A former Department of Energy employee has pleaded guilty to federal charges that he attempted to infect 80 current DOE employees with malware so foreign hackers could take control of computer systems that held sensitive information related to nuclear weapons, officials said Wednesday.

Charles Harvey Eccleston, 62, pleaded guilty to one count of attempted unauthorized access and intentional damage to a protected computer, according to a statement issued by officials with the US Department of Justice. The statement said the man, who previously worked for both the DOE and the US Nuclear Regulatory Commission, plotted to compromise federal computer networks by sending current employees highly targeted e-mails that he believed contained links to malware that would give hackers remote access. Such campaigns are often referred to as spear phishing because they target a specific individual, often referring to them by name and referencing specific interests of job duties.

Prosecutors said the plot came to their attention in 2013 after Eccleston entered an unnamed foreign embassy in Manila, Philippines and offered to sell a list of more than 5,000 e-mail addresses of officials, engineers, and employees of a US government agency. Undercover FBI agents posing as embassy employees then worked to build a criminal case against the former employee, who prosecutors said was terminated from his employment at the Nuclear Regulatory Commission in 2010. To make the e-mail more convincing, it posed as an advertisement for a conference related to nuclear energy. According to the press release:

 

eBay has no plans to fix a "severe" vulnerability that allows attackers to use the company's trusted website to distribute malicious code and phishing pages, researchers from security firm Check Point Software said.

The vulnerability allows attackers to bypass a key restriction that prevents user posts from hosting JavaScript code that gets executed on end-user devices. eBay has long enforced the limitation to prevent scammers from creating auction pages that execute dangerous code or content when they're viewed by unsuspecting users. Using a highly specialized coding technique known as JSFUCK, hackers can work around this safeguard. The technique allows eBay users to insert JavaScript into their posts that will call a variety of different payloads that can be tailored to the specific browser and device of the visitor.

"An attacker could target eBay users by sending them a legitimate page that contains malicious code," Check Point researcher Oded Vanunu wrote in a blog post published Tuesday. "Customers can be tricked into opening the page, and the code will then be executed by the user's browser or mobile app, leading to multiple ominous scenarios that range from phishing to binary download."

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Ill explainyou how to automate vulnerability scans. There are plenty of vulnerability scanners on the market (commercial or free solutions). Usually, Im using OpenVASmainly because it is free. A lot has been said about this solution, it makes also me sometimes frustrated but, at the end, it is doing a good job. The OpenVAS architecture is based on different components: a manager, one (or more) scanner,command line tools and a web frontend called Greenbone Security Assistant. Lets focus on the command line tool called omp which uses the OpenVAS">The number of action is quite limited and allow only basic tasks. But itprovides the -X or --xml argument which allows us to send raw XML data to the server! This is much more powerful! (a complete reference is available here).To use omp, the very first step is to create a configuration file to automate the connection. Create a"> [Connection]host=127.0.0.1port=9390username=xavier">(Don">">We are now ready to talk to the OpenVAS manager and to retrievesome data (--pretty-print"> $ omp --pretty-print --xml get_targets/get_targets_response status_text=OK status=200 target id=dcc82d64-1c87-44d8-aef5-24c1f552ddcd owner namexavier/name /owner nameLocal Hosts/name comment/comment creation_time2016-02-02T22:12:08+01:00/creation_time modification_time2016-02-02T22:12:08+01:00/modification_time writable1/writable in_use1/in_use permissionspermission nameEverything/name /permission/permissions user_tags count0/count /user_tags hosts192.168.254.0/24/hosts exclude_hosts/exclude_hosts max_hosts254/max_hosts port_list id=c7e03b6c-3bbe-11e1-a057-406186ea4fc5 nameOpenVAS Default/name trash0/trash /port_list ssh_lsc_credential id= name/name">Lets create a new scan from the command line. Considering that OpenVAS has alreadybeen configured for your environment, the different steps are:">First,tocreate our target,"> $ omp --xml create_target nameMy New Scan/name hosts192.168.254.0/24/hosts/create_targetcreate_target_response id=dcc82d64-1c87-44d8-aef5-24c1f552ddcd status_text=OK, resource created status=201/create_target_response"> $ omp --xml ... | xmlstarlet sel -t -v /create_target_response/@iddcc82d64-1c87-44d8-aef5-24c1f552ddcd"> $ omp --xml create_task nameMy New Scan/name preferences preference scanner_namesource_iface/scanner_name valueeth0/value /preference /preferences config id=74db13d6-7489-11df-91b9-002264764cea/ target id=dcc82d64-1c87-44d8-aef5-24c1f552ddcd//create_taskcreate_task_response id=8fc4cccd-243f-4edb-a390-5f83d04f90b6 status_text=OK, resource created status=201/create_task_response">We are now ready to launch the vulnerability scan. Let"> $ omp --xml get_tasks/"> $ omp xml ">start_task task_id=">/">start_task_response status=200 status_text=OK/"> $ omp --xml ">get_reports report_id=cc995c30-0a5d-486d-a02f-a03eba63172a">format_id=c402cc3e-b531-11e1-9163-406186ea4fc5/">Lets think further...If we can talk to an OpenVAS manager via XML, it could be easy to integrate OpenVAS with other tools?">">Xavier Mertens
ISC Handler - Freelance Security Consultant
PGP Key