Tag: Security

http://www.itnews.com.au/News/241265,techies-revenge-lands-her-in-jail.aspx

Techie’s revenge lands her in jail
By Liam Tung on Dec 10, 2010 9:25 AM

*** begin quote ***

Four days after being fired from the Suncoast Community Health Centers’ for insubordination, Patricia Marie Fowler exacter her revenge by hacking the centre’s systems, deleting files, changing passwords, removing access to infrastructure systems, and tampering with pay and accrued leave rates of staff.

*** end quote ***

This story begs a number of questions about hardware / software engineering.

(1) Firewalls, hardware, and software are NOT designed to avoid the “King” effect. One example. The SWIFT funds transfer network in the 80’s had the concept of split authentication. The contract with SWIFT and the institution REQUIRED two separate “supervisors of an administrator” and “technology administrators”. There had to be collusion between FOUR people to subvert the security system. Bosses were NOT permitted to access the system but did receive the couriered envelop with their half of the institution’s code. They gave it to their administrator. Once the two haves were used, a new pair was generated and sent to the bosses. Either “administrator” could lock the “kingdom”. (I forget how long the “keys” were, but I remember typing it in was a giant pain.) Surprisingly, even honchos, who were openly hostile to “security”, meekly went along with this kabuki.

(2) It seems like there was very little separation of duties. The IT administrator apparently has access to the firewalls, other platforms, and data tables in applications. Seems like the place was an accident set up to happen. Where were the internal and external auditors? At the very least, with suitable automation, rebuilding components of the infrastructure should be near trivial. You wonder where was their disaster recovery plan; probably locked up in the head of the rogue administrator.

(3) “Passwords” in and around a serious “security” situation. Guess they never heard of two factor authentication?

Nice to know we don’t need no stinkin’ security!

Seasonal Greetings,
fjohn

# # # # #

New form of spam begins. It looks like a standard LinkedIn invite.

But the URLs point to strange sites. Don’t worry I’m an Open DNS User (free) and they don’t resolve.

“Default” Users, who don’t take any precautions, should NEVER click on any link in ANY email.

# # # # #

LinkedIn Users Targeted with Fake “Contack Requests” to Spread Malwa
Posted by: “Joseph”
Tue Sep 28, 2010 7:38 am (PDT)

LinkedIn Users Targeted with Fake “Contact Requests” to Spread Malware
By Mike Lennon on Sep 27, 2010

On Monday morning, cybercriminals began sending massive volumes of spam email messages targeting LinkedIn users.

Starting at approximately 10am GMT, users of the popular business-focused social networking site began receiving emails with a fake contact request containing a malicious link.

According to Cisco Security Intelligence, these messages accounted for as much as 24% of all spam sent within a 15-minute interval today. If users click, they are taken to a web page that says “PLEASE WAITING…. 4 SECONDS..” and then redirects them to Google, appearing as if nothing has happened. During those four seconds, the victim’s PC was attempted to be infected with the ZeuS Malware via a “drive-by download” – something that requires little or no user interaction to infect a system.

When Zeus infects PCs, users rarely notice any harm, and those who click on a link will may even have a chance manually download the executable file, as the malware first runs a series of browser exploits. ZeuS, also known as Zbot, WSNPOEM, NTOS and PRG, is the most prevalent banking malware platform for online fraud, and has been licensed by numerous criminal organizations. The program then waits for the user to log onto a list of targeted banks and financial institutions, and then steals login credentials and other data which are immediately sent to a remote server hosted by cybercriminals. It can also modify, in a user’s browser, the genuine web pages from a bank’s web servers to ask for personal information such as payment card number and PIN, one time passwords, etc. A new variant recently emerged that targets mobile devices – ZeuS in the Mobile or “Ztimo”- used to overcome two-factor authentication.

“Criminals are misusing brands familiar to business users to trick them into becoming infected by data stealing malware,” said Cisco Security Researcher Henry Stern. “They want to infect those users with access to large-dollar online commercial bank accounts. This attack is most interesting because of its scale. While there have been many previous attacks that impersonate social media sites, the scale of this attack, tens of billions of messages, makes it notable. The criminals behind this attack are among those who stole over US$100m from commercial bank accounts in 2009,” Stern added.

Back to top Reply to sender | Reply to group | Reply via web post

# # # # #

http://www.pcworld.com/businesscenter/blogs/bizfeed/166570/new_macbook_pro_can_boot_from_an_sd_card_duh_so_can_pcs.html

BizFeed
Smart tech advice for your small business
Robert Strohmeyer, PC World | Friday, June 12, 2009 7:17 AM PDT
New MacBook Pro Can Boot From an SD Card. (Duh. So Can PCs.)

*** begin quote ***

In the wake of this week’s WWDC keynote, in which Apple announced that new MacBook Pro laptops will finally include an SD slot, the tech press is all aflutter about what they seem to think is a new possibility: booting from SD. Sorry to break it to you all, but this isn’t a new idea, and many PCs have been doing it for years.

*** end quote ***

I STILL don’t understand.

We could NOT have malware that embedded into the boot records if we used removable media for the boot process.

One of the great weapons that the bad guys have against us is that “reinfection” vector.

Microsoft has done us a great disservice if the whole architecture of the “personal computer”.

That’s why I’m moving to Linux.

# # # # #

http://www.electronicpulp.net/2009/04/24/salma-hayeks-apple-mobileme-account-hacked-couldnt-have-been-easier/

*** begin quote ***

As I write this, people are accessing the personal Apple MobileMe account of Hollywood actress Salma Hayek, after its login details were posted earlier today on Anonymous imageboard 4chan.org. Hacking into a famous celebrity’s e-mail account might sound like it would take an awful lot of work and experience and knowledge in hacking, but as it turns out, the evil deed could be carried out with just a few keystrokes. The Anonymous poster who started it all left the following bits of information for all to see and use to access Salma Hayek’s MobileMe e-mail account.

   Her email address is shayek@mac.com

   Go to me.com, forgot password, type shayek@mac.com

   Her birthday is Sept. 2

   Answer to change password question is: frida

*** end quote ***

My non-critical passwords are 16 random alphanumeric characters. I have pages of them developed with ROBOFORM’s “PASSWORD GENERATE” function. My critical ones are long mnemonics of my favorite sayings.

AND, I treat secondary questions as exactly what they are — backdoors.

SO if you see my Grandmother C9HJLPQVK say hi. Say hi to my little dog KEZNBF6N9. And, I will be at my first school — VRT9ZWDX6.

If you know these “answers”, then you own my account at the New York Times. The free one. That they make you set up to read the slanted stories of the day.

Bottom line, security is for everyone. And, it’s easy.

# # # # #