×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Popular Smartphones Hacked At Mobile Pwn2Own 2014

wiredmikey Re:Physical Access = Game Over (52 comments)

Physical access isn't needed for all these attacks. For example, on the iPhone, all it would take would be to get a user to visit a page hosting the malicious code. It may require some social engineering or a watering hole attack but that's not incredibly difficult.

about two weeks ago
top

Microsoft Word Zero-Day Used in Targeted Attacks

wiredmikey Affects more than Word 2010, Including Mac OS (1 comments)

One important piece not included in my original post, is that while the reported attacks are targeting Microsoft Word 2010, other software products affected by the vulnerability include: Microsoft Word 2003, Microsoft Word 2007, Microsoft Word 2013, Microsoft Word Viewer Microsoft Office for Mac 2011. Fortunately for Windows systems, according to the Microsoft engineers, tests showed that EMET default configuration can block the exploits seen in the wild.

about 8 months ago
top

With HTTPS Everywhere, is Firefox now the most secure mobile browser?

wiredmikey HTTPS Doesn't Make a Browser Secure (2 comments)

While HTTPS is great to have, it does nothing to actually make the Browser itself more secure, it simply protects the data traveling between a web browser and a web server. HTTPS does nothing to protect against other vulnerabilities and exploits that could affect browsers. Yes, HTTPS is good, but it's by no means a silver bullet.

about 10 months ago
top

Target has major credit card breach

wiredmikey Re:Skip the Middleman (2 comments)

Agreed, Brian Krebs who Broke the story should get the credit here and his story is better than the Tribune piece. -=M

about a year ago
top

Dell Bets $16M on Security Firm Invincea

wiredmikey Didn't Wasn't Only Investor (1 comments)

Just a note to clarify this -- While Dell was a lead investor in the $16 million round, it wasn't all from the pockets of Dell Ventures. The total $16m funding round was led by new investors Aeris Capital and Dell Ventures, and existing investors Grotech Ventures, Harbert Ventures, and New Atlantic Ventures participated.

about a year ago
top

New Adobe Reader zero day used in phishing attacks

wiredmikey Adobe Didn't "Confirm" - They Acknowledged Report (1 comments)

Adobe didn't' CONFIRM that latest versions of Reader and Acrobat where affected. While they MAY be, Adobe simply acknowledged the report of a vulnerability and that they were looking into it.

"Adobe is aware of a report of a vulnerability in Adobe Reader and Acrobat XI (11.0.1) and earlier versions being exploited in the wild. We are currently investigating this report and assessing the risk to our customers," the post from Adobe said.

about 2 years ago
top

Russia's New Secure Android Tablet Keeps Data From Google

wiredmikey Should be "Android-like" (1 comments)

I should have actually out "Android-like" or "Almost Android" as the story has it. It's not officially Android but a "slimmed down" version of it. The operating system has all the functional capabilities of an Android operating system but none of its hidden features that send users' private data to Google headquarters, according to the project manager.

more than 2 years ago
top

Lessons In Campus Cybersecurity

wiredmikey Higher Education Institutions Face Greater Risks (1 comments)

This is an interesting topic. As Rod Rasmussen wrote last April, student Internet use is nothing short of the Wild West. Malware, phishing, infrastructure attacks, social network targeting, and peer-to-peer (P2P) information leakage are not potential threats; they’re actual, daily issues. And here’s the scary part: when a student’s computer on a college network is compromised, it’s not just the student who pays the price—legally, so does the institution. The dangers for a university or college network can lurk everywhere from e-mail to the Internet infrastructure itself. Rod explains many of those risks:

http://www.securityweek.com/college-cyber-security-tightrope-higher-education-institutions-face-greater-risks

more than 2 years ago
top

ICS-CERT Warns of Serious Flaws In Tridium SCADA Software

wiredmikey Re:Of course, since it's SCADA... (34 comments)

It's not really SCADA, it's different. SCADA is from Siemens, this is different and the Niagara Framework is used in places beyond big facilities such as power plants and factories. The Niagra framework reaches offices buildings, hospitals, airports and more.

http://www.securityweek.com/niagara-vulnerabilities-put-office-buildings-airports-hospitals-risk

That being said, this warning was originally issued back in July with ICS-CERT not really adding anything new in this warning.

-M

more than 2 years ago
top

ICS-CERT Warns of Serious Flaws in Tridium SCADA Software

wiredmikey Not really new (1 comments)

This alert is actually old and dates back to July. ICS-CERT re-releases things all the time in order to update small things and people see an update, no matter how minor. But mainly the updates often apply to their internal processes though. Here is the original that came out in July: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-195-01.pdf -- It's almost identical.

more than 2 years ago
top

VISA, MasterCard Warn of 'Massive' Breach At Credit Card Processor

wiredmikey Re:Criminal (164 comments)

It's Global Payments, Inc. Will have more info on it shortly!

more than 2 years ago
top

51% Of Internet Traffic Is 'Non-Human'

wiredmikey Interesting, But Likely Skewed Data (1 comments)

There is some interesting data here, and bots and malicious spiders are certainly consuming the web big time, but this study is likely skewed. The survey was done across Incapsula's customer base---which tell me that people who have signed up for their service may have a higher likeliness to be attacked or be the target of hackers. It's people who have paid attention to their site and have likely had more to deal with and are making the extra effort to add a layer of security. So that tells me that quite possibly the results would be skewed to show that these sites are attacked more then the overall average across the entire web. In other words, many of these site have had issues, and have signed up for the service as a result. That's my take. Though there are lots of bots and malicious traffic out there.

more than 2 years ago
top

Google Wasting $16 Billion on Projects Headed Nowhere

wiredmikey All Wasted or Part Innovation and R&D Expense? (2 comments)

I don't agree that this is all waste. It's part of being an innovative and creative company. While many of these projects will "fail" or not be put into any profitable use for a company, there is some value. People learn. New projects and successful profit-making projects do some from these crazy ideas. It's innovation, it's challenging engineers in ways that could help in other areas. It may be a bit of a stretch to compare it to the pharma industry, but in the same fashion, so much R&D is "Wasted " if you measure in terms of drugs that failed to launch or are unsuccessful. But is it a total waste? I don't think so. It's part of pushing a company forward, keeping the culture of innovation and challenging us to tackle all sorts of problems. I am confident that Google isn't "wasting" a full $16 billion.

more than 2 years ago
top

Hackers tear down NASDAQ

wiredmikey DDoS Isn't Hacking, Site is Up (1 comments)

First, the site is online and loading fine. Second, DDoS attacks are different from hacking attacks where one tries to obtain unauthorized access to information or a system. The site was down on Tuesday, but the situation was resolved, at least for now....

more than 2 years ago

Submissions

top

Court Shuts Down Alleged $120M Tech Support Scam

wiredmikey wiredmikey writes  |  about a week ago

wiredmikey (1824622) writes "A federal court has temporarily shut down and frozen the assets of two telemarketing operations accused by the FTC of scamming customers out of more than $120 million by deceptively marketing computer software and tech support services. According to complaints filed by the FTC, since at least 2012, the defendants used software designed to trick consumers into believing there were problems with their computers and then hit them with sales pitches for tech support products and services to fix their machines.

According to the FTC, the scams began with computer software that claimed to improve the security or performance of the customer's computer. Typically, consumers downloaded a free, trial version of the software that would run a computer system scan. The scan always identified numerous errors, whether they existed or not. Consumers were then told that in order to fix the problems they had to purchase the paid version of the software for between $29 and $49. In order to activate the software after the purchase, consumers were then directed to call a toll-free number and connected to telemarketers who tried to sell them unneeded computer repair services and software, according to the FTC complaint. The services could cost as much as $500, the FTC stated."

Link to Original Source
top

Entrepreneur Injects Bitcoin Wallets into Hands

wiredmikey wiredmikey writes  |  about two weeks ago

wiredmikey (1824622) writes "A Dutch entrepreneur has had two microchips containing Bitcoin injected into his hands to help him make contactless payments. The chips, enclosed in a 2mm by 12mm capsule of "biocompatible" glass, were injected using a special syringe and can communicate with devices such as Android smartphones or tablets via NFC.

"What's stored on the microchips should be seen as a savings account rather than a current account," Martijn Wismeijer, co-founder of MrBitcoin said. "The payment device remains the smartphone, but you transfer funds from the chips."

The chips are available on the Internet, sold with a syringe for $99, but Wismeijer suggested individuals should find a specialist to handle the injection to avoid infections."
top

Popular Smartphones Hacked at Mobile Pwn2Own 2014

wiredmikey wiredmikey writes  |  about two weeks ago

wiredmikey (1824622) writes "Researchers have hacked several popular smartphones during the Mobile Pwn2Own 2014 competition that took place alongside the PacSec Applied Security Conference in Tokyo this week.

The competition, organized by HP's Zero Day Initiative (ZDI) targeted the Amazon Fire Phone, iPhone 5s, iPad Mini, BlackBerry Z30, Google Nexus 5 and Nexus 7, Nokia Lumia 1520, and Samsung Galaxy S5.

Using various attacks, some Mobile Pwn2Own 2014 Pwnage Included: Apple's iPhone 5s hacked via the Safari Web browser achieving a full sandbox escape; Samsung's Galaxy S5 hacked multiple times using near-field communications (NFC) attacks; Web browser exploited used to break the Web browser on the Amazon Fire Phone; Partial hacks using a Browser attack against Windows Phone, and a Wi-Fi attack against a Nexus 5, which failed to elevate privileges.

All the exploits were disclosed privately to the affected companies. HP promised to reveal details in the upcoming weeks."

Link to Original Source
top

Home Depot Says Hackers Grabbed 53 Million Email Addresses

wiredmikey wiredmikey writes  |  about three weeks ago

wiredmikey (1824622) writes "Home Depot said on Thursday that hackers managed to access 53 million customer email addresses during the massive breach that was disclosed in September when the retail giant announced that 56 million customer payment cards were compromised in a cyber attack. The files containing the stolen email addresses did not contain passwords, payment card information or other sensitive personal information, the company said. The company also said that the hackers acquired elevated rights that allowed them to navigate portions of Home Depot’s network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada."
Link to Original Source
top

WireLurker Malware Targets Mac OS X, iOS Devices in Single Attack

wiredmikey wiredmikey writes  |  about three weeks ago

wiredmikey (1824622) writes "Researchers have uncovered a new piece of malware dubbed "WireLurker" that can infect even non-jailbroken iOS devices through trojanized and repackaged Mac OS X applications. This first known malware family that can infect installed iOS applications similar to how a traditional virus would, according to Palo Alto Networks.

Currently, the iOS component of WireLurker is only spread through an infected Mac OS X computer via USB and the malware appears to be distributed mostly in China through a popular Apple-related software website called Maiyadi. WireLurker abuses iTunes protocols implemented by the libimobiledevice library to install the malicious apps onto iPhones and iPads. The threat is also the first known piece of malware to automate the generation of malicious iOS programs via binary file replacement, and the first to infect iOS applications similar to a traditional virus.

From May 2014, through September 28, 2014, five different WireLurker files (representing three different versions) were submitted to VirusTotal, and none of the 55 detection engines used by VirusTotal flagged samples as malware, the security firm said.

Palo Alto Networks wrote a Python scrip for Mac OS X systems which can detect known malicious and suspicious files to help spot a WireLurker infection."

Link to Original Source
top

"AirHopper" Malware Uses Radio Signals to Bypass Air Gap Security

wiredmikey wiredmikey writes  |  about a month ago

wiredmikey (1824622) writes "A proof-of-concept malware developed by researchers at the Ben Gurion University in Israel shows that an attacker can transmit sensitive information from isolated computers to nearby mobile phones by using radio signals. Numerous organizations have resorted to what is known as "air gapping" (isolation from the Internet) to secure their most sensitive information. While getting a piece of malware onto isolated computers can be done in various ways, including with removable drives, such as in the case of Stuxnet, the more difficult part is getting malware to remotely transmit sensitive data from the infected computer.

The proof-of-concept malware they have created, dubbed "AirHopper," uses the infected computer's graphics card to emit electromagnetic signals to a nearby mobile phone that's set up to capture the data.

"With appropriate software, compatible radio signals can be produced by a compromised computer, utilizing the electromagnetic radiation associated with the video display adapter," the researchers explained. "This combination, of a transmitter with a widely used mobile receiver, creates a potential covert channel that is not being monitored by ordinary security instrumentation.""

Link to Original Source
top

Hackers Breach White House Network

wiredmikey wiredmikey writes  |  about a month ago

wiredmikey (1824622) writes "The White House's unclassified computer network was recently breached by intruders, a US official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act.

Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems."

Link to Original Source
top

ICANN to Escape US Control in 2015

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "The head of Internet Corporation for Assigned Names and Numbers (ICANN) said on Monday that the group is on course to break free of US oversight late next year. ICANN chief Fadi Chehade expressed his confidence in the move during a press briefing at the opening of the nonprofit organization's meeting this week in Los Angeles.

The timeline for the shift is months rather than years, according to Chehade. While cautioning that there was no strict deadline, he said that substantial progress has been made toward ICANN being answerable to a diverse, global group of "stakeholders" and not the just the US government as has long been the case.

The US government in March of this year announced that it is open to not renewing a contract with ICANN that expires in about 11 months, provided a new oversight system is in place that represents the spectrum of interests and can be counted on to keep the Internet addressing structure reliable."

Link to Original Source
top

Hackers Leap from Dark Basements to World Stage

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "In interesting article explores how the basic culture of hacking has changed over the years. Hackers are shaking off their reputations as nerdy, loner basement dwellers and rebranding themselves on the world stage as members of Internet age tribes with offbeat codes of conduct and capricious goals. Clans of hackers such as Anonymous, LulzSec and Lizard Squad have caused havoc — and made news — in recent years, but the legacy of the online community stretches back decades.

"People think of hackers as non-social people who live in the basement; that is not true at all," said Nico Sell, chief executive of the encrypted messaging service Wickr and the longtime organizer of the DEF CON hacking conference.

Hackers often run in groups but tend to be a giving community — as apt to teach visitors to pick locks or create educational games as they are to hack a major firm's network to prove it is flawed. "You don't have the same posturing you do in other societies, because you are judged on your merits," Sell said.

"The rock stars are the ones who have brought great things to everybody — for free.""

Link to Original Source
top

Kmart Says Its Payment System Was Hacked

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "Kmart is the latest large U.S. retailer to experience a breach of its payment systems, joining a fast growing club dealing successful hack attacks. The company said that on Thursday, Oct. 9, its IT team detected that its payment data systems had been breached, and that debit and credit card numbers appear to have been compromised.

A company spokesperson told SecurityWeek that they are not able to provide a figure on the number of customers impacted. The spokesperson said that based on the forensic investigation to date, no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained by the attackers."

Link to Original Source
top

Symantec to Separate Into Two Companies

wiredmikey wiredmikey writes  |  about a month and a half ago

wiredmikey (1824622) writes "Symantec announced plans on Thursday to split into two separate, publicly traded companies – one focused on security, the other focused on information management. The company's security business generated $4.2 billion in revenue in fiscal year 2014 while its information management business meanwhile hit revenues of $2.5 billion.

"As the security and storage industries continue to change at an accelerating pace, Symantec’s security and IM businesses each face unique market opportunities and challenges," Symantec CEO Michael A. Brown, who officially took over as CEO last month, said in a statement.

Garrett Bekker, senior analyst with 451 Research, called the decision "long overdue." "The company had become too big to manage, and they were having trouble keeping up with the pace of innovation in many areas of security," he told SecurityWeek. "The synergies between storage and security never really emerged, in part because in many firms, particularly large enterprises, they are managed by different internal teams.""

Link to Original Source
top

Hackers Compromised Yahoo Servers Using Shellshock Bug

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "Hackers were able to break into some of Yahoo's servers by exploiting the recently disclosed Shellshock bug over the past few weeks. This may be the first confirmed case of a major company being hit with attacks exploiting the vulnerability in bash.

Contacted by SecurityWeek, a Yahoo spokesperson provided the following statement Monday afternoon: “A security flaw, called Shellshock, that could expose vulnerabilities in many web servers was identified on September 24. As soon as we became aware of the issue, we began patching our systems and have been closely monitoring our network. Last night, we isolated a handful of our impacted servers and at this time we have no evidence of a compromise to user data. We’re focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users’ data.”"

Link to Original Source
top

Project SHINE Shows Magnitude of Internet-connected Critical Control Systems

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "In a two-year study of information about critical control systems directly connected to the Internet, researchers found mining equipment, a surprising number of wind farms, a crematorium, water utilities, and several substations.

Project SHINE (so named after SHodan INtelligence Extraction) harvested data available about SCADA and industrial control system devices which appear to be directly connected to the Internet. The researchers used device search engine SHODAN and all the information was obtained from publicly available sources.

The researchers identified 182 manufacturers who were considered traditional SCADA and control system manufacturers, and built relevant search queries based on those names to find devices. That was a surprise, considering the team expected only a dozen or so manufacturers. In the end, the team sampled about 2.2 million devices during the course of the project.

Researchers have previously used SHODAN to show example of SCADA and other industrial control systems directly connected to the Internet, but there haven't been any large-scale or in-depth effort to map the extent of the problem. The sheer number of devices exposed and the wide geographic area the devices were located were staggering, Radvanosky told SecurityWeek. Radvanosky is expected to share his findings at the 2014 ICS Cyber Security Conference taking place in Atlanta later this month."

Link to Original Source
top

Home Depot Says Breach Affected 56 Million Cards

wiredmikey wiredmikey writes  |  about 2 months ago

wiredmikey (1824622) writes "Home Depot said on Thursday that a data breach affecting its stores across the United States and Canada is estimated to have exposed 56 million customer payment cards between April and September 2014. While previous reports speculated that Home Depot had been hit by a variant of the BlackPOS malware that was used against Target Corp., the malware used in the attack against Home Depot had not been seen previously in other attacks. "Criminals used unique, custom-built malware to evade detection," the company said in a statement.

The home improvement retail giant also that it has completed a “major payment security project” that provides enhanced encryption of payment card data at point of sale in its U.S. stores. The security improvements required writing tens of thousands of lines of new software code and deploying nearly 85,000 new pin pads to its stores.

According to a recent report from Trend Micro, six new pieces of point-of-sale (PoS) malware have been identified so far in 2014. Four of these six variants were discovered between June and August: Backoff, BlackPOS version 2, BrutPoS and Soraya."

Link to Original Source
top

Hackers Demand Automakers Get Serious About Security

wiredmikey wiredmikey writes  |  about 4 months ago

wiredmikey (1824622) writes "In an open letter to Automotive CEOs, a group of security researchers has called on automobile industry executives to implement five security programs to improve car safety and build cyber-security safeguards inside the software systems powering various features in modern cars.

As car automation systems become more sophisticated, they need to be locked down to prevent tampering or unauthorized access. The Five Star Automotive Cyber Safety Program outlined in the letter asked industry executives for safety by design, third-party collaboration, evidence capture, security updates, and segmentation and isolation.

Vehicles are “computers on wheels,” Josh Corman, CTO of Sonatype and a co-founder of I am the Cavalry, the group who penned the letter (PDF. The group aims to bring security researchers together with representatives from non-security fields, such as home automation and consumer electronics, medical devices, transportation, and critical infrastructure, to improve security. Along with releasing the open letter, the group participated in a closed-door session with automobile and medical device representatives in a private meeting in Las Vegas on Tuesday and planned to discuss automotive hacking at DEF CON on Sunday."

Link to Original Source
top

Facebook Acquires Server-focused Security Startup

wiredmikey wiredmikey writes  |  about 4 months ago

wiredmikey (1824622) writes "In a move to bolster the security of its massive global server network, Facebook announced on Thursday it was acquiring PrivateCore, a Palo Alto, California-based cybersecurity startup. PrivateCore describes that its vCage software transparently secures data in use with full memory encryption for any application, any data, anywhere on standard x86 servers.

“I’m really excited that Facebook has entered into an agreement to acquire PrivateCore,” Facebook security chief Joe Sullivan wrote in a post to his own Facebook page. "I believe that PrivateCore's technology and expertise will help support Facebook's mission to help make the world more open and connected, in a secure and trusted way," Sullivan said. "Over time, we plan to deploy PrivateCore's technology directly into the Facebook server stack.""

Link to Original Source
top

Mozilla Dumps Info of 76,000 Developers to Public Web Server

wiredmikey wiredmikey writes  |  about 4 months ago

wiredmikey (1824622) writes "Mozilla warned on Friday that it had mistakenly exposed information on almost 80,000 members of its Mozilla Developer Network (MDN) as a result of a botched data sanitization process. The discovery was made around June 22 by one of Mozilla’s Web developers, Stormy Peters, Director of Developer Relations at Mozilla, said in a security advisory posted to the Mozilla Security Blog on Friday.

“Starting on about June 23, for a period of 30 days, a data sanitization process of the Mozilla Developer Network (MDN) site database had been failing, resulting in the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users on a publicly accessible server,” Peters wrote. According to Peter, the encrypted passwords were salted hashes and they by themselves cannot currently be used to authenticate with the MDN. However, Peters warned that MDN users may be at risk if they reused their original MDN passwords on other non-Mozilla websites or authentication systems."

Link to Original Source
top

Researchers Make Weak Passwords Virtually Uncrackable

wiredmikey wiredmikey writes  |  about 4 months ago

wiredmikey (1824622) writes "A team of researchers at the New York University Polytechnic School of Engineering say they have found a way to help organizations better protect even the weakest of passwords and make them almost impossible to crack.

Using an open-source password protection scheme dubbed PolyPasswordHasher, password information is never stored directly in a database; the information is used to encode a cryptographic "store" that cannot be validated unless a certain number of passwords are entered. In other words, an attacker would need to crack multiple passwords simultaneously in order to verify any single hash.

"PolyPasswordHasher divides secret information—in this case, password hashes—into shares, and just like a puzzle that is meaningless unless the pieces are assembled, no individual password can be validated unless a certain number of them are known and entered," explained Assistant Professor of Computer Science and Engineering Justin Cappos. "Even if the password file and all other information on disk were stolen, an attacker could not verify a single correct password without guessing a large number of them correctly."

Cappos estimated an attacker using a modern laptop could crack at least three six-character passwords in an hour if the computer was checking roughly a billion password hashes per second. With PolyPasswordHasher, the attacker would be required to compute these three passwords at the same time. The researchers estimate that in practice, all 900 million computers on Earth would need to work nonstop for longer than 13 billion years to compute the three passwords at the same time. According to the researchers' paper, the method is conceptually similar to encrypting the passwords with a key that is only recoverable when a threshold of passwords are known."

Link to Original Source
top

Chinese Hackers Infiltrate Firms Using Malware-Laden Handheld Scanners

wiredmikey wiredmikey writes  |  about 5 months ago

wiredmikey (1824622) writes "China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world. According to security firm TrapX, the attack begins at a Chinese company that provides hardware and software for handheld scanners used by shipping and logistics firms worldwide to inventory the items they're handling. The Chinese manufacturer installs the malware on the Windows XP operating systems embedded in the devices.

Experts determined that the threat group targets servers storing corporate financial data, customer data and other sensitive information. A second payload downloaded by the malware then establishes a sophisticated C&C on the company's finance servers, enabling the attackers to exfiltrate the information they're after. The malware used by the Zombie Zero attackers is highly sophisticated and polymorphic, the researchers said. In one attack they observed, 16 of the 48 scanners used by the victim were infected, and the malware managed to penetrate the targeted organization's defenses and gain access to servers on the corporate network.

Interestingly, the C&C is located at the Lanxiang Vocational School, an educational institution said to be involved in the Operation Aurora attacks against Google, and which is physically located only one block away from the scanner manufacturer, TrapX said."

Link to Original Source
top

DHS Mistakenly Releases 840-pages of Critical Infrastructure Documents

wiredmikey wiredmikey writes  |  about 5 months ago

wiredmikey (1824622) writes "Whoops! The U.S. Department of Homeland Security (DHS) has mistakenly released hundreds of documents, some of which contain sensitive information and potentially vulnerable critical infrastructure points across the United States, in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.

The Operation Aurora attack was publicized in 2010 and impacted Google and a number of other high-profile companies. However, DHS responded to the request by releasing more than 800 pages of documents related to the 'Aurora' experiment conducted several years ago at the Idaho National Laboratory, where researchers demonstrated a way to damage a generator via a cyber-attack.

Of the documents released by the DHS, none were related to the Operation Aurora cyber attack as requested. Many of the 840 pages are comprised of old weekly reports from the DHS' Control System Security Program (CSSP) from 2007. Other pages that were released included information about possible examples of facilities that could be vulnerable to attack, such as water plants and gas pipelines.

When contacted by SecurityWeek, the DHS declined to comment about the situation."

Link to Original Source

Journals

wiredmikey has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?