Tales From the Crypto: Case of the Malicious IT Contractor. Data Broker Giants Hacked by ID Theft Service. An identity theft service that sells Social Security numbers, birth records, credit and background reports on millions of Americans has infiltrated computers at some of America’s largest consumer and business data aggregators, according to a seven-month investigation by KrebsOnSecurity. The Web site ssndob[dot]ms (hereafter referred to simply as SSNDOB) has for the past two years marketed itself on underground cybercrime forums as a reliable and affordable service that customers can use to look up SSNs, birthdays and other personal data on any U.S. resident.
Prices range from 50 cents to $2.50 per record, and from $5 to $15 for credit and background checks. Customers pay for their subscriptions using largely unregulated and anonymous virtual currencies, such as Bitcoin and WebMoney. Until very recently, the source of the data sold by SSNDOB has remained a mystery. Earlier this summer, SSNDOB was compromised by multiple attackers, its own database plundered.
Update, 2:05 p.m. Information Security and Risk Management in Context. 2 Minutes on BrightTALK: How to Futureproof Your IT Career. Trend Micro sponsored an extensive security survey of businesses in North America and Europe. Conducted by Cyber-Edge Group, LLC, a premier research and marketing firm, the survey examines the current and planned deployment countermeasures for establishing effective cyber defenses. This webinar will reveal the significant findings from the survey and accompanying report and is intended to provide IT security decision makers with a better understanding of how their perceptions, concerns, priorities – and most importantly – current defensive postures stack up against those of other IT security professionals and organizations.
Join Mark Bouchard, Vice President with Cyber-Edge Group and Jon Clay, Director of Global Threat Research with Trend Micro, for this webinar to learn more about the state of cyber threat defenses among today’s businesses and gain a better understanding of what you can do to improve your defenses going forward. John Powers Episode 3: The Spy Who Logged Me.
Have you ever wished for some supernatural powers to secure your organization? Perhaps longing for some extraterrestrial abilities to defend your sensitive data, or hoped to get help from outer space to get you through that compliance project? Meet John Powers… Sure, he is good at his job – some might say he is a little “too good.” In episode 1, John was dealing with some out of this world perceptions from his colleague Clint who has a very active imagination. In episode 2, his uncanny ability to get out ahead of potential problems and react with lightning speed to imminent threats to his company’s systems had some of his co-workers wondering if he might be getting assistance “from beyond.” In Episode 3, John is dealing with an employee who is convinced he is getting help from “The Company”, not just helping the company.
Does John Powers have some sort of super secret agent training in spy craft? Tripwire – Confidence Secured. You can connect with John on Twitter @CISOpowers… Hasta pronto, My CISO is an Alien: Meet John Powers. Have you ever wished for some supernatural powers to secure your organization? Perhaps longing for some extraterrestrial abilities to defend your sensitive data, or hoped to get help from outer space to get you through that compliance project?
I’m a strong believer that our industry could benefit from two things: (1) More information sharing and (2) More humor. So to contribute with the later one, we created John Powers , a seemingly supernatural CISO at a company a lot like yours. In episode 1, John is dealing with some out of this world perceptions from his colleague Clint who has a very active imagination. Yes, John is a figment of our imagination, but he personifies many of the characteristics of an ideal CISO: Smart, capable, humble, connected, vigilant, adaptable, a great communicator, and above all he has a great sense of humor. Episode 2 and 3 will be posted later on this Summer on his very own page . I hope you enjoy these videos as much as we’ve had producing them. Hasta pronto, My CISO is an Alien: Meet John Powers. Knowing, Doing, and Denial in Information Security.
A few years back, I knew a guy who had a mole on his forehead, which started to grow and change shape. As a survivor of melanoma, I know this is not a good thing. Some friends and I urged him to go to the doctor to have it looked at, but he refused. “I don’t want to go to the doctor – it might be cancer.” Sounds ridiculous, doesn’t it? But that argument is similar to what I hear from information security professionals all the time. They don’t want to confirm the issues they already know they have (through vulnerability scans, pen tests, security assessments, configuration audits, etc.) because they know it will likely turn up a list of things they don’t want to deal with.
One of the big inhibitors is resource limitations – time, money, people, tools. By integrating elements of risk ranking, business-oriented value mapping, and objective prioritization you can stack rank the problems you’d like to solve and apply your resources against the biggest or most impactful items first. My CISO is an Alien: Meet John Powers. Malware Pusher Cocky Enough To Sell Wares On Facebook. The Web’s dark markets are not enough for some it appears, as a botnet marketer has started selling services on Facebook.
A Facebook page was discovered pushing a demo of a control panel for a Zeus botnet, which harvests financial data to let criminals access bank accounts. The demo appears to be fairly basic, but users can contact the seller to get the full package. “For the developer it seems to be a hobby/project of sorts (very common to guys that work on malware). But there is a second guy moving this, he runs the FB page itself and seems to be selling stolen financial data derived from Trojan logs,” Limor Kessem, team leader at RSA’s Anti-Fraud Command Centre (AFCC). “It’s not new in terms of technical make up, but we were surprised to see it out on Facebook alongside posts that show there is real financial fraud going on.”
RSA has confirmed it is working with Facebook on an investigation into the page, which was also offering information on exploits. Home network routers may contain vulnerabilities | Experts Exchange Tech News Blog. Home network routers may contain vulnerabilities and some can even invite intruders into your home. Some home network router vendors are slow to respond, or they do not respond at all to researchers that report router vulnerabilities. It is the vendors that are slow to respond or fail to respond that tend to annoy me. Excuse me! If I am going to buy networking equipment – I believe that I have the right to know if a hybrid router (modem/router combined) or individual router has any potential security flaws. Home Network Routers Users who do not take basic router security seriously, can also impact home network router security. More often than not, we in-the-know tend to blame the end-user for dabbling in poor home network security practices.
Linksys Router Vulnerabilities According to a blog post by security researcher, Phil Purviance (that was posted on HN last week), two Linksys routers contain five security vulnerabilities. D-Link® Router Vulnerabilities TP-Link Router Vulnerabilities. Automatically secure your site with keys and salts! | VaultPress Blog. WordPress has a lot of excellent security features. One of these features is the ability to specify randomized keys and salts to help keep cookies and form nonces secure. Sadly, there are a lot of WordPress users who miss out on this extra security because they haven’t configured it for their site. That’s why I’m happy to announce that from today, VaultPress will help you out by detecting sites that haven’t set up any keys or salts.
It’ll offer to fix the problem for you too, by generating and inserting long and secure randomized values. Be warned that when your keys and salts are reconfigured, any logged in users at your site will be logged out, and will have to log in again. Like this: Like Loading... The Cocoon Blog / New Blog: Five Tips For Safer Online Banking - During the spring of 2013 (and it is right around the cyber corner), "Darkhat" VorVzakone plans to target the customers of 30 U.S. banks. That Really Cool App You Put on Your Smart Phone is Probably Collecting All Sorts of Information – and You Don’t Even Know It.
Ransomware, a growing threat in the U.S.… Wikipedia describes ransomware as a class of malware which restricts access to the computer system that it infects, and demands a ransom be paid to the creator of the malware in order for the restriction to be removed. Essentially online extortion, ransomware involves infecting a user’s computer with a virus that locks it. The attackers demand money before the computer will be unlocked, but once the money is paid, they rarely unlock it. – NYT Symantec Security Response director, Kevin Haley recently predicted that 2013 will see ransomware become the next big online scam. While your computer is locked, the cybercriminals can steal your private data; launch online banking and credit card fraud; and take full control of your computer and online life.
Symantec Security Response director, Kevin Haley recently predicted that 2013 will see ransomware become the next big online scam. How it works How can you avoid ransomware? Umbrella by OpenDNS. YouTube. Do you allow RDP connections? Cybercrime service sells hacked Fortune 500 access. Do you have a Windows computer currently in use or an old box that accepts Remote Desktop Protocol (RDP)? Most enterprises do allow RDP, so the client box can connect to a remote host computer. In fact, not only do Fortune 500 companies use RDP, but Brian Krebs recently reported on a cybercrime service that sells that RDP access for few dollars. This investigative Krebs on Security report looked into dedicatexpress.com, which advertises access to hacked RDP servers on cybercrime forums as "The whole world in one service.
" It takes instant messaging to contact the service owner and $20 via the virtual currency WebMonkey to register. Krebs said that nearly 300,000 compromised systems have been pimped through dedicatexpress since it began in 2010, with 17,000 RDP computers available for rent right now. Krebs wrote: Cisco confirmed the hacked RDP box was part of its network, but called it a "bad lab machine. " I always enjoy Krebs' insight and investigative reporting into cybercrime. Cocoon privacy plug-in for Chrome watches your back as you browse. Cocoon, a browser plug-in designed to protect your privacy and security online, is now available for Google's Chrome browser, according to its maker Virtual World Computing. The software is offered as a free plug-in with advertising, as well as in a paid premium version with added features, and works by placing Cocoon's servers between a consumer and the Internet.
That hides the consumer's identity from anyone trying to track a web user's activity on the Web. A beta version of the software was released Monday. A version for the general public is expected to be available Nov. 12. With the free version of Cocoon, you get anonymous browsing, privacy on shared computers, secure Wi-Fi connections, and freedom from Facebook tracking. With the premium version, which costs $5 a month or $29 a year, you get all the features in the free version as well as unlimited storage for your browsing history and for form fill information in cookies.
Here's one reason to try something like Secure.me. Give Sophos credit for its loud glitch warning. Show me any piece of security technology on this planet and tell me it's bullet-proof and I'll call you a liar. No matter how good the product, glitches happen. So it's sad when vendors try to downplay their own glitches. Feeling as I do, I wanted to take a moment and give Sophos credit for doing it right. Earlier this week, Sophos customers reported detections of Shh/Updater-B, indicating an attack was under way.
Sophos issues a fix, then did something more: Admitted the problem in a headline in its Naked Security blog. "Sophos would like to reassure users that these are false positives and are not a malware outbreak, and apologizes for any inconvenience," the company said in its post. More background on the glitch was reported by my colleagues at Network World: This is a good example of how a vendor should handle incident response. Better WP Security - Bit51.com. Menu iThemes Your one-stop shop for WordPress themes, plugins and training. The best WordPress security plugin, Better WP Security, is now... Get iThemes Security Pro Experts to Help Website security is a complicated subject and you don't want to go at it alone, especially if you're not quite sure how everything works. iThemes Security Pro customers get 1 year of ticketed support, so you know our support team is ready to help you when you need it.
Upcoming Pro Features & Updates We have a long list of Pro features planned for release in the next few months, including iThemes Sync integration, 2-Factor Authentication and Geo-IP Banning. Features FAQ Pro Setup Hack Repair Pricing WordPress security that's more like a to-do list than a terminal. iThemes Security shows you a list of things to do to make your site more secure with a simple way to turn options on or off.
See how easy it is to get started Defend your site from attacks you never knew existed. Brute Force Protection File Change Detection. Version 3.4.2. Version 3.4.2 Languages: English • 中文(简体) • 中文(繁體) • Русский • (Add your language) On September 6, 2012, WordPress 3.4.2 was released to the public. This is a maintenance and security update. For version 3.4.2, the database version (db_version in wp_options) changed to 21707. Installation/Update Information To download WordPress 3.4.2, update automatically from the Dashboard > Updates menu in your site's admin area or visit For step-by-step instructions on installing and updating WordPress: Updating WordPress If you are new to WordPress, we recommend that you begin with the following: Summary From the announcement post, this maintenance release addresses 18 bugs with version 3.4 and 3.4.1, including: Fixes some issues in the admin area where some older browsers (IE7, in particular) may slow down, lag, or freeze.
Additionally: Version 3.4.2 fixes a few security issues and contains some security hardening. List of Files Revised. Implicit Learning Passwords Are Like Riding a Bike. Cryptography recently joined forces with neuroscience to propose a groundbreaking innovation in authentication. Hristo Bojinov of Stanford University along with Daniel Sanchez and Paul Reber of Northwestern, Dan Boneh of Stanford, and Patrick Lincoln of SRI published a paper on “Designing Crypto Primitives Secure Against Rubber Hose Attacks.” Passwords, encryption keys, and other methods of verification are critical to keeping secrets in the digital era but have a number of major weaknesses.
Simple passwords are vulnerable to guessing and brute force attacks but long, complicated passwords are hard to remember, leading to password reuse or writing passwords down which can then be found by attackers. Tokens can be stolen and research has shown that even expensive biometric systems can often be fooled. Implicit learning is knowledge you can replicate but cannot describe, like how to ride a bike.
There is also a number of different attacks that remain possible against the technique. Windows worm slips into iOS App Store, climbs into hipsters' pockets. Details. GetCocoon - Google+ - Have you ever wondered what botnet activity really looks… The Vulnerabilities Market and the Future of Security. LinkedIn Apparently Hacked: Try to Care Long Enough to Change Your Password. Researchers spot fake mobile antivirus scanners on Google Play. Will your Internet go down on July 9th? | indyscomputergeek.com. Cocoon and Cocoon+ Now Approved as a Download on Mozilla's Firefox.
Compromised WordPress sites serving client-side exploits and malware. RDP Honeypot on Amazon EC2 Virtual Server. Warning. Cocoon now sheathes you in IE, too | The Download Blog. Tor Vulnerable to Remote arbitrary code Execution. You Can One-Up The Bad Guys With Unmask Parasites. Ten things you didn't know about Sourcefire. Get Cocoon: To all our wonderful follo... Mikko Hypponen: I can confirm that Mediafi... Mikko Hypponen: Someone posted the social... 568 reasons First State Super's security breach should worry you - security breach, security, Patrick Webster, information security, First State Super (FSS)
Get Cocoon: Coming soon - Cocoon for i... Super-Charge Your Online Privacy Now – Exciting Breakthrough! | Independent Living News. Secunia PSI: The Best Software Update Tool You've Never Heard Of > Installing and Using Secunia PSI. StopBadware releases best practices for reporting. Releases best practices for reporting. Harvard University website hacked by Syria protesters ~ THN : The Hacker News. Cocoon on Security. Nearly 300,000 Iranian IP addresses likely compromised. Using Netsh for Easier Network Setup in a Malware Lab. New Free Tools Simplify Analysis Of Android Malware. Fight the Good Fight: StopBadware.org. Krebs’s 3 Basic Rules for Online Safety. Wrongly accused of porn after wifi hacked.
Wrap Firefox in a Cocoon of privacy | The Download Blog. Cocoon promises a safe, spam-free, private way to browse the web. Security Researcher, CyberCrime Foe Goes Missing | Threat Level. Cocoon Is an All-In-One Privacy Extension for Firefox (And We've Got Beta Invites) DNS Malware Detection Pivotal for Organizations - Cybersecurity Report. More info on .MOV malware. Millions of Android users hit by malicious data theft app. Get Cocoon Internet Services: