Information Security News
Software engineer and Iowa State computer science student Josh Davis has created a website dedicated to comparing how online services employ (or don't employ) two-factor authentication.
Every day we entrust our private information—whether it be credit card numbers, e-mails, or other data stored on personal accounts—to any number of Web-based services. And comparing security across a swath of websites can be a time-munching chore for even the most experienced consumer. Davis' new site, twofactorauth.org, hopes to make those decisions easier.
Davis wrote in a blog post over the weekend that after the high-profile hijacking of Naoki Hiroshima's valuable @N Twitter handle, he decided to transfer his domains to a new registrar. He noticed how hard it was to find information on which services used two-factor authentication and which didn't.
by Peter Bright
Google's stated policy for apps on its Google Glass head-mounted hardware is that apps aren't allowed to take photographs when the display is turned off. But it turns out there's nothing actually enforcing this policy. Two California Polytechnic students built an app that converts Glass into a spy camera, taking a photo every 10 seconds without any visible indication to the user, reports Forbes.
The app, built by graduate researchers Mike Lady and Kim Paterson, masquerades as a legitimate piece of note-taking software, albeit with the decidedly illegitimate name of Malnotes. It captures images of whatever the Glass wearer is looking at and uploads them to the Internet. The pair notes that although this violates the Glass terms of service, those terms of service have no actual enforcement in the Glass software.
They aren't sure if they could get the app into Google's curated MyGlass app store. They did manage to get it into the relatively wild Google Play app store, but when their professor tweeted about their work, they decided not to bother trying to submit it to the more restrictive storefront. Google has subsequently removed the app.
Researchers have documented an ongoing criminal operation infecting more than 10,000 Unix and Linux servers with malware that sends spam and redirects end users to malicious Web pages.
Windigo, as the attack campaign has been dubbed, has been active since 2011 and has compromised systems belonging to the Linux Foundation's kernel.org and the developers of the cPanel Web hosting control panel, according to a detailed report published Tuesday by researchers from antivirus provider Eset. During its 36-month run, Windigo has compromised more than 25,000 servers with robust malware that sends more than 35 million spam messages a day and exposes Windows-based Web visitors to drive-by malware attacks. It also feeds people running any type of computer banner ads for porn services.
The Eset researchers, who have been instrumental in uncovering similar campaigns compromising large numbers of servers running the nginx, Lighttpd, and Apache Web servers, said the latest campaign has the potential to inflict significant harm on the Internet at large. They explained:
Social engineering threat tops infosec risks: ASD
Social engineering remains the greatest security threat to Australian government agencies, according to the 2014 Australian Government Information Security Manual (ISM), which was published this week. The manual highlights the increasing sophistication ...
There are two events I'm interested in following up at the moment. A few reports mentioned that scans to destination port 5000 seem to be popular at the moment. (https://isc.sans.edu/port.html?port=5000). So if you have a few spare packets that would be great. In this instance I'm not looking for log records only pcaps.
Another reader mentioned scans from source port 6000 going to numerous ports on their infrastructure, but from different IP addresses. eg. IP address A scanning target 1089-1099. IP address B scanning target 1100-1110, etc. If you have log records or packets for trafic from source port 6000 to multiple ports or IP addresses in your environment I'd be interested in taking a look.
We've seen both of these previously, but certainly like to see if it is the same or something different.
Mark H(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Posted by InfoSec News on Mar 18http://www.computerworld.com/s/article/9247017/Court_approves_first_of_its_kind_data_breach_settlement
Posted by InfoSec News on Mar 18http://www.japantoday.com/category/crime/view/japan-holds-first-full-cybersecurity-drill
Posted by InfoSec News on Mar 18http://www.washingtonpost.com/business/economy/sally-beauty-confirms-data-breach/2014/03/17/c644049a-adf5-11e3-96dc-d6ea14c099f9_story.html
Posted by InfoSec News on Mar 18http://www.israelhayom.com/site/newsletter_article.php?id=16181
Posted by InfoSec News on Mar 18http://healthitsecurity.com/2014/03/17/healthcare-data-encryption-trends-and-methods/