http://news.zdnet.co.uk/security/0,1000000189,40018127,00.htm

Elinor Mills CNET News
Published: 02 Feb 2010 09:31 GMT

In an attempt to hide the location of its command-and-control server, the Pushdo botnet has been instructing its infected zombie computers to send fake SSL connections to major websites, a botnet expert said on Monday.

The strange traffic targeting the websites — including sites for the CIA, FBI, PayPal, Yahoo and Twitter, according to a list at the Shadow Server Foundation — was not enough to cause any outages or slowdowns, said Joe Stewart, director of malware research at SecureWorks.

Site owners “would just see weird connections that don’t seem to make sense,” he said. “They look like they’re trying to start an SSL [Secure Sockets Layer] handshake, but it comes in malformed and doesn’t ever send anything after that first handshake attempt.”

U.S. enables Chinese hacking of Google
(CNN) — Google made headlines when it went public with the fact that Chinese hackers had penetrated some of its services, such as Gmail, in a politically motivated attempt at intelligence gathering. The news here isn’t that Chinese hackers engage in these activities or that their attempts are technically sophisticated — we knew that already — it’s that the U.S. government inadvertently aided the hackers.

In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.

http://www.cnn.com/2010/OPINION/01/23/schneier.google.hacking/index.html?hpt=T2

Cyber hacker hits Paula Dockery’s campaign site

The campaign of Sen. Paula Dockery, a Lakeland Republican running for government on a clean-up-government platform, was hit with a sophisticated computer hack this week that clogged her website.

Her campaign is fixing the problem. The FBI has been notified of the attack, but it’s unclear what it can do.

Here’s an excerpt of an email from her tech support guru on the attack sent yesterday, Tuesday Jan. 19:

http://blogs.tampabay.com/buzz/2010/01/cyber-hacker-hits-paula-dockerys-campaign-site.html

Not super interesting.  Just looks like a DDOS.  It is funny how the technicians paint the adversary as being ‘advanced’.  Really, this is a painfully simple attack that could be performed by a script kiddie or a paid bot herder.