February 5, 2012

You are here: Home / Archives for Web Security

Don’t open links pointing to suspicious third parties

April 5, 2011 By Leave a Comment

 

 

The online marketing company Epsilon was hacked, exposing thousands of its clients’ names and e-mail addresses. Now authorities are trying to make sure that no harm comes to the clientsThe online marketing company, Epsilon got hacked recently showcasing the vulnerability of the internet.

Epsilon is an internet marketing giant that had many famous companies as its clients, and now all of them have been exposed to the risk of information theft.Some of the companies which are the clients of Epsilon are Citigroup Inc, College Board, Walgreens, TiVo Inc, Capital One Financial Corp, HSN Inc, J.P. Morgan Chase, Disney and Kroger.All these companies have stepped forward to warn their customers about the Epsilon hacking, so that they are aware of any mysterious actions which may take place over the next few days.

As yet, it has not been established who hacked Epsilon, however, one thing is for sure and that is that the hacker was not an employee of the company. The information which was stolen just consisted of people’s names and their e-mail addresses and thankfully, no credit card information or social security numbers were stolen.The Epsilon hacking incident is being considered to be one of the biggest internet security breaches in the history of the United States and it shows how sensitive this data is – and how easily it can be lost.

Epsilon also manages the accounts of some students affiliated with the US-based College Board. College Board administers the SAT aptitude tests and this particular organization is in contact with more than 7 million students. The students were also contacted about Epsilon’s security breach and were asked not to open links pointing to suspicious third parties.

Law enforcement authorities have already started investigating into the matter and in this regard, Epsilon has volunteered to lend its full support. “While we are cooperating with authorities and doing a thorough investigation, we cannot say anything else,” said Epsilon spokeswoman Jessica Simon. “We can’t confirm any impacted or non-impacted clients, or provide a list of companies at this point in time.”

via Online marketer Epsilon gets hacked.

Filed Under: Web Security

Would You Have Spotted the Fraud? — Krebs on Security

August 16, 2010 By Leave a Comment

Pictured below is what’s known as a skimmer, or a device made to be affixed to the mouth of an ATM and secretly swipe credit and debit card information when bank customers slip their cards into the machines to pull out money. Skimmers have been around for years, of course, but thieves are constantly improving them, and the device pictured below is a perfect example of that evolution.This particular skimmer was found Dec. 6, 2009, attached to the front of a Citibank ATM in Woodland Hills, Calif. Would you have been able to spot this?

via Would You Have Spotted the Fraud? — Krebs on Security.

Filed Under: Web Security

‘Unhackable’ Android phone can be hacked

July 30, 2010 By Leave a Comment

LAS VEGAS — Once thought to be unhackable, the Android phone is anything but, according to researchers presenting at Black Hat 2010.

FBI details worst social networking cyber crime problems

Not only has suspect software cloaked in a wallpaper application gathered personal information from infected phones and sent it to a Web site in China, but researchers from Lookout Mobile Security have found a way to take the phones over completely – including top-of-the-line models hawked by major wireless carriers.

In one presentation, Lookout’s CEO John Herring said the Jackeey

Wallpaper app, which has been downloaded millions of times, can gather a device’s phone number, subscriber identifier, and currently programmed voicemail number.

In a separate presentation, researchers said top-of-the-line Android phones used by Sprint and Verizon can be taken over completely by attacking known flaws in the Linux operating system that underpins Android, researchers reported at Black Hat 2010. “It gives you root control, and you can do anything you want to do” with the phone, says Anthony Lineberry, a researcher for Lookout Mobile Security.

The company says Android’s reputation for security may be exaggerated. “It survived the recent pwn2own slay fest unscathed, but this does not mean it is safe by any means,” the company said in describing Lineberry’s talk.

via ‘Unhackable’ Android phone can be hacked.

Filed Under: Web Security Tagged With: , , ,

MIT Design Could Speed Up the Internet

July 28, 2010 By Leave a Comment

researchers have developed technology that they say not only will make the Internet 100 to 1,000 times faster, but also could make high-speed data access a lot cheaper.The trick to such dramatic performance gains lies within the routers that direct traffic on the Internet, according to Vincent Chan , an electrical engineering and computer science professor at MIT, who led the research team. Chan told Computerworld that replacing electrical signals inside the routers with faster optical signals would make the Internet 100 times — if not 1,000 times — faster, while also reducing the amount of energy it consumes.Savvis Symphony Dedicated and Open : Download nowWhat would the Internet be like if it ran that much faster? Today, a user who has a hard time downloading a 100MB file would be able to easily send a 10GB file, according to Chan.With increasingly powerful computer processors and bandwidth-hungry applications, the Internet will reach a “choke point” within three to five years, Chan said. Today’s routers have trouble dealing with incoming fiber-optic signals, so those signals are converted into electrical signals that can be stored in memory until they can be processed, according to MIT’s report . The electrical signals are subsequently converted back to optical signals so they can be sent back out.That process eats up time and energy, so Chan and his team developed technology they call flow switching that would eliminate the need for such conversions.

via MIT Design Could Speed Up the Internet.

Filed Under: Web Security

Mozilla yanks password-stealing Firefox add-on

July 15, 2010 By Leave a Comment

Mozilla on Tuesday warned users that a password-stealing add-on slipped into Firefox’s extension gallery more than a month ago had been downloaded nearly 2,000 times before it was detected.

The malicious “Mozilla Sniffer” add-on was yanked from Mozilla’s servers Monday, and added to the Firefox “blocklist,” a last-resort defense that uninstalls potentially-dangerous browser extensions from users’ machines.

Mozilla also notified users of a critical security vulnerability in another add-on, the popular “CoolPreviews,” which currently sits at No. 21 on the Firefox most-downloaded list, saying it had temporarily yanked that plug-in, too.

The Mozilla Sniffer add-on was submitted to the Firefox Add-ons site June 6, Mozilla announced in a blog post yesterday.

“It was discovered that this add-on contains code that intercepts login data submitted to any website, and sends this data to a remote location,” Mozilla confirmed. “Anybody who has installed this add-on should change their passwords as soon as possible.”

Mozilla pulled the Sniffer add-on July 12 after it found out about the plug-in’s extracurricular activities, then added it to the blocklist. “All current [Mozilla Sniffer] users should receive an uninstall notification within a day or so,” the company said. According to Mozilla’s count, the malicious extension had been downloaded about 1,800 times in the last five weeks, and had 334 active users when it was dumped.

Mozilla Sniffer was isolated in the experimental portion of the Add-ons site, where new add-ons are kept until they undergo a public review process. To install experimental add-ons, Firefox users must view and accept an additional warning.

The situation with CoolPreviews was different. That add-on, which is downloaded about 77,000 times each week, contained a critical bug that could have been used by hackers to hijack computers.

“The vulnerability can be triggered using a specially crafted hyperlink,” Mozilla explained. “If the user hovers the cursor over this link, the preview function executes remote JavaScript code with local chrome privileges, giving the attacking script control over the host computer.”

CoolPreviews is billed by its maker, Cooliris, as a Firefox extension that displays previews of Web pages when users pause the mouse pointer over any link.

CoolPreviews 3.01 and earlier editions included the vulnerability; Mozilla disabled the buggy versions, then posted an update from Cooliris the following day. The revised CoolPreviews, version 3.1.0625, was first offered to Firefox users June 25.

Proof-of-concept attack code that exploits CoolPreviews 3.01 and earlier had been published on a Japanese-language blog, but Mozilla said it knew of no in-the-wild exploits.

As of Tuesday, approximately 177,000 users were running a vulnerable CoolPreviews add-on, said Mozilla, which said that it would add the bug-containing editions to the blocklist “very soon.”

The Sniffer incident was not the first time Mozilla has missed a malicious add-on.

via Mozilla yanks password-stealing Firefox add-on.

Filed Under: Web Security Tagged With: , ,

New Internet browser threat sneaks by traditional defenses

July 15, 2010 By Leave a Comment

An undetectable browser exploit that bares corporate networks to attackers tops the list of the most potentially effective new attacks that have been devised by researchers seeking vulnerabilities to take advantage of, according to a study by White Hat Security.

15 secrets of next-gen browsers

The one attack deemed most serious is called DNS rebinding in which attackers turn victims’ browsers into Web proxies that do the attackers’ bidding, says Jeremiah Grossman, CTO of White Hat Security who, with the help of other experts, compiled the top 10 list of new threats as he has each year since 2006.

Cisco’s Storage Savings Success: Download now

The attack works by tricking browsers into seeking internal servers on the victim’s network under the direction of the attacker, who can order it to find and send corporate data to an outside machine, Grossman says. The browser exhibits no behavior out of the ordinary, and DNS servers are not tampered with, he says.

“It’s pretty much impossible to see. It leaves no traces,” Grossman says.

The deceit starts with the attacker setting up a Web site. When a victim tries to reach the site, the browser seeks a DNS resolution to turn the site name into an IP address. The site responds to DNS advertisements with the actual IP address of the site, but puts a very short time-to-live on the address. The victim reaches the site and the site downloads a malicious Java script to the victim’s browser.

Once installed, the script issues a second request for the IP address of the attack site, and this time the site responds with an IP address of the type typically used for internal networks, so the browser essentially connects to a server on its own network, allowing a link to the attack server.

Browsers follow the principle of same-origin, which allows machines using the same host name to connect. In this case the browser has been told that the origin host name of the two servers — the internal corporate machine and the attackers server outside — is the same, so traffic between them is allowed.

Grossman cited Stanford University researchers who spend $100 on advertising to lure users into visiting their Web site configured to carry out DNS rebinding and managed to compromise 100,000 machines.

Since the exploit is carried out in Java script there is no malware executable to discover on victim machines. DNS servers are not compromised, so defenses against pharming don’t work, he says. “DNS rebinding is really bad,” Grossman says.

Read more about security in Network World’s Security section.

via New Internet browser threat sneaks by traditional defenses.

Filed Under: Technology, Web Security

Cisco Linksys among “millions” of hackable routers

July 15, 2010 By Leave a Comment

Ever want to hack into millions of routers? Or try to stop someone from doing so?

Perhaps a discussion at the upcoming Black Hat conference in Las Vegas will help you in either or both goals. And its title, “How to Hack Millions of Routers,” cuts right to the chase too.

The talk will be given by Craig Heffner, a senior security engineer for Seismic LLC, a Maryland-based provider of cybersecurity products to the U.S. Defense Department and intelligence agencies. In it, Heffner will apparently reveal how to exploit a vast amount of consumer routers through DNS rebinding, an existing technique in which attackers turn victims’ browsers into Web proxies that do the attackers’ bidding.

DNS rebinding tricks browsers into seeking internal servers on the victim’s network under the direction of the attacker, who can order it to find and send corporate data to an outside machine while evading detection by the user and not tampering with DNS servers. Heffner’s talk will describe how this can be used to access the router’s internal-facing administrative interface without requiring prior knowledge of the target router or its configuration settings; and circumventing existing DNS rebinding safeguards.

Heffner will even demonstrate a tool that automates the attack and allows the attacker to browse the interface of the target router in real-time, enabling vulnerability exploitation or log in through default credentials.

Cisco Linksys routers are vulnerable to the hack, as are those under the ActionTec, Asus, Belkin, Dell and Thompson brand names. ActionTec routers are CPE in Verizon’s FiOS service and Heffner’s talk will include a live demo on how to infilitrate a FiOS router using the rebinding hack.

via Cisco Linksys among “millions” of hackable routers | NetworkWorld.com Community.

Filed Under: Technology, Web Security Tagged With:
Dedicated Server - Powered by SEO Manipulator