Domain: trustwave.com
Stories and comments across the archive that link to trustwave.com.
Comments · 7
-
If only someone had told them....
... that shipping with bad default security settings and/or allowing bad security settings was going to cause an issue: https://www.trustwave.com/Reso...
-
Better writeup
If we're doing aggregator writeups it's been done better by someone who actually found the original Trustwave alert.
-
Re:Surprised me
"I thought it would be an overflow problem."
From the advisory:
The "My Satis" Android application has a hard-coded Bluetooth PIN of "0000" as can be seen in the following line of decompiled code from the application:
BluetoothDevice localBluetoothDevice =
BluetoothManager.getInstance().execPairing(paramString, "0000")As such, any person using the "My Satis" application can control any Satis toilet. An attacker could simply download the "My Satis" application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner.
-
Re:Coverup
PS: The same company they used for the "wargame" also offers compliance auditting.
My guess is Trustwave(claimed to have done the pentest on the 10th) is also facebook's PCI compliance auditor(for their game microtransactions) , and they rubber stamp:
https://www.trustwave.com/pci-dss-compliance.php
https://www.trustwave.com/sas.php
https://www.trustwave.com/sox.php
-ShadowHatesYou -
Re:Coverup
PS: The same company they used for the "wargame" also offers compliance auditting.
My guess is Trustwave(claimed to have done the pentest on the 10th) is also facebook's PCI compliance auditor(for their game microtransactions) , and they rubber stamp:
https://www.trustwave.com/pci-dss-compliance.php
https://www.trustwave.com/sas.php
https://www.trustwave.com/sox.php
-ShadowHatesYou -
Re:Coverup
PS: The same company they used for the "wargame" also offers compliance auditting.
My guess is Trustwave(claimed to have done the pentest on the 10th) is also facebook's PCI compliance auditor(for their game microtransactions) , and they rubber stamp:
https://www.trustwave.com/pci-dss-compliance.php
https://www.trustwave.com/sas.php
https://www.trustwave.com/sox.php
-ShadowHatesYou -
Here's an example break-in.
Here's a typical break-in, at University of Oakland.. This has a good search position in Google for "64 bit Windows". This leads to a software-for-sale page with phony seals of approval from Microsoft, Verisign, etc. That's hosted at Starnet, in Moldovia. The payment site for the sales site is "payment8ltd.net", also hosted on Starnet in Moldovia. They're selling pirated copies of brand-name software at roughly half retail price.
That site has a TrustWave seal, which pops up a popup for Paym8, a real payment processor in Zaire. TrustWave's seal server doesn't check the referrer when displaying a seal popup, so it can be spoofed. Nor does the TrustWave seal even give the domains to which it applies. Verisign and BBBonline check this, but not TrustWave.
It looks like the actual payment processing occurs at "https://payment8ltd.net/shop/order/process/"; that's where the order goes on "Submit". The site has one of those worthless GoDaddy "Domain control only validated" SSL certs.
Starnet presents itself as an Internet and telecom service provider, offering the usual data, voice, colocation, and hosting. Headquarters of Starnet seems to be at Vlaicu Parcalab, 63, Chisinau, Republic of Moldova. That's a property of Flexi Offices, one of those small-office rental places. Interestingly, Microsoft also has an office in that building.
There's actual Whois information for that site:
Registrant Contact: Viktor Menshikov
Viktor Menshikov (loyal@yourisp.ru)
ul.V.Urdasha d.36 kv.1
Rakovo, Respublika Tatarstan, RU 422455
P: +7.8435122221 F: +7.8435122221That location exists; it's a farm town about 500Km east of Moscow. Probably not a real address.
Searching for "yourisp.ru" brings up a large number of scam reports. The domain itself is registered but not in DNS.
Most of this recent batch of attacks seem to have similar underlying information.