Monday, February 10, 2014

Cyber Security News and Education for the Week of February 10, 2014

Cyber Security News of the Week, February 9, 2014

 From our friends at Citadel Information Group

Cyber Crime

Penn. vendor confirms link to Target data probe: A western Pennsylvania heating and refrigeration contractor said it was the victim of a “sophisticated cyber attack operation” that is being investigated by the Secret Service and possibly linked to the data breach that enabled hackers to access millions of credit card numbers belonging to Target store customers. MPR News, February 7, 2014
Target Hackers Broke in Via HVAC Company: Last week, Target told reporters at The Wall Street Journal and Reuters that the initial intrusion into its systems was traced back to network credentials that were stolen from a third party vendor. Sources now tell KrebsOnSecurity that the vendor in question was a refrigeration, heating and air conditioning subcontractor that has worked at a number of locations at Target and other top retailers. KrebsOnSecurity, February 5, 2014
Heat System Called Door to Target for Hackers: SAN FRANCISCO — Investigators say they believe they have identified the entry point through which hackers got into Target’s systems, zeroing in on the remote access granted through the retailer’s computerized heating and cooling software, according to two people briefed on the inquiry. The New York Times, February 5, 2014
These Guys Battled BlackPOS at a Retailer: Ever since news broke that thieves stole more than 40 million debit and credit card accounts from Target using a strain of Point-Of-Sale malware known as BlackPOS, much speculation has swirled around unanswered questions, such as how this malware was introduced into the network, and what mechanisms were used to infect thousands of Target’s cash registers. KrebsOnSecurity, February 4, 2014
Hackers access 800,000 Orange customers’ data: Orange customers in France could see a spike in phishing attempts after hackers nabbed hundreds of thousands of customers’ unencrypted personal data in an attack on the operator’s website. ZDNet, February 3, 2014
Hotel Franchise Firm White Lodging Investigates Breach: White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin appears to have suffered a data breach that exposed credit and debit card information on thousands of guests throughout much of 2013, KrebsOnSecurity has learned. KrebsOnSecurity, January 31, 2014

Cyber Attack

Thousands of visitors the the NHS Choices site bombarded with malware after a coding error let a Czech hacker in by the back door: Thousands of patients trying to access health advice on the NHS Choices website were bombarded with adverts and malware – potentially stealing personal information from their computers – due to a coding error yesterday. The Independent, February 3, 2014

Cyber Privacy

N.S.A. Program Gathers Data on a Third of Nation’s Calls, Officials Say: WASHINGTON — The National Security Agency’s once-secret program that is collecting bulk records of Americans’ domestic phone calls is taking in a relatively small portion of the total volume of such calls each day, officials familiar with the program said on Friday. The New York Times, February 7, 2014

Identity Theft

The Rise Of Medical Identity Theft In Healthcare: If modern technology has ushered in a plague of identity theft, one particular strain of the disease has emerged as most virulent: medical identity theft. Kaiser Health News, February 7, 2014
Target Vows to Speed Anti-Fraud Technology: WASHINGTON — A top executive of Target told a Senate committee on Tuesday that the company was accelerating plans to adopt a technology widely used in Europe but rare in the United States that reduces potential for credit card fraud, and lawmakers from both parties called on other businesses to do the same. The New York Times, February 4, 2014
File Your Taxes Before the Fraudsters Do: Jan. 31 marked the start of the 2014 tax filing season, and if you haven’t yet started working on your returns, here’s another reason to get motivated: Tax fraudsters and identity thieves may very well beat you to it. KrebsOnSecurity, February 3, 2014

Cyber Warning

Susan Tompor: Did your cell phone ring just once? Do not call back: If you see a missed cell phone call from an unknown number and call them back, hold on to your wallet before you get taken by yet another scam. Detroit Free Press, February 6, 2014
Hackers use a trick to deliver Zeus banking malware: Hackers found a new way to slip past security software and deliver Zeus, a long-known malicious software program that steals online banking details. PC World, February 3, 2014
Malicious Java app infects Mac, Linux systems with DDoS bot: Criminals are once again using Java’s cross-platform design to add Linux and Mac users to their usual Windows target list, Kaspersky Labs researchers have discovered. PC World, February 1, 2014

Cyber Security Management

How to use Syrian Electronic Army attacks to improve security awareness: Recently, the authors have been called in to help companies handle attacks from the Syrian Electronic Army (SEA). Our first priority is to help contain the damage, figure out which accounts have been compromised that have not been used yet to cause damage, and clean things up. CSO, February 3, 2014

Cyber Security Management – Cyber Defense

Microsoft Takes to the Front Lines in the War on Cybercrime: The global cost of cybercrime in 2013 was estimated by McAfee to be upwards of $300 billion. One in five small businesses have now been on the receiving end of an attack and every day one million more individuals become victims of cyber-criminal activity. The internet is under attack, and we are the targets. Entrepreneur, February 6, 2014

Cyber Security Management – Cyber Update

Adobe Pushes Fix for Flash Zero-Day Attack: Adobe Systems Inc. is urging users of its Flash Player software to upgrade to a newer version released today. The company warns that an exploit targeting a previously unknown and critical Flash security vulnerability exists in the wild, and that this flaw allows attackers to take complete control over affected systems. KrebsOnSecurity, February 4, 2014

National Cyber Security

Snowden Used Low-Cost Tool to Best N.S.A.:WASHINGTON — Intelligence officials investigating how Edward J. Snowden gained access to roughly a huge trove of the country’s most highly classified documents say they have determined that he used inexpensive and widely available software to “scrape” the National Security Agency’s networks, and kept at it even after he was briefly challenged by agency officials. The New York Times, February 8, 2014
Senate cybersecurity report finds agencies often fail to take basic preventive measures: The message broadcast in several states last winter was equal parts alarming and absurd: “Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. . . . Do not attempt to approach or apprehend these bodies, as they are considered extremely dangerous.” The Washington Post, February 3, 2014

Cyber Misc

CYBER EXPERT: The Story Of A Reporter Getting Hacked In Sochi Is Completely False: On Wednesday, NBC News’ reporter Richard Engel gave a jarring report of just how bad the problem of hackers is in Sochi, reporting that his phone was hijacked “before we even finished our coffee.” Business Insider, February 6, 2014

Cyber Calendar

“Lunch Meeting – It Takes the Village to Secure the Village”: Dr. Stan Stahl, President of the Los Angeles Chapter of the Information Systems Security Association and President of Citadel Information Group presents. SOCALAFP, Event Date: February 14, 2014
ISSA-LA February Lunch Meeting: In March 2013, attackers launched an attack against Spamhaus that topped 300Gbps. Spamhaus gave us permission to talk about the details of the attack. While CloudFlare was able to fend off the attack, it exposed some vulnerabilities in the Internet’s infrastructure that attackers will inevitably exploit. If an Internet-crippling attack happens, this is what it will look like. And here’s what the network needs to do in order to protect itself. ISSA-LA, Event Date: February 19, 2014
Cybersecurity Essentials for Business Professionals: Please join us in this free presentation where we will discuss essential issues that every entrepreneur and business professional must know about cybersecurity laws, guidelines, and protocols. This event will be moderated and conducted by Salar Atrizadeh, Esq., principal and founder of the Law Offices of Salar Atrizadeh. Also, Stan Stahl, Ph.D., President of Citadel Information Group and ISSA-LA, Brad Maryman, and Howard Miller will serve as panelists Law Offices of Salar Atrizadeh, Event Date: February 21, 2014

share on TwitterLike Weekend Vulnerability and Patch Report, February 9, 2014 on Facebook

Weekend Vulnerability and Patch Report, February 9, 2014

Important Security Updates

Adobe Flash Player: Adobe has released updates for its Flash Player to fix an extremely critical vulnerability. Updates are available through the program or from Adobe’s Flash Web Site.
AVG Antivirus Free Edition: AVG has released version 2014.0.4335 (32-bit) of its Free Edition Antivirus. Updates are available through the program or from AVG’s website.
Dropbox: Dropbox has released version 2.6.8 for its file hosting program. Updates are available at Dropbox’s website. [See Citadel's warning below]
Google Chrome: Google has released version 32.0.1700.107 of Chrome for Windows, Mac, Linux and Chrome Frame to fix a highly critical vulnerability in previous versions. Updates are available through the program.
Microsoft Windows: Microsoft has released an update to several versions of Windows, including Windows 8.1 and Server 2012, to fix a highly critical vulnerability caused by the bundling of Adobe Flash Player within Internet Explorer. Updates are available through Windows Updates in the Control Panel.
Mozilla Firefox: Mozilla has released version 27.0 to fix at least 11 highly critical vulnerabilities in unpatched prior versions. Updates are available through the browser. Updates are also available for Thunderbird and SeaMonkey.
Opera: Opera has released version 19.0.1326.59. Updates are available from within the browser or from Opera’s website.
VLC Media Player: VLC has released version 2.1.3 (32-bit) of its Media Player. Download from the VLC website.

Current Software Versions

Adobe Flash [Windows 7: IE]
Adobe Flash [Windows 7: Firefox, Mozilla]
Adobe Flash [Windows 8: IE]
Adobe Flash [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.06
Dropbox 2.6.8 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]
Firefox 27.0
Google Chrome 32.0.1700.107
Internet Explorer 11.0.9600.16476 [Windows 7: IE]
Internet Explorer 11.0.9600.16384 [Windows 8: IE]
Java SE 7 Update 51 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.4
Safari 5.1.7 
Safari 7.0.1 [Mac OS X]

Newly Announced Unpatched Vulnerabilities

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2014 Citadel Information Group. All rights reserved.'s Security Recruiter Blog