Sunday, July 19, 2009

How long between the breach (taking the information) and conversion (turning that information into cash)

http://www.databreaches.net/?p=6291

Heartland breach felt in Bermuda

July 18, 2009 by admin Filed under Breach Incidents, Financial Sector, ID Theft

Hundreds of Bermudians may have been the victims of credit card fraud stemming from a US security breach in January.

Many people have had their cards cancelled due to suspicious activity as criminals are using credit cards cloned from information stolen from a credit card processing company in the US.

Capital G President and CEO John Kephart said that around five to six percent of all cardholders in Bermuda have experienced some degree of fraud.

“There’s a lag period of time, and then the copied cards appear,” said Mr. Kephart. “The general consensus is that this is the wave of cards coming out of the breach in January.

Read more in The Royal Gazette.



For my “Advanced Hacking” Class. Includes some good history and background.

http://it.slashdot.org/story/09/07/18/2019228/Security-Threats-3-Levels-Beyond-Kernel-Rootkits?from=rss

Security Threats 3 Levels Beyond Kernel Rootkits

Posted by kdawson on Saturday July 18, @06:19PM from the close-to-the-machine dept. security

GhostX9 writes

"Tom's Hardware has a long interview with security expert Joanna Rutkowska (which is unfortunately split over 9 pages). Many think that kernel rootkits are the most dangerous attacks, but Joanna and her team have been studying exploits beyond Ring 0 for some years. Joanna is most well known for the BluePill virtualization attack (Ring -1) and in this interview she chats a little bit about Ring -2 and Ring -3 attacks that go beyond kernel rootkits. What's surprising is how robust the classic BluePill proof-of-concept is: 'Many people tried to prove that BluePill is "detectable" by writing various virtualization detectors (but not BluePill detectors). They simply assumed that if we detect a virtualization being used, this means that we are "under" BluePill. This assumption was made because there were no products using hardware virtualization a few years ago. Needless to say, if we followed this way of reasoning, we might similarly say that if an executable makes network connections, then it must surely be a botnet.'"

Rutkowska says that for her own security, "I don't use any A/V product on any of my machines (including all the virtual machines). I don't see how an A/V program could offer any increased security over the quite-reasonable-setup I already deployed with the help of virtualization." She runs three separate virtual machines, designated Red, Yellow, and Green, each running a separate browser and used for increasingly sensitive tasks.


(Ditto)

http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/

Clever attack exploits fully-patched Linux kernel

'NULL pointer' bug plagues even super max versions

By Dan Goodin in San Francisco Posted in Security, 17th July 2009 22:32 GMT


(Related) And we're not even able to handle the simple stuff...

http://www.databreaches.net/?p=6280

GAO report: persisting info sec weaknesses

July 18, 2009 by admin Filed under Breach Incidents, Commentaries and Analyses, Government Sector, Of Note, U.S.

From the Summary of GAO-09-546 July 17, 2009, Information Security: Agencies Continue to Report Progress, but Need to Mitigate Persistent Weaknesses :

Persistent weaknesses in information security policies and practices continue to threaten the confidentiality, integrity, and availability of critical information and information systems used to support the operations, assets, and personnel of most federal agencies. Recently reported incidents at federal agencies have placed sensitive data at risk, including the theft, loss, or improper disclosure of personally identifiable information of Americans, thereby exposing them to loss of privacy and identity theft. For fiscal year 2008, almost all 24 major federal agencies had weaknesses in information security controls. An underlying reason for these weaknesses is that agencies have not fully implemented their information security programs [i.e. We know how, we just haven't Bob]. As a result, agencies have limited assurance that controls are in place and operating as intended to protect their information resources, thereby leaving them vulnerable to attack or compromise. In prior reports, GAO has made hundreds of recommendations to agencies for actions necessary to resolve prior significant control deficiencies and information security program shortfalls. Federal agencies reported increased compliance in implementing key information security control activities for fiscal year 2008; however, inspectors general at several agencies noted shortcomings with agencies’ implementation of information security requirements. Agencies reported increased implementation of control activities, such as providing awareness training for employees and testing system contingency plans. However, agencies reported decreased levels of testing security controls and training for employees who have significant security responsibilities. In addition, inspectors general at several agencies disagreed with performance reported by their agencies and identified weaknesses in the processes used to implement these activities. Further, although OMB took steps to clarify its reporting instructions to agencies for preparing fiscal year 2008 reports, the instructions did not request inspectors general to report on agencies’ effectiveness of key activities and did not always provide clear guidance to inspectors general. As a result, the reporting may not adequately reflect agencies’ implementation of the required information security policies and procedures.

Highlights Page (PDF) Full Report (PDF, 66 pages) Recommendations (HTML)

A few statistics from the report:

When incidents occur, agencies are to notify the federal information security incident center—US-CERT. The number of incidents reported by federal agencies to US-CERT has risen dramatically over the past 3 years, increasing from 5,503 incidents reported in fiscal year 2006 to 16,843 incidents in fiscal year 2008 (slightly more than 200 percent). [p. 10]

The three most prevalent types of incidents reported to US-CERT during fiscal years 2006 through 2008 were unauthorized access (18%), improper usage (22%), and [We don't know what happened, so it's still under... Bob] investigation (34%). [pp. 11-12]



I'm not a visual person (in many ways) but these tools should keep my website students occupied.

http://www.makeuseof.com/tag/tools-to-do-10-cool-things-with-youtube-videos/

10 More Cool Things You Can Do With YouTube Videos

Jul. 18th, 2009 By Varun Kashyap

… Right now, allow us to present forth some of the most popular tools out there to go along with YouTube and the super cool stuff you can do with them.



What do you think about “My life as a Blogger?” OR “How to Mis-Manage IT like a Pro” OR “We don't need no stinking security!”

http://www.makeuseof.com/tag/publish-your-own-book-easily-with-some-help-from-publishamerica/

Publish Your Own Book For Free With Some Help From PublishAmerica

Jul. 18th, 2009 By Guy McDowell

… You write your book. You e-mail or mail it in to PublishAmerica. They review it for quality and grammar and see if it will garner some sort of market. If that’s all good, they’ll talk to you about a contract. You sign the contract. They design a cover for the book. They market the book on their website and to different booksellers such as Barnes and Noble, Ingram, Borders.com and others. They also give you some advice on promoting the book yourself.

Your book sells and they send you royalty payments.

PublishAmerica



(Related?) Build your own library catalog auto-magically and carry it on your thumb drive!

http://www.makeuseof.com/tag/track-your-reading-and-catalogue-your-books-with-booktomb-windows/

Track Your Reading and Catalogue Your Books with BookTomb [Windows]

Jul. 18th, 2009 By Karl L. Gechlik

… I stumbled upon this small portable application called BookTomb and it not only stores all your book loving data – it also has the ability to retrieve book covers, ISBN numbers, descriptions and a bunch more from Amazon, ISBNdb and BookThing.

… If you can’t decide on which book to read next, let Stefan help you out by showing you the 8 best book review sites.



Geeky stuff An interesting and educational poster (if you have a large format printer)

http://fc08.deviantart.com/fs49/i/2009/199/8/4/Computer_hardware_poster_1_7_by_Sonic840.png

Computer Hardware Chart



Forensic tool

http://www.computingunleashed.com/2009/07/protect-your-dvdcd-from-damages-must.html

How To Perfectly Protect Your DVD/CD from Future Damages – A Must Read Guide For Every DVD/CD Collectors

… dvdisaster can also be used to recover the contents of a damaged DVD/CD even when if you havent created the error correction (.ECC) file before / if no ECC file is available. Only problem is that the data recovery chances are less without the error correction (.ECC) file

No comments: