Information Security News
Josh Bryant is the co-founder and CEO of Droplr, a collaboration tool for sharing files. He has also worked for Incredible Labs (makers of Donna) and Ancestry.com. He lives in Bend, Oregon. This post originally appeared on his personal blog.
If you haven’t read it yet, check out Naoki Hiroshima’s account of how he was blackmailed into giving his Twitter account away. I read it on Wednesday, and the story was all too familiar to me. My version also has a few implications that are far worse.
I’m @jb on both Twitter and Instagram. My username is a very heavy target for these types of attacks. It used to be primarily because of the Jonas Brothers, but of course now it’s all related to Justin Bieber. With the marketing power behind Bieber's name, there are thousands of companies or hackers who would love to get their grubby hands on my username for profit. Like Naoki, I too have been offered inordinate sums of money for my username, and I get a regular stream of "forgot password" e-mails to my inbox.
Chris Mohan --- Internet Storm Center Handler on Duty(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
by Cyrus Farivar
According to newly published documents, Canadian spies tracked thousands of travelers online for days after they left an unnamed Canadian airport.
This revelation, gleaned from 2012 slides (PDF) provided by whistleblower Edward Snowden, shows that the Communications Security Establishment Canada (CSEC) conducted a real-world test that began with a “single seed Wi-Fi IP address” from an “international airport” and assembled a “set of user IDs seen on network address over two weeks.”
The technique appears to be related to one outlined by University of California San Diego and Microsoft researchers in a 2010 research paper (PDF).
by Lee Hutchinson
Two days ago, Ars ran a syndicated story by software developer Naoki Hiroshima on how his potentially valuable Twitter handle was stolen (the story originally appeared on Medium). Hiroshima described a painful ordeal wherein an attacker extracted credit card information from his PayPal account, used that information to reset the login credentials for Hiroshima's GoDaddy account, and then modified the domain's MX records (the set of DNS entries that tell everyone else on the Internet where to send that domain's e-mail) away from Hiroshima's servers to their own. The attacker also appeared to have modified a number of other details of Hiroshima's GoDaddy account, making it impossible for Hiroshima to gain access. The attacker then attempted to reset the password to Hiroshima's Twitter account, "@N," but was unsuccessful.
Unable to gain access to the @N account, the attacker then e-mailed Hiroshima and threatened to take action against Hiroshima's website's domains unless he changed his Twitter handle to something else, allowing the attacker to assume the "@N" handle—which he would then presumably sell.
Hiroshima attempted to regain access to his GoDaddy account, but GoDaddy wouldn't restore his access, because Hiroshima no longer appeared to be the legitimate owner of the account. Even involving a GoDaddy executive didn't appear to fix things. A day later, after further threats from the attacker, Hiroshima surrendered the @N handle, and the attacker promptly sent Hiroshima his GoDaddy login credentials. It was a successful hostage exchange, as such things go, but Hiroshima found himself victimized with no apparent recourse other than acceding to the attacker's demands.
Researchers have unearthed malware that recently infected point-of-sale terminals at several dozen retailers in the US and other countries and successfully captured customers' payment card data.
"ChewBacca," as the crimeware is dubbed, scrapes large chunks of computer memory from infected terminals and dumps them to a file, a researcher from RSA reported in a blog post published Thursday. It then uses regular expressions and other programming techniques to extract data that was copied from credit and debit cards. ChewBacca also captures sensitive data using a generic keylogger.
"The ChewBacca trojan appears to be a simple piece of malware that, despite its lack of sophistication and defense mechanisms, succeeded in stealing payment card information from several dozen retailers around the world in a little more than two months," Yotam Gottesman, a senior security researcher on RSA's FirstWatch team, wrote. Researchers found that beginning in late October, ChewBacca had logged track 1 and 2 data of payment cards scanned on infected terminals. Most of the affected retailers were located in the US, although some were in other countries, including Russia, Canada, and Australia.
Posted by InfoSec News on Jan 31http://www.cbc.ca/news/politics/csec-used-airport-wi-fi-to-track-canadian-travellers-edward-snowden-documents-1.2517881
Posted by InfoSec News on Jan 31http://www.computerworld.com/s/article/9245908/Yahoo_resets_passwords_after_email_hack
Posted by InfoSec News on Jan 31http://www.informationweek.com/security/attacks-and-breaches/target-hackers-tapped-vendor-credentials/d/d-id/1113641?
Posted by InfoSec News on Jan 31http://techcrunch.com/2014/01/30/clinkle-gets-hacked-before-it-even-launches/
Posted by InfoSec News on Jan 31http://www.wcax.com/story/24582782/new-questions-about-patient-privacy-at-north-country-hospital