Tag Archives: site

[ISN] JP Morgan denies that system blueprints were stolen in June cyber attack


http://www.computing.co.uk/ctg/news/2369726/jp-morgan-denies-that-system-blueprints-were-stolen-in-june-cyber-attack By Graeme Burton Computing.co.uk 16 Sep 2014 More details have emerged about the attack on banking giant JP Morgan, which saw sensitive banking systems hacked and details about clients and deals apparently transmitted to systems in Russia. The breach occurred in June, but has only recently been disclosed. According to the latest disclosures, the hackers were able to access information about one million customer accounts and also obtained a list of the software applications installed on the bank’s computers. More than 90 of the bank’s servers were affected, and the attackers gained high-level administrative privileges in the systems that they cracked. JP Morgan also claims that its charity website, JP Morgan Corporate Challenge, was attacked with hackers getting login credentials and passwords. However, the bank says that it doesn’t know whether the two attacks are related. Dr Mike Lloyd, chief technology officer at security analytics company RedSeal Networks, suggested that the information accessed by the attackers indicated that they will almost be certainly back again. [...]

Tags: , , , , , , , , , , ,

[ISN] 3 gambling operators indicted for buying NK hacking software

http://www.koreatimes.co.kr/www/news/nation/2014/09/116_164369.html By Lee Kyung-min The Korea Times 2014-09-10 Three men were indicted for buying hacking programs from North Korean agents to use for online gambling, prosecutors said Wednesday. . The programs were allegedly used for the North’s cyber attack against Korean firms and government agencies last year. The three told investigators that they were planning to sell the software to an online betting site operator, who wanted to use it to cheat gamblers. They first came into contact with the Shenyang-based North Korean hackers in April 2011, and paid them 14 million won ($13,658). [...]

Tags: , , , , , , , ,

[ISN] Vulnerability in popular Joomla e-commerce extension puts online shops at risk

http://news.techworld.com/security/3571694/vulnerability-in-popular-joomla-e-commerce-extension-puts-online-shops-at-risk/ By Lucian Constantin Techworld.com 11 September 2014 A critical vulnerability in a popular e-commerce extension for the Joomla content management system allows malicious users to gain super-admin privileges to sites that run the software. The VirtueMart extension, which allows users to set up online shops on their websites, has been downloaded more than 3.5 million times, said Marc-Alexandre Montpas, a researcher at Web security firm Sucuri, in a blog post Wednesday. “With super-admin access, the attacker has full control of the site and database.” The issue was discovered last week and was patched in VirtueMart 2.6.10, released on Sept. 4. The VirtueMart page in the Joomla extensions catalogue advises users that “everyone using a version lower than 2.6.10 should update as soon as possible for security reasons.” Sucuri originally released technical details about the vulnerability, but then removed them at the developer’s request because the issue might also affect other extensions. [...]

Tags: , , , , , , , , , , , , ,

[ISN] Smartphone app tracked govt jets

http://the-japan-news.com/news/article/0001540669 The Yomiuri Shimbun September 03, 2014 A flight-tracking app known as “Flightradar 24” has been revealing flight data of government aircraft online for some time, The Yomiuri Shimbun has learned. Government aircraft, also known as Japanese Air Force One, are used to transport the prime minister and senior government officials for overseas visits. As part of counterterrorism measures, their flight routes are not meant to be disclosed, yet the app had been revealing such flight data. The Defense Ministry, which operates government aircraft, requested the Swedish app provider stop displaying the sensitive information after the fact was pointed out by The Yomiuri Shimbun in early August. A company official replied that necessary measures were taken not to reveal the government aircraft. According to the app provider, its “Flightradar 24” live air traffic tracker site became available in 2006, with its smartphone version priced at ¥300. [...]

Tags: , , , , , ,

[ISN] HealthCare.gov Server Compromised by Hackers

http://www.infosecnews.org/healthcare-gov-server-compromised-by-hackers/ By William Knowles @c4i Senior Editor InfoSec News September 5, 2014 Unknown hackers breached a test server with malware on a Health and Human Services (HHS) site that supports the Obamacare insurance website HealthCare.gov The commonplace malware was designed to launch “denial of service” attacks against other websites, HHS said, and there is no evidence any consumers’ personal information was sent to any external IP address. The attack did not appear to directly target HealthCare.gov, and the server that was targeted did not contain any consumers’ personal information. The Wall Street Journal reports that the server was connected to more sensitive parts of the website that had better security protections, the officials said. That means it would have been possible, if difficult, for the intruder to move through the network and try to view more protected information, an official at the Department of Health and Human Services said. There is no indication that happened, and investigators suspect the hacker didn’t intend to target a HealthCare.gov server. [...]

Tags: , , , , , , , , , ,

[ISN] Over 90% Of Cloud Services Used In Healthcare Pose Medium To High Security Risk

http://www.forbes.com/sites/danmunro/2014/09/01/over-90-of-cloud-services-used-in-healthcare-pose-medium-to-high-security-risk/ By Dan Munro Forbes.com 9/01/2014 According to cloud security vendor Skyhigh Networks, more than 13% of cloud services used in healthcare are high‒risk and 77% are medium risk ‒ as measured across 54 different security attributes (like data encryption and “two factor” authentication). As if to add emphasis to this exact point, risqué celebrity photos were hacked over the weekend in what is being rumored as a potentially broader attack on Apple’s iCloud service (specifically the Photo Stream feature). While cloud vendors have a general responsibility to encrypt data at rest and offer two‒factor authentication (iCloud does), they can’t really dictate the use of important safety measures ‒ especially on the retail/consumer side. In the case of two-factor authentication, it’s an extra, somewhat annoying step and the risks are often thought to be vague or low for casual consumer data. As a gentle reminder, if you haven’t read Mat Honan’s account of how he lost his digital life in one hour (August 2012 Wired), now would be a good time to get that chilling refresher. Which also underscores healthcare’s broader dilemma. On the one hand, cloud services can offer advanced technical solutions at an attractive price compared to on-premise hardware and software, but issues of privacy and security are also very different for healthcare. Recent statistics from Skyhigh Networks also serve to emphasize these concerns. [...]

Tags: , , , , , , , , , , , , , , ,

[ISN] Reconnaissance code on industrial software site points to watering hole attack

http://news.techworld.com/security/3542635/reconnaissance-code-on-industrial-software-site-points-to-watering-hole-attack/ By Lucian Constantin Techworld.com 01 September 2014 Attackers have rigged the website of an industrial software firm with a sophisticated reconnaissance tool, possibly in preparation for attacks against companies from several industries. The incident was detected last week by researchers from security firm AlienVault who found rogue code injected into the website of a big industrial company that wasn’t named. “The website is related to software used for simulation and system engineering in a wide range of industries, including automotive, aerospace, and manufacturing,” said Jaime Blasco, director of the AlienVault Labs in a blog post. Unlike most watering hole attacks where hackers inject malware-carrying exploits into websites visited by their intended targets, the purpose of this attack was only to gain detailed information about visiting computers. The rogue code injected into the compromised site loaded a JavaScript file from a remote server that was actually a reconnaissance framework dubbed Scanbox, Blasco said. In addition to collecting basic information like the browser type, computer IP (Internet Protocol) address, operating system and language, this tool uses advanced techniques to detect which security programs are installed on the visitor’s system, he said. [...]

Tags: , , , , , , , , , , , , , ,

[ISN] Google goes public with security audits to ease corporate concerns

http://www.cnet.com/news/google-goes-public-with-security-audits-to-assuage-enterprise-concerns/ By Seth Rosenblatt @sethr Security CNet News August 27, 2014 Google is taking unprecedented steps to show its cloud, business, and education customers that data protection is its top priority. To prove its commitment, Google is making the details of an independent security audit and of a security compliance certificate available to the public for the first time on its Google Enterprise security site. The SOC 3 Type II audit report and updated ISO 27001 certificate denote security approval for Google Apps for Business, Google Apps for Education, and Google Cloud Platform. Security and data centers are both big business. Google currently employs more than 450 full-time security engineers, and a Gartner study projects that companies will spend nearly 8 percent more on security this year than they did last year. The SOC 3 report and the ISO certificate that Google made public are widely accepted, internationally recognized security compliance standards. The SOC 3 is essentially a shorter report from the same audit as the longer SOC 2, while the ISO certification covers organizational and logical security. [...]

Tags: , , , , , , , , , , , , ,