Monday, December 17, 2012

Cyber Security News for the Week of December 17, 2012

From our friends at Citadel Information Group

Cyber Crime

Hackers Steal Data from Pentagon, NASA, Federal Reserve: Members of the Anonymous-affiliated Team GhostShell hacking collective have published what they claim is stolen information for 1.6 million accounts linked to government agencies, including the Pentagon, NASA and the Federal Reserve. December 13, 2012

Cyber Underworld

Hackers attempt to attack rival hacking group: Inj3ct0r Team are claiming to have hacked one of its rivals, ExploitHub. ZDNet, December 13, 2012

A Closer Look at Two Bigtime Botmasters: Over the past 18 months, I've published a series of posts that provide clues about the possible real-life identities of the men responsible for building some of the largest and most disruptive spam botnets on the planet. I've since done a bit more digging into the backgrounds of the individuals thought to be responsible for the Rustock and Waledac spam botnets, which has produced some additional fascinating and corroborating details about these two characters. KrebsOnSecurity, December 11, 2012

Cyber Warning

LogMeIn, DocuSign Investigate Breach Claims: Customers of remote PC administration service and electronic signature provider are complaining of a possible breach of customer information after receiving malware-laced emails to accounts they registered exclusively for use with those companies. Both companies say they are investigating the incidents, but so far have found no evidence of a security breach. KrebsOnSecurity, December 14, 2012

 New Findings Lend Credence to Project Blitzkrieg: "Project Blitzkrieg," a brazen Underweb plan for hiring 100 botmasters to fuel a blaze of ebanking heists against 30 U.S. financial institutions in the Spring of 2013, was met with skepticism from some in the security community after news of the scheme came to light in October. Many assumed it was a law enforcement sting, or merely the ramblings of a wannabe criminal mastermind. But new research suggests the crooks who hatched the plan were serious and have painstakingly built up a formidable crime machine in preparation for the project. KrebsOnSecurity, December 12, 2012

New Mac Malware Scams Users Into Signing Up For Cellphone Charges: Time for Apple users to heed a lesson Windows users have long learned the hard way: Don't hand out your cell phone number to untrusted applications downloaded from the Web. Forbes, December 12, 2012

 'Dexter' Directly Attacks Point-of-Sale Systems: Attackers employ custom malware rather than physical skimmers to steal payment card information from PoS systems in 40 countries. DarkReading, December 11, 2012

Cyber Threat

Upclicker Trojan Evades Sandbox Detection by Hiding in a Mouse Click: Finding keen new ways to avoid detection by security systems, malware scanners in particular, seems to be a primary objective for malware writers. ThreatPost, December 14, 2012

Identity Theft - HIPAA

Beware and Protect Against Medical Identity Theft, a Growing Trend: Thieves are using stolen insurance cards to buy prescription drugs, have elective surgeries and submit false insurance claims. The Hillsborough County Consumer Protection Agency offers both a warning and tips for protection. BrandonPatch, December 12, 2012


Hacker Group Touts 1.6 Million Password Dump To Protest UN Internet Regulation: The controversy around a United Nations body's potential regulation of the Internet have already been opposed in a U.S. Congressional resolution, a million-signature petition from Google, and by one of the Internet's most famous creators. Now a group of hackers has registered their protest in the form they know best: Stealing and dumping millions of seemingly random usernames and passwords onto the Web. Forbes, December 10, 2012

Cyber Security Management

The Trouble With Security Metrics: Security practitioner Doug Landoll is passionate about risk assessments and security measurements. Author of The Security Risk Assessment Handbook and CEO of Assero Security, a risk consultancy for SMBs, Landoll believes the industry engages in far too many theatrical risk assessments for the sake of audits. These assessments never return solid measurements of risk because the collection methods are faulty, he says. As organizations seek to meet risks head on, they need better visibility into which security initiatives work, which don't, and which need improvement. Done right, security metrics can help provide the estimates to plan out effective strategies. Dark Reading recently caught up with Landoll to talk about his thoughts on how organizations can improve their collection methods to create security metrics that mean something. DarkReading, December 13, 2012

Kansas audit questions state's computer security: TOPEKA, Kan. (AP) - Kansas doesn't do enough to secure computer systems used by its state government, making confidential information vulnerable to hackers, a legislative audit said Thursday. Auditors said their review of practices, computer systems and employee training at nine state agencies showed significant security weaknesses. Their report, presented to legislators, said none of the agencies had done a comprehensive assessment of computer security risks, and auditors were able to crack a significant number of employee passwords at six of them. The Wichita Eagle, December 13, 2012

What Are You Missing When it Comes to Enterprise Security Testing?: For all the advances in enterprise networking over the years there's been one big step backward: security testing. Relatively few enterprises today conduct regular security tests in-house, relying instead on occasional tests by outside consultants or, more dangerously, just taking vendor claims at face value. CIO, December 12, 2012

Cyber Update

Apple Patches Nine Vulnerabilities in QuickTime 7.7.3 Update: Apple shipped fixes for nine vulnerabilities in its QuickTime multimedia platform. The QuickTime 7.7.3 update resolves bugs for Windows 7, Vista, and XP service pack 2 and later. ThreatPost, December 13, 2012

 Apple Addresses New SMS Trojan in Malware Lists: Apple has made updates to its malware definitions to address yesterday's news of a new OS X Trojan, SMSSend.3666, that was disguising itself as legitimate software and confounding Russian users. ThreatPost, December 13, 2012

Critical Vulnerability Fixed in Chrome 23: It's Patch Tuesday, and not just for Microsoft and Adobe. Google also patched a number of security vulnerabilities in its Chrome browser today, including one critical flaw and three high-severity ones. ThreatPost, December 11, 2012

 Critical Updates for Flash Player, Microsoft Windows: Adobe and Microsoft have each released security updates to fix critical security flaws in their software. Microsoft issued seven update bundles to fix at least 10 vulnerabilities in Windows and other software. Separately, Adobe pushed out a fix for its Flash Player and AIR software that address at least three critical vulnerabilities in these programs. KrebsOnSecurity, December 11, 2012

Cyber Survey

Top Mobile Vulnerabilities And Exploits Of 2012: While many security prognosticators had tried to predict previous years as the "year of mobile exploits," 2012 was one of the first that actually seemed to live up to expectations. Security researchers found new vulnerabilities, developed new proof-of-concepts, and found exploits in the wild, too. Here are some of the year's highlights. DarkReading, December 12, 2012

Cyber Research

Army researchers seek secure quantum communications: Scientists at the U.S. Army Research Laboratory are pioneering data teleportation - for the real world. November 30, 2012

Cyber Sunshine

Facebook helps FBI bust cyber crime ring: SAN FRANCISCO - The Federal Bureau of Investigation has busted an international cyber crime ring that infected 11 million computers around the world and resulted in more than $850 million in losses. LA Times, December 13, 2012

Feds Convict Stock Scammers, Overlook Spammers: On Wednesday, the U.S. Justice Department announced that it had obtained convictions against a cybercrime gang that committed securities fraud through the use of botnets and spam. Oddly enough, none of the botmasters or spammers who assisted in the scheme were brought to justice or identified beyond their hacker handles. This blog post may change that. KrebsOnSecurity, December 13, 2012

 Facebook Helps FBI Smash 11-Million-Machine 'Butterfly' Botnet: In Facebook's continuing battle to keep cybercriminals from using its site as a handy infection mechanism, it just scored a serious coup. The FBI announced late Tuesday that it had arrested 10 suspects in a cybercriminal conspiracy that infected 11 million computers with banking fraud software and led to $850 million in losses, according to the FBI's math. Forbes, December 12, 2012

Australia's biggest ever data theft: gang busted over credit card crime: Police have smashed a Romanian organised crime gang that allegedly hacked into the computer systems of small businesses, with credit card details of 30,000 Australians used in $30 million worth of illegal transactions around the world. The Syndey Morning Herald, November 29, 2012

Securing the Village-Events Calendar

ISSA-LA December Lunch Meeting; Dec 19: Join ISSA-LA at Les Freres Taix French Restaurant for our monthly meeting. For more information and to register, click here.

Santa Monica Rotary Club; May 3, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak on cybersecurity at the weekly meeting of the Santa Monica Rotary Club. In this non-technical talk - It Takes the Village to Secure the Village SM - Dr. Stahl discusses the financial implications of cyber crime, illustrates how cyber criminals take control of a user's computer, describes the limitations of technology, summarizes emerging cyber security laws, regulations and practices, and provides practical tips to lower the risk of becoming a victim.

ISSA-LA Fifth Annual Information Security Summit; May 21, 2013: SAVE THE DATE. Join over 500 of your colleagues and peers at the Universal City Hilton. Special Keynote Speaker: Howard Schmidt, former White House CyberSecurity Coordinator.'s Security Recruiter Blog