Security and high profile sites get 'pwned'

Nigerian scams, chain letters, pyramid schemes and anything not auction related.
Post Reply
User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security sites get 'pwned' + PRISM + GCSB bill

Post by digidog » Thu Dec 05, 2013 5:19 am

It was a botnet based in the Netherlands - a derivative of the Pony malware. It appears to mainly concentrate on Russian-speaking sites and services.

http://www.theregister.co.uk/2013/12/04 ... attackers/" onclick="window.open(this.href);return false;

Image
http://thehackernews.com/2013/12/two-mi ... itter.html" onclick="window.open(this.href);return false;

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Today We Have -- JPMorgan Chase & Co

Post by Foggyone » Thu Dec 05, 2013 6:56 am

JPMorgan warns 465,000 card users on data loss after cyber attack
NEW YORK/BOSTON (Reuters) - JPMorgan Chase & Co is warning some 465,000 holders of prepaid cash cards issued by the bank that their personal information may have been accessed by hackers who attacked its network in July.

The cards were issued for corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits.

JPMorgan said on Wednesday it detected that its web servers used by its site http://www.ucard.chase.com" onclick="window.open(this.href);return false; had been breached in the middle of September. It then fixed the issue and reported it to law enforcement.
So, to recap. Breach happened in July. Found out about it September.

And what are they fessing up to what was stolen. The usual PR speak announcement says (written by PR & lawyers)
The bank typically keeps the personal information of its customers encrypted, or scrambled, as a security precaution. However, during the course of the breach, personal data belonging to those customers had temporarily appeared in plain text in files the computers use to log activity.

The bank believes "a small amount" of data was taken, but not critical personal information such as social security numbers, birth dates and email addresses.

Cyber criminals covet such data because it can be used to open bank accounts, obtain credit cards and engage in identity theft. Many states require banks to notify customers if they believe there is any chance that such information may have been taken in a breach.
This outfit is meant to be a top financial company. Looks more like purveyor of swiss cheese!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Have You Been PWNed?

Post by Foggyone » Fri Dec 06, 2013 5:56 pm

Website lets users find if personal data is exposed in large data leaks
A new website allows Internet users to check if their usernames and passwords were exposed in some of the largest data breaches in recent years.

The site is called haveibeenpwned.com and was created by Australian software architect Troy Hunt. It allows users to check if their email addresses are present in user databases leaked from Adobe Systems this year, Yahoo in 2012, Sony and Stratfor in 2011 and Gawker in 2010.
Check - Have you been pwned?
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Fried Frogs!

Post by Foggyone » Tue Dec 10, 2013 6:21 pm

French gov used fake Google certificate to read its workers' traffic
A French government agency has been caught signing SSL certificates and impersonating Google.

The bogus certificates were endorsed by the certificate authority of the French Treasury, DG Trésor. And the Treasury's own authorisation certificate was, in turn, vouched for by IGC/A (Infrastructure de Gestion de la Confiance de l'Administration) and ultimately ANSSI, the French equivalent of the CESG assurance wing of GCHQ.

It seems the French Treasury department created the counterfeit certificate in order to monitor employee traffic that would otherwise pass through its network wrapped in encryption. The dodgy certificate allowed man-in-the-middle SSL interception, a heavily frowned on practice that violates the trust model of internet security. The practical upshot was that any email or other data sent between French Ministry of Finance officials and Google was wide open to snooping by the French government and perhaps others.
Lifting the lid on Government snooping was the BEST thing to come out of 2013. Edward Snowden has my nomination for 2013 Person of the Year.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Another Day, Another Crime

Post by Foggyone » Thu Dec 19, 2013 4:36 am

it's a good day when the American Government's agency is not the perpetrator.

Target stores' customers hit by major credit card attack
(Reuters) - Payment card data was stolen from an unknown number of Target Corp customers starting on the busy Black Friday weekend in a major breach at the U.S. retailer, according to a person familiar with the matter.
Krebs on Security, a closely watched security industry blog that broke the news, said the breach involved nearly all of Target's 1,797 stores in the United States, citing sources at two credit card issuers. The report said that "track data" from at least 1 million payment cards was thought to have been stolen before Target uncovered the operation, but that the number could be significantly higher.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

RTarget - The Costs

Post by Foggyone » Thu Dec 19, 2013 8:19 pm

While information on the Target breach is still emerging, there is speculation on the likely costs.

Breach could prove very costly for Target.
Past major breaches cost TJX $250 million and Heartland $140 million; Target can expect similar costs, experts say

Computerworld - Though details of the massive data breach at Target are still emerging, it's already clear that, before the dust settles, the retailer will likely have to pay tens of millions of dollars in remediation and notification costs, fines, legal fees and settlements.

.....

Target has not disclosed how many cards were impacted by the breach, though industry sources have reportedly pegged the number at 40 million. The total would make the breach the largest involving payment cards since a hack of payment processor Heartland in 2009 compromised upwards of 100 million cards.
You've got to wonder if this is more US state sponsored terrorism! Did Target P*** off the NSA?
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Target Gets A B****y Good Kicking

Post by Foggyone » Sat Dec 28, 2013 9:52 pm

And well deserved too!. As is usual in these matters, as soon as a breach is discovered the outfit lawyers up, hires some heavyweight PR and starts to play with the truth.
In war, truth is the first casualty.
Aeschylus
Greek tragic dramatist (525 BC - 456 BC)
Target: Deceive first, answer questions later

This story looks at the latest Target statement, and yardsticks it against degrees of truth.

Probably more to come out yet, with more fudging of reality for "business" reasons.

Here's a new business model. Tell the whole, unvarnished truth. You'll blow your customers away!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

M$ Gives Unwitting Assistance To Spies, Crooks

Post by Foggyone » Tue Dec 31, 2013 10:38 pm

Unencrypted Windows crash reports give 'significant advantage' to hackers, spies
Windows' error- and crash-reporting system sends a wealth of data unencrypted and in the clear, information that eavesdropping hackers or state security agencies can use to refine and pinpoint their attacks, a researcher said today.

Not coincidentally, over the weekend the popular German newsmagazine Der Spiegel reported that the U.S. National Security Agency (NSA) collects Windows crash reports from its global wiretaps to sniff out details of targeted PCs, including the installed software and operating systems, down to the version numbers and whether the programs or OSes have been patched; application and operating system crashes that signal vulnerabilities that could be exploited with malware; and even the devices and peripherals that have been plugged into the computers.

"This information would definitely give an attacker a significant advantage. It would give them a blueprint of the [targeted] network," said Alex Watson, director of threat research at Websense, which on Sunday published preliminary findings of its Windows error-reporting investigation. Watson will present Websense's discovery in more detail at the RSA Conference in San Francisco on Feb. 24.
So, there you have a perfect example of unintended consequences. M$ doesn't need to give the NSA any help apart from their Windows design choices. As soon as M$ rejigs the system to encrypt these reports then the NSA will attack M$ to get the private encryption key (or their man on the inside will simply lift it and email it to the NSA).

Let the battle commence!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Major Yahoo Oopsie!

Post by Foggyone » Sun Jan 05, 2014 5:57 pm

Thousands of visitors to yahoo.com hit with malware attack, researchers say
Two Internet security firms have reported that Yahoo's advertising servers have been distributing malware to hundreds of thousands of users over the last few days. The attack appears to be the work of malicious parties who have hijacked Yahoo's advertising network for their own ends.

Fox IT, a security firm based in the Netherlands, wrote a blog post on Friday describing the problem. "Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious," the firm reported. Instead of serving ordinary ads, the Yahoo's servers reportedly sends users an "exploit kit" that "exploits vulnerabilities in Java and installs a host of different malware."
Fox IT says Yahoo users have been getting infected since at least Dec. 30. At the time it discovered the issue on Friday, the firm says, malicious payloads were being delivered to around 300,000 users per hour. The company guesses that around 9 percent of those, or 27,000 users per hour, were being infected. More recently, the firm says, the volume of infections has tapered off, perhaps due to efforts by Yahoo's security team.
Another timely reminder of the dangers that can lurk, even on the largest sites.

I'm currently using Quickjava 2.0.3. QuickJava is a Firefox extension that allows you to easily enable/disable Java, JavaScript, Images, Flash and more directly from the toolbar and/or status bar! http://quickjavaplugin.blogspot.co.nz/" onclick="window.open(this.href);return false;
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Target Gets A B****y Good Kicking - Part II

Post by Foggyone » Fri Jan 10, 2014 6:04 pm

Further to my post here, as predicted, more is emerging on this story.

More records than the initial 40,000,000. Now up to 70,000,000
More information than the original credit/debit card information and encrypted pins. The company said that the stolen info includes names, mailing addresses and phone numbers or email address.

Massive Target credit card breach was much worse than first reported
“I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this,” chairman, president and chief executive officer, Target Gregg Steinhafel said. “I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.”

The company said it will contact its customers via email, where available, providing informational support “including tips to guard against consumer scams.” Target will further offer one year of free credit monitoring and identity theft protection to all customers that shopped in its retail stores during the hack. Target was also forced to downgrade its fourth quarter outlook estimates, saying that following the data breach announcement it has experienced “meaningfully weaker-than-expected sales” in its stores.
Is this the market commenting on this sorry saga, and also commenting on the lawyer & PR controlled info releases. Honesty (and proper, full and frank disclosure) may really be the best policy!

From another source - the "how"
In December, security researcher Brian Krebs said data-stealing code had been installed on card-swipe machines at tills in all 1797 Target stores.
Either a hole that was remotely accessed, or someone in the IT Department!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Target Gets A B****y Good Kicking - Part II

Post by digidog » Sat Jan 11, 2014 11:37 pm

Foggyone wrote:More records than the initial 40,000,000. Now up to 70,000,000
And counting... it's now up to a stunning 110 million!

http://www.nytimes.com/2014/01/11/busin ... iness&_r=0" onclick="window.open(this.href);return false;

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Neiman Marcus also hacked

Post by digidog » Sat Jan 11, 2014 11:41 pm

US retailer Neiman Marcus has also admitted that its systems were hacked in December.
Neiman Marcus spokesperson Ginger Reeder said the company does not yet know the cause, size or duration of the breach, noting that these are details being sought by a third-party forensics firm which has yet to complete its investigation. But she said there is no evidence that shoppers who purchased from the company’s online stores were affected by this breach.

http://krebsonsecurity.com/2014/01/hack ... an-marcus/" onclick="window.open(this.href);return false;

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Re: Security sites get 'pwned' + PRISM + GCSB bill

Post by Foggyone » Sun Jan 12, 2014 6:02 pm

I'm wondering if there is a connection between the spooks spying and the data breaches. The spooks have developed sophisticated intrusion methods, and if these "leak" to the un derworld (which, after all the spooks themseleves inhabit as well) this could be a source of information.

And you can bet your last dollar that foreign powers will be working their little bums off to infiltrate the Five Eyes partners, and gain intrusion knowledge. Is NZ a target here?
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Sun Jan 19, 2014 12:51 am

Reuters is reporting that there are at least six ongoing attacks at U.S. merchants whose credit card processing systems are infected with the same type of malicious software used to steal data from Target Corp. Whoops!!!
IntelCrawler's findings are the latest sign that the cyberattacks disclosed by Target Inc and upscale department store Neiman Marcus are part of a wider assault on U.S. retailer customer data security.

On Thursday, the U.S. government and the private security intelligence firm iSIGHT Partners warned merchants and financial services firms that the BlackPOS software used against No. 3 U.S. retailer Target had been used in a string of other breaches at retailers - but did not say how many or identify the victims.

http://www.reuters.com/article/2014/01/ ... 8P20140117" onclick="window.open(this.href);return false;

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

South Korea Scenario

Post by Foggyone » Mon Jan 20, 2014 5:29 pm

Nearly HALF of South Korea hacked in insider data theft
The personal details of as many as 20 million South Koreans may have been exposed after an employee at a credit ratings firm was arrested on suspicion of selling the records to marketing firms.

The temporary consultant, who worked at the Korea Credit Bureau (KCB), is suspected of lifting the data from the servers of KB Kookmin Card, Lotte Card, and NH Nonghyup Card, before selling it to phone marketing companies.

The data included customer names, social security numbers, credit card numbers and expiry dates, the Korean Financial Supervisory Service (FSS) said in a statement seen by AAP.
This kind of thing is not unheard of in South Korea.
In 2012, two hackers were arrested for illegally obtaining the personal details of 8.7 million KT mobile customers before selling it on to telemarketing firms.

A year earlier, a breach at South Korean game developer Nexon exposed data on 13 million subscribers, while local retailer Shinsegae and several others were hit in 2010 in an attack which stole 20 million customer account details.

However, the biggest to date remains the attacks on the Cyworld social networking website and the Nate web portal, which breached personal info on as many as 35 million users.

To put that in perspective, there are around 50 million people living in the north-east Asian nation today.
Google, the answer to so many questions!
-----------------------------------------------------

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest