Tag Archives: site

[ISN] Accused Russian hacker faces new charges in the US


http://rapsinews.com/judicial_news/20141010/272331353.html Russian Legal Information Agency 10/10/2014 MOSCOW, October 10 (RAPSI) – An additional 11 cyber fraud charges will be brought against Russian national Roman Seleznev on October 16 in Seattle, spokeswoman for Washington’s Western District attorney Emily Langley told RIA Novosti on Friday. A pretrial hearing on Seleznev’s case is scheduled for November 3. Langley could not say how the additional charges might influence the sentence if Seleznev is found guilty. “The potential prison term is impacted by a number of things,” she explained. ” the number of counts or the maximum penalties they carry. The characteristics of the crime and of the individual defendant are factors considered by the judge at sentencing.” She added that at this point Seleznev has not been convicted of anything so it is premature to make assumptions about the sentence. An additional 11 counts were added to the previous 29 counts, the US Department of Justice announced yesterday. Moscow-born Roman Seleznev, 30, the son of Liberal Democratic Party State Duma lawmaker Valery Seleznev, has been charged with hacking into retail cash register systems to install malicious software to steal credit card numbers, and with operating servers and international carding forum websites to facilitate the theft and sale of stolen credit card data. He was arrested in the Maldive Islands and taken to Guam, an unincorporated US territory in the western Pacific. [...]

Tags: , , , , , , , , , , , , , , ,

[ISN] An inside look at Russian cybercriminals

http://www.csoonline.com/article/2692415/data-protection/an-inside-look-at-russian-cybercriminals.html By Antone Gonsalves CSO Oct 8, 2014 A detailed look at Russian cybercriminals focused on accessing online banking accounts reveals an effective hidden system for spreading malware through compromised websites. The criminal operation, described in a report released Tuesday by email security company Proofpoint, has infected 500,000 mostly U.S.-based PCs with malware capable of recording transactions and stealing credentials. Nearly 60 percent of the operation involves accounts at five of the largest U.S. banks. “They are sophisticated when it comes to financially motivated attackers,” Wayne Huang, lead researcher for Proofpoint, said. The criminal group’s steps to remain under the radar of security researchers start at underground forums where the hackers purchase lists of administrator logins for WordPress sites. [...]

Tags: , , , , , , , , , ,

[ISN] The Security Setup – HD Moore

http://www.thesecuritysetup.com/home/2014/10/1/hd-moore [Interesting website I found while following someone else who was profiled earlier, Uri with @redteamsblog, the idea here is 'what setup do folks in security use to attack, defend, build, break, hack, crack, secure, etc.' which should make for some interesting reading. - WK] H D Moore OCTOBER 1, 2014 Who are you, and what do you do? My name is H D Moore (since the day I was born, it doesn’t stand for anything). I am a security researcher and the chief research officer for Rapid7. Some folks may be familiar with my work on Metasploit, but these days I also spend a lot of time scanning the internet as part of Project Sonar. My servers send friendly greetings to your servers at least once a week. Howdy! What hardware & operating systems do you use? Lots. My normal workload involves crunching a billion records at a time, running a dozen different operating systems, and still handling corporate stuff via Outlook and PowerPoint. As of 2009, I finally made the switch to Windows as my primary OS after being a die-hard Linux user since 1995. That doesn’t mean that I use Windows itself all that much, but I find it to be a useful environment to run virtual machines and access the rest of my hardware with SSH and X11. The tipping point was the need to quickly respond to corporate email and edit Office documents without using a dedicated virtual machine or mangling the contents in the process. The second benefit to using Windows is on the laptop front; Suspend, resume, and full hardware support don’t involve weeks of tuning just to have a portable machine. Finally, I tend to play a lot of video games as well, which work best on overspecced Windows hardware. All that said, Windows as productivity platform isn’t great, and almost all of my real work occurs in web browsers (Chrome), virtual machines (VMWare for Intel/AMD64 and QEmu for RISC), and SSH-forwarded XFCE4 tabbed-terminals. The laptop I currently use started life as a banged up ASUS ROG G750 (17″) bought as the display model from a Best Buy. The drives, video card, and memory were swapped out bringing the total specs up to 32Gb RAM, a 512Gb SSD boot disk, a 1Tb backup disk, and a GeForce GTX 770 GPU. This runs the most loathed operating system of all, Windows 8.1 (Update 1) Enterprise, but it has a huge screen, was relatively cheap, and can run my development virtual machines without falling over. It also runs Borderlands2 and Skyrim at maximum settings, critical features for any mobile system. Given that the total cost was under $1,500, it is a great machine for working on the road and blocking automatic weapons fire (as its weighs about 20 Lbs with accessories). I carry this beast around in a converted ammunition bag, sans the grenade pouches. [...]

Tags: , , , , , , , , , , , , , , , , , , , , , , , ,

[ISN] ‘Anonymous’ hacker group declares cyber war on Hong Kong government, police

http://www.scmp.com/news/hong-kong/article/1607579/anonymous-hacker-group-declares-cyber-war-hong-kong By Jeremy Blum scmp.com 02 October, 2014 Hacker group Anonymous has declared war on the Hong Kong government and hacked into a number of Hong Kong websites, citing the treatment of protesters during Occupy Central as the main impetus for the attack. In a video sent to American news portal News2share on Wednesday, Anonymous compares the tear gas and pepper spray used by Hong Kong riot police on Occupy Central protesters to American police tactics used in Ferguson, Missouri earlier this year. The group also threatens to disclose personal information and deface multiple Hong Kong websites over the coming days. Due to the nebulous nature of Anonymous, it is almost impossible to verify the extent of the attacks and the locations and identities of the hackers behind them. [...]

Tags: , , , , , , , ,

[ISN] THOTCON 0x6 – Chicago’s Hacking Conference – Ticket Sales and CFP Opens 10.01.2014

Forwarded from: THOTCON NFP *************************************************************************** ***BEGIN THOTCON TRANSMISSION********************************************** Greetings InfoSec News Readers What: THOTCON 0x6 – Chicago’s Hacking Conference When: 05.14-15.15 Where: TOP_SECRET / совершенно секретно / 絕密 Tickets: Tickets on Sale 10.01.2014 Call For Papers: CFP Opens 10.01.2014 T-Shirt Contest: Open! Hacker Brew Contest: Registration Opens 10.01.2014 B3 S0c14l: LinkedIn http://www.linkedin.com/groups?mostPopular=&gid=3218013 Twitter http://twitter.com/THOTCON IRC/freenode/#THOTCON ************************************************************ THOTCON (pronounced ˈthȯt and taken from THree – One – Two) is a small venue hacking conference based in Chicago IL, USA. This is a non-profit, non-commercial event looking to provide the best conference possible on a very limited budget. Once you attend a THOTCON event, you will have experienced one of the best information security conference experiences combined with a uniquely casual and social experience. THOTCON 0x6 is the sixth incarnation of this event and will be held on Thursday and Friday May 14-15, 2015. It will be held at a location only to be disclosed to attendees and speakers during the week before the event. For more information, explore this site or contact us at info (at) thotcon.org. http://thotcon.org/ ***END THOTCON TRANSMISSION************************************************ ***************************************************************************

Tags: , , , , ,

[ISN] DDoS Attacks Target Online Gaming Sites, Enterprises

http://www.eweek.com/small-business/ddos-attacks-target-online-gaming-sites-enterprises.html By Nathan Eddy eWEEK.com 2014-09-26 DDoS traffic volume was up overall with a third peaking at over 500M bps and more than five percent reaching up to 4G bps, according to NSFOCUS. A continuing trend of distributed denial-of-service (DDoS) attacks that are short in duration and repeated frequently has been revealed by the NSFOCUS 2014 Mid-Year Threat report. In parallel, high-volume and high-rate distributed denial of service (DDoS) attacks were on the upswing in the first half of 2014. DDoS traffic volume was up overall with one-third peaking at more than 500M bps and more than five percent reaching up to 4G bps. In addition, findings showed that over 50 percent DDoS attacks were above 0.2M pps (packets per second)in the first half of 2014, increasing from around 16 percent. More than 2 percent of DDoS attacks were launched at a rate of over 3.2M pps, according to the report. [...]

Tags: , , , , , , ,

[ISN] Concern over Bash vulnerability grows as exploit reported “in the wild” [Updated]

http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/ By Sean Gallagher Ars Technica Sept 25, 2014 The vulnerability reported in the GNU Bourne Again Shell (Bash) yesterday, dubbed “Shellshock,” may already have been exploited in the wild to take over Web servers as part of a botnet. More security experts are now weighing in on the severity of the bug, expressing fears that it could be used for an Internet “worm” to exploit large numbers of public Web servers. And the initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry. A second vulnerability in Bash allows for an attacker to overwrite files on the targeted system. Update: The vulnerability was addressed by the maintainer of Bash, Chet Ramey, in an email to the Open Source Software Security (oss-sec) mailing list. An unofficial patch that fixes the problem has been developed, but there is as of yet no official patch that completely addresses both vulnerabilities. In a blog post yesterday, Robert Graham of Errata Security noted that someone is already using a massive Internet scan to locate vulnerable servers for attack. In a brief scan, he found over 3,000 servers that were vulnerable “just on port 80″—the Internet Protocol port used for normal Web Hypertext Transfer Protocol (HTTP) requests. And his scan broke after a short period, meaning that there could be vast numbers of other servers vulnerable. A Google search by Ars using advanced search parameters yielded over two billion webpages that at least partially fit the profile for the Shellshock exploit. “It’s things like CGI scripts that are vulnerable, deep within a website (like CPanel’s /cgi-sys/defaultwebpage.cgi),” Graham wrote. CPanel is a Web server control panel system used by many Web hosting providers. “Getting just the root page is the thing least likely to be vulnerable. Spidering the site and testing well-known CGI scripts (like the CPanel one) would give a lot more results—at least 10x.” [...]

Tags: , , , , , , , , , , , , , , ,

[ISN] Israel ramps up cyber defense with new national body

http://www.timesofisrael.com/israel-ramps-up-cyber-defense-with-new-national-body/ By David Shamah The Times of Israel September 21, 2014 Israel is stepping up its cyber-defense efforts. The government on Sunday announced establishment of a new cyber-defense authority to coordinate cyber-security efforts among government, industry, and the civilian sectors. Just last year, it set up the National Cyber Bureau and the two steps show that the nation is taking cyber threats seriously, now that it’s a favorite target for politically motivated hackers Heading the new effort will be the National Cyber Bureau head, Dr. Eviatar Matania, who will be given “the authority to defend the civilian sphere from cyber threats and will constitute an operative agency that will act alongside the National Cyber Bureau, which will continue to build and maintain the State of Israel’s national strength as an international leader in the field,” Prime Minister Benjamin Netanyahu’s office said in a statement. Experts say Israel is the target of almost daily attacks, especially denial of service (DDOS), in which hackers try to flood a site with messages to paralyze it. Israeli cyber-security arms have been so effective in blocking the attacks that most never even cross the threshold of public awareness. Such attacks multiplied during the summer war against Hamas terrorists in Gaza, but none caused significant damage. The announcement of the new body comes just a week after a major international event on cyber-security, sponsored by Tel Aviv University’s Cyber Research Center (ICRC). Dozens of cyber-security officials and experts gathered to discuss the latest on-line threats and how to defend against them. [...]

Tags: , , , , , , , , , , , , , , , , , ,