Tag Archives: Cyber Crime

Apple’s Security Breach Should Scare You More thanTarget’s Did

Posted on February 28, 2014 by Marijana Dabic

Source: The Blaze
Published: 02/24/14

Apple’s security protocol breach is nearly as bad as handing your credit card straight to a hacker rather than making them steal the information through the magnetic stripe readers.

The flaw in Apple’s iOs and OS X platforms essentially allows a hacker to get in between the initial verification “handshake” connection between the user and the destination server, enabling the adversary to masquerade as a trusted endpoint. This means the connection which is supposed to be encrypted between you and your bank, email server, healthcare provider and more is open to attack.

Secure Sockets Layers, and more recently, Transport Layer Security protocols have protected web users for years by creating a digital secure handshake to identify and encrypt data from the browser to the secure end site. The Apple flaw puts hackers in the middle of that handshake, by allowing the SSL/TSL routines to be bypassed.

Security experts across the web recommend updating iPhones and iPads with the available iOS patches now, and using browsers other than Safari for OS X systems without an available Apple fix. Read more >>

Cyberattack surge may be the new normal

Posted on February 5, 2014 by Marijana Dabic

Publication Date: 02/03/15
Source: TheStar.com

Our growing connectedness — along with “simple cluelessness” — giving hackers an edge that’s only likely to get worse.

Bell Canada, French mobile operator Orange and U.S. hotel management firm White Lodging are among the latest targets of cyber attacks that are growing exponentially in an ever more connected world.

Experts say breaches of corporate data bases have ramped up thanks to factors such as the rise of third-party or cloud storage, the proliferation of open-source smartphones, and the advance of banking and other financial transactions across mobile platforms.

Add in increasingly sophisticated hacking tools and more brute computing power and the result is an easier road for criminals aiming to breach protected data, said Queen’s University professor David Skillicorn.

While the average business or consumer is more capable of countering cyber attacks today compared to a decade ago, Skillicorn said the hackers remain a few steps ahead.

He also blamed the “simple cluelessness” of such practices as maintaining default password settings for many data compromises, although Kaan Yigit, president of Toronto-based consulting firm Solutions Research Group, said more breaches are happening “because more and more of our lives and money is online”. Read more >>

The U.S. Department of Homeland Security not immune to data breaches

Posted on January 28, 2014 by Marijana Dabic

A security breach at a Web portal for the U.S. Department of Homeland Security has exposed private documents and some financial information belonging to at least 114 organizations that bid on a contract at the agency last year, reports KrebsOnSecurity.

A spokesperson for Department of Homeland Security said that as a result of this unauthorized access, 520 documents including white papers/proposals, decision notification letters, documents regarding contract and award deliverables and other supporting materials were improperly accessed.

Unfortunately, this just further confirms that no one is immune to cyber crime. The office of the Director of National Intelligence of the United States recognizes cyber crime as the number one global threat, leaving weapons of mass destruction and terrorism and organized crime behind.

James R. Clapper, Director of National Intelligence, Worldwide Threat Assessment of the US Intelligence Community, explained it well back in March of 2013: “We are in a major transformation because our critical infrastructures, economy, personal lives, and even basic understanding of…the world are becoming more intertwined with digital technologies and the Internet. In some cases, the world is applying digital technologies faster than our ability to understand the security implications and mitigate potential risks.”

This speaks well to the fact that the cyber threats have quickly evolved over the past 5 years and that they are increasingly well organized and funded. Highly sophisticated and complex attacks are becoming common and the skills behind attacks are significant, in many cases, even greater than those on the side of the “good guys”.

All types of organizations, including small businesses, need an effective cyber risk management program as sophisticated cybercrime is growing fast and everyone is a target.

Please feel free to contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.

Russian Teen Allegedly Sold Target Breach Software

Posted on January 24, 2014 by Marijana Dabic

Publication Date 01/19/2014
Source: USAToday.com

A Russian teenager allegedly authored the malware behind the Target data breach during the holiday shopping season, a cyber security firm said Sunday, and the same malware may have also been involved in the Neiman Marcus attack, it says.

IntelCrawler, based in Los Angeles, says Sergey Taraspov, with roots in St. Petersburg, authored the malicious software and reportedly sold it for about $2,000 to dozens of cybercriminals in Eastern Europe and other countries.

“The probability is rising that the perpetrator of the (Target breach) got the program from him,” says Dan Clements, IntelCrawler president.

The firm says Taraspov is “close” to 17 years old. The firm’s CEO did the first report on the malware, known as BlackPOS, earlier last year and Taraspov was identified then as the alleged author, Clements says. Taraspov allegedly is a well-known programmer of malicious code in the underground world, IntelCrawler says.

Target, the nation’s second-largest retailer, has apologized for the security breach, which it said affected up to 110 million shoppers. Neiman Marcus has not said how many customers were affected by its breach, though several security analysts have said they believe it was at least 1 million shoppers.

Officials at Target were not immediately available for comment Sunday.

Clements says IntelCrawler has uncovered six other breaches at retail stores, including two small clothing firms in Los Angeles and four mid-sized department stores in Colorado, Arizona, New York and California. The firm declined to name the retailers, but says it has forwarded information to law enforcement officials.

The software reportedly enabled the thieves to remotely hack into the retailers’ computer systems and obtain customer credit card and pin numbers, which were sent back to a computer controlled by cyber thieves.

State and federal officials, including the Secret Service, have launched an extensive investigation into the breaches.

Malware in Target stores breach crafted to avoid detection by all antivirus tools

Posted on January 17, 2014 by Marijana Dabic

Last weekend, retail giant Target finally disclosed that malicious software that infected point-of-sale systems at Target checkout counters was at least one cause of the data breach that occurred back in December. The massive data breach exposed personal and financial information, including names, mailing addresses, phone numbers and email addresses of more than 110 million customers.

Target has taken considerable heat from critics who say the company waited too long to disclose the breach.

In an interview with CNBC on Jan. 12, Target CEO Gregg Steinhafel confirmed that the attackers stole card data by installing malicious software on point-of-sale (POS) devices in the checkout lines at Target stores.

Earlier this week, Seculert posted an analysis and reported: “First, the malware that infected Target’s checkout counters (PoS) extracted credit numbers and sensitive personal details. Then, after staying undetected for 6 days, the malware started transmitting the stolen data to an external FTP server, using another infected machine within the Target network.”

Thieves then use collected information to create cloned copies of the cards and use them to shop in stores for high-priced merchandise.

As Brian Krebs of Krebs on Security blog reports, he detected a network of underground cybercrime shops that were selling almost exclusively credit and debit card accounts stolen from Target stores. Those underground stores all traced back to a miscreant in Odessa, Ukraine.

Krebs continues: “Incidentally, in malware-writer parlance, the practice of obfuscating malware so that it is no longer detected by commercial antivirus tools is known as making the malware “Fully Un-Detectable,” or “FUD” as most denizens of cybercrime forums call it. This is a somewhat amusing acronym to describe the state of a thing that is often used by security industry marketing people to generate a great deal of real-world FUD, a.k.a. Fear Uncertainty and Doubt.”

These breaches underscore the importance of organizations continuously monitoring their systems for suspicious changes and unknown programs on their systems, as well as providing their employees with security awareness training.

Once the breach happens, it is imperative that a business continuity plan be executed in a timely manner and that the proper communication be established with the public.