Information Security News
Earlier this week, Ars reported on attacks exploiting an extremely critical vulnerability in the PHP scripting language almost two years after the bug came to light. By going 22 months without installing crucial patches, the responsible administrators were menacing the entire Internet, in much the same way as the owner of a blighted building might contribute to increased urban decay or neighborhood crime.
Now comes word of a new mass compromise that preys on even more neglected Web severs, some running versions of the Linux operating system kernel first released in 2007. According to a blog post published late Thursday by researchers from Cisco, the people behind the attack appear to have identified a vulnerability that has since been patched in later Linux releases that allows them to dish malicious content to unsuspecting people who visit the site. The quick-spreading compromise took over 400 hosts per day on Monday and Tuesday, and so far, Cisco has counted more than 2,700 distinct URLs that are under the control of the attackers.
"This large-scale compromise of an aging operating system highlights the risks posed by leaving such systems in operation," Martin Lee, a threat intelligence technical lead in Cisco's Security Intelligence Operations group, wrote. "Systems that are unmaintained or unsupported are no longer patched with security updates. When attackers discover a vulnerability in the system, they can exploit it at their whim without fear of it being remedied."
by Casey Johnston
Sony Pictures has purchased the movie rights to the story of the reporter who brought the Target credit card hack to light. The Hollywood Reporter writes that the company bought the rights to the New York Times story "Reporting From the Web’s Underbelly," a profile of security reporter Brian Krebs.
Krebs broke the news of the hack back in December, when approximately 40 million credit card numbers were stolen, reportedly as a result of a malware-carrying phishing e-mail. The Times wrote about Krebs' coverage of the hack in February.
As the Times article says, Krebs is deeply embedded in the cyber security community, with friends including Russian cybercriminals who "leak him documents about their rivals" and enemies who have swatted his house and "sent fecal matter… to his doorstep."
by Sean Gallagher
If you spend enough time perusing the Internet for helpful information on how to build a botnet or hack an online game, you’ll inevitably end up on a discussion board site filled with posts from various hackers eager to share that knowledge and build up their street cred. But even if you use Tor to explore the “dark Web” for such boards, you’ll never reach the 1337est board of them all—the discussion board hosted on the National Security Agency’s NSAnet.
The latest data dump from the archive of NSA webpages leaked by Edward Snowden contains a sampling of posts from the NSA’s internal hacker board by one author in particular—an NSA employee that The Intercept’s Ryan Gallagher and Peter Mass claim is the person who wrote presentations on attacking the Tor network. In one of his posts, the author outlines approaches to gaining access to networks used by individuals targeted for surveillance.
That post, entitled, “I hunt sysadmins,” provides a primer for NSA cyber-warriors to identify and target system administrators of networks to exploit their access privileges for the purposes of surveilling or attacking a target that is connected to them. The two-part post and others published by The Intercept show the extent of the NSA’s ability to target and exploit networks worldwide using the automated hacking tools at the agency’s disposal. But the new data also shows how similar the approaches of the NSA’s cyber-operators are to those used by “black hat” hackers and criminal hacking rings, and it offers some hints about the NSA’s internal “hacker” culture.
Posted by InfoSec News on Mar 21http://blogs.csoonline.com/security-industry/3082/secunia-vulnerability-report-questioned-experts
Posted by InfoSec News on Mar 21http://www.networkworld.com/news/2014/032114-speedy-attack-targets-web-servers-279944.html
Posted by InfoSec News on Mar 21http://freebeacon.com/chinese-police-university-trains-beijing-hackers/
Posted by InfoSec News on Mar 21http://rt.com/usa/syrian-hackers-reveal-fbi-microsoft-205/
Posted by InfoSec News on Mar 21http://www.sfgate.com/crime/article/UCSF-warns-nearly-10-000-people-of-potential-5332722.php