Security Roundup - 2016-02-17

Hackers adapting to address related fraud checks by going after rewards programs. Hack account, buy lots of stuff and send it to account holder, drain their rewards and convert it to items in store.

Bruce Schneier has an updated Encryption Products Survey, a follow up of a similar survey done in 1999.

Given a recent news item about the lack of security in hospital devices, is it really any suprise that a Hollywood Hospital is currently the victim of a ransomware attack? At time of article, the hospital had computer systems shut down for a week, and had to transfer some patients to other locations. Somewhat related, Checkpoint has a nice writeup on the ecosystem of healthcare security.

Microsoft has been using a third party to manage their mobile careers site, and it turns out it was misconfigured and leaked user information.

For those who love CVEs or visualizations of statistical data, here is something that covers both.

Hackers have leaked 17.8 GB of data from the Turkish national police database. According to the article, the culprit had access to systems for ~2 years.

Security Roundup - 2016-02-10

The Underhanded C Contest has posted results of the 2015 competition. 1/3 of entries apparently used a concept called NaN poisoning in their solutions. Full details/write ups of some clever solutions.

The Federal Government seems prepared to fund a dedicated CISO role.

Backchannel is hosting a virtual security round table. Security officers from Dropbox, Box, Twitter, Google and more are answering questions on the future of security.

Why bother with skimmer plates when you can just MitM the unsecured ATM communications? I am never using a free standing ATM again.

Kaspersky’s Security Analyst Summit is currently ongoing, meaning there should be another round of security related videos in the near future.

The group behind the Neutrino Exploit Kit are upping the game slightly by performing passive OS fingerprinting to try to prevent security researchers from collecting samples.

Wordpress is apparently becoming a popular vector to deliver ransomware to unsuspecting users.

Security Roundup - 2016-02-05

Security breach causes woes for TalkTalk, as 95K subscribers tied to last year’s attack have cancelled their service.

Robin Hood hacking continues, as part of the Dridex network has apparently been hacked to serve up anti-malware. On the flip-side, Malwarebytes has announced a vulnerability in their Anti-malware server such that an attacker could insert arbitrary code on client machines.

More network security hardware news as arbitrary upload and path traversal problems have been discovered in Netgear’s Prosafe system.

Archive.org has opened up their Malware Museum, a collection of output of malware from the 80s and 90s.

Schmoocon recently wrapped up, and presentation videos are now available.

The Magento e-commerce platform has become a major target for hackers. Common attacks attempt to harvest credit card numbers, as Magento checkout isn’t PCI compliant by default.

Security Roundup - 2016-01-27

More hardware security issues, like this IoT doorbell that can provide wireless network details by unscrewing the faceplate, pressing a reset button, and then connecting to it. Princeton researchers have found out a bunch of issues with a variety of devices. And then there are these stories of people taunting babies through hacked baby monitors. AMX recently also released an update to some of their videoconferencing products to remove a backdoor. Shodan.io has enough scan data that they are essentially a search engine for open IoT devices.

It is one thing for a user to be using a password from the worst password’s list, or to have a hard coded password in your software, but Lenovo managed to combine the two in one of their products.

Hot on the heels of Let’s Encrypt, Amazon adds AWS Certificate Manager for free SSL certs for your AWS apps.

Security researchers are worried about GCHQ’s MIKEY-SAKKE system for telecommunications is basically key escrow and allow the government to unencrypt all communications.

One Amazon user goes into detail about the ultimate system backdoor, customer support.

CyberSecurity Startup Growth In Isreal is very big. Interestingly, Isreal’s Electric Authority is apparently subject to between 4 and 20 ‘cyber events’ per month.

Cool visualization of TOR traffic flowing across the world.

Schmoocon was earlier this month, and one of the interesting topics was using GPUs and FPGAs to better identify malware.

Security Roundup - 2016-01-20

Course Materials For Malware Analysis Released On Github

For those more interested in malware.

Reddit Discussion On MMO Hacking

Essentially, on the server end trust nothing clients send to you. Anything you expose can and probably will be abused.

The MonkeySphere Project

Attempting to expand the PGP Web Of Trust model to other things. Currently working on ssh trust, where admins sign public keys so users can check, rather than just blindly accepting server fingerprints.

What Is My Local IP

Did you know that with new browser extensions, people can learns what your internal IP address is? Try it pre/post VPN connection!

Cyptsy Bitcoin Exchange Hacked

Third party code for a specific blockchain currency contained an IRC backdoor, eventually allowing for in the ability to steal from other wallets. Cryptsy apparently knew this for a while, and has only disclosed recently. Someone pointed out this backdoor in march of last year on Github.

Page 22 of 23