Information Security News
Users' brains scanned in bid to fix infosec
CSO Magazine (blog)
Users' brains scanned in bid to fix infosec. Mind map holds hope for better security design. Sam Bells (CSO Online); — 15 March, 2014 10:32. Security system design and user education could benefit from neuralimaging that uses brain scans to determine ...
With literally millions of phishing scams crossing the wires each day, media reports about individual ones are the quintessential dog-bites-man stories that are rarely worth the time of writer or reader alike. Every now and then, though, one comes along that's clever enough to make it rise to the top of the massive steaming pile of messages. To wit: one recently caught by researchers from Symantec.
The phishing attempt shows up as an e-mail with the subject "Documents" and advises the recipient to view important files stored on Google Docs. It includes a link in the body. So far pretty banal stuff. But it gets better. As Symantec researcher Nick Johnson writes:
The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.
This login page will look familiar to many Google users, as it's used across Google's services. (The text below "One account. All of Google." mentions what service is being accessed, but this is a subtlety that many will not notice.)
It's quite common to be prompted with a login page like this when accessing a Google Docs link, and many people may enter their credentials without a second thought.
After pressing "Sign in," the user’s credentials are sent to a PHP script on a compromised web server.
This page then redirects to a real Google Docs document, making the whole attack very convincing. Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content.
With all the attention on zero-day exploits that surreptitiously install malware with little or no user interaction, it's easy to forget that one of the biggest threats we face is our own gullibility. Most people reading Ars are experienced enough to spot phishing attempts, but the campaign Symantec reported is one I could see my friends or relatives falling for, especially if they were tired, rushed, or otherwise not paying close attention.
by Sean Gallagher
In the latest round of a wave of cyberattacks on Russian targets, the official websites of the Russian Federation’s president and central bank were taken offline this morning in what the Kremlin’s press office called a “serious DDoS attack.” The attack also targeted “a number of other Web portals,” according to the Kremlin statement. The sites are back online for most users, but the attack is still ongoing.
Anonymous Caucasus, the “Electronic Army of the Caucasus Emirate,” has claimed responsibility for the attack on its Facebook page with a statement saying, “This is just warming up, Russian pig!”
According to a report from the state-sponsored RT.com, the Russian Foreign Ministry’s site was also disrupted today, following a number of attacks on the websites of Russian media outlets on Thursday. Anonymous Caucasus also claimed responsibility for attacks on a site operated by the largely state-owned national television network Russian Channel One and the Russian DDoS attack protection firm Esteq, stating through Twitter that it had “nothing to do with Ukraine, or all current events in this country.”
We are getting different activity reports (Thanks for those!) on Word Press. Beyond the ping back issue that has been happening, is anyone else seeing strange WP behavior?
--- ISC Handler on Duty
Blog: packetalien.com(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Posted by InfoSec News on Mar 14http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data
Posted by InfoSec News on Mar 14http://arstechnica.com/security/2014/03/pwn2own-the-perfect-antidote-to-fanboys-who-say-their-platform-is-safe/
Posted by InfoSec News on Mar 14http://www.washingtontimes.com/news/2014/mar/13/f-35-secrets-now-showing-chinas-stealth-fighter/
Posted by InfoSec News on Mar 14http://variety.com/2014/digital/news/chinas-hackers-to-target-u-s-entertainment-industry-security-firm-warns-1201131720/
Posted by InfoSec News on Mar 14http://www.wired.com/opinion/2014/03/quantum/