Tag Archives: site

[ISN] Cybersecurity proves to be a necessity for owner of Durham’s Cocoa Cinnamon


http://www.newsobserver.com/2015/01/26/4502592_cybersecurity-proves-to-be-a-necessity.html By Virgina Bridges newsobserver.com January 26, 2015 I could tell that Leon Grodski de Barrera was skeptical when I told him that my list of three things small-business owners should watch in 2015 included cybersecurity. Why would hackers be interested in the likes of his and his wife’s Durham coffee shop Cocoa Cinnamon, he asked, versus larger companies, such as recent high-profile, big company victims, such as Target, Home Depot and Sony? Everything I was reading said that all business owners should be ensuring that they are updating their programs and protecting their systems because 97 percent of companies would be breached. Then I got an email from Grodski de Barrera. “It’s funny,” he wrote. “Someone tried to hack our site, pretty soon after we spoke.” […]

Tags: , , , , , , , , , , ,

[ISN] The tooth gnashing you hear is from Flash users installing a new 0day patch

http://arstechnica.com/security/2015/01/those-teeth-gnashings-you-hear-are-flash-users-installing-a-new-0day-patch/ By Dan Goodin Ars Technica Jan 26 2015 Adobe Systems is once again rolling out an emergency Flash update that patches a critical vulnerability under active attack to compromise the computers of unsuspecting users. The latest Flash versions fix a remote code-execution bug that, as Ars reported last week, recently came under attack in the Angler exploit kit. Malware purveyors and other types of online crooks use such kits to seed compromised websites with attack code. Once people visit the sites with vulnerable computers, the booby-trapped pages surreptitiously exploit the vulnerabilities and install backdoors that can be used to log keystrokes, steal passwords, and install new pieces of malware at will. An advisory Adobe published late last week warned that the bug resides in versions running on Windows, Macs, and Linux systems. So far, reports suggest that in-the-wild exploits are limited only to Windows systems. The vulnerability stems from a so-called use-after-free bug that allows attackers to corrupt the memory of affected computers. Trend Micro has additional technical details here. “A critical vulnerability (CVE-2015-0311) exists in Adobe Flash Player and earlier versions for Windows and Macintosh,” the Adobe advisory stated. “Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.” […]

Tags: , , , , , , , , , , , , , , , , , , ,

[ISN] Spreading the Disease and Selling the Cure

http://krebsonsecurity.com/2015/01/spreading-the-disease-and-selling-the-cure/ By Brian Krebs Krebs on Security January 26, 2015 When Karim Rattani isn’t manning the till at the local Subway franchise in his adopted hometown of Cartersville, Ga., he’s usually tinkering with code. The 21-year-old Pakistani native is the lead programmer for two very different yet complementary online services: One lets people launch powerful attacks that can knock Web sites, businesses and other targets offline for hours at a time; the other is a Web hosting service designed to help companies weather such assaults. Rattani helps run two different “booter” or “stresser” services – grimbooter[dot]com, and restricted-stresser[dot]info. He also works on TheHosted[dot]me, a Web hosting firm marketed to Web sites looking for protection from the very attacks he helps to launch. As part of an ongoing series on booter services, I reached out to Rattani via his Facebook account (which was replete with images linking to fake Youtube sites that foist malicious software disguised as Adobe’s Flash Player plugin). It turns out, the same Google Wallet is used to accept payment for all three services, and that wallet traced back to Rattani. In a Facebook chat, Rattani claimed he doesn’t run the companies, but merely accepts Google Wallet payments for them and then wires the money (minus his cut) to a young man named Danial Rajput — his business partner back in Karachi. Rajput declined to be interviewed for this story. […]

Tags: , , , , , , , , , , , , , , , ,

[ISN] Microsoft Outlook Hacked In China, New Report Finds

http://techcrunch.com/2015/01/19/microsoft-outlook-hacked-in-china-new-report-finds/ By Sarah Perez Techtcrunch 1/19/2015 Only a few weeks after Google’s Gmail service was blocked in China, a new report from online censorship monitoring organization GreatFire.org released this morning states that Microsoft’s email system Outlook was recently subjected to a “man-in-the-middle” attack in China. This is a form of eavesdropping where the attacker inserts himself in between the victims’ connections, relaying messages between them while the victims’ continue believe they have a secure, private connection. Meanwhile, the attacker is able to read all the content they’re sharing. GreatFire.org was able to verify the attack itself, after receiving reports of its existence on January 17. It noted that IMAP and SMTP for Outlook were affected, but the web interfaces for Microsoft’s webmail services were not. (That is, Outlook.com and Login.live.com were not affected). The attack continued for a about a day, and has since stopped, the report states. Affected users were shown warning messages in their email clients that weren’t as immediately worrisome as those web browsers display, which means that some users may not have been aware that an attack was taking place. For example, in an example screenshot GreatFire.org posted, an iPhone warning message says “Cannot Verify Server Identity,” but asks if the user wants to continue anyway. However, when GreatFire.org reproduced the same result via the Firefox web browser, the message the browser offers is far more detailed, saying also that the error could means “that someone is trying to impersonate the site, and you shouldn’t continue.” […]

Tags: , , , , , , , , , , ,

[ISN] A hacked DDoS-on-demand site offers a look into mind of “booter” users

http://arstechnica.com/security/2015/01/a-hacked-ddos-on-demand-site-offers-a-look-into-mind-of-booter-users/ By Sean Gallagher Ars Technica Jan 19, 2015 A leaked database from a hacked denial-of-service site has provided some insight on what sorts of targets individuals will pay to knock offline for a few dollars or bitcoin. And it’s safe to say that a significant percentage of them are not the brightest stars in the sky. To get an idea of who would use such a service and for what purposes, Ars analyzed the data from a recently-hacked DDoS for hire site: LizardSquad’s LizardStresser. “Booter” or “stresser” sites offer users the ability to pay for distributed denial of service attacks against a target, and these sites promise to try to disguise the nature of the attack with the fig leaf of being legitimate load testing sites. That wasn’t so much the case with LizardStresser, the botnet-for-hire set up by the distributed denial of service crew known as LizardSquad. The group used its Christmas week DDoS attacks on Microsoft’s Xbox Live network and Sony’s Playstation Network as a form of advertising for the new service. Since then, attacks on gamers have made up a significant percentage of the LizardStresser’s workload. While more than half of the attacks launched by customers of the service have been against Web servers, a significant portion have targeted individuals or small community gaming servers—including Minecraft servers. Things have not gone all that well for LizardSquad since the launch of LizardStresser. Shortly after the service—which uses a botnet of hacked home and institutional routers—was launched, members of LizardSquad started getting arrested. Last week the LizardStresser server was hacked, its database dumped and posted to Mega by the former operator of the darknet “doxing” site Doxbin. […]

Tags: , , , , , ,

Top 5 Ways Home Users Can Help Protect Themselves from Data Breach

Please note: The following is not an endorsement of the specific referenced products or solutions, these are examples of ways that users can better protect themselves online. The effectiveness of these solutions varies widely. Used in combination with each other can provide significant added protection to your internet usage.

Additional Disclaimer: There is no such thing as 100% secure, so don’t misconstrue or misinterpret this guidance to be some sort of guarantee of safety online. 

Top 5 Home User Protection Measures

1. First and foremost, you must install a NON-FREE Anti-Virus Suite. Prefer anti-virus software that has been tested. The following sites are good for reviewing the test results of Antivirus Detection Rates:

2. Ensure you are using  a Browser Plugin to evaluate the security of websites you go to and if possible use Anti-Spam features of your Anti-Virus software. Some examples of browser plugins are: McAfee Site Advisor, Avira Browser Safety, Norton Browser Protection

3. Load up on some software and system exploit prevention, regularly change your website passwords and select passwords based on website category such as financial, entertainment and miscellaneous. Some examples of Anti-Exploit browser and software protection are: Microsoft EMET, Malwarebytes Anti-Exploit Premium

4. Use a DNS service to help block malicious websites BEFORE your computer has a chance to connect to them. Some examples are

5. The last step is a personal training thing that I advise any user online to do. Treat every single link on a web page as suspicious, never click on emailed links, it is best to browse to the specific website manually without clicking. Never open attachments that you do not first scan with your Anti-Virus software first and never ever open attachments from random people where you are not expecting an attachment. Whenever a web page claims that you must update your software and to “click here” to do so, you should be suspicious of it, unless of course you are purposely browsing to your computer manufacturer’s website, graphics card software website or some official Microsoft or Adobe website for updates to your software.

Tags: , , , , , , , , , , , , , , , , ,

[ISN] NASDAQ Vulnerable to XSS

http://www.infosecnews.org/nasdaq-vulnerable-to-xss/ By William Knowles @c4i Senior Editor InfoSec News January 16, 2015 Bob Greifeld, CEO of The NASDAQ Stock Market explains in a promotional video “that NASDAQ is a technology based company, those businesses that we’re in have a unifying theme that are built upon our technology.” Top technology companies such as Google, Tesla, Amazon, and GoPro to name a few use NASDAQ as their trading exchange. When NASDAQ “goes to a developing market and provide to them our technology, its not just the software code, its all the best practices that have been developed on a global basis that they to integrate into their operations.” With this information in mind, it doesn’t explain why a security researcher named analfabestia was able to discover and report a new XSS (Cross-Site Scripting) vulnerability on NASDAQ.com on January 14, 2015, The sixth such vulnerability in nearly seven years. […]

Tags: , , , , , , , , , , , ,

[ISN] Why Effective Computer Security Means Covering All Your Bases

http://www.eweek.com/security/effective-computer-security-means-covering-all-your-bases.html By David Needle eWEEK.com 2015-01-15 PALO ALTO, Calif. — How safe is your company from malware attacks and security breaches? As the technology and methods behind cyber-attacks are constantly evolving, it’s virtually impossible for any company to accurately say it’s completely safe, but there are steps you can take to minimize threats. Ganesh Krishnan, who runs security at the popular job site and social network LinkedIn, shared some of the lessons he’s learned over a 20-year career in security, including stints at Intel and Yahoo. His “tech talk” was part of a meet-up here this week at online payments firm WePay. The first point he emphasized is that security teams are by definition outnumbered. “There are a lot more hackers than security people. Security has to be everyone’s responsibility,” he said. This maxim extends to both technical and non-technical employees, as both are needed to help defend against a growing range of threats including so-called phishing attacks. Phishers use social engineering, email and social media to gain access to corporate networks. For example, a phisher might contact a relatively low-level employee under false pretense (e.g., pretending to be an authorized outside contractor), guess the employee’s password and get into the network. […]

Tags: , , , , , , , , , ,