A Firefox 0-day vulnerability is being used to vend malware from the official website for the Nobel Peace Prize. Norman ASA detection executive Einar Oftedal stated in an instant message to the Register, “This iframe has a multi exploit backend and serves exploits for Firefox, including a working remote exploit for firefox 3.6.11, we didn’t see any 0day for IE.” The malware does not target Windows Vista, or 7 systems, limiting the attack to only Windows XP users running Firefox 3.6.11 or earlier.
Mozilla is aware of the vulnerability and is working on a fix that will most likely be out later this week once it has been tested. This attack is most likely not limited to the Nobel Peace Prize website and users of Mozilla’s Firefox can protect themselves from this attack by using NoScript or disabling JavaScript in their browser.
Some theorize the attack is related to the Nobel Peace Prize being awared to Liu Xiaobo this year, who is incarcerated in China for his participation in Chapter 08.
posted by holliday at 11:51 am
Dutch authorities in conjunction with network security organizations have taken control of and started dismantling 143 command and control servers used by the Bredolab botnet. The Bredolab botnet had infected an estimated 30 million computers during its time and was reportedly used in a phishing scam last year against Facebook users.
A 27 year old suspect was arrested a little while later after trying to regain control of the botnet and then trying use it to DDOS the web hosting firm Leaseweb that was being used by the hacker.
While the majority of the CnC servers have been taken offline there are still some alive and kicking.
One of the more interesting pieces to me is that the Fox-IT team who is working with the Dutch authorities, are contacting the infected machines users when they log on of the infection and how to remedy it. At the posting of this over 100,000 users have been notified.
posted by holliday at 11:08 am
On an iPhone 4 running iOS 4.1 if you tap the “Emergency Call” button, then enter three pound signs, hit the green call button and immediately press the Lock button you gain access to the Phone app.
Well, what’s so bad about this? The Phone app includes your contacts, your voice mail and call history. Some people probably don’t think this is a large issue and it may not be. But with iPhones becoming more prevalent in the business world your contacts can include a lot of people you may not want someone else seeing. Especially in Sales where your contacts are your livelihood.
So if you have an iPhone 4 with iOS 4.1 you may not want to leave it laying around, not that you would in the first place.
posted by holliday at 2:19 pm
According to the Kroll Annual Global Fraud Report this is the first time that cyber theft has surprassed physical theft. I am surprised that it took this long for it to happen.
The report doesn’t say that other forms of fraud are decreasing, but that the theft of intellectual property is just increasing, with 27.3% of companies reporting it compared to 18% in 2009. In comparison only 27.2% of companies reported theft of physical property. It does make me wonder what the true numbers are compared to the reported.
What it comes down to is that it is much easier to steal your intellectual property from the thief’s couch (or office chair) than it is to break into your office and take your laptops or paper clips. Saying that, the report shows that most fraud is done by insiders, people that are already part of your organization.
When companies are losing so much annually to insiders it makes me wonder what type of privileges their organizations utilize. Do they use “least privilege”, or is everyone walking around with admin rights? If your employees have access to data that they shouldn’t because you haven’t instituted a good rights management system then you really need to update your resume because your data is probably already gone.
posted by holliday at 2:27 pm
Writing is something that I have always enjoyed. Whether it was books as a child or a journal as I grew up, I have always found peace in it. Writing a blog made sense to me but I don’t believe I have kept up my end of the bargain.
Through irregular posts and linking to stories that I have found interesting without adding much value to the conversation I have made this blog boring and empty. I am going to try and change that though.
While I will still be commenting on stories that I find interesting, specifically related to Information Security, privacy and maybe a splash of comic books or legos to boot, I am going to try and add value to the conversation.
Well, here it goes….
Why is Information Security so important to me? Why do I find it so exciting that not only have I made it my career but also my hobby outside of office hours?
I believe the answer is in my general love for all things competitive. When I was a child I wasn’t a very competitive person. I enjoyed playing games but was not really into sports. This changed in my teen years and I developed a love of games and competition. Whether it was who could clean a table fastest among my bus boy coworkers or who could run the fastest or throw the farthest among my other friends it was all a game and I loved it.
I feel that Information Security is like this. It is a game that we are playing all of the time against outsiders, insiders and ourselves. We have to protect our networks and data from elite hackers to receptionists who love Facebook and Twilight. You don’t get to stop playing this game when you go home and you have to make sure you are always learning how to play the game better, faster and know more than you did the day before. Your opponents don’t take days off and neither can you (figuratively).
There is also so much to learn. I have a thirst for knowledge and Information Security is an ever changing cornucopia of it. There is never a lack of new things to learn or research, and things to do to make yourself and your network more secure. From day to day the landscape changes and you have to be on top of your game or you will lose.
These are some of the reasons why I love Information Security. Why do you love it?
posted by holliday at 5:24 am
I am going to take a break from my normal topics to discuss one that is a passionate one for most people in America. Immigration.
My family is a bunch of immigrants. Not first generation but in the last few. My ancestors came to America because it was the land of opportunity. Pretty much everyone who lives in America does so because their ancestors immigrated here. I am pretty sure all of them came here for the opportunities also.
America is a great country to live in and we should embrace that. People want to come here and build their lives and families. We need to make immigrating to America better so that we can bring in the best and brightest minds from around the world and have them want to live here.
When it comes down to it, who wants to live in a country that no one wants to immigrate to?
A great article on why immigration is a necessary part of American dominance and culture is here.
posted by holliday at 12:18 pm
posted by holliday at 12:47 pm
In the city of Leon, Guanajuato in Mexico the government is putting in retina scanners to keep track of people. The scanners track you as you walk past them. So now, you can be tracked where ever you are in the city.
At Defcon this year Chris Paget showed how RFID’s could be tagged from a decent distance. Then today I read on Slashdot that Mark Roberti, an editor in the RFID field, says that Paget is showing RFID in the wrong light. That no one has had their privacy infringed upon with it and that it hasn’t lead to identity theft and that there isn’t enough data anyway to be an issue. I think Mark is missing the point.
When you get arrested and the officer reads you your rights the line goes “Anything you say can and will be used against you in a court of law.” What is going to stop the government from extending this to “Anything can and will be used against you.” I think that we as citizens need to be mindful that just because things haven’t been used against us doesn’t mean they can’t or won’t be.
posted by holliday at 2:00 pm
I was just reading about two more breaches when I hit the section “What was the response?”
In both cases, and in most that I have read about, they people affected, a.k.a. the victims of someone else’s mistake, are given a years subscription to a credit monitoring service. Wow, a whole year. Their data can’t possibly last longer than a year out on the internet can it? The fact is that these people will have to watch their credit for well over a year and will probably have to subscribe to a service for the rest of their lives. We like to think that this information will disappear over time but the fact is things can last forever on the internet.
Someday maybe the punishment for losing other people’s information will be high enough that people will actually protect it and care about it.
posted by holliday at 1:14 pm
That isn’t a great name for a horror film but it is what Dell has issued a warning for. Apparently some malware just happened to slip into the motherboard, specifically “The PowerEdge R410 Rack server has spyware within its embedded systems management software.”
This happened before on some off brand Cisco equipment. More and more malware and spyware are finding their way onto your machine. If not through your OS then through your hardware.
posted by holliday at 12:49 pm
