tsu doh nimh - Slashdot User

Submission + - Norse Corp. Implodes, Fires CEO, Sells Assets (krebsonsecurity.com)

Submitted by tsu doh nimh on Monday February 01, 2016 @11:38AM

tsu doh nimh writes: Brian Krebs has something of a scoop about Norse Corp., the cyber intelligence company that became famous for its interactive attack map. From the story: Norse Corp., a Foster City, Calif. based cybersecurity firm that has attracted much attention from the news media and investors alike this past year, fired its chief executive officer this week amid a major shakeup that could spell the end of the company. The move comes just weeks after the company laid off almost 30 percent of its staff. Sources close to the matter say Norse CEO Sam Glines was asked to step down by the companyâ(TM)s board of directors, with board member Howard Bain stepping in as interim CEO. Those sources say the companyâ(TM)s investors have told employees that they can show up for work on Monday but that there is no guarantee they will get paid if they do." Krebs's story looks into the history of the company's founders, includes interviews with former Norse employees, and concludes that this was probably inevitable.

Submission + - DHS Offering Free Vulnerability Scans, Penetration Tests (krebsonsecurity.com)

Submitted by tsu doh nimh on Tuesday December 01, 2015 @01:20PM

tsu doh nimh writes: The U.S. Department of Homeland Security (DHS) has been quietly launching stealthy cyber attacks against a range of private U.S. companies â" mostly banks and energy firms. These digital intrusion attempts, commissioned in advance by the private sector targets themselves, are part of a little-known program at DHS designed to help âoecritical infrastructureâ companies shore up their computer and network defenses against real-world adversaries. And itâ(TM)s all free of charge (well, on the U.S. taxpayerâ(TM)s dime). Brian Krebs examines some of the pros and cons, and the story has some interesting feedback from some banks and others who have apparently taken DHS up on its offer.

Submission + - Ransomware Now Targeting Web Sites

Submitted by tsu doh nimh on Monday November 09, 2015 @12:00PM

tsu doh nimh writes: One of the more common and destructive computer crimes to emerge over the past few years involves "ransomware," malicious code that quietly scrambles all of the infected user's documents and files with very strong encryption. A ransom, to be paid in Bitcoin, is demanded in exchange for a key to unlock the files. Well, now it appears fraudsters are developing ransomware that does the same but for Web sites — essentially holding the site's files, pages and images for ransom. KrebsOnSecurity interviews one recent victim and points to resources for regular users and site administrators. Meanwhile, Lawrence Abrams at BleepingComputer writes about one ransomware variant so riddled with programming flaws that even victims who pay the ransom can't possibly get their files back.

Submission + - Tracking a Bluetooth ATM Skimming Gang in Mexico

Submitted by tsu doh nimh on Friday September 18, 2015 @10:17AM

tsu doh nimh writes: Brian Krebs has an interesting and entertaining three-part series this week on how he spent his summer vacation: driving around the Cancun area looking for ATMs beaconing out Bluetooth signals indicating the machines are compromised by crooks. Turns out, he didn't have to look for: His own hotel had a hacked machine. Krebs said he first learned about the scheme when an ATM industry insider reached out to say that some Eastern European guys had approached all of his ATM technicians offering bribes if the technicians allowed physical access to the machines. Once inside, the crooks installed two tiny Bluetooth radios — one for the card reader and one for the PIN pad. Krebs's series concludes with a closer look at Intacash, a new ATM company whose machines now blanket Cancun and other tourist areas but which is suspected of being connected to the skimming activity.

Submission + - Extortionists Begin Targeting AshleyMadison Users, Demand Bitcoin

Submitted by tsu doh nimh on Friday August 21, 2015 @02:37PM

tsu doh nimh writes: It was bound to happen: Brian Krebs reports that extortionists have begun emailing people whose information is included in the leaked Ashleymadison.com user database, threatening to find and contact the target's spouse and alert them if the recipient fails to cough up 1 Bitcoin. Krebs interviews one guy who got such a demand, a user who admits to having had an affair after meeting a woman on the site and who is now worried about the fallout, which he said could endanger his happily married life with his wife and kids.

Submission + - Sign Up at irs.gov Before Crooks Do It For You (krebsonsecurity.com)

Submitted by tsu doh nimh on Monday March 30, 2015 @11:27AM

tsu doh nimh writes: If you're an American and haven't yet created an account at irs.gov, you may want to take care of that before tax fraudsters create an account in your name and steal your personal and tax data in the process. Brian Krebs shows how easy it is for scammers to register an account in your name and view you current and past W2s and tax filings with the IRS, and tells the story of a New York man who — after receiving notice from the agency that someone had filed a phony return in his name — tried to get a copy of his transcript and found someone had already registered his SSN to an email address that wasn't his. Apparently, having a credit freeze prevents thieves from doing this, because the IRS relies on easily-guessed knowledge-based authentication questions from Equifax.

Submission + - Evolution Market's Admins Are Gone, Along with $12M in Bitcoin (krebsonsecurity.com)

Submitted by tsu doh nimh on Wednesday March 18, 2015 @01:11AM

tsu doh nimh writes: The Evolution Market, an online black market that sells everything contraband — from marijuana, heroin and ecstasy to stolen identities and malicious hacking services — appears to have vanished in the last 24 hours with little warning. Much to the chagrin of countless merchants hawking their wares in the underground market, the curators of the project have reportedly absconded with the community's bitcoins — a stash that some Evolution merchants reckon is worth more than USD $12 million.

Submission + - Lizard Stresser DDoS-for-Hire Service Built on Hacked Home Routers (krebsonsecurity.com) 2

Submitted by tsu doh nimh on Friday January 09, 2015 @01:50PM

tsu doh nimh writes: The online attack service launched late last year by the same criminals who knocked Sony and Microsoft's gaming networks offline over the holidays is powered mostly by thousands of hacked home Internet routers, reports Brian Krebs. From the story: "The malicious code that converts vulnerable systems into stresser bots is a variation on a piece of rather crude malware first documented in November by Russian security firm Dr. Web, but the malware itself appears to date back to early 2014. As we can see in that writeup, in addition to turning the infected host into attack zombies, the malicious code uses the infected system to scan the Internet for additional devices that also allow access via factory default credentials, such as 'admin/admin,' or 'root/12345'. In this way, each infected host is constantly trying to spread the infection to new home routers and other devices accepting incoming connections (via telnet) with default credentials.

Submission + - US Treasury Dept: Banks Should Block Tor Nodes (krebsonsecurity.com) 1

Submitted by tsu doh nimh on Saturday December 06, 2014 @10:40AM

tsu doh nimh writes: A new report from the U.S. Treasury Department found that nearly $24 million in bank account takeovers by and other cyber theft over the past decade might have been thwarted had affected institutions known to look for and block transactions coming through the Tor anonymity network. Brian Krebs cites from the non-public report, which relied on an analysis of suspicious activity reports filed by banks over the past decade: "Analysis of these documents found that few filers were aware of the connection to Tor, that the bulk of these filings were related to cybercrime, and that Tor related filings were rapidly rising. Our BSA [Bank Secrecy Act] analysis of 6,048 IP addresses associated with the Tor darknet found that in the majority of the SAR filings, the underlying suspicious activity — most frequently account takeovers — might have been prevented if the filing institution had been aware that their network was being accessed via Tor IP addresses." Meanwhile, the Tor Project continues to ask for assistance in adapting the technology to an Internet that is increasingly blocking users who visit from Tor.

Submission + - Bugzilla Bug Exposes Zero-Day Bugs (krebsonsecurity.com)

Submitted by tsu doh nimh on Monday October 06, 2014 @10:05AM

tsu doh nimh writes: A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software. Bugzilla is expected today to issue a fix for this very serious weakness, which potentially exposes a veritable gold mine of vulnerabilities that would be highly prized by cyber criminals and nation-state actors.

Submission + - Service Drains Competitors' Google AdWords Budgets (krebsonsecurity.com)

Submitted by tsu doh nimh on Sunday July 27, 2014 @09:51AM

tsu doh nimh writes: KrebsOnSecurity looks at a popular service that helps crooked online marketers exhaust the Google AdWords budgets of their competitors.The service allows companies to attack competitors by raising their costs or exhausting their ad budgets early in the day. Advertised on YouTube and run by a guy boldly named “GoodGoogle,” the service employs a combination of custom software and hands-on customer service, and promises clients the ability to block the appearance of competitors’ ads. From the story: "The prices range from $100 to block between three to ten ad units for 24 hours to $80 for 15 to 30 ad units. For a flat fee of $1,000, small businesses can use GoodGoogle’s software and service to sideline a handful of competitors’s ads indefinitely."

Submission + - Microsoft Kills Security Update Emails, Blames Canada (krebsonsecurity.com)

Submitted by tsu doh nimh on Monday June 30, 2014 @11:51AM

tsu doh nimh writes: In a move that may wind up helping spammers, Microsoft is blaming a new Canadian anti-spam law for the company’s recent decision to stop sending regular emails about security updates for its Windows operating system and other Microsoft software. Some anti-spam experts who worked very closely on Canada’s Anti-Spam Law (CASL) say they are baffled by Microsoft’s response to a law which has been almost a decade in the making. Indeed, an exception in the law says it does not apply to commercial electronic messages that solely provide “warranty information, product recall information or safety or security information about a product, goods or a service that the person to whom the message is sent uses, has used or has purchased.” Several people have observed that Microsoft likely is using the law as a convenient excuse for dumping an expensive delivery channel.

Submission + - P.F. Chang's Investigating Credit Card Breach Nationwide (krebsonsecurity.com)

Submitted by tsu doh nimh on Wednesday June 11, 2014 @09:49AM

tsu doh nimh writes: Nationwide chain P.F. Chang’s China Bistro said Tuesday that it is investigating claims of a data breach involving credit and debit card data reportedly stolen from restaurant locations nationwide.On June 9, thousands of newly-stolen credit and debit cards went up for sale on rescator[dot]so, an underground store best known for selling tens of millions of cards stolen in the Target breach. Several banks contacted by KrebsOnSecurity said they acquired from this new batch multiple cards that were previously issued to customers, and found that all had been used at P.F. Chang’s locations between the beginning of March 2014 and May 19, 2014.The ad for the Ronald Reagan batch of cards also includes guidance for potential customers who wish to fund their accounts via Western Union or MoneyGram wire transfers, advice that strongly suggests those involved in this apparent heist are once again from Russia and Eastern Europe: "Western Union transfers will be received in the next 48-72 hours! Money Gram transfers will be received 10-11 of June. Please note: 12, 13, 14, 15 of June are the government holidays in the drops country and Money Gram transfers will be received starting Monday June 16th." June 12 is "Russia Day," a national holiday in Russia since 1992 that celebrates the declaration of state sovereignty of the Russian Soviet Federative Socialist Republic on June 12, 1990.

Submission + - Report: Watch Dogs Game May Have Influence Highway Sign Hacking 1

Submitted by Anonymous Coward on Saturday June 07, 2014 @01:40PM

An anonymous reader writes: Earlier this month, at least three US states reported that a hacker had broken into electronic road signs above major highways, with the hacker leaving messages for people to follow him on Twitter. The Multi-State Information Sharing an Analysis Center (MS-ISAC) produced an intelligence report blaming a Saudi Arabian hacker that the organization says likely got the idea from Watch Dogs, a new video in which game play revolves around ‘hacking,’ with a focus on hacking critical infrastructure-based electronic devices in particular. "Watch Dogs allows players to hack electronic road signs, closed-circuit television cameras (CCTVs), street lights, cell phones and other systems. On May 27, 2014, the malicious actor posted an image of the game on his Twitter feed, demonstrating his interest in the game, and the compromise of road signs occurs during game play. CIS believes it is likely that a small percentage of Watch Dog players will experiment with compromising computers and electronic systems outside of game play, and that this activity will likely affect SSLT [state, local, tribal and territorial] government systems and Department of Transportation (DOT) systems in particular.” Nevermind that, as the report notes, the hacker likely broke in because the signs allowed telnet and were secure with weak or default passwords. The report came out on the same day that The Homeland Security Department cautioned transportation operators about a security hole in some electronic freeway billboards that could let hackers display bogus warnings to drivers.

Submission + - Thai police: we'll get you for online social media criticism (www.cbc.ca)

Submitted by wired_parrot on Friday June 06, 2014 @11:03AM

wired_parrot writes: After a leading protester of the recent military coup in Thailand made several critical posts in Facebook criticizing the military takeover, Thailand's Technology Crime Suppression Division tracked his location through his IP address and promptly arrested him.. The arrested was meant to send a message to Thailand's online community. Said the police: "I want to tell any offenders on social media that police will come get you".

Slashdot Top Deals