Tag Archives: site

[ISN] Bloody June: What’s behind last month’s DDoS attacks?


http://www.networkworld.com/article/2449855/security0/bloody-june-what-s-behind-last-month-s-ddos-attacks.html By Jon Gold Follow NetworkWorld July 7, 2014 The list of DDoS attacks in the month of June has made for grim reading. High-profile sites have been targeted by extortion demands, online games got disrupted and at least one company was put out of business as a direct result. While it’s tempting to look for a single cause at the root of this apparent tsunami of distributed denial-of-service activity, the reality is considerably more complex. Online activism, the profit motive and even potential nation-state activity contributed to June’s high volume of DDoS attacks. The only commonality, in fact, may be the ease with which DDoS attacks can be launched. Experts like Molly Sauter, an academic and author of the forthcoming book The Coming Swarm, say that the process is childishly simple. “Literally, if you have a credit card and if you’re bored, it could be anyone,” Sauter told Network World. “It’s so easy to rent a botnet – most of them are out of Russia – and you can rent one for stupid cheap, and then deploy it for a couple of hours, and that’s really all you need to target a major site like Feedly or Evernote.” [...]

Tags: , , , , , , , , , , ,

[ISN] PF Chang’s says breach was ‘highly sophisticated criminal operation’

http://www.computerworld.com/s/article/9249540/PF_Chang_39_s_says_breach_was_39_highly_sophisticated_criminal_operation_39_ By Martyn Williams IDG News Service July 2, 2014 Restaurant chain P.F. Chang’s China Bistro says the theft of credit and debit card information from some of its restaurants earlier this year was “part of a highly sophisticated criminal operation.” But the chain, which only discovered the breach after a large batch of card numbers were offered on an Internet forum, said it’s still working with the U.S. Secret Service and forensic experts to determine exactly what happened. “We continue to make progress in our investigation into the recent security compromise that affected P.F. Chang’s,” said Rick Federico, CEO of PF Chang’s, in a statement posted Tuesday on the company’s website. “We will continue sharing important details once they have been confirmed by a team of third-party forensic experts.” The statement was the first update issued by the company in three weeks and didn’t add much additional information to what was already known: that an attack apparently hit the point-of-sale systems in the company’s restaurants and sucked up card numbers used between March and May of this year. [...]

Tags: , , , , , , , , , , , ,

[ISN] How Companies Can Rebuild Trust After A Security Breach

http://www.forbes.com/sites/katevinton/2014/07/01/how-companies-can-rebuild-trust-after-a-security-breach/ By Kate Vinton Forbes Staff July 1. 2014 “It’s not a question of if you will be hacked, but when,” says cybersecurity expert Joe Adams. This is bad news for companies, not only because of security risks, but also because data breaches have a significant and measurable impact on customers’ trust and spending habits, according to a study released Monday. The good news? Customers, who are generally not concerned about security until a breach happens, are looking for transparency and timely responses to breaches, something companies can provide with enough preparation and foresight. Interactions, a customer experience marketing group, released a study Monday called “Retail’s Reality: Shopping Behavior After Security Breaches.” Using the same sampling as the 2010 U.S. Census, the study looks at how security breaches impact customers’ shopping habits. Forty-four percent of survey respondents had been the victim of a data breach. A higher 60% of Millennials had had their data stolen, likely because these 18 to 24-year-olds are much more likely to share their information online and sign up for retail credit cards, according to DeMeo, Vice President of Global Marketing and Analytics at Interactions. Trust for retail is low, with 45% of shoppers saying they don’t trust retailers to keep their information safe. After a security breach, 12% of loyal shoppers stop shopping at that retailer, and 36% shop at the retailer less frequently. For those who continue to shop, 79% are more likely to use cash instead of credit cards. According to DeMeo, shoppers who use cash statistically spend less money, hurting the company. Indeed, 26% say they will knowingly spend less than before. All this paints a concerning picture for retailers looking to both keep their company secure and minimize the negative impact of a security breach if

Tags: , , , , , , , , , , , , , , , , , , , , , ,

[ISN] DoD 8570 InfoSec Training and Compliance Vendors Vulnerable to XSS

http://www.infosecnews.org/dod-8570-1-infosec-training-and-compliance-vendors-vulnerable-to-xss/ By William Knowles @c4i Senior Editor InfoSec News July 1, 2014 XSSposed (XSS exposed) is reporting that the Web sites of both the InfoSec Institute and the EC-Council are vulnerable to a Cross-site scripting (XSS) attack. Cross-Site Scripting (XSS) inserts specially crafted data into existing applications through Web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a modification to a browser script, to a different end user. XSS attacks often lead to bypass of access controls, unauthorized access, and disclosure of privileged or confidential information. Cross-site scripting attacks are listed as the number three vulnerability on the OWASP Top 10 list for 2013. According to XSSposed, the InfoSec Institute has not one, two, three, four, five, six, but SEVEN XSS vulnerabilities discovered this week. This most recent XSS vulnerability to the EC-Council is to their portal page where their customers sign in. This is not the only XSS vulnerability to their site, The Hacker News reported one back in 2011 and Rafay Baloch and Deepanker Arora discovered another in 2013. In a previous Web defacement statement the “EC-Council takes the privacy and confidentiality of their customers very seriously.” Regardless, the EC-Council Web site was compromised three times during a single week in February 2014. Since the breach, EC Council has neither confirmed nor denied allegations that the attacker exfiltrated thousands of passports, drivers. licenses, government and military Common Access Cards (CACs). [...]

Tags: , , , , , , , , , , , , , , , ,

[ISN] What If Oil Companies Apply The Same Tactics For Cybersecurity To Safety?

http://www.forbes.com/sites/lorensteffy/2014/06/30/what-if-oil-companies-apply-the-same-tactics-for-cybersecurity-to-safety/ By Loren Steffy Forbes.com 6/30/2014 The American Petroleum Institute is working with several large U.S. oil companies to assemble a team of cybersecurity specialists that would help identify and prevent malicious software attacks against the computers that control the country’s energy infrastructure. Led by an executive for Dallas-based Hunt Oil, the group will serve as a clearinghouse of sorts for threats to automated systems. By improving communication among oil companies, the group, known as the Oil and Natural Gas Information Sharing and Analysis Center, hopes to get companies working together to thwart attacks that could cripple offshore rigs, refineries, pipelines and other equipment. The approach makes a lot of sense. After all, the potential for hackers to target energy company computer systems poses a mutual threat that is best addressed when companies combine their efforts. The oil and gas industry has shown remarkable solidarity when it comes to addressing what it perceives as a common outside threat, whether it comes from hackers or new regulations the industry considers onerous. It’s been far less willing, however, to take such a collaborative approach to confront threats from within its own ranks. [...]

Tags: , , , , , , , , , , , , , , , , , ,

[ISN] Leaked: 10 Months Of The Houston Astros’ Internal Trade Talks

http://deadspin.com/leaked-10-months-of-the-houston-astros-internal-trade-1597951970 By Barry Petchesky Deadspin.com 6/30/2014 Two years ago, the Houston Astros constructed “Ground Control”—a built-from-scratch online database for the private use of the Astros front office. It is by all accounts a marvel, an easy-to-use interface giving executives instant access to player statistics, video, and communications with other front offices around baseball. All it needs, apparently, is a little better password protection. Documents purportedly taken from Ground Control and showing 10 months’ worth of the Astros’ internal trade chatter have been posted online at Anonbin, a site where users can anonymously share hacked or leaked information. Found below, they contain the Astros front office’s communications regarding trade overtures to and from other teams, as well as negotiations—a few of which actually led to trades. You will find heavy efforts to get a big haul for Bud Norris at last year’s trade deadline (before settling for very little), pushes to acquire touted young talents like Dylan Bundy and Gregory Polanco, and even evidence the Astros rejected out of hand a blockbuster deal that could have brought them Giancarlo Stanton. > From a strict baseball perspective, all of this is really interesting > just for the insight it offers into how baseball trades work on an operational level. As it turns out, it really isn’t too different from your fantasy league, with front office types kicking around ideas, making preposterous demands, gossiping, and discussing various contingencies. If this happens, we’ll be looking to do this, but then if this other thing happens, we’ll be looking to do this. All of it is worth running through, but a few of the highlights are as follows: [...]

Tags: , , , , , , , , ,

[ISN] This Site Shows Who Is Hacking Whom Right Now — And The US Is Getting Hammered

http://www.businessinsider.com/norse-hacking-map-shows-us-getting-hammered-2014-6 By Jeremy Bender Business Insider June 26, 2014 U.S.-based computer security firm Norse has released a real-time animated map that illustrates ongoing cyberattacks around the world. Without a doubt, the U.S. is getting constantly hammered by hackers. In just 45 minutes, the U.S. was the victim of 5,840 cyberattacks. Within that span of time, the U.S. suffered from 27 times more cyberattacks than Thailand, the second most targeted country. Thailand was the target of only 220 cyber attacks during these 45 minutes. The Norse map does not represent all hacking attempts in the world. Instead, according to Smithsonian Magazine, the map relies on a Norse honeypot network — a network purposefully designed to detect hacking — to provide a representative snapshot of global hacking attempts. [...]

Tags: , , , , , , , ,

[ISN] Third-Party Service Providers Scrutinized After SEA’s Reuters Hack

http://www.eweek.com/security/third-party-service-providers-scrutinized-after-seas-reuters-hack.html By Robert Lemos eWEEK.com 2014-06-25 One content provider’s lapse in spotting the odd behavior of privileged users allowed the Syrian Electronic Army cyber-propaganda group to deface Reuters.com. As popular cyber-attack targets continue to make progress in locking down access to their networks and data, attackers searching for other ways to compromise their targets have increasingly focused on another weak point—third-party suppliers and contractors. On June 23, hackers from the propaganda group known as the Syrian Electronic Army redirected visitors to some Reuters articles to a defacement page that berated the news organizations for “fake reports and false articles about Syria.” The attackers did not breach Reuters network, however, but modified a content widget provided by Taboola, which normally allows media sites to monetize their page views. The SEA fooled one company employee, which the firm refers to as a “user,” into giving up their password and then used the access to Taboola’s Backstage platform to change the header in the Reuters widget, the company said in an analysis of the attack. [...]

Tags: , , , , , , , , , , ,