Independent – Page 414 – Computer Security Articles

Credit to Author: Lucian Constantin| Date: Fri, 17 Mar 2017 15:14:00 -0700

Companies that use security products to inspect HTTPS traffic might inadvertently make their users’ encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.

US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don’t mirror the security attributes of the original connections between clients and servers.

HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn’t contain threats or malware. It’s performed by intercepting a client’s connection to an HTTPS server, establishing the connection on the client’s behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. Products that do this essentially act as man-in-the-middle proxies.

To read this article in full or to leave a comment, please click here

Independent Krebs

March 17, 2017 admin

Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam

Credit to Author: BrianKrebs| Date: Fri, 17 Mar 2017 22:02:02 +0000

Just a friendly reminder that phishing scams which spoof the boss and request W-2 tax data on employees are intensifying as tax time nears. The latest victim shows that even cybersecurity experts can fall prey to these increasingly sophisticated attacks. On Thursday, March 16, the CEO of Defense Point Security, LLP — a Virginia company that bills itself as “the choice provider of cyber security services to the federal government” — told all employees that their W-2 tax data was handed directly to fraudsters after someone inside the company got caught in a phisher’s net.

ComputerWorld Independent

March 17, 2017 admin

Credit-card breach hits another restaurant chain

Credit to Author: Matt Hamblen| Date: Fri, 17 Mar 2017 13:33:00 -0700

Another sizeable payment card data breach has been discovered at a U.S. restaurant chain.

In the latest example, several high-end eateries run by Select Restaurants in Cleveland were the victims of fraudulent cards used by customers at its restaurants, according to a report posted Thursday on KrebsOnSecurity, a reliable site written by reporter Brian Krebs. Krebs said he learned about the case from anti-fraud teams at multiple financial institutions investigating “a great deal of fraud on cards used at a handful of high-end restaurants around the country.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 17, 2017 admin

String of fileless malware attacks possibly tied to single hacker group

Credit to Author: Lucian Constantin| Date: Fri, 17 Mar 2017 11:56:00 -0700

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.

An investigation started by security researchers from Morphisec into a recent email phishing attack against high-profile enterprises pointed to a group that uses techniques documented by several security companies in seemingly unconnected reports over the past two months.

“During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much-discussed attack campaigns,” Michael Gorelik, Morphisec’s vice president of research and development, said in a blog post. “Based on our findings, a single group of threat actors is responsible for many of the most sophisticated attacks on financial institutions, government organizations, and enterprises over the past few months.”

To read this article in full or to leave a comment, please click here

Independent Krebs

March 16, 2017 admin

Google Points to Another POS Vendor Breach

Credit to Author: BrianKrebs| Date: Fri, 17 Mar 2017 00:11:57 +0000

For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath the search results for the Web site of a victimized merchant.

ComputerWorld Independent

March 16, 2017 admin

Yahoo breach shows the drawbacks of state-sponsored hacking

Credit to Author: Michael Kan| Date: Thu, 16 Mar 2017 17:57:00 -0700

When governments turn to private hackers to carry out state-sponsored attacks, as the FBI alleges Russia did in the 2014 breach of Yahoo, they’re taking a big risk.

On the one hand, it gives them a bit of plausible deniability while reaping the potential spoils of each attack, but if the hackers aren’t kept on a tight leash things can turn bad.

Karim Baratov, the 22-year-old Canadian hacker who the FBI alleges Russia’s state security agency hired to carry out the Yahoo breach, didn’t care much for a low profile.

His Facebook and Instagram posts boasted of the million-dollar house he bought in a Toronto suburb and there were numerous pictures of him with expensive sports cars — the latest an Aston Martin DB9 with the license plate “MR KARIM.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 16, 2017 admin

Unpatched vulnerability puts Ubiquiti networking products at risk

Credit to Author: Lucian Constantin| Date: Thu, 16 Mar 2017 13:34:00 -0700

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.

The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.

Because it requires authentication, the vulnerability’s impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user’s browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 16, 2017 admin

Cobol plays major role in U.S. government breaches

Credit to Author: Patrick Thibodeau| Date: Thu, 16 Mar 2017 13:21:00 -0700

New research is turning on its head the idea that legacy systems — such as Cobol and Fortran — are more secure because hackers are unfamiliar with the technology.

New research found that these outdated systems, which may not be encrypted or even documented, were more susceptible to threats.

By analyzing publicly available federal spending and security breach data, the researchers found that a 1% increase in the share of new IT development spending is associated with a 5% decrease in security breaches.

“In other words, federal agencies that spend more in maintenance of legacy systems experience more frequent security incidents, a result that contradicts a widespread notion that legacy systems are more secure,” the paper found. The research paper was written by Min-Seok Pang, an assistant professor of management information systems at Temple University, and Huseyin Tanriverdi, an associate professor in the Information, Risk and Operations Department at the University of Texas at Austin.

To read this article in full or to leave a comment, please click here