maintains several software products critical for Internet infrastructure, has released a patch for an actively exploited denial-of-service vulnerability in the widely used BIND DNS server.


The internet Systems Consortium (ISC) have described the problem as follows:
An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure...
Affected servers crashed after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))
More details are available in their advisory.


As of this posting, ISC had not revealed the underlying problem, but said the patches would prevent the servers from crashing. The flaw affects BIND 9.4-ESV, 9.6-ESV, 9.7.x, and 9.8.x. The patch basically ensures that the cache doesn't return the anomalous data and prevents the server from crashing. ISC officials had not responded to media inquiries as of this posting, and it was unclear whether the flaw was just wreaking mayhem on the servers, or if an actual exploit was causing it.


Security intelligence firm Rapid7 said the first attack was discovered at The National Weather Service, with the following 89 discoveries of the attack on US universities."Bind 9 is the most widely used DNS server on the internet today… Gone unchecked, this attack could potentially affect nearly the entire internet," said Matt Barrett, senior solutions architect at Rapid7. A temporary patch has already been released.

Worlds first windows 8 Bootkit to be released at MalCon

It is amazing how fast security measures are bypassed by hackers. it seems Windows 8 is now Malconed! Peter Kleissner has created the world's first Windows 8 Bootkit which is planned to be released in India at the International Malware Conference MalCon.

An independent programmer and security analyst, peter was working for an anti-virus company from 2008 to 2009 and was speaker at the Black Hat and Hacking at Random technical security conferences. While his main operating fields are Windows security and analysis of new malware, his recent Important projects include the development of the Stoned Bootkit, a research project to subvert the Windows security model.

A bootkit is built upon the following broad parts:
Infector
Bootkit
Drivers
Plugins (the payload)
And as put by peter, those parts are easy to split up in a criminal organization: Teams A-D are writing on the different parts. If you are doing it right, Team D (the payload writers) need no internal knowledge of the bootkit! Peter's research website: http://www.stoned-vienna.com/

As per the MalCon website, peter's travel is still not confirmed citing VISA issues, however, there are chances that the presentation may be done over the video or a speaker may step in on behalf of peter and release it at MalCon.