Why You May Lose That Loving Feeling After Tying The Knot

whose dreams include marriage would do well to step back and reflect upon the type of support they'll need from their partners when they cross the threshold, a new Northwestern University study suggests.
Will the partner who supports your hopes and aspirations while you are dating also help you fulfill important responsibilities and obligations that come with marriage? The answer to that question could make a difference in how satisfied you are after tying the knot.
Believing a partner is there to help you grow into the person you aspire to be predicted higher relationship satisfaction for both dating and married couples, the study showed. But the belief that your partner helps you live up to your responsibilities and uphold your commitments only predicted higher relationship satisfaction after marriage.
For dating couples, the relationship itself tends to revolve around whether things are moving forward. Happiness with a partner depends on whether the relationship will grow into something more, whether a partner will support the dreams the other eventually hopes to achieve.
For married couples, the feeling that their partners are helping them to advance their relationships and realize their ideal achievements is still important. But the relationships of married couples, now more interconnected both practically and psychologically, tend to revolve around upholding the commitment made to their partners. Unlike dating couples, married couples also put a high premium on their partners' support of whatever they determine to be necessary obligations.
"In other words, the feelings of being loved and supported that people use to judge who makes a good girlfriend or boyfriend may not be completely trustworthy in deciding who makes a good husband or wife," said Daniel Molden, assistant professor of psychology at Northwestern and lead author of the study. "Those feelings may only partially capture the emotions that will determine your satisfaction with the person you marry."
The findings, Molden said, could be important in explaining why so many marriages fall apart.
The study, which will be published in the July issue of Psychological Science, included 92 heterosexual dating couples and 77 married couples. They completed a battery of questionnaires that included an assessment of how much they thought their partner understood and supported both the hopes and responsibilities they had set for themselves. To measure how different types of perceived support were related to happiness with the relationship, couples also completed well-validated measures of satisfaction, intimacy and trust.
Previous research overwhelmingly demonstrates an important connection between feelings about partner support and satisfaction with a relationship but does not reveal any differences for dating versus married couples.
By identifying different ways in which people feel supported by their partners, the new Northwestern study goes beyond past work to show that support for maintaining perceived responsibilities seems to be important for satisfaction only after marriage.
The study also showed that different types of perceived support predicted differences in people's overall satisfaction with their lives.
"People planning to get married should think about not only how their partners support what they hope to achieve but also about how their partners support what they feel obligated to accomplish," Molden said. "We could end up with both happier marriages and more satisfied people in general."
Besides Molden, the study's co-investigators are Northwestern's Gale Lucas and Eli Finkel; Madoka Kumashiro, Goldsmiths, University of London; and Caryl Rusbult, Vrije Universiteit, Amsterdam.

China’s Leaders Take Visible Approach to Swine Flu

HONG KONG — In the clearest sign yet of how seriously China is taking the swine flu outbreak, President Hu Jintao convened a meeting on Thursday morning of the Standing Committee of the Politburo — the nine men who run China — that was immediately announced.
Skip to next paragraph

It is rare for China’s authorities to disclose any meeting of the standing committee, and particularly to do so as soon as the meeting ended.
“I don’t know if it has ever occurred before — it is really, really unusual,” said Cheng Li, the director of the China Center at the Brookings Institution.
After struggling to cope six years ago with an outbreak of SARS, the Chinese leadership is taking a much more visible approach now to swine flu. Premier Wen Jiabao held a cabinet meeting on Tuesday morning to discuss preparations for the disease and call for an interagency effort to address it. President Hu announced a few hours later that China was stepping up its inspection and quarantine procedures for people and imports of pigs and pork products.
And on Wednesday, Vice Premier Li Keqiang toured the Chinese Center for Disease Control and Prevention in Beijing and called for manufacturers to produce more face masks, sterilization chemicals and flu medicines.
East Asia, Central Asia and South Asia have not yet had a laboratory-confirmed case of swine flu, although suspected cases are being tested, notably in South Korea and Hong Kong. But flu experts predict that the disease will arrive in the region soon, if it has not already.
Dr. Guan Yi, a microbiologist at Hong Kong University, said that China and India will face particular challenges in coping with swine flu because both countries have more than a billion people, many of them living close together.
“We need to believe this virus has a chance to go to every corner of the world — the only question is how fast,” he said.
The energetic response by Beijing officials resembles the swift response by the leadership to the Sichuan earthquake almost a year ago. One difference is that Mr. Wen clearly led relief efforts in Sichuan, while there has been more of a collective response by the leadership this time.
“When this kind of natural disaster or health care crisis happens, the top leadership reacts very quickly, they think they can get more public support,” Mr. Li at the Brookings Institution said.
This signifies a big change since SARS, or severe acute respiratory syndrome. Government officials hid the outbreak for four months, even concealing patients at closed military hospitals, before the disease spread to Hong Kong and then around the world.
The novel form of flu now moving around the globe is politically more palatable for China because it made its first appearance far from its shores.
The new flu does have a genetic segment that has been identified as coming from pigs in Eurasia, prompting the Mexican ambassador to China to suggest that his country should not be blamed for the disease. But flu specialists say the disease appears to have jumped to people in Mexico.
China’s agriculture ministry said on Wednesday that swine flu had not been found in the country’s pigs and that China had not been the origin of the virus.
Heavy news media attention to the issue in Hong Kong, where the government is holding daily televised briefings, may have also raised awareness of the disease in mainland China. Extensive and growing Internet traffic, phone calls and actual visits increasingly bind the two populations together.
Donald Tsang, the chief executive of Hong Kong, on Thursday toured a local hospital specializing in the treatment of respiratory diseases and said that despite precautions, including health checks on people arriving at the city’s airport, the disease would reach Hong Kong.
“We estimate that pandemic flu will continue to spread and Hong Kong is very likely to be affected,” he said.


Obama seeks $1.5 billion for swine flu as cases jump

WASHINGTON (Reuters) - President Barack Obama asked Congress on Tuesday for an additional $1.5 billion to fight swine flu as the confirmed U.S. caseload jumped to 65 people in six states in what doctors fear may become a full pandemic.
Lawmakers convened an emergency hearing in Washington on the government's ability to respond to a more severe outbreak.
"With a new infectious agent you don't sit back and wait and hope for the best. You take bold steps, and then you pull back if you need to," Dr. Richard Besser, acting director of the Centers for Disease Control, told reporters.
The CDC total included 10 cases in California, 2 in Kansas, 45 in New York, one in Ohio and 6 in Texas. An additional case was reported by Indiana state authorities.
While the new flu strain has killed up to 159 people in Mexico, cases seen in the United States and elsewhere have been mild. CDC officials said only five U.S. cases have required hospitalization, two of them in California, but they have said they expect more serious cases -- and possibly deaths -- as surveillance expands. [nLS803449]
California Gov. Arnold Schwarzenegger declared a state of emergency over the outbreak, enabling deployment of funds and personnel to fight the disease. Federal officials declared a national public health emergency on Sunday.
Obama, in a letter to Congress, said the $1.5 billion would give the government "maximum flexibility" as it fights the disease, supplementing antiviral stockpiles, adding medical equipment and starting preparations for a vaccine.
As public health headlines gripped the country, former Kansas Governor Kathleen Sebelius was sworn in as U.S. health secretary in an Oval Office ceremony Obama attended just hours after the Senate confirmed her nomination.
"We wanted to swear her in right away because we've got a significant public health challenge that requires her immediate attention, and that is the H1N1 flu outbreak," Obama told reporters.
Republican critics had delayed confirming Sebelius because of her stance on abortion.
Analysts said the addition of Sebelius and the filling of other senior health vacancies would help Obama, who hopes to appear in control while trying not to generate panic.
"You're almost always going to basically deal with the possibility that there will be some other crisis that emerges just as you're juggling other balls. Obama seems ready to do that compared to other presidents," said Norm Ornstein, a political expert at the American Enterprise Institute.
On Capitol Hill, health officials told an emergency hearing the funding would be crucial if the flu virus spreads.
"In the face of these cutbacks and layoffs and vacancies, we don't even have the workforce we had two years ago," said Dr. Paul Jarris, executive director of the Association of State and Territorial Health

In California, Texas and New York City, authorities have ordered schools shut where students have tested positive for the swine flu virus.
Los Angeles County coroner's officials investigated the deaths of two men for links to the disease, but later ruled out one. Local health officials said they expected infections in Los Angeles and were already investigating two possible "flu clusters" at schools in the suburb of Santa Clarita.
In New York, most confirmed cases of infection were at a Queens private school where the virus has sickened 28 students.
Officials had said earlier as many as 100 students might have been ill, but Mayor Michael Bloomberg said on Tuesday officials have stopped testing more people because the symptoms are mild, with only two people going to the hospital.
"This is following the pattern of normal, seasonal influenza," Bloomberg told reporters at City Hall. "So far, nothing about the spread of swine flu has surprised us."
A University of Notre Dame student was the first confirmed flu case in Indiana, according to state and school officials.
There were few signs of panic across the country, although sales of flu medication and items like face masks were up in areas close to where cases have been confirmed. Some stores reported a run on disinfectants.
Schools stepped up cleaning efforts and posted fliers urging students to wash their hands and cover their mouths and noses when they coughed.
"Everyone's a little leery of anyone coughing. Even though the news makes it seem really, really bad, it doesn't seem like it's actually that much of a concern," said Aaron Armelin, 33, a telecommunications technician in Los Angeles.
Despite advice that no pigs have been affected by the virus, Ecuador joined a long list of countries putting bans on imports of some U.S. pigs and pork products, further worrying pork producers.
(Additional reporting by Dan Whitcomb, Steve Holland, Matt Bigg, Emily Chasen, Jason Szep, Dan Trotta, Toby Zakaria; Editing by Maggie Fox and Vicki Allen)

Hackers: the China Syndrome

For years, the U.S. intelligence community worried that China’s government was attacking our cyber-infrastructure. Now one man has discovered it’s worse: It’s hundreds of thousands of everyday civilians. And they’ve only just begun

At 8 a.m. on May 4, 2001, anyone trying to access the White House Web site got an error message. By noon, whitehouse.gov was down entirely, the victim of a so-called distributed denial-of-service (DDoS) attack. Somewhere in the world, hackers were pinging White House servers with thousands of page requests per second, clogging the site. Also attacked were sites for the U.S. Navy and various other federal departments.
A series of defacements left little doubt about where the attack originated. "Beat down Imperialism of American [sic]! Attack anti-Chinese arrogance!" read the Interior Department's National Business Center site. "CHINA HACK!" proclaimed the Department of Labor home page. "I AM CHINESE," declared a U.S. Navy page. By then, hackers from Saudi Arabia, Argentina and India had joined in. The military escalated its Infocon threat level from normal to alpha, indicating risk of crippling cyber-attack. Over the next few weeks, the White House site went down twice more. By the time the offensive was over, Chinese hackers had felled 1,000 American sites.
The cyber-conflict grew out of real-world tensions. A month earlier, a U.S. EP-3 reconnaissance aircraft flying off the southern coast of China had collided with a Chinese F-8 fighter jet. The American pilot landed safely, but the Chinese pilot was killed. China's hackers lashed out. It wasn't the first foreign attack on American sites, but it was the biggest -- "the First World Hacker War," as the New York Times dubbed it.
The Chinese attacks were poorly coordinated, and it's tempting to dismiss them as harmless online vandalism. But subsequent attacks have become more serious. In the past two years, Chinese hackers have intercepted critical NASA files, breached the computer system in a sensitive Commerce Department bureau, and launched assaults on the Save Darfur Coalition, pro-Tibet groups and CNN. And those are just the attacks that have been publicly acknowledged. Were these initiated by the Chinese government? Who is doing this?

Early clues came through the boasts of a single Chinese hacker. On May 20, 2003, a man named Peng Yinan, then known only by the moniker coolswallow, logged into a public Shanghai Jiaotong University student forum and described how he formed a group at the university's Information Security Engineering School that coordinated with other hackers to bring down whitehouse.gov in 2001. "Javaphile was established by coolswallow (that's me)" and a partner, he wrote in Chinese. "At first we weren't a hacker organization. After the 2001 China-U.S. plane collision incident, Chinese hackers declared an anti-American Battle . . . and coolswallow joined in the DDoS White House attacks." Later, he bragged, his group defaced other sites it considered anti-Chinese, including that of the Taiwanese Internet company Lite-On.
Peng left two e-mail addresses, his chat information and the screen names of four other hackers. He soon expanded his online profile with a blog, photos, and papers describing his hacking openly. But his boasts went unnoticed until 2005, when a linguist in Kansas typed the right words into Google, found Peng, and pulled back the curtain on a growing danger.


Learning from SARS, China vows swift flu reporting

BEIJING (Reuters) – China has vowed to disclose any human cases of swine fever promptly, while state-run newspapers on Tuesday urged officials to be open and avoid the kind of cover-ups that brought panic during the SARS epidemic.
The empty streets, schools and shops, worried citizens wearing masks and fleeing travelers now seen in Mexico are familiar to China, where in 2003 the SARS virus shut down much of the country, killing hundreds in the mainland and Hong Kong.
But back then Chinese officials hid the growing toll from "Severe Acute Respiratory Syndrome" from the public for weeks before spreading deaths and rumors forced the government to reveal the epidemic, apologize and vow full candor in future disease outbreaks.
Now Beijing is promising to stick to full-disclosure if there are any cases of the swine flu found in the country. None has been reported so far.
Chinese Health Ministry spokesman Mao Qun'an said China had "demanded all medical bodies at all levels strengthen monitoring of suspected cases, and swiftly report the identification of any suspected cases," according to a Xinhua news agency report late on Monday.
On Tuesday, official newspapers pressed further, telling readers that the public should also be quickly told of any cases.
"Disclosure of information will help to swiftly sever channels of infection," said a commentary in the People's Daily, official newspaper of the ruling Communist Party.
"Now we must stress that any case of swine fever, even if it is merely a suspected case, must be immediately reported and immediately made public, ensuring the public's right to know, and making everyone vigilant to block the spread of the disease."
The Global Times, a popular tabloid, said in an editorial that "China must be totally transparent" about the threat.
"Six years ago, the SARS epidemic taught China many lessons," it said. "However, compared to some developed countries, we still have areas needing urgent improvement, and an especially important one is enhancing transparency."

Swine Flu Genes From Pigs Only, Not Humans or Birds

The deadly H1N1 influenza virus that’s fueling fears of a global pandemic is a hybrid of two common pig flu strains, scientists who have studied the disease told Wired.com Tuesday. Earlier reports called it a combination of pig, human and avian influenza strains.
The findings may resolve some uncertainty about the nature of the virus, but much is still unknown about its origins and effects.
“This is what we call a reassortment between two currently circulating pig flu viruses,” said Andrew Rambaut, a University of Edinborough viral geneticist. “Why it’s emerged in humans is anyone’s guess. It hasn’t been seen before in pigs as far as I know.”
Rambaut analyzed the gene sequences of viral samples taken from two infected California children. The samples were collected by the Centers for Disease Control and Prevention, and made available to researchers through an international database of flu genomes.
His conclusions were echoed by Eddie Holmes, a virus evolution specialist at the University of Pennsylvania, and Steven Salzberg, a University of Maryland bioinformaticist. Both have looked at the CDC-provided sequences. The CDC could not be reached for comment, but a document released to scientists and obtained by Wired.com affirms their analysis.
Researchers believe the samples from California represent the same viral strain as one that is believed to have killed as many as 150 of an estimated 1,600 hospitalized Mexicans, and caused hundreds more infections worldwide, including at least 64 in the United States. However, as samples from Mexico have not yet been sequenced, the similarity is not conclusive.
The two strains whose genes are found in the California samples belong to influenza families known generally as North American and Eurasian pig flu. The former was first described in the 1930s, and the latter in 1979. The Eurasian strain is generally found in Europe and Asia, rather than North America.
Neither of the strains have ever proven contagious in humans. One of the genes inherited from the Eurasian strain has reportedly never been seen in humans. It codes for the neuraminidase enzyme — the N1 in H1N1 — which controls the expansion of the virus from infected cells.
“The new neuraminidase gene that came in from Asian swine is one we’ve never before seen circulating in humans,” said Rambaut. “That’s one of the reasons it’s spreading rapidly. Very few people will have any immunity to this particular combination, which is what gives the concern that this will be a pandemic rather than just a normal seasonal flu outbreak. It remains to be seen how much and to what extent there is existing immunity.”In medical terms, the genetic origins of the virus may not matter. Whether it come solely from pigs rather than a mix of pigs, birds and humans doesn’t change its immunological novelty.
However, understanding the origins could eventually help scientists determine how the virus evolved and where it originally emerged.
The earliest cases occurred in the town of La Gloria in the Mexican state of Veracruz, not far from a large and notoriously unsanitary hog farm operated by Granjas Carroll, a subsidiary of giant American food company Smithfield Foods.
Vercruz residents and some journalists have alleged that the virus could have evolved in the farm’s pigs, then passed into humans through water or insects tainted by infected waste. Many researchers, including the authors of a report issued last year by the Pew Commission on Industrial Farm Animal Production, have warned that unsanitary conditions at industrial hog farms could prove a breeding ground for new forms of influenza.
The World Health Organization has sent inspectors to the Granjas Carroll farm. The results of the investigation have not been announced. Smithfield issued a press release on Saturday stating that “it has found no clinical signs or symptoms of the presence of swine influenza in the company’s swine herd or its employees at its joint ventures in Mexico.” The company declined further comment, though CEO Larry Pope told USA Today that “(The term) swine flu is a misnomer.”
Rambaut, Holmes and Salzberg declined to speculate on whether the new H1N1 virus evolved on a hog farm or specifically in the Granjas Carroll facility.
However, it seems likely that pigs were the original host.
“That’s a logical conclusion,” said Salzberger. “It was probably two different pigs, or one who got co-infected from others. The two strains mixed, and now you have a brand-new strain.”
“Presumably somewhere there was a pig infected with both forms. We don’t know where or when. It could have been circulating in this form for a while,” said Rambaut.
What comes next is anyone’s guess.
“Influenza virus mutates remarkably rapidly so there is no doubt that the virus will mutate and evolve in humans,” said Holmes. “Quite what this evolution will result in is difficult to tell.”


Police: Death of Freddie Mac's Kellermann may be suicide

VIENNA, Virginia (CNN) -- The acting chief financial officer of mortgage finance giant Freddie Mac was found dead Wednesday morning at his home, police said.
David Kellermann, acting CFO of Freddie Mac, was found dead on Wednesday, police said.
David Kellermann was found dead of an apparent hanging, a source familiar with the investigation told CNN.
There were no signs of foul play when officers arrived at the home in Vienna shortly before 5 a.m., said Lucy Caldwell, a spokeswoman for police in Fairfax County, Virginia. She said the death "may have been an apparent suicide."
A second Fairfax County police spokesman, Eddie Azcarate, said Kellermann's body was found in the basement.
"The exact cause of death ... we're going to wait for the medical examiner," he said. Police were called by someone inside the home, he said, but he didn't know who made the report. Watch why police don't suspect foul play ?
Family members remained in the home, and several visitors went inside.
Freddie Mac has been immersed in financial problems since last year, when the government took it over in the midst of the escalating subprime-mortgage loan crisis. Federal prosecutors in New York and Virginia have been investigating it, as has the Securities and Exchange Commission, according to a March 11 company filing.
Sharon McHale, Freddie Mac's vice president for public relations, issued a statement at midday, saying, "Freddie Mac knows of no connection between David Kellermann's death and the regulatory inquiries that were discussed in our recent SEC filing."
Neighbors indicated there was no sign that Kellermann had problems.
"They were very friendly with all the young families in the neighborhood ... terrific people," said neighbor Paul Unger. "We saw him when he was out working in the yard. ... We didn't spend a lot of time together."
"We're beyond shocked," he said. "He was a great family guy with a beautiful young child."
They had the most decorated home at Christmas, Unger added. "I cannot imagine what has happened. ... This is a nightmare."
"I asked the policeman what was going on and he told me. I was stunned, silent, shed tears. I feel terrible," Unger said.
"This is a solid, salt-of-earth kind of family ... and I just cannot imagine what would have driven him to it."
Another neighbor said the family was very "community-oriented," and liked hosting parties at their house.
"We're very, very upset right now," said the woman, whose daughter baby-sat for the Kellermanns' 5-year-old daughter. "This is just too much for us."
"They were a very happy, happy couple. So it was a shock when we came upon it."
Kellermann, 41, was a man "of great talents," Freddie Mac's interim CEO, John Koskinen, said in a written statement.
"He dedicated those talents to Freddie Mac for more than 16 years, serving in many business and finance capacities before recently taking the reins as acting chief financial officer.
"His extraordinary work ethic and integrity inspired all who worked with him. But he will be most remembered for his affability, his personal warmth, his sense of humor and his quick wit."
Treasury Secretary Tim Geithner offered his condolences in a written statement: "On behalf of the Treasury family, we are deeply saddened by the news this morning of David Kellermann's death. Our deepest sympathies are with his family and his colleagues at Freddie Mac during this difficult time."
Freddie Mac was established by Congress in 1970 to provide liquidity, stability and affordability to the nation's residential mortgage markets. It supports communities across the nation by providing mortgage capital to lenders.
Kellermann, who served as a senior vice president in addition to acting CFO, was named to those posts in September. He was responsible for the company's financial controls. This included overseeing financial reporting, compliance with tax requirements and regulations, and annual budgeting and financial planning.
Before assuming his current posts, Kellermann was corporate controller and principal accounting officer.
According to the March 11 company filing, Freddie Mac was subpoenaed for documents relating to accounting, disclosure and corporate governance matters in September, October, January and February. The filing also says that SEC staff was interviewing company employees.
The government took over Freddie Mac last year. In September, it and Fannie Mae were placed under conservatorship by their regulator, the Federal Housing Finance Agency.
Both companies back mortgages held by private homeowners, and have received massive cash infusions from the government to keep them afloat.
Kellermann held a master's degree in finance from George Washington University and a bachelor's in political science and accounting from the University of Michigan. He had served as a volunteer board member of the District of Columbia Coalition for the Homeless.
"We at [the Federal Housing Finance Agency] are very saddened by the death of David Kellermann," the agency said in a written statement. "As the acting chief financial officer of Freddie Mac during particularly challenging times, David was an inspiration to his staff and many others who were privileged to work with him."
A spokesman for the SEC declined to comment.
As part of its rescue of Freddie and Fannie last year, the government made $100 billion available to each to cover future losses -- amounts that President Obama has since doubled.
In March, Freddie reported that it had asked the government for $30.8 billion after losing $50 billion in 2008. Nearly the entire loss came in the second half of the year, following the government takeover, and the company's losses deepened as the housing market continued its decline

Phishing: Is that Web site real or not?

Phishing attacks rely on deception, pure and simple. Using realistic looking, but fake Web sites was one of the first techniques used by phishers. Eventually that approach became somewhat ineffective. Web sites didn’t look exactly right or the URL was wrong, alerting us to the deception.
The real thing
Phishers still use fake Web sites, but have developed a better mouse trap by altering official Web sites. How you say? It’s simple; phishers leverage the same vulnerabilities that are used for Web site defacement and various other attack vectors. It’s a good idea, since there’s no need to create anything, just alter what exists. Besides it’s the perfect deception, the site obviously looks right and the correct URL is displayed.
The “how and why” Web sites are exploited is well documented, with leveraging weaknesses in PHP to gain a foothold on the Web server being one of more preferred methods. An example of this would be the vulnerability discussed in the National Cyber-Alert CVE-2008-3239:
“Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote attackers to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFILE] parameter and file contents in the CONF[LOCALE_LONG_DATE_TIME] parameter.”
What makes this vulnerability unique is the developer’s insistence that there’s nothing wrong with the code. So they aren’t going to change anything:
“Tough we do not intend to release a security fix for this issue at this time, we want to remind our users of the importance of disabling the “REGISTER_GLOBALS” option of their system. This option will not only enable this vulnerability to be exploited but will also open multiple breaches into your system. Note that if your system is configured properly (with “REGISTER_GLOBALS” disabled), this vulnerability does not apply to your website.”
Kind of a strange statement from a vendor, but it’s exactly what the bad guys like to see. As proof, I did a simple search and found several Web sites advertising exploit code for this vulnerability. I’ve linked one example that’s published at the Milw0rm site.
Current research
I’ve just finished reading a paper written by researchers Tyler Moore (CRCS Harvard University) and Richard Clayton (Computer Laboratory, University of Cambridge) titled “Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing“ (pdf). Don’t worry about the title; the paper is a good read shedding light on the effectiveness of Web sites altered to steal sensitive information. For example, one interesting statistic was the mix of compromised Web sites versus fake Web sites:
“By far the most common way to host a phishing Web site is to compromise a Web server and load the fraudulent HTML into a directory under the attacker’s control. This method accounts for 75.8% of phishing.
A simpler, though less popular approach, is to load the phishing web page onto a ‘free’ web host, where anyone can register and upload pages. Approximately 17.4% of phishing web pages are hosted on free web space.”
Locating vulnerable Web sites
OK, we now know that phishers prefer to alter real Web sites and how they do it. The next question begging to be asked is how they find vulnerable Web sites. In reality, phishers don’t have too much trouble. They use readily available scanners designed to check for PHP weaknesses. One example is the Web Vulnerability Scanner by Acunetix:
“The best way to check whether your web site & applications are vulnerable to PHP security attacks is by using a Web Vulnerability Scanner. A Web Vulnerability Scanner crawls your entire website and automatically checks for vulnerabilities to PHP attacks. It will indicate which scripts are vulnerable so that you can fix the vulnerability easily.”
Still, most would admit that this type of scanning is slow and very inefficient, especially considering the number of Web sites in existence. Moore and Clayton’s paper again sheds light on what phishers are using to make the locating process easier:
“An alternative approach to scanners, that will also locate vulnerable websites, is to ask an Internet search engine to perform carefully crafted searches. This leverages the scanning which the search engine has already performed, a technique that was dubbed ‘Google hacking’ by Long.
He was interested not only in how compromisable systems might be located, but also in broader issues such as the discovery of information that was intended to be kept private. Long called the actual searches ‘googledorks’, since many of them rely upon extended features of the Google search language, such as ‘inurl’ or ‘intitle’.”
The article that the above quote refers to is written by Johnny Long and titled “Google Hacking Mini-Guide“. It’s a treasure trove of information on how to maximize Google search instructions to get sensitive details about Web sites.
Let’s see if it works. If you remember the PHP vulnerability described by CVE-2008-3239, the key search phrase would be “PHPizabi 0.848b C1 HFP1″. I entered that phrase in Google search and after some digging to get past all the entries referring to this exploit, I found results that definitely would be of interest to phishers:


Botnet 'ensnares government PCs'

Almost two million PCs globally, including machines inside UK and US government departments, have been taken over by malicious hackers.
Security experts Finjan traced the giant network of remotely-controlled PCs, called a botnet, back to a gang of cyber criminals in Ukraine.
Several PCs inside six UK government bodies were compromised by the botnet.
Finjan has contacted the Metropolitan Police with details of the government PCs and it is now investigating.
A spokesman for the Cabinet Office, which is charged with setting standards for the use of information technology across government, said it would not comment on specific attacks "for security reasons".
When we look at a similar network last year they were in the hundreds of thousands. Now were looking at mega-size botnets.
Yuval Ben-Itzhak, chief technology officer for Finjan "It is Government policy neither to confirm nor deny if an individual organisation has been the subject of an attack nor to speculate on the origins or success of such attacks."
He added: "We constantly monitor new and existing risks and work to minimise their impact by alerting departments and giving them advice and guidance on dealing with the threat."
How does a botnet work?
It is the second time in a year that PCs inside government departments have been hacked to form part of a botnet.
On this occasion, the machines were infected with software which allowed them to be taken over and enslaved in the botnet due to vulnerabilities in web browsers.
At the mercy
Once a machine has been compromised, it can be instructed to download further software, which puts the machine at the mercy of malicious hackers.

Hi-tech crime: A glossary The compromised PCs are capable of reading e-mail addresses, copying files, recording keystrokes, sending spam and capturing screen shots.
Once a single machine inside a corporate network has been made part of the botnet it puts other machines on the network at risk.
The Cabinet Office would not give details of what the compromised machines had been instructed to do, nor the names of the different government departments that had been infiltrated.
The cyber criminals, who have not been caught, were selling access to the compromised machines, thought to be mainly PCs inside companies, on a hackers' forum in Russia.
One thousand machines were being sold at a time for between $50 and $100.
Finjan reports that the botnet is under the control of six criminals who are able to remotely control the infected machines.
Different organisations
Almost half of the infected machines were in the US. Six percent of the botnet, about 114,000 machines from 52 different organisations, were from the UK, among them a single PC inside the BBC's network.
Many of the infected machines will have been caught by routine information security policies at firms, as it was in the case of the BBC, but Finjan says many of the botnet PCs are still active.
We are aware of this botnet and are taking appropriate action
Metropolitan Police spokeswoman More than 70 different national government agencies from around the world were caught up in the malicious network.
Yuval Ben-Itzhak, chief technology officer for Finjan, told BBC News: "When we looked at the network domain names to see where the [compromised PCs] come from we were surprised to see many government networks, including UK government computers.
"Obviously we reported it and they have now dealt with it. There were six UK agencies with at least one computer in each department that was running the bot.
"I'm not at liberty to name the actual agencies - but this isn't a unique story to the UK, they were running in many other non-UK, government bodies too."
Government bodies
A number of different government bodies are responsible for IT security and deployment across the UK.
They include the Central Sponsor for Information Assurance, the National Technical Authority for Information Assurance, and the Centre for the Protection of National Infrastructure (CPNI), the government body which is part of the British Security Service and responsible for providing security advice to organisations that make up critical services in the UK.
All of the infected machines were Windows-based PCs and the vulnerability was targeting security holes in Internet Explorer and Firefox.
Mr Ben-Itzhak said: "What is unique is the number, the size of the network. When we looked at a similar network last year they were in the hundreds of thousands. Now we're looking at mega-size botnets."
In contact
A spokeswoman for the Metropolitan Police said: "This is an ongoing investigation. We are aware of this botnet and are taking appropriate action."
Large botnets can be used to co-ordinate attacks to knock parts of the network, or specific websites, offline, called a Distributed Denial of Service attack.
Last year, the CPNI told a Cabinet Office-commissioned independent review that stopping such attacks was difficult.
It said: "The attacks are relatively low in sophistication, but have been highly effective due to the large number of compromised machines involved.
"It is difficult to defend against a sophisticated Distributed Denial of Service attack without impacting legitimate business use."
The CPNI recommended that the best defence against these attacks was appropriate monitoring of the network.

China on alert to prevent swine flu infection

BEIJING, April 25 (Xinhua) -- China's General Administration of Quality Supervision, Inspection and Quarantine issued an emergency notice Saturday night requiring people to report flu-like symptoms at the point of entry when coming from the deadly swine flu affected places.
This is China's latest move in response to the outbreaks of human infection of Swine Influenza A/H1N1 in Mexico and the United States.
People who developed flu-like symptoms after returning from the disease affected regions within two weeks should also report to the local entry-exit inspection and quarantine authorities, the administration said.
These people reporting flu-like symptoms must be scrutinized and the those who have been infected or are suspected to be infected by the virus should be isolated and treated, it said.
China's ministries of health and agriculture said they are closely monitoring the development of the situation.
The Ministry of Health said it has organized experts to study prevention measures and would enhance contact with the World Health Organization (WHO) and the governments of Mexico and the U.S. to learn about the latest developments.
The new flu strain -- a mixture of swine, human and avian flu viruses has killed more than 60 people among around 1,000 suspected cases in Mexico and infected less than 10 in the United States.
WHO director general Margaret Chan said the swine flu outbreak had the potential to turn into a worldwide pandemic, but it was too early to say whether the flu will turn into such a pandemic or not.