Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Microsoft Word Zero-Day Used in Targeted Attacks

wiredmikey Affects more than Word 2010, Including Mac OS (1 comments)

One important piece not included in my original post, is that while the reported attacks are targeting Microsoft Word 2010, other software products affected by the vulnerability include: Microsoft Word 2003, Microsoft Word 2007, Microsoft Word 2013, Microsoft Word Viewer Microsoft Office for Mac 2011. Fortunately for Windows systems, according to the Microsoft engineers, tests showed that EMET default configuration can block the exploits seen in the wild.

about 5 months ago
top

With HTTPS Everywhere, is Firefox now the most secure mobile browser?

wiredmikey HTTPS Doesn't Make a Browser Secure (2 comments)

While HTTPS is great to have, it does nothing to actually make the Browser itself more secure, it simply protects the data traveling between a web browser and a web server. HTTPS does nothing to protect against other vulnerabilities and exploits that could affect browsers. Yes, HTTPS is good, but it's by no means a silver bullet.

about 6 months ago
top

Target has major credit card breach

wiredmikey Re:Skip the Middleman (2 comments)

Agreed, Brian Krebs who Broke the story should get the credit here and his story is better than the Tribune piece. -=M

about 8 months ago
top

Dell Bets $16M on Security Firm Invincea

wiredmikey Didn't Wasn't Only Investor (1 comments)

Just a note to clarify this -- While Dell was a lead investor in the $16 million round, it wasn't all from the pockets of Dell Ventures. The total $16m funding round was led by new investors Aeris Capital and Dell Ventures, and existing investors Grotech Ventures, Harbert Ventures, and New Atlantic Ventures participated.

about 8 months ago
top

New Adobe Reader zero day used in phishing attacks

wiredmikey Adobe Didn't "Confirm" - They Acknowledged Report (1 comments)

Adobe didn't' CONFIRM that latest versions of Reader and Acrobat where affected. While they MAY be, Adobe simply acknowledged the report of a vulnerability and that they were looking into it.

"Adobe is aware of a report of a vulnerability in Adobe Reader and Acrobat XI (11.0.1) and earlier versions being exploited in the wild. We are currently investigating this report and assessing the risk to our customers," the post from Adobe said.

about a year and a half ago
top

Russia's New Secure Android Tablet Keeps Data From Google

wiredmikey Should be "Android-like" (1 comments)

I should have actually out "Android-like" or "Almost Android" as the story has it. It's not officially Android but a "slimmed down" version of it. The operating system has all the functional capabilities of an Android operating system but none of its hidden features that send users' private data to Google headquarters, according to the project manager.

about 2 years ago
top

Lessons In Campus Cybersecurity

wiredmikey Higher Education Institutions Face Greater Risks (1 comments)

This is an interesting topic. As Rod Rasmussen wrote last April, student Internet use is nothing short of the Wild West. Malware, phishing, infrastructure attacks, social network targeting, and peer-to-peer (P2P) information leakage are not potential threats; they’re actual, daily issues. And here’s the scary part: when a student’s computer on a college network is compromised, it’s not just the student who pays the price—legally, so does the institution. The dangers for a university or college network can lurk everywhere from e-mail to the Internet infrastructure itself. Rod explains many of those risks:

http://www.securityweek.com/college-cyber-security-tightrope-higher-education-institutions-face-greater-risks

about 2 years ago
top

ICS-CERT Warns of Serious Flaws In Tridium SCADA Software

wiredmikey Re:Of course, since it's SCADA... (34 comments)

It's not really SCADA, it's different. SCADA is from Siemens, this is different and the Niagara Framework is used in places beyond big facilities such as power plants and factories. The Niagra framework reaches offices buildings, hospitals, airports and more.

http://www.securityweek.com/niagara-vulnerabilities-put-office-buildings-airports-hospitals-risk

That being said, this warning was originally issued back in July with ICS-CERT not really adding anything new in this warning.

-M

about 2 years ago
top

ICS-CERT Warns of Serious Flaws in Tridium SCADA Software

wiredmikey Not really new (1 comments)

This alert is actually old and dates back to July. ICS-CERT re-releases things all the time in order to update small things and people see an update, no matter how minor. But mainly the updates often apply to their internal processes though. Here is the original that came out in July: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-195-01.pdf -- It's almost identical.

about 2 years ago
top

VISA, MasterCard Warn of 'Massive' Breach At Credit Card Processor

wiredmikey Re:Criminal (164 comments)

It's Global Payments, Inc. Will have more info on it shortly!

more than 2 years ago
top

51% Of Internet Traffic Is 'Non-Human'

wiredmikey Interesting, But Likely Skewed Data (1 comments)

There is some interesting data here, and bots and malicious spiders are certainly consuming the web big time, but this study is likely skewed. The survey was done across Incapsula's customer base---which tell me that people who have signed up for their service may have a higher likeliness to be attacked or be the target of hackers. It's people who have paid attention to their site and have likely had more to deal with and are making the extra effort to add a layer of security. So that tells me that quite possibly the results would be skewed to show that these sites are attacked more then the overall average across the entire web. In other words, many of these site have had issues, and have signed up for the service as a result. That's my take. Though there are lots of bots and malicious traffic out there.

more than 2 years ago
top

Google Wasting $16 Billion on Projects Headed Nowhere

wiredmikey All Wasted or Part Innovation and R&D Expense? (2 comments)

I don't agree that this is all waste. It's part of being an innovative and creative company. While many of these projects will "fail" or not be put into any profitable use for a company, there is some value. People learn. New projects and successful profit-making projects do some from these crazy ideas. It's innovation, it's challenging engineers in ways that could help in other areas. It may be a bit of a stretch to compare it to the pharma industry, but in the same fashion, so much R&D is "Wasted " if you measure in terms of drugs that failed to launch or are unsuccessful. But is it a total waste? I don't think so. It's part of pushing a company forward, keeping the culture of innovation and challenging us to tackle all sorts of problems. I am confident that Google isn't "wasting" a full $16 billion.

more than 2 years ago
top

Hackers tear down NASDAQ

wiredmikey DDoS Isn't Hacking, Site is Up (1 comments)

First, the site is online and loading fine. Second, DDoS attacks are different from hacking attacks where one tries to obtain unauthorized access to information or a system. The site was down on Tuesday, but the situation was resolved, at least for now....

more than 2 years ago
top

Is Dropbox the next Google?

wiredmikey Not Even Close. (1 comments)

No, DropBox is not the next Google. If it is, they have a LONG way to go and have to expand in many areas and gain traction in those areas as well. While DropBox may be a useful service, it's not even close to being the next Google, or posing a threat to Google or Facebook.

more than 2 years ago

Submissions

top

Hackers Demand Automakers Get Serious About Security

wiredmikey wiredmikey writes  |  about two weeks ago

wiredmikey (1824622) writes "In an open letter to Automotive CEOs, a group of security researchers has called on automobile industry executives to implement five security programs to improve car safety and build cyber-security safeguards inside the software systems powering various features in modern cars.

As car automation systems become more sophisticated, they need to be locked down to prevent tampering or unauthorized access. The Five Star Automotive Cyber Safety Program outlined in the letter asked industry executives for safety by design, third-party collaboration, evidence capture, security updates, and segmentation and isolation.

Vehicles are “computers on wheels,” Josh Corman, CTO of Sonatype and a co-founder of I am the Cavalry, the group who penned the letter (PDF. The group aims to bring security researchers together with representatives from non-security fields, such as home automation and consumer electronics, medical devices, transportation, and critical infrastructure, to improve security. Along with releasing the open letter, the group participated in a closed-door session with automobile and medical device representatives in a private meeting in Las Vegas on Tuesday and planned to discuss automotive hacking at DEF CON on Sunday."

Link to Original Source
top

Facebook Acquires Server-focused Security Startup

wiredmikey wiredmikey writes  |  about two weeks ago

wiredmikey (1824622) writes "In a move to bolster the security of its massive global server network, Facebook announced on Thursday it was acquiring PrivateCore, a Palo Alto, California-based cybersecurity startup. PrivateCore describes that its vCage software transparently secures data in use with full memory encryption for any application, any data, anywhere on standard x86 servers.

“I’m really excited that Facebook has entered into an agreement to acquire PrivateCore,” Facebook security chief Joe Sullivan wrote in a post to his own Facebook page. "I believe that PrivateCore's technology and expertise will help support Facebook's mission to help make the world more open and connected, in a secure and trusted way," Sullivan said. "Over time, we plan to deploy PrivateCore's technology directly into the Facebook server stack.""

Link to Original Source
top

Mozilla Dumps Info of 76,000 Developers to Public Web Server

wiredmikey wiredmikey writes  |  about two weeks ago

wiredmikey (1824622) writes "Mozilla warned on Friday that it had mistakenly exposed information on almost 80,000 members of its Mozilla Developer Network (MDN) as a result of a botched data sanitization process. The discovery was made around June 22 by one of Mozilla’s Web developers, Stormy Peters, Director of Developer Relations at Mozilla, said in a security advisory posted to the Mozilla Security Blog on Friday.

“Starting on about June 23, for a period of 30 days, a data sanitization process of the Mozilla Developer Network (MDN) site database had been failing, resulting in the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users on a publicly accessible server,” Peters wrote. According to Peter, the encrypted passwords were salted hashes and they by themselves cannot currently be used to authenticate with the MDN. However, Peters warned that MDN users may be at risk if they reused their original MDN passwords on other non-Mozilla websites or authentication systems."

Link to Original Source
top

Researchers Make Weak Passwords Virtually Uncrackable

wiredmikey wiredmikey writes  |  about three weeks ago

wiredmikey (1824622) writes "A team of researchers at the New York University Polytechnic School of Engineering say they have found a way to help organizations better protect even the weakest of passwords and make them almost impossible to crack.

Using an open-source password protection scheme dubbed PolyPasswordHasher, password information is never stored directly in a database; the information is used to encode a cryptographic "store" that cannot be validated unless a certain number of passwords are entered. In other words, an attacker would need to crack multiple passwords simultaneously in order to verify any single hash.

"PolyPasswordHasher divides secret information—in this case, password hashes—into shares, and just like a puzzle that is meaningless unless the pieces are assembled, no individual password can be validated unless a certain number of them are known and entered," explained Assistant Professor of Computer Science and Engineering Justin Cappos. "Even if the password file and all other information on disk were stolen, an attacker could not verify a single correct password without guessing a large number of them correctly."

Cappos estimated an attacker using a modern laptop could crack at least three six-character passwords in an hour if the computer was checking roughly a billion password hashes per second. With PolyPasswordHasher, the attacker would be required to compute these three passwords at the same time. The researchers estimate that in practice, all 900 million computers on Earth would need to work nonstop for longer than 13 billion years to compute the three passwords at the same time. According to the researchers' paper, the method is conceptually similar to encrypting the passwords with a key that is only recoverable when a threshold of passwords are known."

Link to Original Source
top

Chinese Hackers Infiltrate Firms Using Malware-Laden Handheld Scanners

wiredmikey wiredmikey writes  |  about a month ago

wiredmikey (1824622) writes "China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world. According to security firm TrapX, the attack begins at a Chinese company that provides hardware and software for handheld scanners used by shipping and logistics firms worldwide to inventory the items they're handling. The Chinese manufacturer installs the malware on the Windows XP operating systems embedded in the devices.

Experts determined that the threat group targets servers storing corporate financial data, customer data and other sensitive information. A second payload downloaded by the malware then establishes a sophisticated C&C on the company's finance servers, enabling the attackers to exfiltrate the information they're after. The malware used by the Zombie Zero attackers is highly sophisticated and polymorphic, the researchers said. In one attack they observed, 16 of the 48 scanners used by the victim were infected, and the malware managed to penetrate the targeted organization's defenses and gain access to servers on the corporate network.

Interestingly, the C&C is located at the Lanxiang Vocational School, an educational institution said to be involved in the Operation Aurora attacks against Google, and which is physically located only one block away from the scanner manufacturer, TrapX said."

Link to Original Source
top

DHS Mistakenly Releases 840-pages of Critical Infrastructure Documents

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "Whoops! The U.S. Department of Homeland Security (DHS) has mistakenly released hundreds of documents, some of which contain sensitive information and potentially vulnerable critical infrastructure points across the United States, in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.

The Operation Aurora attack was publicized in 2010 and impacted Google and a number of other high-profile companies. However, DHS responded to the request by releasing more than 800 pages of documents related to the 'Aurora' experiment conducted several years ago at the Idaho National Laboratory, where researchers demonstrated a way to damage a generator via a cyber-attack.

Of the documents released by the DHS, none were related to the Operation Aurora cyber attack as requested. Many of the 840 pages are comprised of old weekly reports from the DHS' Control System Security Program (CSSP) from 2007. Other pages that were released included information about possible examples of facilities that could be vulnerable to attack, such as water plants and gas pipelines.

When contacted by SecurityWeek, the DHS declined to comment about the situation."

Link to Original Source
top

Researchers Disarm Microsoft's EMET

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "Security researchers have found a way to disable the protection systems provided by the latest version of Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a software tool designed to prevent vulnerabilities from being exploited by using various mitigation technologies. Others have managed to bypass EMET in the past, but researchers from Offensive Security have focused on disarming EMET, rather than on bypassing mitigations, as this method gives an attacker the ability use generic shellcodes such as the ones generated by Metasploit.

The researchers managed to disarm EMET and get a shell after finding a global variable in the .data section of the EMET.dll file. Initially, they only managed to get a shell by executing the exploit with a debugger attached, due to EMET's EAF checks. However, they've succeeded in getting a shell outside the debugger after disarming EAF with a method described by security researcher Piotr Bania in January 2012. The researchers tested their findings on Windows 7, Internet Explorer 8 and EMET 4.1 update 1."

Link to Original Source
top

Cybercrooks May Have Stolen Billions Using Brazilian 'Boletos'

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "Researchers with RSA have discovered a Boleto malware (Bolware) ring that compromised as many as 495,753 Boleto transactions during a two-year period. Though it is not clear whether the thieves successfully collected on all of the compromised transactions, the value of those transactions is estimated to be worth as much as $3.75 billion USD.

A Boleto is essentially a document that allows a customer to pay an exact amount to a merchant. Anyone who owns a bank account — whether a company or an individual — can issue a Boleto associated with their bank. The first signs of its existence appeared near the end of 2012 or early 2013, when it began to be reported in the local news media," according to the report (PDF). "The RSA Research Group analyzed version 17 of the malware, gathering data between March 2014 and June 2014. The main goal of Boleto malware is to infiltrate legitimate Boleto payments from individual consumers or companies and redirect those payments from victims to fraudster accounts.""

Link to Original Source
top

Energy Firms in Europe, US Hit by Cyberattack

wiredmikey wiredmikey writes  |  about 1 month ago

wiredmikey (1824622) writes "Symantec said on Monday that it has identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines. Known as the "Dragonfly group" or 'Energetic Bear', the attackers are believed to have been in operation since at least 2011. Initially, its targets were in the defense and aviation industry in the United States and Canada. In early 2013, it shifted its focus to energy firms in the U.S. and Europe.

The attacks on the energy sector began with malware sent via phishing emails to targeted personnel. Symantec observed the spear phishing attempts hitting organizations in the form of PDF attachments between February 2013 and June 2013, mostly targeting the US and UK. They emails were disguised as messages about administration issues such as delivery problems or issues with an account.

Later on, the group added watering hole attacks into its repertoire by compromising websites likely to be visited by people working in the industry and redirecting them to sites hosting an exploit kit known as Lightsout. The Lightsout kit has been upgraded over time, and eventually became known as the Hello exploit kit.

The third phase of the campaign involved the Trojanizing of legitimate software bundles belonging to three different industrial control system (ICS) equipment manufacturers using malware detected as Backdoor.Oldrea (Havex), according to Symantec's report (PDF). "The Dragonfly group is technically adept and able to think strategically," the researchers noted. "Given the size of some of its targets, the group found a “soft underbelly” by compromising their suppliers, which are invariably smaller, less protected companies.""

Link to Original Source
top

Saudi Government Targeting Dissidents with Mobile Malware

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "Human Rights Watch on Friday demanded a clarification from Saudi Arabia over allegations from security researchers that the kingdom is infecting and monitoring dissidents' mobile phones with surveillance malware. The New York-based rights watchdog said surveillance software allegedly made by Italian firm Hacking Team mostly targeted individuals in Qatif district in Eastern Province, which has been the site of sporadic Shiite-led protests since February 2011.

"We have documented how Saudi authorities routinely crack down on online activists who have embraced social media to call out human rights abuses," said Cynthia Wong, HRW's senior Internet researcher. "It seems that authorities may now be hacking into mobile phones, turning digital tools into just another way for the government to intimidate and silence independent voices."

The accusations against the Saudi Government come days after researchers from Kaspersky Lab and Citizen Lab uncovered new details on advanced surveillance tools offered by HackingTeam, including never before seen implants for smartphones running on iOS and Android."

Link to Original Source
top

Hacker Builds Massive Dogecoin Mining Operation With NAS Boxes

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "Researchers at Dell SecureWorks have uncovered a massive Dogecoin mining operation using Synology Network Attached Storage (NAS) boxes.

The operation is believed to have netted a hacker more than $600,000 in the past two months. The situation came to light in February when users began reporting their Synology Network Attached Storage devices were performing poorly and had a high CPU usage. Eventually, an investigation revealed the situation was being caused by malware that had infected the systems.

In a comedic twist, the malware was stored in a folder named 'PWNED.' According to the researchers, a hacker took advantage of vulnerabilities in the DiskStation Manager (DSM), a custom Linux-based operating system for Synology NAS systems. The vulnerabilities allowed the attacker to breach the system and get administrative privileges."

Link to Original Source
top

Clueless About Card Data Hack, PF Chang's Reverts to Imprinting Devices

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "After saying earlier this week that it was investigating reports of a data breach related to payment cards used at its locations, P.F. Chang's China Bistro confirmed on Thursday that credit and debit card data has been stolen from some of its restaurants. What's interesting, and somewhat humorous, is that the company said that it has switched over to manual credit card imprinting systems for all of its restaurants located in the continental United States.

The popular restaurant chain said that on Tuesday, June 10, the United States Secret Services alerted the company about the incident. Admitting that it does not know the extent or current situation and impact of the attack, the company noted in a statement: “All P.F. Chang's China Bistro branded restaurants in the continental U.S. are using manual credit card imprinting devices to handle our credit and debit card transactions,” the company said. “This allows you to use your credit and debit cards safely.”

If it's not obvious, anyone who has visited a P.F. Chang’s and used a payment card in the last several months should monitor their accounts and report any suspected fraudulent activity to their card company."

Link to Original Source
top

Cybercriminals Ramp Up Activity Ahead of 2014 World Cup

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "With the FIFA World Cup 2014 kicking off this week in Brazil, cybercriminals and scammers are working hard to take advantage of visitors to the World Cup in Brazil and those following the world soccer tournament online. In recent months, several security vendors have published advisories about the various scams, phishing and malware operations that target Internet users interested in the World Cup. While individuals from all over the world have been targeted, many of the malicious campaigns focus on Brazil and neighboring South American countries.

While news that cybercriminals are zoning in on a large global event is no surprise, the scale and tactics being used is quite wide in scope, ranging from malware distribution and phishing scams, to fraudulent ticket sales, spam and other promising yet fraudulent schemes.For those visiting Brazil to watch the games in person, the cyber threats also include rogue wireless access points, ATMs rigged with card skimmers and Point-of-Sale malware."

Link to Original Source
top

Target Hires New CISO

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "Target Corp. announced on Tuesday that it has hired Brad Maiorino as senior vice president and chief information security officer (CISO). Maiorino will join the retailer on June 16 and will be responsible for the company's information security and technology risk strategy and report to CIO Bob DeRodes who was hired by the company in April.

Maiorino comes to Target from General Motors (GM) where he was the company’s CISO and information technology risk officer. Prior to GM, Maiorino was the chief information security officer at General Electric."

Link to Original Source
top

New Zeus "Alternative" Emerges in Cybercrime Underground

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "A new banking Trojan being promoted in underground forums as an alternative to the popular and widely used Zeus Trojan has the potential to become a pervasive threat, experts have said.

Called Pandemiya, the new Trojan is similar to Zeus in that it allows cyber-criminals to steal form data, login credentials, and files from infected computers, according to RSA’s Fraud Action team. Much like Zeus, Pandemiya also has a modular design, making it quite easy for cyber-criminals to expand and add functionality, Uri Fleyder, cybercrime research lab manager at the RSA Research Group, told SecurityWeek. What sets Pandemiya apart from all other banking Trojans is the fact that it has been written from scratch without sharing any source code with Zeus, Fleyder said.

The developer behind Pandemiya—or a team of developers—spent "close to a year" developing this latest threat, which has more than 25,000 lines of original C code, according to a RSA Fraud Action blog post on Tuesday.

Pandemiya is currently available at prices ranging from $1,500 for the core application to $2,000 for the core application and additional plugins. This places Pandemiya solidly in the expensive category, considering that Zeus is available for mere hundreds of dollars, Fleyder said. The higher price tag would likely limit Pandemiya's spread and popularity as criminals will be deterred from paying so much for what is fairly standard set of capabilities, he said."

Link to Original Source
top

Microsoft Examines Impact of Global Tech Policy

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "Microsoft has released a new report that aims to show the technology industry and policymakers how technology, economic, and social policy decisions could influence cyberspace in the next 10 years.

In the report, “Cyberspace 2025: Today’s Decisions, Tomorrow’s Terrain”, Microsoft presented three future scenarios that are meant to show governments the relationship between cybersecurity and socio-economic conditions. The potential cyber trends outlined by Microsoft are based on the Cyber 2025 Model, an econometric model that builds on historical data of 80 countries from 1990 through 2012.

“Risks are not just from the commonly recognized sources — such as criminals, malware, or even state-sponsored cyberattacks; they can emerge from policies as well. Societal responses to immigration challenges, education and workforce needs, trade liberalization, as well as international cooperation to resolve cyberconflict, will shape the future of cyberspace for both developed and emerging economies,” Paul Nicholas, senior director at Microsoft Global Security Strategy and Diplomacy, noted in the report.

Earlier this year, a report released by the World Economic Forum during its famous annual meeting, outlined different scenarios for how things could look in 2020 based on the “conceivable value created from innovations in technology” that could be affected by global organizations’ ability to defend against cyber attacks."

Link to Original Source
top

Heartbleed Bug Exploited Over Extensible Authentication Protocol

wiredmikey wiredmikey writes  |  about 3 months ago

wiredmikey (1824622) writes "While most organizations have patched the Heartbleed bug in their OpenSSL installations, a security expert has uncovered new vectors for exploiting the vulnerability, which can impact enterprise wireless networks, Android devices, and other connected devices. Dubbed “Cupid,” the new attack method was recently presented by Portuguese security researcher Luis Grangeia, who debunked theories that Heartbleed could only be exploited over TCP connections, and after the TLS handshake.

Unlike the initial Heartbleed attack, which took place on TLS connections over TCP, the Cupid attack happens on TLS connections over the Extensible Authentication Protocol (EAP), an authentication framework typically used in wireless networks and peer-to-peer connections.

The researcher has confirmed that default installations of wpa_supplicant, hostapd, and freeradius (RADIUS server implementation) can be exploited on Ubuntu if a vulnerable version of OpenSSL is utilized. Mobile devices running Android 4.1.0 and 4.1.1 also use wpa_supplicant to connect to wireless networks, so they’re also affected.

Everything that uses OpenSSL for EAP TLS is susceptible to Cupid attacks. While he hasn’t been able to confirm it, the expert believes iPhones, iPads, OS X, other RADIUS servers besides freeradius, VoIP phones, printers, and various commercial managed wireless solutions could be affected."

Link to Original Source
top

Google Launches Game to Teach XSS Bug Hunting Skills

wiredmikey wiredmikey writes  |  about 3 months ago

wiredmikey (1824622) writes "Google has launched a new game to teach Web application developers how to spot cross-site scripting (XSS) bugs in their code. This game consists of several levels resembling real-world applications which are vulnerable to XSS. The XSS Game, which requires a modern web browser with JavaScript and cookies enabled, is mainly addressed to Web application developers who don’t specialize in security. However, Google believes that while security experts might find the first levels easy, they could also learn a few things.

Cross-site scripting (CSS) can either be persistent or reflected, and cross-site request forgery (CSRF), where attackers use an authenticated session on one Website to perform unauthorized actions on another site, are also especially dangerous.

The XSS Game is not the first security game from Google. Back in 2010, the company released Gruyere, a small web application designed to teach developers how to identify XSS, CSRF, information disclosure, denial-of-service (DoS), and remote code execution vulnerabilities, and how to protect a website against these types of attacks."

Link to Original Source
top

Iranian Hackers Targeted US Officials via Social Media

wiredmikey wiredmikey writes  |  about 3 months ago

wiredmikey (1824622) writes "Iranian threat actors, using more than a dozen fake personas on popular social networking sites, have been running a wide-spanning cyber espionage operation since 2011, according to a new report. The recently uncovered activity, which iSIGHT Partners calls NEWSCASTER, was a “brazen, complex multi-year cyber-espionage that used a low-tech approach to avoid traditional security defenses–exploiting social media and people who are often the ‘weakest link’ in the security chain.”

Using the fake personas, including at least two (falsified) legitimate identities from leading news organizations, and young, attractive women, the attackers were supported by a fictitious news organization and were successful in connecting or victimizing over 2,000 individuals.

Working undetected since 2011, targets included senior U.S. military and diplomatic personnel, congressional personnel, Washington D.C. area journalists, U.S. think tanks, defense contractors in the U.S. and Israel. “Largely this campaign was about credential harvesting and recon,” Stephen Ward of iSIGHT Partners, told SecurityWeek.

The report from iSIGHT Partners, which has not been publicly released, comes roughly two weeks after a report from FireEye, which suggested that Iranian attackers’ methodologies have “grown more consistent with other advanced persistent threat (APT) actors in and around Iran" following cyber attacks against Iran in the late 2000s."

Link to Original Source
top

LulzSec Hacker-FBI Informant Sabu Walks Free

wiredmikey wiredmikey writes  |  about 3 months ago

wiredmikey (1824622) writes "Hector Xavier Monsegur, better known by hacked handle "Sabu", who directed hundreds of cyber attacks on corporations and foreign governments before turning FBI informant walked free Tuesday after being handed a symbolic seven-month sentence.

The original charges could have landed him in prison for decades but the government asked for him to be exempt from even a mandatory minimum sentence given his "extraordinary cooperation."

Before walking out of the US federal court a free man, he told the judge that he would not see him back. "I came a long way I assure you... I am not the same person I was," he said.

In August 2011, Monsegur pleaded guilty to nine counts related to computer hacking, one count of aggravated identity theft, one count of conspiracy to commit bank fraud, and one count related to payment card fraud. He was supposed to be sentenced in August 2012, but the decision has been postponed seven times because of his ongoing collaboration with the government. In addition to helping investigators track down members of the LulzSec hacker group, Monsegur helped law enforcement in preventing cyberattacks. According to FBI estimates, Monsegur helped the agency disrupt or prevent at least 300 separate cyber attacks."

Link to Original Source

Journals

wiredmikey has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>