That Didn’t Take Long

U.S. troops have been out of Iraq for what, less than a day now?

Iraq issues arrest warrant for vice president Hashemi

Iraq has issued an arrest warrant for Sunni Vice President Tareq al-Hashemi, a senior security official said on Monday, after the government obtained confessions linking him to what the official described as terrorist activities.

Interior Ministry spokesman, Major General Adel Daham, told a news conference that confessions by suspects identified as Hashemi’s bodyguards linked the vice president to suspected killings and attacks.

See also:
Iraq issues arrest warrant for Tareq al-Hashemi
Iraq issues arrest warrant for Vice-President Tareq al-Hashemi
Iraq in political turmoil hours after last US troops depart
Iraq: left to the wolves
Arrest warrant for Vice President Hashemi sparks political turmoil in Iraq
VP arrest warrant plunges Iraq into crisis
Iraq faces political crisis as the arrest warrant to Sunni VP al-Hashemi
Sunni, Shi’ite conflict grows in Iraq
Iraq Vice-President Tariq al-Hashemi denies charge
Evading arrest, Iraqi VP denies hit squad claim
Iraq Vice-President denies he ran hit squad
Iraq’s Sunni vice President Tareq al-Hashemi warns sectarian divisions reopened
Iraq vice-president declares unity efforts ‘gone’
Iraq slaps travel ban on Sunni vice-president
Iraqi Sunni leaders denounce PM Maliki
U.S. “obviously concerned” about Iraqi Hashemi probe
Fugitive Iraq Sunni V.P. Tariq al-Hashimi Criticizes U.S.

It’s painfully clear what’s going on here. With the U.S. military now out of the way, the Shia led Iraqi government, backed by Iran, is wasting no time flexing its muscle and settling old scores against the Iraqi Sunni minority. Can you say looming civil war?

/and now we’ve pretty much given up our ability to effectively intervene militarily in Iraq, leaving Iran as the only regional military power capable of “riding to the rescue” of the Iraqi government, who just happen to be Iranian puppets anyway

Tuesday Fun With Microsoft

The new patches are here, the new patches are here!

Microsoft Patches 17 Bugs in December Patch Tuesday

Microsoft fixed 17 bugs in the Windows operating system, Microsoft Office, Windows Media Player and Internet Explorer. The fixes also cover a zero-day flaw exploited by the Duqu Trojan.

Microsoft released 13 security bulletins to fix 17 different vulnerabilities as part of its December Patch Tuesday update, according to the advisory released Dec. 8. Three bulletins were marked critical and the remaining 10 were rated important.

See also:
Microsoft Security Bulletin Summary for December 2011
Merry Christmas! Microsoft Plans Massive Patch Tuesday to Close 2011
Last Patch Tuesday of 2011 Secures Windows XP, Vista, Windows 7
December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch
Microsoft fixes 20 bugs in year’s last ‘Patch Tuesday’
Microsoft to patch three critical holes
Microsoft slims final patch Tuesday of 2011 to 13 patches from proposed 14
No BEAST fix from Microsoft in December patch batch
Microsoft fixes Duqu hole, but not BEAST problem
Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
December Patch Tuesday Fixes Duqu Worm
‘Duqu’ zero-day Windows flaw patched this week
Microsoft: Duqu patched, bringing years total to 99 corrections

Well, it’s a good thing that Microsoft finally patched against the Duqu virus, better late than never, as they say. What are you waiting for? Start installing your gifts!

/at least you can’t say Microsoft didn’t get you anything for the Holidays

Don’t Get Caught In The Crossfire

The Duqu virus is squarely aimed at Iran’s nuclear program. Unless you’re connected with Iran’s nuclear program, your chances of being directly targeted are extremely low. However, Microsoft was freaked out enough to issue a security bulletin for Windows users. So, better safe than sorry, protect yourself against the possibility of becoming collateral damage in an epic, upcoming attack.

Microsoft issues Duqu virus workaround for Windows

Microsoft has issued a temporary fix to the pernicious Duqu virus — also known as “Son of Stuxnet” — which could affect users of Windows XP, Vista, Windows 7 as well as Windows Server 2008.

The company promised the security update earlier this week as it races to deal with the virus, which targets victims via email with a Microsoft Word attachment. The virus is not in the email, but in the attachment itself. A Symantec researcher said if a user opens the Word document, the attacker could take control of the PC, and nose around in an organization’s network to look for data, and the virus could propagate itself.

See also:
Microsoft Security Advisory (2639658)
Microsoft software bug linked to ‘Duqu’ virus
Microsoft Provides Workaround Patch for Duqu Malware
Microsoft announces workaround for the Duqu exploit
Microsoft Issues Temporary Duqu Workaround, Plans 4 Patch Tuesday Fixes
Six Ways to Protect Yourself from Duqu
Microsoft Airs Temporary Fix to Defeat Duqu Worm
Microsoft Releases Temporary Plug For Duqu
Duqu exploits same Windows font engine patched last month, Microsoft confirms
5 Things To Do To Defend Against Duqu
Microsoft issues temporary ‘fix-it’ for Duqu zero-day
Patch Tuesday: Fix for ‘Duqu’ zero-day not likely this month

Is it just me or doesn’t it seem a bit more than odd that Microsoft, a company with close ties to and a past history of working with U.S. intelligence agencies, would publicly issue a workaround to defend against a specific piece of malware that, by many accounts, is being actively and currently used by U.S. intelligence agencies to set up and facilitate an upcoming attack, in cyberspace or otherwise, against Iran’s nuclear program? I mean, it’s not like the Iranians can’t read English, why help them defend against Duqu? Hmmm, something’s not quite right here.

/whatever’s going on, and something is going on, it’s way above my pay grade, but when the endgame comes, don’t forget to duck

Caught Stealing . . . Again

I thought cyberattacks were supposed to considered acts of war, how long are we going to just keep bending over for this threat to national security behavior?

Chinese Hackers Target Chemical Companies

Chinese hackers tried to penetrate the computer systems of 48 chemical and military-related companies in a late summer cyber attack to steal design documents, formulas and manufacturing processes, a security firm reported Tuesday.

The attack ran from late July to mid-September and appeared to be aimed at collecting intellectual property for competitive advantage, reported Symantec, which code-named the attack Nitro, because of the chemical industry targets. Hackers went after 29 chemical companies and 19 other businesses that made advanced materials primarily used in military vehicles.

See also:
The Nitro Attacks
Stealing Secrets from the Chemical Industry

Nitro Attack: Points of interest
“Nitro” spear-phishers attacked chemical and defense company R&D
‘Nitro’ Cyber-Spying Campaign Stole Data From Chemical, Defense Companies
‘Nitro’ Hackers Rifle Through Chemical Companies’ Secret Data
Report: Chinese hackers launched summer offensive on US chemical industry
‘Nitro’ Hackers Reportedly Attack Dozens of Companies in Chemical, Defense Industries
Chemicals and defence firms targeted by hacking attack
Dozens of chemical firms hit in espionage hack attack
“Nitro” attacks target 29 firms in chemical sector
‘Nitro’ hackers use stock malware to steal chemical, defense secrets
‘Nitro’ Hackers Steal Chemical Company Secrets
Nitro Malware Targeted Chemical Companies
Cyber attacks on chemical companies traced to China
Cyber Attacks on Chemical Firms Traced to Chinese Computers
Symantec uncovers cyber espionage of chemical, defense firms

You know, if we’re not going to treat these attacks as military in nature, which we should, the least we should do is take action against China for violation of international trade agreements, not to mention international law. For all the ‘fraidy cat, nervous Nellies who are so scared of engaging China in a trade war, what do you call these constant corporate espionage cyberattacks?

/China is not our friend

Tuesday Fun With Microsoft

Windows, the software of perpetual patching. This installment is fairly large.

Microsoft Fixes Internet Explorer, Windows Flaws in October Patch Tuesday

Microsoft fixed 23 vulnerabilities across eight security bulletins as part of its October Patch Tuesday release.

October’s Patch Tuesday release resolved issues in Internet Explorer versions 6 through 9, all versions of Microsoft Windows from XP through 7, .NET and Silverlight, Microsoft Forefront Unified Access Gateway and Host Integration Server, Microsoft said Oct. 11. Two of the patches are rated “critical,” and six are rated “important,” Microsoft said.

See also:
Microsoft Security Bulletin MS11-082 – Important
Microsoft Security Bulletin MS11-081 – Critical
Microsoft Security Bulletin MS11-080 – Important
Microsoft Security Bulletin MS11-079 – Important
Microsoft Security Bulletin MS11-078 – Critical
Microsoft Security Bulletin MS11-077 – Important
Microsoft Security Bulletin MS11-076 – Important
Microsoft Security Bulletin MS11-075 – Important
Microsoft’s October 2011 Patch Tuesday fixes 23 flaws, releases SIRv11
MS wipes out 23 flaws in October’s Patch Tuesday
Patch Internet Explorer Now
23 vulnerabilities squashed by Microsoft’s Patch Tuesday effort
Microsoft Update

So, get busy and happy patching!

/until the next time Microsoft releases patches to make its software suck less . . .

Open Season On Christians In Egypt

With Mubarak no longer in power to keep the social lid on, Egypt’s Muslim majority is doing what it does best, practicing their religion of peace and tolerance by attacking and killing Christians and burning down their churches.

Christians: Egypt allows attacks

Egypt’s Coptic church blasted authorities Monday for allowing repeated attacks on Christians with impunity as the death toll from a night of rioting rose to 26, most of them Christians staging a peaceful protest in Cairo over an attack on a church.

The spiritual leader of the Coptic Christian minority, Pope Shenouda III, declared three days of mourning, praying and fasting for the victims, starting today. He also presided over funerals for some of the Christians who were killed. Sunday’s sectarian violence was the worst in Egypt since the uprising that ousted President Hosni Mubarak in February.

The clashes Sunday night raged over a large section of downtown Cairo and drew in Christians, Muslims and security forces. The violence began when about 1,000 Christian protesters tried to stage a peaceful sit-in outside the government-run television building along the Nile in downtown Cairo. The protesters said they were attacked with sticks, and the violence then spiraled out of control after a speeding military vehicle jumped onto a sidewalk and hit some of the Christians.

There was no breakdown available of how many Christians and Muslims were among the victims, but the 26 are believed to be mostly Christian. Officials said at least three soldiers were among the dead. Nearly 500 people were injured. Egypt’s official news agency said dozens have been arrested.

See also:
Anger boils over church attack in Egypt, at least 24 killed
Row over Coptic village church puts Egypt on edge
Christian, Muslim clashes rock Cairo
After Deadly Clashes, Egypt’s Christians On Edge
Egypt Violence Piles Pressure on Army to Hand Over Power Faster
Analysis: Situation only getting worse for Egypt’s Christians
The Copts Will Fight But they won’t win
Egypt’s Anti-Christian Violence: How Things Got So Bad
Vatican treads carefully on Egyptian violence
Siddiqui: Chill breeze in Arab Spring
Egypt riots reveal brutal reality behind ‘Arab Spring’

Remember, Obama and Hillary Clinton publicly called for Mubarak’s ouster and hailed the Egyptian “revolution” as an exercise in free democracy. Well, how’s that working out?

/also notice that, now that Christians are being killed in the streets and their churches burned down, Obama and Clinton are silent and nowhere to be found regarding the ongoing persecution by Muslims

Watching The Drone Watchers

I smell China, or maybe Russia. The fact that the virus keeps resisting efforts to remove it shows that there’s some sophistication involved.

U.S. Military Drones Infected With Mysterious Computer Virus

A fleet of U.S. military drones on a Nevada Air Force base has been infected by a keylogger virus that tracks every key and button their pilots press, Wired.com reported Friday — and top Air Force sources strongly contested.

The virus was first noticed by officials at Creech Air Force Base nearly two weeks ago using the base’s security system. It logged every keystroke of the pilots in the control room on the base as they remotely flew Predator and Reaper drones on missions over Afghanistan and other battle zones.

There has been no confirmation of information being lost or sent to an outside source, but the virus has been resistant to military efforts to clear it from the system.

“We keep wiping it off, and it keeps coming back,” a source told Wired.

See also:
Exclusive: Computer Virus Hits U.S. Drone Fleet
Computers Controlling Military Drones Reportedly Infected with Virus
Computer Virus Attacks U.S. Military Drones: Wired
Keylogger virus hits US drone operations
Combat drones’ computer systems reportedly infected with virus
Computer virus hits US’ Predator drone fleet
US war drones keep flying despite computer virus
America’s Drones Have Been Infected by a Virus
Virus infects Pentagon drones’ computers
U.S. Drone Controllers Said To Be Infected By Computer Virus
US drones hit by virus
U.S. Military Facing a Battle Unlike Any Other
Cyberwar: a Whole New Quagmire – When the Drones Come To Roost
Creech Air Force Base

Theses computers didn’t just infect themselves, they were almost surely infected by someone, either deliberately or unwittingly, connecting a malware infected memory stick or other portable media storage device to the network. This has been a known attack vector for a long time now and it’s easily preventable, simply don’t allow portable media storage devices anywhere near classified computer networks!

/search all personnel coming and going if that’s what it takes, it’s a small price to pay for avoiding potentially catastrophic security breaches like this