What you need to know for your personal cyber security life…
Number TWENTY in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday now is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the loop.
# # #
Las Vegas Sands: Some customer data was stolen in hacking
- By Hannah Dreier
- Associated Press
- Feb. 28, 2014
Computer hackers stole some Las Vegas Sands customers’ Social Security and driver’s license numbers during a data breach earlier this month, the casino company said Friday.
Las Vegas Sands Corp. said in a statement that the information about some patrons at its Bethlehem, Pa., hotel-casino was compromised during the Feb. 10 attack. It was unclear whether credit card information was also taken.
Sands said it was still working to determine whether customer information from other properties was breached. The company runs the Italian-themed Venetian and Palazzo on the Las Vegas Strip, and several hotel-casinos in China and Singapore.
In its statement, Sands noted that the number of patron accounts that were compromised make up less than 1 percent of all visitors to the Bethlehem casino since its 2009 opening. The company did not provide the number of patron accounts at risk.
# # #
Are we about to witness a full-on cyber-war between Russia and Ukraine?
- By Fahmida Y. Rashid
- 04 Mar 2014
Russia has invaded Ukraine. Well, at least the province of Crimea. Are we about to see cyber-war unfold?
After months of hearing about cyber-war, cyber-espionage, and attacks against critical infrastructure, it’s only natural to wonder if the physical conflict between Russia and Ukraine is about to spill over into cyberspace. Most countries, the United States included, have cadre of forces trained in digital attacks and defences, and this kind of provocation seems like the perfect scenario to unleash them.
Also, it wouldn’t be anything new for the Russians, since they have already been accused of coordinating their military activities with cyber-attacks (namely distributed denial-of-service attacks) in their conflicts with Georgia and Estonia back in 2007 and 2008.
However, much of the cyber-activity in this conflict may come from the Ukrainians. “While the Ukraine is inferior in conventional warfare, they have phenomenal hackers who can steal intelligence from the Russians, intelligence that could become very valuable as the Ukraine reaches out for help from the international community,” said McCall Paxton, a SOC analyst at Rook Security.
# # #
Hackers hijack 300, 000 SOHO routers with man-in-the
- By Alastair Stevenson
- 04 Mar 2014
Researchers at the security firm Team Cymru have traced a campaign that has successfully compromised 300,000 small office and home office (SOHO) routers using man-in-the-middle attacks to two UK IP addresses.
The research team reported the campaign in its SOHO Pharming white paper, confirming that the majority of the victims were in Europe and Asia.
“In January 2014, Team Cymru’s Enterprise Intelligence Services began investigating a SOHO pharming campaign that had overwritten router DNS [domain name system] settings in central Europe,” the paper noted.
“To date, we have identified 300,000 devices, predominantly in Europe and Asia, which we believe have been compromised as part of this campaign, one of which dates back to at least mid-December 2013.”
# # #
So Who Hacked EC-Council Three Times This Week?
- By William Knowles
- Senior Editor
- InfoSec News
- February 28, 2013
On February 22nd 2014 the EC-Council website was broken into and defaced by Eugene Belford (a.k.a. The Plague). For those of you living in a cave, or a compound outside of Abbottabad for the last 13 years, The EC-Council is an Albuquerque New Mexico based organization that offers security professionals a reasonably inexpensive certificate among other security certificates. to be compliant with DoD 8570. The website was defaced, and its content was replaced with a picture of Edward Snowden, and an HTML comment that gives away the identity of the “hacker” that compromised the EC-Council website.
After EC-Council wrestled back control of their site, a known password was reused, and two days later re-defaced the website showing the mail from Edward Snowden’s Yokota Air Base e-mail asking for an exam code, a copy of his U.S. Passport and a letter from John A. Niescier, an Information Security Officer with the Department of Defense Special Representative, Japan stating that he has verified Edward J. Snowden has at least five years professional information security experience in the required domains.
After the hacker mentioned “P.S It seems like lots of you are missing the point here, I’m sitting on thousands of passports belonging to LE (and .mil) officials” conspiracy rumors were swirling about who may have attacked the EC-Council website. Foreign training companies, secret squirrels, the Chinese, Russians, non-state actors.
On February 25th, EC-Council website was defaced a third time.
The folks at r000t’s Blag have found done some digging and on the surface its pretty damning evidence.
# # #
UK man charged with hacking Federal Reserve
- By Grant Gross
- IDG News Service
- February 27, 2014
A British man faces new charges in the U.S. for allegedly hacking into the Federal Reserve Bank’s servers and stealing names, email addresses and other personal information of the bank’s computer users.
Lauri Love, already facing charges in New Jersey and Virginia, is charged with one count of computer hacking and one count of aggravated identity theft in U.S. District Court for the Southern District of New York, said Preet Bharara, the U.S. attorney there.
Documents charging Love in New York were unsealed Thursday.
“Lauri Love is a sophisticated hacker who broke into Federal Reserve computers, stole sensitive personal information, and made it widely available, leaving people vulnerable to malicious use of that information,” Bharara said in a statement. “We place a high priority on the investigation and prosecution of hackers who intrude into our infrastructure and threaten the personal security of our citizens.”
It was unclear who is representing Love in the U.S. cases.
Love used a SQL attack to infiltrate the bank’s servers, according to a press release. In late December 2012, Love told other hackers in an IRC chat room that he had gained control of the server for the Federal Reserve Bank in Chicago, according to the indictment in New York. He also gained access to a Federal Reserve Bank server in New York, the U.S. Department of Justice alleged.
# # #
-built malware running out of control, F-Secure claim
- By Iain Thomson
- The Register
- 28 Feb 2014
TrustyCon – A surprising number of governments are now deploying their own custom malware — and the end result could be chaos for the rest of us, F-Secure’s malware chief Mikko Hyppönen told the TrustyCon conference in San Francisco on Thursday.
“Governments writing viruses: today we sort of take that for granted but 10 years ago that would have been science fiction,” he told the public conference. “If someone had come to me ten years ago and told me that by 2014 it will be commonplace for democratic Western governments to write viruses and actively deploy them against other governments, even friendly governments, I would have thought it was a movie plot. But that’s exactly where we are today.”
The US is leading the way in this, he said, having initiated the Stuxnet malware against Iran’s nuclear enrichment facilities, although the actions against the Iranians were part of a much larger program, Operation Olympic Games, which was initiated by the then-President Bush and carried on by Obama.
Hyppönen said that he had investigated a Stuxnet sample to see if it could be modified to attack other targets and found that it could, up to a point. The specific control code to interfere with the industrial SCADA control systems used by the Iranians was very difficult to reshape, but the malware could be reconfigured to introduce random controls to be sent to an infected industrial plant that could cause havoc.
# # #
How a Hacker Intercepte
d FBI and Secret Service Calls With Google Maps
- By Nitasha Tiku
- February 27, 2014
Earlier this week, Bryan Seely, a network engineer and one-time Marine, played me recordings of two phone calls (embedded below.) The calls were placed by unwitting citizens to the FBI office in San Francisco and to the Secret Service in Washington, D.C. Neither the callers nor the FBI or Secret Service personnel who answered the phone realized that Seely was secretly recording them. He used Google Maps to do it.
Yesterday, Gizmodo reported on how easy it was for Seely to spam Google Maps with fake listings. Seely has revealed to Valleywag a more troubling way to exploit the Google’s laissez-faire attitude toward verification—loopholes the international search megalith has known about for at least four years.
The callers that Seely recorded thought they were speaking directly to the government agencies because they looked up the telephone number on Google Maps. What they didn’t know was that Seely had set up fake listings for the San Francisco FBI office and Secret Service in Washington, D.C., displaying numbers that went to a phone account he set up rather than the federal offices. After Seely’s numbers received the calls, they were seamlessly forwarded to the real offices the callers were trying to reach, only now the audio of their conversations with real federal agents was being captured by Seely.
Seely told Valleywag:
# # #
China ramps up cybersecur
ity efforts, strives to become “Internet power”
- By Michael Kan
- 28 February 2014
China is bolstering its efforts on cybersecurity with a new high-level committee that aims to turn the nation into an “Internet power,” the country’s official state media said Thursday.
Chinese President Xi Jinping is leading the new government body, which held its first meeting on Thursday. Xi was quoted as stating that cybersecurity and information technology had become a matter of national security.
“Without cybersecurity there is no national security, without information technology there is no modernization,” Xi added.
Increasingly, China has found itself embroiled in cybersecurity issues. Over the years, the nation has fended off accusations that it carries out state-sponsored hacking attacks. Those allegations reached fever pitch last year when a U.S. security firm claimed it had documented evidence that China’s military had spearheaded cyberattacks against the U.S.
# # #
al Patient Records From Local Dentist’s Office Found Dumped In Apple Valley
- By David Goldstein
- February 26, 2014
APPLE VALLEY (CBSLA.com) — Hundreds of confidential patient records from a local dentist’s office were found dumped in Apple Valley.
CBS2’s David Goldstein reported that the referral forms from 1-800-DENTIST to Dr. Samuel Kim, who specializes in laser and implant dentistry, were discovered in a vacant lot behind the home of Carolyn Lindblade.
“We found the papers up against the block wall in the field over there,” Lindblade said.
The forms, which were from 2010 and 2011, included people’s names, addresses, phone numbers, and in some cases, social security numbers and birthdates.
# # #
RSA protests by DEF CON groups, Code Pink draw ire
- By Violet Blue
- CNET News
- February 26, 2014
The RSA security conference (where the world’s security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and speaking at the conference.
The protests might be called “obnoxious,” “pointless” and “first world outrage ” — but the protesters affiliated with hacker conference DEF CON, organization Code Pink, and sold-out opposition conference “TrustyCon” are getting everyone’s attention this week.
Wednesday’s protest by two noted DEF CON -affiliated organizations (Vegas 2.0 and DC408) have bought out the entire nearby Chevy’s restaurant and are turning away RSA attendees and speakers — notably in the past hour, a visibly irritated Kevin Mitnick.
At the heart of the conflict are the weighty allegations that RSA deliberately weakened encryption standards in a contract with the U.S. National Security Agency to provide the government agency “back door” access.
In December 2013, Reuters reported,
# # #
Hackers arrested over data leakage
- BY CHOI MO-RAN
- Feb 27, 2014
Authorities said yesterday that they have arrested three hackers suspected of leaking the personal data of 17 million people from 225 websites.
The Incheon Metropolitan Police Agency announced yesterday that it had arrested the trio, who stole personal data from Korean websites and sold it to loan lenders and chauffeur service companies in exchange for about 100 million won ($93,793).
According to the police, the websites’ security networks were not secure enough to prevent infiltration. The hackers uploaded malicious coding onto posts on online boards, gaining control over the domain once site administrators clicked on them.
The hackers told the police that they were easily able to steal the personal data since most of the websites didn’t encrypt the personal data of their members.
# # #
Huge turnout at RSA shows hackers are winning
- By Jaikumar Vijayan
- February 26, 2014
SAN FRANCISCO — In the battle between enterprises and malicious hackers, the bad guys are clearly winning, judging by the sheer number of people and exhibitors at the RSA security conference going on here this week.
With an estimated 30,000 attendees and more than 400 exhibitors, RSA 2014 is the biggest event since its launch as a conference for cryptographers in 1991.
That’s clearly a good thing for RSA, which by one analyst’s estimates generates more than $100 million in revenues from the event. It’s also a great thing for security vendors because it shows demand for their products is booming.
But the conference’s growth is a also sobering reminder of the continuing challenges enterprises face in protecting their networks and data against malicious attackers. The RSA conference is not a Consumer Electronics Show or a Mobile World Congress. If demand for security products is increasing, it’s because security tools are not doing the job well enough, enterprises are not implementing them properly or because hackers are finding new ways to breach networks.
# # #
ely’ targeting US Jewish groups
- BY JTA
- Times of Israel
- February 27, 2014
WASHINGTON — US Jewish groups face “a more concerted and aggressive effort” from Internet hackers, the national community’s security arm said in an alert.
“It is imperative that all IT departments understand how to mitigate the threat and are up-to-date on the necessary technologies and processes to use in order to be proactive and prevent these incidents,” said an alert Tuesday from the Secure Community Network, an affiliate of the Jewish Federations of North America and of the Conference of Presidents of Major American Jewish Organizations.
“It is apparent that we are currently facing a more concerted and aggressive effort by those attempting to disrupt and deface organizations’ websites and networks,” the alert said.
The alert cited three recent cyber attacks. In one case, an organization’s website was “replaced by a Palestinian flag with the superimposed image of an apparent jihadist displaying a rifle.” The group claiming responsibility called itself CoIDZ.