Thursday, January 30, 2014
I wonder how that contract was worded?
Danny Yadron, Paul Ziobro and Charles Levinson report:
The hackers who stole 40 million credit- and debit-card numbers from Target Corp. appear to have breached the discounter’s systems by using credentials stolen from a vendor.
The finding will help to start unraveling the riddle of how the software that carried out the attack got into Target’s systems. It also underscores the risks companies face as they operate vast, interconnected business systems.
“We can confirm that the ongoing forensic investigation has indicated that the intruder stole a vendor’s credentials which were used to access our system,” Target spokeswoman Molly Snyder said.
Read more on WSJ.
(Reated) For my Ethical Hackers. Slick. Sounds like the TJMaxx breach, only smarter.
New Clues in the Target Breach
… As I noted in Jan. 15′s story – A First Look at the Target Intrusion, Malware – the attackers were able to infect Target’s point-of-sale registers with a malware strain that stole credit and debit card data. The intruders also set up a control server within Target’s internal network that served as a central repository for data hoovered up from all of the infected registers
That analysis looked at a malware component used in Target breach that was uploaded to Symantec’s ThreatExpert scanning service on Dec. 18 but which was later deleted (a local PDF copy of it is here). The ThreatExpert writeup suggests that the malware was responsible for moving stolen data from the compromised cash registers to that shared central repository...
… “Attackers exfiltrate data by creating a mount point for a remote file share and copying the data stored by the memory-scraping component to that share,” the SecureWorks paper notes.
Perspective. “It's not you father's malware.”
Redefining Malware: When Old Terms Pose New Threats
… Long ago, malware was typically created and deployed by script kiddies bent on flexing their programming muscles. That’s not to say that all malware attacks were harmless pranks; some were severe, and all of them were technically illegal. But they generally weren’t devastating, and enterprises found that setting up perimeter security (e.g. signature-based antivirus products, firewalls, secure web gateways, and so on) was enough to keep malware from infecting their network and causing major damage. But that was then.
Now, just as the business world is in many ways unrecognizably different compared to years ago, today’s malware is a completely different and qualitatively more dangerous threat to enterprises for three core reasons:
1. New Threat Actors: As the technology to create and deploy malware has entered the mainstream, rebellious script kiddies have given way to sophisticated adversaries, hacktivists and nation states intent on fulfilling their illicit economic, social or political agendas. As such, instead of merely damaging machines, today’s threat actors are using malware to gain access and control corporate networks, as well as steal an enterprise’s intellectual property (IP) and other private data.
2. New Attack Approaches: In the past, malware attacks were typically quick, broad and indiscriminate. Now, they’re precise, targeted and unfold in multiple stages that include an initial probe of a victim’s network security system to identify vulnerabilities, and render perimeter security systems defenseless and ineffectual. In fact, it’s not unusual these days for some malware to do nothing except invade a network for the purposes of “opening a door” for future attacks that will occur much later.
3. New Masking Tactics: There was a time when one of the main objectives of a malware attack was to make as much noise as possible. Now the opposite is true, and today’s advanced malware is unnervingly capable of silently persisting on a network for weeks, months or even years without making a sound and setting off perimeter security alarm bells. What’s more, if today’s adversaries find that their attack is too noisy for their liking, they can outright destroy machines to cover their tracks (which is what happened in the Shamoon malware campaign), or they can deploy polymorphic malware that keeps changing to avoid detection by traditional security products.
(Related) “What's in your network?” (Worth reading)
Preparing for the Inevitable Data Breach: Discussion
Companies need to start thinking of themselves as stewards of consumer data and be proactive about data protection, a panel of experts said this week at a town hall event in honor of Data Privacy Day.
Businesses need to understand they will experience a breach incident and plan accordingly how they would protect the data, said Craig Spiezle, executive director and founder of Online Trust Alliance (OTA). If they don't, "they're really not meeting their obligations to their customers or their stockholders," Spiezle said.
I'm hoovering up a lot of stuff from Data Privacy Day activities.
The Future of Privacy Forum and Stanford Law School Center for Internet & Society have released a collection of papers (pdf) on Big Data and Privacy.
For my Ethical Hackers. Being expert means you never show up on this kind of infographic (or on those wanted posters in the post office)
The 9 Master Hackers Of The World (That We Know Of)
Very handy! Try it! Perhaps my nephew can feed his “music addiction” for free? Also works for podcasts.
Your Favorite Song Is Playing Somewhere. Find It With RadioSearchEngine
… Radio Search Engine regularly indexes online radio stations, allowing you to search for a specific song playing…somewhere. You can then listen to the song (usually halfway through), then continue to listen to whatever station you stumble upon. You might find yourself listening to a Japanese top-forty station, but that’s half the fun.
… radio stations long ago added live web streams of their programming to the web.
… RadioSearchEngine takes advantage of this fact, as well as the song metadata these stations offer, to make it possible to hear any top-40 song instantly. Head to the site and you’ll see our local stations, to the right of a list of current top songs:
Click any of the song and you’ll be taken to a random station playing it. This will usually occur partway through a song, and occasionally occur after it’s played.
… Search for any song or artist and you’ll be shown a number of stations playing them (as seen above). Click to start listening. The service claims around 40,000 songs are playing at any given time, so you won’t find everything you’re looking for.
… If you’re not sold on the whole “search” idea, but would like to explore online radio some more, I’d recommend checking out TuneIn. It lets you tune into 50,000 stations worldwide, and offers an easy user interface for the job.