Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Last.fm phish strikes a bum note

Last.fm is latest Web 2.0-based site to be hit with a phishing scheme. Users are directed to a fake Last.fm screen to log in again. For purposes of capturing their username and password it is believed that users use the same login credentials, whether that be a low-secure site such as Last.fm or a high-secure site such as one’s online-bank presence.

Click here for more information.

10 things you didn’t know about cyberwarfare

Experts from the National Defense University who provide professional education to US military forces. The private sector needs to realize they will be the target of future cyberwarfares. Winning in the cyber realm could decide the course of the war. Based upon conventional wisdom from military exports, the following is a list one may not know about cyberwarfare.

• You need to win the first battle

• The first battle could be over in nanoseconds

• Cyberwarfare may involve subtle, targeted attacks rather than brue force

• The enemy’s goal may be to cause chaos rather than destruction

• Data manipulation — rather than data theft or destruction — is a serious threat

• Private networks will be targets

• When private sector networks are hit, the Defense Department will assume control

• Private networks might be used to launch a cyberattack

• Don’t ignore the insider threat

• Cyberwarfare is warfare

Click here for more information.

New DOS attacks threaten wireless data networks

When looking at threats regarding cyberwarfare, wireless networks are also a target for cybercriminals and those who engage in cyberwarfare. The 5 largest threats to target wireless data networks include:

• Signaling DOS

• Battery drain

• Peer-to-peer applications

• Malfunctioning air card

• Excessive port scanning

Such threats are backed up with real world examples.

Click here for more information.

German hacker-tool law snares…no-one

On August 10, 2007, a new law went into effect in Germany regarding the creation and/or distribution of security software. With the idea of curbing cybercrime this German law was based upon certain provisions of the Council of Europe’s Treaty on Cybercrime. While the intent of the law is to capture those with of creating cybercrime through the creation and/or distribution of code, the law addresses the distribution and creation of the code, not the intent of the code’s creator.

There are valid security companies that create and distribute such code for the purposes of testing, identifying and eradicating cybercriminals. While the intent of such security companies is for the “greater good” and not to cause harm, under the German law, such companies could be taken to court. The loosely-worded law make enforcement difficult, especially since the only ones taking notice are the valid security companies who work with such code for the good of the community.

Click here for more information.

Pirate Party Wins EU Parliament Seat

As the European elections appear to move more to the conservative side, and while some EU Member States have ushered in their version of the “3-Strikes” law regarding the downloading of copyrighted material, such as music and movies through P2P (peer-to-peer) sites, Sweden produced enough votes to add to the EU Parliament a member from the Pirate party; a party whose main focus is to reform copyright legislation and the abolition of the patent system and guaranteed online privacy rights.

Click here for more information.

UK Broadband ISP TalkTalk Opposes Illegal P2P File Sharing Measures

Calling attempts to have ISPs stop illegal P2P file sharing naive, the British ISP say pirates will always find a way to get around such measures.

Click here for more information.