Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Orange restores broadband service

With nearly 1 million broadband subscribers and 15 million mobile customers in the UK alone, an outage experienced by many of the provider’s mobile e-mail customers experienced an outage lasting more than 7 hours, affecting roughly 7.5 million mobile customers. The outage was due to the “vandalism” of critical cables.

Much like the widespread outage experienced in the San Francisco Bay Area earlier this year that affected Internet and standard voice connectivity for multiple counties throughout the area, the Bay Area outage was due to two strategic cuts in the areas fiber network.

The two outages underscore the need to for organizations and governments to understand and shore up network weak points so as to provide for greater resiliency.

Internet and broadband connectivity are being seen more by countries as as being critical to a country’s, or region’s infrastructure.

Click here and here for more information.

RBS WorldPay downplays database hack reports

It is not known whether the Royal Bank of Scottland’s WorldPay production systems were definitely hacked. While RBS WorldPay claims any attacks were on test systems, thus data exposed was only test in nature and not confidential, the Romanian hacker backs up his claims by submitting further screen shots. To this RBS WorldPay, which processes millions of payments per day, has not responded. SQL injection was the form used by the hacker to break into the systems.

Again, whether the hack into confidential information is correct it illustrates several things:

• Financial institutions are a prize target for the amount of information that can be obtained.

• SQL Injection remains an easy, common, exploitable form of attack

• Whether it will be the case of RBS WorldPay, some institutions seek to keep such breaches private.

Click here for more information.

Scareware scumbags exploit 9/11

It should be of no surprise to find multiple sites have appeared regarding information on 9/11. Such cyber criminals are known for establishing sites capitalizing on the major news items of the day that are of global interest. Such sites are geared to sell rogue anti-virus software; all with the goal of infecting computers with malware.

Click here for more information.

Stenography meets VoIP in hacker world

With over 1,000 stenographic programs available for download, such programs allow for the hiding of information within messages so no one suspects the information, carried within legitimate traffic, is there. Such information may be transmitted within .jpg files. While not used in the hacker community yet, this form of hack has increased within hacker conversations.

The three methods for this kind of attack include:

• Use “unused” UDP or RTP bits that are used by VoIP

• Hide limited amounts of data inside each voice payload packet so as to not degrade quality of sound

• Insert extra, malformed packets within the VoIP flow. While dropped by the receiving phone

In each case a “man-in-the-middle” programs are required on both ends to insert as well as assemble data carried through VoIP transmissions.

Click here for more information.