Monday, March 10, 2014

Cyber Security News, Education and Vulnerability Patch Report for the Week of March 10, 2014

Cyber Security News of the Week

 From our friends at Citadel Information Group

Cyber Crime

Personal data on L.A. County medical patients stolen from contractor: As many as 168,500 patients of Los Angeles County medical facilities may have had their data stolen in a break-in at a county contractor’s office last month, county officials said Thursday. The Los Angeles Times, March 6, 2014
Sally Beauty Hit By Credit Card Breach: Nationwide beauty products chain Sally Beauty appears to be the latest victim of a breach targeting their payment systems in stores, according to both sources in the banking industry and new raw data from underground cybercrime shops that traffic in stolen credit and debit cards. KrebsOnSecurity, March 5, 2014
Thieves Jam Up Smucker’s, Card Processor: Jam and jelly maker Smucker’s last week shuttered its online store, notifying visitors that the site was being retooled because of a security breach that jeopardized customers’ credit card data. Closer examination of the attack suggests that the company was but one of several dozen firms — including at least one credit card processor — hacked last year by the same criminal gang that infiltrated some of the world’s biggest data brokers. KrebsOnSecurity, March 4, 2014
Cybercrime hits financial firms hardest: survey: (Reuters) – Cybercrime is the second most common type of fraud reported by financial firms, more than double the level across other industries, as criminals turn increasingly to technology as their main weapon against banks, a survey showed. Reuters, March 3, 2014
Detroit Reveals Malware Targeted City Employees: Detroit revealed details of a recent computer security breach Monday that affected files containing personal information for a large number of city employees. CBS Detroit, March 3, 2014
Breach Blind Spot Puts Retailers on Defensive: In response to rumors in the financial industry that Sears may be the latest retailer hit by hackers, the company said today it has no indications that it has been breached. Although the Sears investigation is ongoing, experts say there is a good chance the identification of Sears as a victim is a false alarm caused by a common weaknesses in banks’ anti-fraud systems that becomes apparent mainly in the wake of massive breaches like the one at Target late last year. KrebsOnSecurity, February 28, 2014

Cyber Attack fights off hackers, refuses to pay $300 ransom: TORONTO (Reuters) – Social networking website is fighting a sustained battle against cyber-criminals who are demanding $300 to call off an attack that has kept the site offline for much of the past four days. Chicago Tribune, March 3, 2014

Identity Theft

After Debit Card Fraud, a Chicago Bank Feels Its Customers’ Frustration: People should no longer use debit or credit cards in Chicago taxicabs. Bank of America should shut off the card-swiping terminals in the back of those cabs. And MasterCard ought to learn to share more information with its customers. The New York Times, March 7, 2014
Illinois Bank: Use Cash for Chicago Taxis: First American Bank in Illinois is urging residents and tourists alike to avoid paying for cab rides in Chicago with credit or debit cards, warning that an ongoing data breach seems to be connected with card processing systems used by a large number of taxis in the Windy City. KrebsOnSecurity, March 3, 2014

Financial Fraud

BMO customer’s account emptied of $87K as bank falls for scam: The Bank of Montreal has reimbursed one of its customers following a CBC Go Public story about how the bank wired $87,555 of his inheritance money into the hands of a scammer. CBC, March 3, 2014

Cyber Warning

95% of bank ATMs face end of security support: Banks everywhere are in a race against time to upgrade their ATMs before they become hot targets for hackers. CNN, March 4, 2014
INDIAN HACKERS POSE AS NETFLIX TECH SUPPORT, AIM TO STEAL FILES, IDENTITY: Malwarebytes, an Internet security firm and developer of anti-malware software, told a story about an attempt on the part of some hackers based in India to pose as Netflix tech support in an effort to steal the poster’s data and identity. Malwarebytes detailed the incident via an official blog post. DigitalTrends, March 3, 2014
Hackers hijack 300,000-plus wireless routers, make malicious changes: Researchers said they have uncovered yet another mass compromise of home and small-office wireless routers, this one being used to make malicious configuration changes to more than 300,000 devices made by D-Link, Micronet, Tenda, TP-Link, and others. ars technica, March 3, 2014
FireEye names malware’s favorite targets, sources: Malware activity has become so pervasive globally that attack servers communicating with Malware are now hosted in 206 countries and territories. PC World, March 2, 2014
Mobile Malware Evolution: Three Infection Attempts Per User In 2013: Nearly 145,000 new malicious programs for mobile devices were detected in 2013. DarkReading, February 28, 2014
New Scam Tricks Caller ID to Show Real Tech Support Phone Numbers: Tech bloggers are warning about a scam that tricks a phone’s caller ID to display a real Verizon Wireless tech support number, duping people into providing personal information to fraudsters. Yahoo News, February 28, 2014

Cyber Security Management

Target CIO resigns following breach: The retailer announces the resignation after data breaches affecting up to 110 million people. CSO, March 5, 2014
Top Tech Internships Pay Big Bucks: How much were you paid when you were an intern? If your college internships were anything like mine, you were paid in experience, not dollars. Enterprise Efficiency, March 3, 2014
Daily Report: Lax Data Security a Problem for Many Start-Ups: While signing up users and raising money are big priorities for young technology companies, data security is often much further down the to-do list, Jenna Wortham and Nicole Perlroth report. The New York Times, March 3, 2014

Cyber Security Management – Cyber Update

CISCO PATCHES AUTHENTICATION FLAW IN WIRELESS ROUTERS: There’s a serious security flaw in some of Cisco’s wireless routers that could allow a remote attacker to take complete control of the router. The bug is in a number of the Cisco small business routers, as well as a wireless VPN firewall. ThreatPost, March 6, 2014
Users Refuse to Chuck XP As Windows 8 Uptake Flattens: For the second month in a row, Windows XP and Windows 8 defied their maker’s wishes, as XP, which Microsoft just wants to go away, gained user share, and Windows 8, the OS Microsoft hopes will fuel sales of new devices, flatlined in February, an analytics firm reported. CIO, March 3, 2014


Cybersecurity Expert Richard A. Clarke and LA County District Attorney Jackie Lacey to Speak at ISSA-LA Sixth Annual Information Security Summit on Cybercrime: Former White House cybersecurity czar Richard A. Clarke and Los Angeles County District Attorney Jackie Lacey are among a roster of prominent speakers at the Los Angeles Chapter of the Information Systems Security Association (ISSA-LA) Sixth Annual Information Security Summit on May 16, 2014 at Hilton Universal City Hotel in Los Angeles. The theme of the Summit—The Growing Cyber Threat: Protect Your Business—reflects the reality that cybercrime impacts the financial health of all our organizations: businesses, not-for-profits, government agencies, schools and others. PRWeb, March 5, 2014

National Cyber Security

N.S.A. Director Says Snowden Leaks Hamper Efforts Against Cyberattacks: WASHINGTON — Gen. Keith B. Alexander, the director of the National Security Agency, said Tuesday that the leaks by the former agency contractor Edward J. Snowden had slowed the effort to protect the country against cyberattacks on Wall Street and other civilian targets. The New York Times, March 4, 2014

Cyber Law

California Court Rules it is Okay for Drivers to Check Mobile Maps: IDG News Service (Bangalore Bureau) — An appeals court in California ruled that it is legal for a person to hold his phone to look at a map application while driving, though he is prohibited from “listening and talking” on the phone unless it is used in a hands-free mode. CIO, February 28, 2014

Cyber Misc

Nearly 150 Breeds Of Bitcoin-Stealing Malware In The Wild, Researchers Say: With a potentially massive hack of the Mt. Gox exchange still unfolding, it’s no secret that cybercriminals see a gold mine in cryptocurrencies. But a new study by security researchers shows just how quickly the cottage industry in Bitcoin theft is evolving: Nearly 150 types of malware are actively stealing bitcoins, more than a hundred of which were created in just the last year. Forbes, February 26, 2014

Cyber Calander

Business and Personal Guide to Staying Safe in Cyber-Space: Join me, Toni Patillo, along with Dr. Stan Stahl, president of the Information Systems Security Association, Los Angeles Chapter, as he speak about cyber security – arguably the greatest challenges of the Internet age. Lunch N Learn, Event Date: March 12, 2014
ISSA-LA Sixth Annual Information Security Summit, May 16, Universal City Hilton. Speakers include Richard Clarke, former Assistant to the President; Jackie Lacey, Los Angeles County District Attorney; Roland Cloutier, CSO of ADP. For more information and to register, visit ISSA-LA.

share on TwitterLike Weekend Vulnerability and Patch Report, March 9, 2014 on Facebook

Weekend Vulnerability and Patch Report, March 9, 2014

Important Security Updates

D-Link DIR-100 Wired Router: D-Link has released a firmware update for its DIR-100 wired router to fix 4 vulnerabilities. Update to firmware version 4.03B13. Updates can be found on D-Link’s website.
Dropbox: Dropbox has released version 2.6.2 for its file hosting program. Updates are available at Dropbox’s website. [See Citadel's warning below]
Google Chrome: Google has released version 33.0.1750.146 of Chrome for Windows, Mac, Linux and Chrome Frame to fix 6 highly critical vulnerabilities in previous versions. Updates are available through the program.
Google Picasa: Google has released version 3.9 Build 137.114. Updates are available at the Picasa website.
Opera: Opera has released version 20.00 to fix moderately critical unpatched vulnerabilities in previous versions. Updates are available from within the browser or from Opera’s website.

Current Software Versions

Adobe Flash [Windows 7: IE]
Adobe Flash [Windows 7: Firefox, Mozilla]
Adobe Flash [Windows 8: IE]
Adobe Flash [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.06
Dropbox 2.6.2 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]
Firefox 27.0.1
Google Chrome 33.0.1750.146
Internet Explorer 11.0.9600.16518 [Windows 7: IE]
Internet Explorer 11.0.9600.16384 [Windows 8: IE]
Java SE 7 Update 51 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.5
Safari 5.1.7 
Safari 7.0.2 [Mac OS X]

Newly Announced Unpatched Vulnerabilities

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

Cisco Multiple Products: Secunia reports that Cisco has released updates for its CVR 100W Wireless-N VPN Router, RV215W Wireless-N VPN Router, RV110W Wireless-N VPN Firewall,  2000 Series Wireless LAN Controller, 2100 Series Wireless LAN Controller, 2500 Series Wireless Controller, 4400 Series Wireless LAN Controller, 5500 Series Wireless Controller, Catalyst 6500 Series Wireless Service Module (WiSM), Wireless LAN Controller (WLC 4.x, 5.x, 6.x, 7.x), and others. Apply updates.
Citrix Net Scaler / NetScaler VPX: Secunia reports that Citrix has released updates for its NetScaler and NetScaler VPX to fix at least 8 vulnerabilities. Update to version 10.1-118.7, 10.0-77.5, or 9.3-64.4.
Citrix NetScaler SDX: Secunia reports that Citrix has relased updates for its NetScaler SDX to fix an error within the Service VM Virtual Machine Daemon reported in previous versions. Update to version 10.0-77.5 or 9.3-64.4.
SonicWALL Network Security Appliance (NSA) 2400: SonicWALL has released updates for its Network Security Applicance (NSA) 2400 Series to fix a vulnerability. Update to a fixed version.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2014 Citadel Information Group. All rights reserved.'s Security Recruiter Blog