Domain: bankinfosecurity.com
Stories and comments across the archive that link to bankinfosecurity.com.
Stories · 8
-
Not Just Equifax. Rival Site Transunion Served Malware Too -- and 1,000 More Sites (arstechnica.com)
An anonymous reader quotes Ars Technica: Equifax isn't the only credit-reporting behemoth with a website redirecting visitors to fake Adobe Flash updates. A security researcher from AV provider Malwarebytes said transunioncentroamerica.com, a TransUnion site serving people in Central America, [was] also sending visitors to the fraudulent updates and other types of malicious pages... Malwarebytes security researcher Jerome Segura says he was able to repeatedly reproduce a similar chain of fraudulent redirects when he pointed his browser to the transunioncentroamerica.com site. On some occasions, the final link in the chain would push a fake Flash update. In other cases, it delivered an exploit kit that tried to infect computers with unpatched browsers or browser plugins... "This is not something users want to have," Segura told Ars...
Equifax on Thursday was quick to say that its systems were never compromised in the attacks. TransUnion said much the same thing. This is an important distinction in some respects because it means that the redirections weren't the result of attackers having access to restricted parts of either company's networks. At the same time, the incidents show that visitors to both sites remain much more vulnerable to malicious content than they should be.
Both sites hosted fireclick.js, an old script from a small web analytics company which pulls pages from sites like Akamai, SiteStats.info, and Ostats.net. "It appears that attackers have compromised the third-party library," writes BankInfoSecurity, adding that Malwarebytes estimates over a 1,000 more sites are using the same library. -
As Prosecutors Submit Evidence, WannaCry Hero's Legal Fund Returns All Donations (buzzfeed.com)
An anonymous reader quote BuzzFeed: The vast majority of money raised to pay for the legal defense of beloved British cybersecurity researcher Marcus Hutchins was donated with stolen or fake credit card numbers, and all donations, including legitimate ones, will be returned, the manager of the defense fund says. Lawyer Tor Ekeland, who managed the fund, said at least $150,000 of the money collected came from fraudulent sources, and that the prevalence of fraudulent donations effectively voided the entire fundraiser. He said he'd been able to identify only about $4,900 in legitimate donations, but that he couldn't be certain even of those. "I don't want to take the risk, so I just refunded everything," he said.
Two days later, Hutchins posted the following on Twitter. "When sellouts are talking shit about the 'infosec community' remember that someone I'd never met flew to Vegas to pay $30K cash for my bail."
Hutchins is facing up to 40 years in prison, and at first was only allowed to leave his residence for four hours each week. Thursday a judge lifted some restrictions so that Hutchins is now allowed to travel to Milwaukee, where his employer is located. According to Bloomberg, government prosecutors complain Hutchins now "has too much freedom while awaiting trial and may skip the country."
Clickthrough for a list of the evidence government prosecutors submitted to the court this week.
According to BankInfoSecurity, this is the evidence submitted by government prosecutors.- Statements made by Hutchins after he was arrested.
- A CD containing two audio recordings from a county jail in Nevada where he was apparently detained by the FBI.
- 150 pages of Jabber chats between the defendant and an individual.
- Business records from Apple, Google and Yahoo.
- Statements (350 pages) by the defendant from another internet forum, which were seized by the government in another district.
- Three to four samples of malware.
- A search warrant executed on a third party, which may contain some privileged information.
Hutchins' attorneys have requested 45-60 days to review evidence, and on October 13 both attorneys will then give the judge a proposed schedule for the actual trial.
-
Delete Or Update All Adobe Flash Player Instances, Experts Warn (threatpost.com)
An anonymous reader quotes an article from BankInfoSecurity: Security experts are once again warning enterprises to immediately update -- or delete -- all instances of the Adobe Flash Player they may have installed on any system in the wake of reports that a zero-day flaw in the web browser plug-in is being targeted by an advanced persistent threat group.... The bug exists in Adobe Flash Player 21.0.0.242 and earlier versions -- running on Windows, Mac, Linux, and Chrome OS -- and "successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system." Thursday Adobe released an updated version of Flash patching 36 separate vulnerabilities, including the critical vulnerability which "if exploited would allow malicious native-code to execute, potentially without a user being aware." While applauding Adobe's quick response, researchers at Kaspersky Lab say it's already been exploited in Russia, Nepal, South Korea, China, India, Kuwait and Romania, and BankInfoSecurity writes that "The latest warning over this campaign reinforces just how often APT attackers target Flash, thus making a potential business case for banning it for inside the enterprise." -
UAE Bank Suffers Massive Data Breach (softpedia.com)
An anonymous reader writes: Two weeks ago, Qatar's National Bank suffered a massive data breach at the hands of Turkish hackers. That data included details about Qatar's royal family and Al Jazeera reporters...
Now it appears that the same hacker group has dumped data from a UAE bank. The data appears to be the same data stolen by a hacker last year, who tried to blackmail the bank for $3 million. An analysis of the data can be found here. -
How the NSA Is Harming America's Economy
anagama writes "According to an article at Medium, 'Cisco has seen a huge drop-off in demand for its hardware in emerging markets, which the company blames on fears about the NSA using American hardware to spy on the rest of the world. ... Cisco saw orders in Brazil drop 25% and Russia drop 30%. ... Analysts had expected Cisco's business in emerging markets to increase 6%, but instead it dropped 12%, sending shares of Cisco plunging 10% in after-hours trading.' This is in addition to the harm caused to remote services that may cost $35 billion over the next three years. Then, of course, there are the ways the NSA has made ID theft easier. ID theft cost Americans $1.52 billion in 2011, to say nothing of the time wasted in solving ID theft issues — some of that figure is certainly attributable to holes the NSA helped build. The NSA, its policies, and the politicians who support the same are directly responsible for massive losses of money and jobs." -
More Gas Station Credit-Card Skimmers
coondoggie notes a Network World piece on credit-card skimmers found installed in gas pumps, this time in Florida. Like the similar wave of attacks in Utah earlier this year, the latest crop uses Bluetooth to transmit the illicitly collected data. Does this mean an accomplice has to hang around within 3m of the pump? "The Secret Service has indicated there's a crime wave throughout the Southeast involving the gas-station pump card skimmers, and it may be traced back to a single gang that may be working out of Miami... St. Johns County in Florida has also been hit by the gas-pump card skimmers. [A local sheriff's department spokesman] says criminals wanting to hide the credit-card skimmers in gas pumps have to have a key to the pump, but in some cases a single key will serve to get into many gas pumps." Here's an insight from the banking industry on the skimming fraud. -
Risk Management of Wireless Networks
An anonymous reader writes "As wireless becomes a bigger part of our networks, those of us charged with maintaining them find ourselves also responsible for keeping drive-by script kiddies with a Pringles can out. BankInfoSecurity.com is running an excellent article on identifying and mitigating risks on wireless networks. The article was written by members of the Office of the Comptroller of the Currency (OCC) for banks, but it's applicable to any network environment and clearly lays out all the key steps to protecting wireless systems." There's nothing new here, really, but it's a good overview of issues to keep in mind when building a wireless net, as well as a good security plan starting point. -
Risk Management of Wireless Networks
An anonymous reader writes "As wireless becomes a bigger part of our networks, those of us charged with maintaining them find ourselves also responsible for keeping drive-by script kiddies with a Pringles can out. BankInfoSecurity.com is running an excellent article on identifying and mitigating risks on wireless networks. The article was written by members of the Office of the Comptroller of the Currency (OCC) for banks, but it's applicable to any network environment and clearly lays out all the key steps to protecting wireless systems." There's nothing new here, really, but it's a good overview of issues to keep in mind when building a wireless net, as well as a good security plan starting point.