Samsung Printers Have Hidden Security Risk

http://www.informationweek.com/security/vulnerabilities/samsung-printers-have-hidden-security-ri/240142715

By Mathew J. Schwartz InformationWeek November 28, 2012

Some Samsung printers and Dell-branded printers manufactured by Samsung are vulnerable to being taken over remotely by an attacker.

That warning was made Monday by the U.S. Computer Emergency Readiness Team (CERT), which said that the affected printers “contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility.” In other words, the printers have a hardcoded account in their firmware that can’t be disabled by users. SNMP, or simple network management protocol, is a TCP/IP-based network protocol used to manage and monitor network device configuration.

As a result of the vulnerability, “a remote, unauthenticated attacker could access an affected device with administrative privileges,” according to the CERT information security advisory. “Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information — e.g. device and network information, credentials, and information passed to the printer — and the ability to leverage further attacks through arbitrary code execution.” That means that after accessing the administrator account, attackers could theoretically transform the printer into a malware-spewing attack platform that’s able to target any other network-connected device located inside the same network segment or firewall.

Samsung has acknowledged the vulnerability and promised to release a patch within days. “Samsung is aware of and has resolved the security issue affecting Samsung network printers and multifunction devices. The issue affects devices only when SNMP is enabled, and is resolved by disabling SNMP,” said Samsung spokesman Reuben Staines via email. “We take all matters of security very seriously and we are not aware of any customers who have been affected by this vulnerability. Samsung is committed to releasing updated firmware for all current models by November 30, with all other models receiving an update by the end of the year. However, for customers that are concerned, we encourage them to disable SNMPv1.2 or use the secure SNMPv3 mode until the firmware updates are made.”

[…]

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

gang busted over credit card crime

http://www.smh.com.au/it-pro/security-it/australias-biggest-ever-data-theft-gang-busted-over-credit-card-crime-20121129-2agzy.html

SMH.co.au November 29, 2012

Police have smashed a Romanian organised crime gang that allegedly hacked into the computer systems of small businesses, with credit card details of 30,000 Australians used in $30 million worth of illegal transactions around the world.

An Australian Federal Police and Romanian National Police investigation led to the arrest of 16 gang members this week, and seven people in Romania have been charged.

It is said to be the biggest data theft investigation in Australia’s history.

Computer hackers allegedly got access to the systems of up to 100 Australian small businesses, where the credit card details of about 500,000 people were stored. Advertisement

Police said they had confirmed 30,000 of those details had allegedly been used for $30 million worth of illegal transactions.

[…]

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Arkansas breach due to terminated resident

http://www.clinical-innovation.com/topics/privacy-security/arkansas-breach-due-terminated-resident

By Beth Walsh Clinical Innovation + Technology Nov 27, 2012

The University of Arkansas for Medical Sciences (UAMS) is notifying approximately 1,500 patients of a medical records breach involving a resident physician who was terminated in 2010.

UAMS in Little Rock, Ark., recently discovered that a former resident kept some patient lists and notes regarding patients in violation of UAMS’ policy after leaving facility on June 3, 2010. The documents the resident kept were from January 2010 to June 2010 and contained patient names, partial addresses, medical record numbers, dates of birth, ages, locations of care, dates of service, diagnoses, medications, surgical and other procedure names, as well as lab results, according to a release. No social security, bank account or credit card numbers were included with this information.

UAMS said its HIPAA Office became aware of this incident Oct. 9 when the resident produced the documents during her lawsuit against UAMS regarding her termination from the residency program. On Nov. 7, UAMS became aware that additional documents the resident kept had been provided to UAMS attorneys June 25. The records are now protected by a court order, which prevents them from becoming a public record and will prevent anyone from further using or disclosing the documents.

[…]

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Geek Researcher Spends Three Years Living With Hackers

http://www.wired.com/wiredenterprise/2012/11/coleman/

By Robert McMillan Enterprise Wired.com 11.28.12

When you’re starting off as an anthropologist, you aim is to explore a subculture your peers have yet to uncover, spending years living with the locals and learning their ways.

That’s what Gabriella Coleman did. She went to San Francisco and lived with the hackers.

Coleman, an anthropologist who teaches at McGill University, spent three years living in the Bay Area, studying the community that builds the Debian Linux open source operating system and other hackers — i.e., people who pride themselves on finding new ways to reinvent software. More recently, she’s been peeling away the onion that is the Anonymous movement, a group that hacks as a means of protest — and mischief.

When she moved to San Francisco, she volunteered with the Electronic Frontier Foundation — she believed, correctly, that having an eff.org address would make people more willing to talk to her — and started making the scene. She talked free software over Chinese food at the Bay Area Linux User Group’s monthly meetings upstairs at San Francisco’s Four Seas Restaurant. She marched with geeks demanding the release of Adobe eBooks hacker Dmitry Sklyarov. She learned the culture inside-out.

Now, she’s written a book on her experiences: Coding Freedom: The Ethics and Aesthetics of Hacking. [1] It’s a scholarly work of anthropology that examines the question: What does it mean to be a hacker?

[1] http://www.amazon.com/exec/obidos/ASIN/0691144613/infosecnews-20

[…]

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Channeling the ‘offensive mind-set’ in cybersecurity

http://www.nextgov.com/cybersecurity/cybersecurity-report/2012/11/going-cyber-offensive/59794/

By John Grady Nextgov November 28, 2012

To protect critical networks and national security, the House and Senate are weighing cyber defense legislation and the Obama administration is considering regulations requiring information sharing between government agencies and private businesses. But who should be in charge — even inside the Pentagon — remains a big question in all this dithering.

The answer depends on how you look at cybersecurity: in terms of offense or defense, military or law enforcement. Also, how do you look at cyber strategically, tactically and operationally in the Pentagon, at the Homeland Security Department, FBI, Federal Reserve, and in the civilian realm at places like JP Morgan Chase, Dominion Power and Washington Gas?

“You have to have an offensive mind-set to better focus on defense,” retired Marine Corps Gen. James Cartwright said during a recent appearance at the U.S. Naval Institute. “DoD is in the business of offense. [Yet] we’re still trying to protect everyone’s computer.”

Cartwright said when he was vice commander at U.S. Strategic Command in 2004, the emphasis was on cyber, electromagnetic pulse and directed energy weapons rather than creating a unified cyber command, which was established in 2010. The thinking was clear enough. These weapons expanded the tools available to the president if diplomacy failed.

[…]

______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail