DDoS takes SCO Site down

SCO said its web site has been knocked offline by a distributed denial of service attack (DDoS), and remains unavailable more than eight hours after the attack began. DDoS Takes SCO Site Down

A dynamically updating graph is available here.

The site has been down since 4:20 a.m. Mountain Time (11:20 am GMT) , when it experienced “a large scale distributed denial of service (DDoS) attack,” SCO said in a statement. The attack affected the company’s web site, e-mail, intranet and customer support operations. SCO said it is working with its Internet Service Provider to restore the site to operation.

SCO is working with law enforcement officials and its ISP to gather information to help identify the origin of these attacks. The company said the DDoS, known as a syn attack, used “several thousand servers (that) were compromised by an unknown person to overload SCO’s Web site with illegitimate Web site requests.”

The SCO site was offline for more than three days in August, and cited a DDoS for that outage as well.

US Regulators Probe Security Lapses at Retailers

E-commerce providers that make customer data available to attack over the internet may find themselves open to enforcement actions by the U.S. Federal Trade Commission, which is stepping up its scrutiny of online retailers. In the most recent case, pet supply retailer PetCo disclosed that it is being investigated by the FTC after a security hole exposed 500,000 credit card numbers to the Internet.

The Petco case is at least the fourth instance in which the FTC has pursued enforcement actions against companies whose security and privacy practices fall short of assurances made to consumers. “Consumers have every right to expect that a business that says it’s keeping personal information secure is doing exactly that,” said Howard Beales, Director of the FTC’s Bureau of Consumer Protection. “It’s not just good business, it’s the law.”

Continue reading

Oracle Issues High Risk SSL Security Alert

Oracle has issued an alert (PDF) detailing high risk security holes affecting all SSL products in the Oracle9i Application Server, the Oracle9i and Oracle8i Database Servers, and Oracle HTTP server. “Any client that is able to access the server may exploit the vulnerabilities,” the company said in its alert.

Continue reading

Banking fraud targets National Westminster customers

Nat West’s internet bank www.nwolb.com has been unavailable today, coinciding with an electronic mail fraud attack on the bank’s customers. The mail [below] tries to trick NatWest customers to give away their account details in a similar fashion to an earlier wave of attacks on UK banks a month ago.

Conventionally, the drop sites for these attacks are hosted in Asia, however the ip address in this mail is registered to Pacific Bell, and is most plausibly a Pacific Bell ADSL customer machine acting as a reverse proxy to the actual machine collecting the Nat West customer banking details.

Continue reading

Gentoo Linux Server Compromised

Gentoo Linux said today that a server it uses to distribute its software was compromised by attackers on Tuesday. Gentoo’s security team said the intrusion was detected within an hour, and it was “reasonably confident” that no distribution files were altered.

The Gentoo event comes just two weeks after a server compromise at The Debian Project was traced to an exploit in the Linux kernel that allowed local users running Userland software to upgrade their privileges to root.

Continue reading