Monday, December 26, 2011

Cyber Security News for the Week of December 26, 2011

Cyber Security Story of the Week
From our friends at Citadel Information Group

This week's news brings a story from Bloomberg that stolen credit cards are fetching up to $3.50 at online criminal trading sites. A story from Forbes states "In the war being waged for control of enterprise endpoint computers, cybercriminals currently have the upper hand." Also this week is a warning from US-CERT of an active spear-phishing attack against United Services Automobile Association (USAA) members along with two stories of web sites being compromised to serve up malware to unwary visitors. These stories demonstrate just how dangerous the Internet can be.

Readers should remain on alert to keep safe from attacks by following the following three basic rules:
  1. Do not open attachments in emails unless the email is expected. Do not click on links in unexpected emails. Attachments and links can be booby-trapped. When in doubt check with the sender.
  2.  Keep systems updated with the latest software versions. Read the Weekly Patch and Vulnerability Report from our blog for weekly updates of common software.
  3. Keep anti-malware solutions up-to-date. Consider moving to advanced host-based intrusion prevention.

Alerts and Warnings

US-CERT is warning of an active spear-phishing attack via email messages directed at United Services Automobile Association (USAA) members. These messages contain the subject line "Deposit Posted" and contain a randomly generated four-digit number placed in the USAA security zone section. The messages ask users to open an attached file containing malicious software that if activated could provide access to a user's personal information.

Amnesty International Site Serving Java Exploit: Amnesty International's homepage in the United Kingdom is currently serving malware that exploits a recently-patched vulnerability in Java. Security experts say the attack appears to be part of a nefarious scheme to target human rights workers. KrebsOnSecurity, December 23, 2011

Hackers Abuse PHP Setting to Inject Malicious Code Into Websites: Attackers have begun to abuse a special PHP configuration directive in order to insert malicious code into websites hosted on dedicated and virtual private servers (VPS) that have been compromised. PC World, December 23, 2011

Information at Risk - US Chamber of Commerce

China Hackers Hit U.S. Chamber: A group of hackers in China breached the computer defenses of America's top business-lobbying group and gained access to everything stored on its systems, including information about its three million members, according to several people familiar with the matter. The Wall Street Journal, December 21, 2011

Cyber Security Management

To Stop Cybercrime: Understand Crime Logic, And Adapt: Lockheed Martin, the International Monetary Fund, Sony, Oak Ridge National Laboratory, the European Space Agency, and Abbott Labs all have one thing in common - each of these highly respected companies suffered computer breaches in 2011. These are technology savvy enterprises that use leading security products and have strict security policies and procedures in place. So when it comes to attacks that cause real damage, why are security measures falling short? Security vendors like to blame these breaches on Advanced Persistence Threats or targeted attacks. Creating a different nomenclature does not make up for the fact that the IT security is failing behind. In the war being waged for control of enterprise endpoint computers, cybercriminals currently have the upper hand. Forbes, December 23, 2011

Cyber Security Management - HIPAA HITECH

Digital Data on Patients Raises Risk of Breaches: One afternoon last spring, Micky Tripathi received a panicked call from an employee. Someone had broken into his car and stolen his briefcase and company laptop along with it. The New York Times, December 19, 2011

Internet Badlands - Credit Cards

Stolen Credit Cards Go for $3.50 at Amazon-Like Online Bazaar: In mid-September, a European hacker nicknamed Poxxie broke into the computer network of a U.S. company and, he said, grabbed 1,400 credit-card numbers, the account holders' names and addresses, and the security code that comes with each card. Bloomberg, December 20, 2011

National Cyber Security - Maritime

First EU-Report on Maritime Cyber Security: ENISA has published the first EU report ever on cyber security challenges in the Maritime Sector. This principal analysis highlights essential key insights, as well as existing initiatives, as a baseline for cyber security. Finally, high-level recommendations are given for addressing these risks. The Sacramento Bee, December 19, 2011

National Cyber Security - Iowa Caucus

Iowa Republicans concerned about apparent hacker threat from Anonymous group: Taking seriously an apparent threat from a notorious collective of computer hackers, the Iowa Republican Party is boosting the security of the electronic systems it will use in two weeks to count the first votes of the 2012 presidential campaign. New York Daily News, December 19, 2011

National Cyber Security - Legislation

Capitol Hill Sees a Flurry of Cybersecurity Bills to End 2011: Although there has been plenty of news about what Congress has not done in the waning days of 2011, you can't say that there hasn't been a focus on cybersecurity. There has been a flurry of activity on Capitol Hill and within federal agencies to develop some sort of cybersecurity plan. IT BusinessEdge, December 19, 2011

Security Patches - HP Printer Firmware

HP Plugs Security Hole With LaserJet Firmware Update, Says No Record Of Printers Set Ablaze By Hackers: Remember when researchers claimed a massive security vulnerability could potentially enable hackers to remotely take over Hewlett-Packard LaserJet printers and even cause them to burst into flames? Fun times, for sure. TechCrunch, December 23, 2011's Security Recruiter Blog