Tag Archives: today

[ISN] Home Depot: 56M Cards Impacted, Malware Contained


http://krebsonsecurity.com/2014/09/home-depot-56m-cards-impacted-malware-contained/ By Brian Krebs Krebs on Security Sept 18, 2014 Home Depot said today that cyber criminals armed with custom-built malware stole an estimated 56 million debit and credit card numbers from its customers between April and September 2014. That disclosure officially makes the incident the largest retail card breach on record. The disclosure, the first real information about the damage from a data breach that was initially disclosed on this site Sept. 2, also sought to assure customers that the malware used in the breach has been eliminated from its U.S. and Canadian store networks. “To protect customer data until the malware was eliminated, any terminals identified with malware were taken out of service, and the company quickly put in place other security enhancements,” the company said via press release (PDF). “The hackers’ method of entry has been closed off, the malware has been eliminated from the company’s systems, and the company has rolled out enhanced encryption of payment data to all U.S. stores.” That “enhanced payment protection,” the company said, involves new payment security protection “that locks down payment data through enhanced encryption, which takes raw payment card information and scrambles it to make it unreadable and virtually useless to hackers.” [...]

Tags: , , , , , , , , , , , , ,

[ISN] Federal Cybersecurity Director Found Guilty on Child Porn Charges

http://www.wired.com/2014/08/federal-cybersecurity-director-guilty-child-porn-charges/ By Kim Zetter Threat Level Wired.com 08.26.14 As the acting cybersecurity chief of a federal agency, Timothy DeFoggi should have been well versed in the digital footprints users leave behind online when they visit web sites and download images. But DeFoggi—convicted today in Maryland on three child porn charges including conspiracy to solicit and distribute child porn—must have believed his use of the Tor anonymizing network shielded him from federal investigators. He’s the sixth suspect to make this mistake in Operation Torpedo, an FBI operation that targeted three Tor-based child porn sites and that used controversial methods to unmask anonymized users. But DeFoggi’s conviction is perhaps more surprising than others owing to the fact that he worked at one time as the acting cybersecurity director of the U.S. Department of Health and Human Services. DeFoggi worked for the department from 2008 until January this year. A department official told Business Insider that DeFoggi worked in the office of the assistant secretary for administration as lead IT specialist but a government budget document for the department from this year (.pdf) identifies a Tim DeFoggi as head of OS IT security operations, reporting to the department’s chief information security officer. [...]

Tags: , , , , , , , , , , , , ,

[ISN] Why our lack of understanding on China may be the biggest risk

http://www.csoonline.com/article/2597397/advanced-persistent-threats/why-our-lack-of-understanding-on-china-may-be-the-biggest-risk.html By George V. Hulme CSO Aug 25, 2014 If you don’t understand the capabilities and motivations of your adversaries – you can’t expect to be very successful in managing your relationship with them, negotiating, or defending against their advancements. This is especially true today when it comes to nation-state cyber threats, according to Lt. Col. (ret) William Hagestad II. Hagestad spoke as the opening keynote this week past weekend at the security conference BSides MSP, held just outside of Minneapolis. If your organization doesn’t understand the nature of the information security and intellectual property threats that face enterprises today, and how to defend IT systems, data, and intellectual property – the years upcoming are liable to be very jarring. While Hagestad is a widely known expert on Chinese cyber conflict capabilities, and has written two books on the subject, “21st Century Chinese Cyber Warfare” (2012) and “Operation Middle Kingdom: China’s Use of Computers & Networks as a Weapon System” (2013) – his core message this week is that the U.S.’s lack of understanding of what or who China is and how to deal with the nation may actually be its biggest risk when it comes to the growing power. [...]

Tags: , , , , , , , , , , , , , ,

[ISN] Amazon Expands Its Cloud Services to the U.S. Military

http://www.defenseone.com/technology/2014/08/amazon-expands-its-cloud-services-us-military/92090/ By Frank Konkel Nextgov.com August 21, 2014 Amazon Web Services has become the first commercial cloud provider authorized to handle the Defense Department’s most sensitive unclassified data. Today’s announcement that AWS has achieved a provisional authority to operate under DOD’s cloud security model at impact levels 3-5 is a major win for the company, as it allows DOD customers to provision commercial cloud services for the largest chunks of their data. In technical speak, the provisional ATO granted by the Defense Information Systems Agency means DOD customers can use AWS’ GovCloud – an isolated region entirely for U.S. government customers – through a private connection routed to DOD’s network. DOD customers can now secure AWS cloud services through a variety of contract vehicles. In layman’s terms, AWS is the first company with the ability to take any and all of DOD’s unclassified data to the cloud. [...]

Tags: , , , , , , , , , , , , ,

[ISN] 5 cool new security research breakthroughs

http://www.networkworld.com/article/2466795/security0/5-cool-new-security-research-breakthroughs.html By Bob Brown NetworkWorld Aug 19, 2014 University and vendor researchers are congregating in San Diego this week at USENIX Security ’14 to share the latest findings in security and privacy, and here are 5 that jumped out to me as being particularly interesting. *On the Feasibility of Large-Scale Infections of iOS Devices Georgia Tech researchers acknowledge that large-scale iOS device infections have been few and far between, but they claim weaknesses in the iTunes syncing process, device provisioning process and file storage could leave iPhones, iPads and other Apple products vulnerable to attack via botnets. The bad guys could get to the iOS devices via a compromised computer, they say, to install attacker-signed apps and swipe personal info. The researchers came to their conclusion after examining DNS queries within known botnets. *XRay: Enhancing the Web’s Transparency with Differential Correlation Columbia University researchers introduce XRay, a tool designed to give web users more insight into which of their personal data is being used to target them with ads. The researchers will present at USENIX a prototype of XRay, which has already been posted online as an open source system for others to explore. Initially, the system can be used to explain targeting in Gmail ads, Amazon recommendations and YouTube video suggestions.“Today we have a problem: the web is not transparent. We see XRay as an important first step in exposing how websites are using your personal data,” says Assistant Professor of Computer Science Roxana Geambasu. [...]

Tags: , , , , , , , , , , , , , , , , , ,

[ISN] Target Lowers Forecast on Sales Slump, Canadian Losses

http://www.bloomberg.com/news/2014-08-20/target-lowers-its-forecast-as-sales-slump-canadian-losses-widen.html By Renee Dudley Bloomberg.com Aug 20, 2014 Target Corp. (TGT), still struggling to rebound from last year’s hacker attack, cut its forecast for the year as slumping sales and a money-losing push into Canada take a toll on profit. Target now expects full-year earnings of $3.10 to $3.30 a share, excluding some items, down from a previous forecast of as much as $3.90, according to a statement today. Analysts had predicted $3.44, the average estimate compiled by Bloomberg. The bleaker forecast follows a preliminary earnings report on Aug. 5 that fell short of expectations, signaling that the company’s comeback effort will be slow going. Target has been struggling to boost U.S. traffic, repair its botched Canadian expansion and regain shoppers’ trust after hackers stole millions of customers’ data last year. The retailer hired PepsiCo Inc. (PEP) executive Brian Cornell as its new leader last month, following the ouster of Gregg Steinhafel in May. Target is relying heavily on sales promotions to entice shoppers, but it doesn’t seem to be working, said Brian Yarbrough, an analyst at Edward Jones & Co. in St. Louis. That means Target is squeezing margins without much benefit. [...]

Tags: , , , , , ,

[ISN] Identifying and mitigating healthcare IT security risks

http://healthitsecurity.com/2014/08/19/identifying-and-mitigating-healthcare-it-security-risks/ By Patrick Ouellette Health IT Security August 19, 2014 Being proactive in healthcare IT security means picking out risks before incidents occur, not after the fact. But the challenge is that potential risks are spread across a variety of areas within a healthcare organization. Blair Smith, Ph.D. Dean, Informatics-Management-Technology (IMT) at American Sentinel University, spoke with HealthITSecurity.com about security considerations for healthcare organizations. Smith was a professional IT consultant for a number of years and for the last 15 years was with the University of Phoenix, including the last five as the Dean of Information Systems prior to joining American Sentinel. With heavy experience in disaster recovery planning and said he always considered security a heavy risk area. What are some major security risks within healthcare at the moment? When I look at IT security for healthcare organizations, it’s not that much different from what many other retail or manufacturing organizations in that it’s a prominent topic. The key is to understand and identify areas of risk and potential exposure, and it’s where the HIPAA rules for risk assessment become very important. BYOD, for example, has its risks and benefits but from an industry perspective, the access to data housed [on the device] would be a concern. Similarly, cloud security opens another external pathway for data to possibly be exposed to a number of different risks such as inappropriate data access and loss. As we use more mobile devices, whether it’s a smart phone or tablet, those types of things really present a wide range of issues for security personnel. And what we’re seeing today is more hackers and outside threats bringing exposure and risks to organizations. For example, there’s the subject of single sign on (SSO) and how to have effective security controls while maintaining convenience. The idea is to move beyond prevention security to proactive response technology. How do we quickly mitigate and take care of any exposures. [...]

Tags: , , , , , , , , , , , , , , , , , , , , , ,

[ISN] Gaza and Crimea conflicts could have been predicted by monitoring cyber attacks

http://www.telegraph.co.uk/news/worldnews/middleeast/israel/11034421/Gaza-and-Crimea-conflicts-could-have-been-predicted-by-monitoring-cyber-attacks.html By Harriet Alexander telegraph.co.uk 14 Aug 2014 Surges in cyber attacks could be used as an early warning system to predict conflicts between countries, researchers from an internet security company have found. Before both the recent Gaza conflict and the annexation of Crimea analysts noted a spike in “malware” – malicious software – sending out messages. “We can see the digital equivalent of troops on the border,” said Kevin Thompson, a threat analyst for FireEye – the security company which carried out the research. Many countries are now using malware to both gather intelligence and actively attack targets in hostile countries. “If the US, or Korea, or Japan was about to go to war, you would see a bump in callbacks – it’s just part and parcel of today’s national security undertakings,” said Kenneth Geers, one of the researchers. [...]

Tags: , , , , , , , , , , , , , ,