×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Card-Sniffing Malware On Diebold ATMs

L3sPau1 Re:Track record? (143 comments)

Good call on OS2, it's right under their noses. Like you said WTF. BTW, I've bookmarked an interesting video with Avi Rubin on e-voting machine security that kinda sorta relates. http://tinyurl.com/dehz2q

more than 5 years ago

Submissions

top

Servers at Risk from IPMI, BMC Flaws

L3sPau1 L3sPau1 writes  |  about a year ago

L3sPau1 (1503477) writes "Security vulnerabilities in the Intelligent Platform Management Interface found in baseboard management controllers apparently put thousands of servers at risk to authentication bypass and other abuses of legitimate credentials."
Link to Original Source
top

Rocra Espionage Malware Campaign Uncovered

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by researchers at Kaspersky Lab, focused not only on workstations, but mobile devices and networking gear to gain a foothold inside strategic organizations. Once inside, attackers pivoted internally and stole everything from files on desktops, smartphones and FTP servers, to email databases using exploits developed in China and Russian malware, Kaspersky researchers said."
Link to Original Source
top

Changes to Mozilla Security Program Foster Open Source Security Tool Development

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "Mozilla has changed the way it engages with its security contributors, creating new levels of participation that will foster the development of open source security tools."
Link to Original Source
top

Nvidia Display Driver Service Attack Escalates Privileges on Windows Machines

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "A zero-day has been found in the Nvidia Display Driver Service on Windows machines. An attacker with local access can use the exploit gain root privileges on a Windows machine. Windows domains with relaxed firewall rules or file sharing enabled can also pull off the exploit, which was posted to Pastebin by researcher Peter Winter-Smith."
Link to Original Source
top

Crimeware Enterprises Mirror Legitimate Businesses

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "This article looks at the organizational structure of cybercrime gangs and the services that are available to organized criminals operating online. Malware and malware services are unfortunately relatively cheap and readily available to any hacker with resources."
Link to Original Source
top

National Strategy Could Nudge Security Information Sharing Forward

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "While we wait for President Obama to issue an Executive Order and cybersecurity legislation to someday make its way through Congress, the White House yesterday issued a framework for information sharing among government agencies. Information sharing has almost become a cliche among security people, but with the industry pushing for continuous monitoring and better detection technologies, the only way that will work is with better attack data, intelligence and information sharing. This could help pave the way..."
Link to Original Source
top

New Malware Wiping Data on Computers in Iran

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "Iran's computer emergency response team is reporting new malware targeting computers in the country that is wiping data from partitions D through I. It is set to launch on only particular dates. While there has been other data-wiping malware targeting Iran and other Middle East countries such as Wiper and Shamoon, researchers said there is no immediate connection."
Link to Original Source
top

Carberp Trojan Goes for a Cool $40K

L3sPau1 L3sPau1 writes  |  about 2 years ago

L3sPau1 writes "The Carberp banking Trojan has now gone commercial. Formerly available only for private sale on underground trading sites, Carberp has been updated with the Rovnix bootkit and a builder kit. The full kit goes for $40,000, otherwise you can buy fraud-as-a-service (FAAS?) for anywhere between $2,000 and $10,000."
Link to Original Source
top

Windows blue screen may be rootkit infection

L3sPau1 L3sPau1 writes  |  more than 4 years ago

L3sPau1 (1503477) writes "A rootkit infection may be the cause of a Windows Blue Screen of Death issue experienced by people who applied the latest round of Microsoft patches. It appears that the affected Windows PCs had the rootkit infection prior to deploying the Microsoft patches. Researchers investigating the issue have isolated the infection to the Windows atapi.sys file, a driver used by Windows to connect hard drives and other components. An expert identified the infection as the Tdss-rootkit, which surfaced last November and has been spreading quickly, creating zombie machines for botnet activity."
Link to Original Source
top

Interview with Bruce Schneier

L3sPau1 L3sPau1 writes  |  about 5 years ago

L3sPau1 (1503477) writes "Security expert Bruce Schneier answers questions on a variety of information security topics, including: how security will respond to economic recovery; the move toward security services and which make the most sense for IT; the risks posed by social media; the effectiveness of user awareness programs; security metrics that make the most sense to collect; and third-party security."
Link to Original Source
top

How to create a bit-image copy of a live server

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "If you think a critical server has been tampered with, part of your incident response plan should include creating a a bit-image copy before shutting that system down. A bit-image copy is a copy of every bit on the hard drive regardless of how the operating system sees it, rather than a copy of every file. A bit-image is preferred over a file-level copy of the image since it will include fragments of deleted files or data that is otherwise hidden. Free and open source tools are available to simplify this process."
Link to Original Source
top

PCI Council GM Responds to critics of standard

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "PCI Security Standards Council GM Bob Russo writes a column for SearchSecurity.com lashing back at criticism of the PCI Data Security Standard and defends his assertion that everyone in the payment chain, from (point-of-sale) POS manufacturers to e-shopping cart vendors, merchants to financial institutions, should play a role to keep payment information secure. There are many links in this chain — and each link must do their part to remain strong, Russo says."
Link to Original Source
top

The dangers of the Free Public Wi-Fi ad hoc

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "It can be tough to convince users — especially those challenged by shrinking travel budgets — to avoid the allure of free wireless Internet. When employers can't or won't pay for unlimited wireless Internet, employees get creative. Why should they waste thankless hours waiting for planes and trains when they could be using Free Public WiFi to catch up on mail, download iTunes, or watch a little Slingbox? Unfortunately, Free Public WiFi isn't what it sounds like. In most cases, this unsecured wireless network is actually being offered by a nearby laptop or smartphone. Any naive user who tries to connect may well succeed, but the ad hoc node (wireless peer) at the far end isn't an on-ramp to the Internet. At best, it's a wireless cul-de-sac; a dead end for IP packets. At worst, it's a thief using KARMA to spoof destination servers, launch man-in-the-middle attacks and steal personal and business identities."
Link to Original Source
top

Anti-binary diffing tool released at Black Hat

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "At the recent Black Hat USA 2009 conference, Jeongwook Oh, a researcher with eEye Digital Security, unveiled an anti binary-diffing tool called Hondon (which translates to chaos in Korean). Hondon, Oh said, obfuscates binaries so that patched elements are essentially invisible to diffing tools without impacting the stability and usability of the patches. The idea behind anti-binary diffing is to extend the time it takes for an attacker to analyze patches and create a working exploit. Oh says all Windows patch binaries have either been manually or automatically diffed; he estimates some can be analyzed in as few as 30 minutes and a working exploit can be developed within a day."
Link to Original Source
top

MMS messaging spoof hack could have global ramific

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "You won't be able to trust MMS messages today the same way you did yesterday. Researchers Zane Lackey and Luis Miras presented their work this week at Black Hat, demonstrating attacks in which they spoofed sender numbers and exploited flaws in GSM carriers' networks to bypass them in a MMS message loop. The researchers are able to trick the victim's phone to request content from their servers as opposed to the carrier's server. The attack potentially makes any mobile device on a GSM network anywhere in the world capable of sending media files vulnerable to spoofing, phishing attacks and other scams."
Link to Original Source
top

Machiavelli Mac OS X rootkit unveiled at Black Hat

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "Researcher Dino Dai Zovi presented details on a rootkit called Machiavelli he developed for the Mac OS X that uses Mach remote procedure calls to make kernel calls, and create kernel threads and tasks."
Link to Original Source
top

DNSSEC deployments gain momentum since Kaminsky DN

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "DNSSEC won't fix all the security woes in DNS, but it does check cache poisoning, one of the biggest threats to ecommerce and trust on the Internet. Implementing DNSSEC, however, is another matter. Not only does it require a significant infrastructure overhaul for large enterprises and service providers running DNS servers, but a host of political battles are keeping DNSSEC from reaching critical mass."
Link to Original Source
top

New EV SSL MiTM attacks to be demoed at Black Hat

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "Alexander Sotirov and Mike Zusman are expected to demonstrate new man in the middle attacks on Extended Validation SSL certificates at the upcoming Black Hat Briefings, including an offline hack that poisons a site protected by an EV certificate. Sotirov and Zusman said they can attack an EV SSL-protected site using a traditional and easy-to-obtain SSL certificate. Zusman explained that an attacker could intercept wireless traffic at a free and public Wi-Fi hotspot and poison the client's cache of an EV site using the non-EV certificate. Once the victim browses an EV-protected site, the browser, unable to differentiate between the two, will load the content from the poisoned cache as well. The victim will continue to see the green bar, but the EV session is nonetheless compromised."
Link to Original Source
top

Kaminsky interview: DNS bug a year later, DNSSEC

L3sPau1 L3sPau1 writes  |  more than 5 years ago

L3sPau1 writes "Network security researcher Dan Kaminsky has had a year to reflect on the impact of the cache poisoning vulnerability he discovered in the Domain Name System (DNS). In the time since, Kaminsky has become an advocate for improving security in DNS, and ultimately, trust on the Internet. One way to do this is with the widespread use of DNSSEC (DNS Security Extensions), which essentially brings PKI to website requests. In this interview, Kaminsky talks about how the implementation of DNSSEC would enable greater security and trust on the Net and provide a platform for the development of new security products and services."
Link to Original Source

Journals

L3sPau1 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?