Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Ensuring we don't lose our security minds
ZDNet Australia
#infosec http://t.co/vC02zA0T ^ML Will we lose our out-of-the-box security minds if we force them through structured assessment? #infosec http://t.co/IW0uBT8E ^ML Nexus tablet a 'done deal': report: And NPD DisplaySearch analyst Richard Shim told ZDNet ...

 

Yellow alert! Windows RDP flaw explained
ZDNet Australia
#infosec http://t.co/vC02zA0T ^ML Will we lose our out-of-the-box security minds if we force them through structured assessment? #infosec http://t.co/IW0uBT8E ^ML Nexus tablet a 'done deal': report: And NPD DisplaySearch analyst Richard Shim told ZDNet ...

and more »
 

Paperwork error in Dotcom arrest
ZDNet Australia
#infosec http://t.co/vC02zA0T ^ML Will we lose our out-of-the-box security minds if we force them through structured assessment? #infosec http://t.co/IW0uBT8E ^ML Nexus tablet a 'done deal': report: And NPD DisplaySearch analyst Richard Shim told ZDNet ...

and more »
 

This diary is being posted in both english and spanish, because it is a local attack that happened to Colombia users. I am unsure if this attack has been seen in other countries as well.

BEGIN OF ENGLISH SECTION

Last friday, many users at my company received the following message:


This e-mail is rejecting a change of flight request because the existing Mastercard credit card cannot be used because of lack of contract between Mastercard and LAN Airlines and states that for approval the airline needs a VISA Credit Card Number, CVC, Expiring date, name of card owner, ID and phone number.

My team began to receive many reports about this e-mail. There was a Reply-to directive to a gmail e-mail that would receive all the information sent by the users. First thing we did was to get a full report on what uses received this e-mail. Second, we sent a warning telling those users to avoid sending any confidential information though e-mail. Third and last, we proceeded to call every user to enforce the warning.

15 minutes passed between receiving the SCAM e-mails and sending the warning e-mail to my users. 183 users were targeted and 8 sent their information because they purchased tickets to LAN and thought that the mail was legitimate. We gave them a final recommendation to report their credit card as lost so they can get a new one with a new number.

We keep doing Security awareness campaigns on a regular basis and they start the moment the employee starts working in the company. I just hope there will be one day where users won't be that naive to risk their private information or the company information assets.

END OF ENGLISH SECTION

BEGIN OF SPANISH SECTION

El viernes pasado, muchos usuarios corporativos en mi empresa recibieron el siguiente correo electrnico:



Mi equipo empez a recibir muchos reportes sobre este correo. Al revisarlo en detalle, nos dimos cuenta que el correo inclua una directiva Reply-to, la cual direccionaba hacia un correo de gmail todas las respuestas de los usuarios a dicho mensaje. Lo primero que hicimos fue sacar una lista de todos los destinatarios del mensaje de correo en la figura. Lo segundo fue enviar un correo electrnico de advertencia a dichos usuarios advirtiendoles del peligro y de abstenerse de enviar cualquier informacin confidencial va correo electrnico. Por ltimo, se realizaron llamadas a cada uno como medida adicional para reforzar la advertencia realizada.

Pasaron slo 15 minutos entre la recepcin del correo malicioso y el envo de la advertencia. De un universo de 183 usuarios a quienes se les envi el correo electrnico malicioso, 8 enviaron la informacin solicitada porque haban comprado recientemente tiquetes con LAN y creyeron que el correo que les enviaron era legtimo.

Continuamente realizamos campaas de sensibilizacin de seguridad a todos los usuarios y estas inician desde la misma induccin del usuario al entrar a laborar en la compaa. Solo espero que llegue un da en que los usuarios no sean tan ingenuos con correos como estos en donde puedan poner en riesgo su informacin personal o los activos de informacin de la compaa.

END OF SPANISH SECTION
Manuel Humberto Santander Pelez

SANS Internet Storm Center - Handler

Twitter:@manuelsantander

Web:http://manuel.santander.name

e-mail:msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
PCP, pak cyber pytres and more so cyber rocker, has continued to wage a cyber war on india with over 160 hacked defaced and now taken offline for repairs.


 
There are many thousands of apps available. (As Apple's advertising campaign says, "There's an app for that.") But some apps are simply must-haves -- whether for their functionality, interface brilliance, or sheer entertainment factor.
 
Microsoft confirmed that sample attack code created by the company had likely leaked to hackers from a program it runs with antivirus vendors.
 
Internet Storm Center Infocon Status