HackDig : Dig high-quality web security articles for hacker

TrustedSec Security Podcast Episode 53 – DropBox, NSA Breach, Medical Professionals, Fraudulent Social Media, Win

2016-09-01 20:40

TrustedSec Security Podcast Episode 53 for September 1, 2016.  This podcast is hosted by Rick Hayes, Scott White, Justin Elze, and Geoff Walton

Visit the show notes page to download the Podcast or check us out on iTunes!
Download Page https://www.trustedsec.com/podcasts/trustedsec-security-podcast-episode-53.mp3
XML Page https://www.trustedsec.com/podcasts/trustedsecsecuritypodcast.xml

Announcements:
TrustedSec TV
https://www.youtube.com/channel/UCRkiASOIDfCDJeB9xkJoMRg

BSidesAugusta 2016
Where: Augusta, GA
When: September 10, 2016
http://www.securitybsides.com/w/page/104917204/BSidesAugusta%202016

Skydogcon
Where: Nashville, TN
When: October 21-23, 2016
https://skydogcon.blogspot.com/

SecureWVCon
Where: Charleston, WV
When: November 18-20, 2016
https://twitter.com/SecureWVCon

BSides Philly
Where: Philadelphia, PA
When: December 2-3, 2016
http://www.bsidesphilly.org/

Stories:
Source:
 http://www.tripwire.com/state-of-security/latest-security-news/dropbox-says-data-dump-of-60m-user-ids-the-real-deal/
American file hosting service Dropbox said a data dump of approximately 60 million users’ records is real.  A spokesperson for the company said the records, which include email addresses as well as hashed and salted passwords, are the same as those affected by a security incident that occurred several years ago.

In July 2012, the company discovered someone had stolen people’s usernames and passwords from other sites and had abused those credentials to access a small number of Dropbox accounts.

Source: http://www.darkreading.com/perimeter/the-secret-behind-the-nsa-breach-network-infrastructure-is-the-next-target/a/d-id/1326729
Advanced attackers are targeting organizations’ first line of defense–their firewalls—and turning them into a gateway into the network for mounting a data breach. On Aug. 13, the shady “ShadowBrokers” group published several firewall exploits as proof that they had a full trove of cyber weapons. Whether intended to drive up bids for their “Equation Group Cyber Weapons Auction” (since removed), or to threaten other nation-states, the recent disclosure raises the question: if organizations can’t trust their own firewalls, then what can they trust? Does the cache of cyber weapons exposed by ShadowBrokers signal a shift in attack methods and targets?

Source: http://www.securitymagazine.com/articles/87418
A study of medical professionals’ attitudes toward information security reveals that nurses and doctors fumble over protocols, often putting patients at risk.

The study, “Workarounds to Computer Access in Healthcare Organizations,” offers a fascinating look behind the privacy curtains at hospitals. The study, sponsored by the University of Pennsylvania, Dartmouth College and the University of Southern California, connects the dots on poor security practices and how that can lead to bad patient care.

Source: https://thesprawl.org/projects/pack/#policygen
PACK (Password Analysis and Cracking Toolkit) is a collection of utilities developed to aid in analysis of password lists in order to enhance password cracking through pattern detection of masks, rules, character-sets and other password characteristics. The toolkit generates valid input files for Hashcat family of password crackers.

Source: https://go.proofpoint.com/rs/309-RHV-619/images/Social%20Media%20Protection%20Brand%20Fraud%20Report%20v2.pdf
A new report has found that fraudulent social media profiles for brands has increased by 150% over the last year.

Proofpoint has just released its inaugural Social Media Brand Fraud report which investigates the current state of social media brand fraud to understand bad actors’ methods and how this business risk is evolving.

From April through June 2016, Proofpoint researched the prevalence and different types of fraudulent social media accounts associated with 10 top global brands (including BMW, Amazon, Chanel, Capital One, Shell, Sony, Star Bucks).

Source: http://betanews.com/2016/09/01/windows-10-share/
Earlier this week Microsoft updated its Windows Trends page to show Windows 10 now having a whopping 39 percent of the global market, with a share of 50 percent in the US and 51 percent in the UK. What made these figures so impressive/unbelievable (delete as applicable) is they showed the standings as of June.

Today, NetMarketShare releases its desktop operating system usage share figures for August and, as you might expect, they paint a very different picture.

NetMarketShare has Windows 10 on 22.99 percent, globally. That’s actually up 1.86 percentage points on July, which is interesting because at first glance it suggests stopping going free hasn’t hurt the new OS in any way. Previous growth has been around the same mark (Windows 10 gained 1.99 percentage points in July, and 1.71 percentage points in June).

Source: http://www.reuters.com/article/us-cyber-heist-swift-idUSKCN11600C
SWIFT, the global financial messaging system, on Tuesday disclosed new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February’s high-profile $81 million heist at Bangladesh Bank.

In a private letter to clients, SWIFT said that new cyber-theft attempts – some of them successful – have surfaced since June, when it last updated customers on a string of attacks discovered after the attack on the Bangladesh central bank.

“Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions,” according to a copy of the letter reviewed by Reuters. “The threat is persistent, adaptive and sophisticated – and it is here to stay.”

Source: http://www.spamfighter.com/News-20458-New-Fantom-Ransomware-Masquerades-as-Critical-Windows-Update.htm
AVG the security company just found one fresh ransomware strain it names “Fantom.” The malware pretends to be one crucial Windows update. Windows computer operators if believe the update happening will find one screen supposedly loading the update. However, the real thing occurring is that all files and documents of the PC-operator are getting encrypted.

Fantom’s existence is from a project called EDA2 ransomware that’s of open-source kind, while for unlocking the encrypted files the only resort is the culprit himself. True for an experienced computer-user, he may recognize the ransomware trying to do a malicious act, but for someone less experienced it is simple how the ruse trips him.

Source: http://news.softpedia.com/news/ddos-attacks-during-rio-olympics-peaked-at-540-gbps-507822.shtml

Anonymous promised DDoS attacks during the Rio Olympics, and the hacktivists delivered like never before, according to telemetry data from Arbor Networks.

The network security vendor says that, during the two-week event, DDoS attacks were at an all-time high average value, with daily attacks of over 500 Gbps and an incident that peaked at a whopping 540 Gbps. This was not far from the record for a DDoS attack, which is 579 Gbps, detected by the same Arbor Networks in the month of June.

The spike in DDoS activity can be seen better by the graphic embedded at the end of this article. DDoS attacks were very small and far between, but when the Rio Olympics started, there was a visible and brutal activity spike.

Source: https://www.grahamcluley.com/2016/09/signed-sealed-delivered-malware-spread-signed-transmission-app
Researchers have caught malware being spread through a signed version of Transmission, the popular OS X BitTorrent client.

A team of malware analysts notified Transmission after the malicious file was discovered on the Transmission application’s official website. Transmission promptly removed the file. Even so, it’s unclear when the malware, which goes by the name OSX/Keydnap, first made it onto the site.

Source: http://www.darkreading.com/iot/ftc-warns-travelers-about-cybersecurity-risks-of-rental-cars/d/d-id/1326787
Driving a rental car this summer? Your personal information may be at risk, warns the Federal Trade Commission (FTC).  The FTC yesterday released an alert warning car rental customers to safeguard their personal data when using vehicles that include network connectivity. Drivers may be unknowingly making their data vulnerable, as cars continue to store information after they are returned.  Many connected cars are equipped with infotainment systems that work with a driver’s personal devices so he or she can navigate, stream music, and use hands-free calling and texting from behind the wheel.

Source: https://www.riskbasedsecurity.com/2016/08/data-breaches-lead-to-over-1-billion-records-exposed-in-the-first-half-of-2016/
Risk Based Security and RPS Executive Lines are pleased to announce the release of the latest installment of the Data Breach QuickView Report. The MidYear 2016 Report shows that, while the number of data breaches for the year is down approximately 17% compared to the same time last year, the number of records compromised is off the charts, with over 1.1 billion – yes billion – records exposed in the first six months of 2016. With another 6 months still to go, this year is already the worst year on record for the amount of sensitive information compromised.

Source: http://news.softpedia.com/news/dresscode-android-malware-discovered-on-official-google-play-store-507829.shtml
A new Android malware family called DressCode can be used as a proxy to relay attacks inside corporate networks and steal information from servers previously considered secure.

The malware’s name comes from the countless dress-up games in which DressCode’s authors have hidden their malicious code.

Check Point, the security firm that discovered this threat, says it identified over 40 apps on the Google Play store infected with malware, and over 400 similar apps distributed via unofficial third-party stores.

Source: http://www.scmagazine.com/millions-of-iot-devices-enlisted-into-ddos-bots-with-bashlite-malware/article/519741/
A family of malware targeting Internet of Things (IoT) devices to create distributed denial of service (DDoS) botnets has been detected by Level 3 Threat Research Labs working with Flashpoint.

The malware has a number of names – Lizkebab, Bashlite, Torlus, gafgyt – and its impact is far-ranging, according to the report.

Source: http://www.securitymagazine.com/articles/87382-how-continous-is-continous-monitoring
To quote Shakespeare, “What’s in a name?”   Take the word continuous. By any other name, it would seem to mean uninterrupted or constant. Yet, the National Institute of Standards and Technology defines continuous as potentially far less rigorous, requiring only that information systems and assets be monitored at “discrete intervals.” Given this mandate, the question for practitioners is whether discrete interval monitoring is enough.

Source: http://chronicle.augusta.com/news/business/2016-08-25/apple-sends-update-after-iphone-spyware-targets-activist
The suspicious text message that appeared on Ahmed Mansoor’s iPhone promised to reveal details about torture in the United Arab Emirates’ prisons. All he had to do was click the link.

Mansoor, a human rights activist, didn’t take the bait. Instead, he reported it to Citizen Lab, an internet watchdog, setting off a chain reaction that in two weeks exposed an Israeli cyberespionage firm and defanged a powerful new piece of eavesdropping software.

Hidden behind the link was a highly targeted form of spyware crafted to take advantage of three previously undisclosed weaknesses in Ap­ple’s mobile operating system.

Source: https://thehackerblog.com/breaching-a-ca-blind-cross-site-scripting-bxss-in-the-geotrust-ssl-operations-panel-using-xss-hunter/

The post TrustedSec Security Podcast Episode 53 – DropBox, NSA Breach, Medical Professionals, Fraudulent Social Media, Windows 10, SWIFT, EDA2, Rio DDoS, Transmission, Rental Cars, 1Billion, DressCode, IoT DDoS, Apple Update appeared first on TrustedSec - Information Security.


Source: /seton-wohs-35-edosipe-pst/6102-rebmetpes/moc.cesdetsurt.www

Read:2733 | Comments:0 | Tags:September 2016 DDOS

“TrustedSec Security Podcast Episode 53 – DropBox, NSA Breach, Medical Professionals, Fraudulent Social Media, Win”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud