Spyware, Viruses, & Security

Alert

NEWS - August 16, 2013

by Carol~ Forum moderator / August 16, 2013 1:27 AM PDT
Baby Monitor Hack Shows Weakness of Networked Cameras

In an unbelievably creepy story out of Texas, a hacker took control of a video-enabled baby monitor to spy on and shout insults at a two-year old girl and her parents. The harrowing experience has shaken up the victimized family, and underlines just how unsafe some of these networked products really are.

Reportedly, Marc Gilbert heard a strange voice coming from his young daughter's room. Upon entering he was surprised to discover it was coming from the video camera baby monitor he and his wife used to keep an eye on their deaf child. Thankfully, her deafness meant that she missed the litany of obscenities the hacker spouted at her, Gilbert, and Gilbert's wife Lauren.

The Gilberts were using a Foscam camera setup, and had even changed the default passwords. What they didn't know was that their device had a known vulnerability, revealed back in April.

Foscam had already released a firmware patch for the camera, but that required consumers to download it themselves. Once a product is on shelves, it can be difficult if not impossible to inform consumers that they might be at risk.

Continued : http://securitywatch.pcmag.com/security/314813-baby-monitor-hack-shows-weakness-of-networked-cameras

Related:
Baby monitor hack shows danger of default passwords
Hacked Baby Monitor Caught Spying On 2-Year-Old Girl In Texas (UPDATE)
Possessed baby monitor shouts obscenities at Texas tot
Post a reply
Discussion is locked
You are posting a reply to: NEWS - August 16, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - August 16, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Facebook disables some legitimate apps while targeting
by Carol~ Forum moderator / August 16, 2013 2:01 AM PDT
In reply to: NEWS - August 16, 2013
.. malicious ones

The use of tools to detect malicious patterns in apps led Facebook to temporarily disable some legitimate third-party apps that integrate with the social networking website, it said Thursday.

On Tuesday, a number of users complained that their Facebook developer accounts and apps were unavailable.

Facebook said it uses automated systems to identify and disable malicious apps to protect its platform and users. These techniques identify a malicious pattern, find the apps that match that pattern, and then disable those apps.

"This normally results in thousands of malicious apps being disabled and improves our automated systems' ability to detect similar attacks in the future," Facebook employee Eugene Zarakhovsky wrote in a blog post.

But on Tuesday, Facebook started with a broad pattern that correctly matched many thousands of malicious apps but also matched many high-quality apps.

Continued : http://www.computerworld.com/s/article/9241671/Facebook_disables_some_legitimate_apps_while_targeting_malicious_ones
Collapse -
"Bloodsucking leech" puts 100,000 servers at risk of potent
by Carol~ Forum moderator / August 16, 2013 2:02 AM PDT
In reply to: NEWS - August 16, 2013
.. attacks

"Think IPMI admin tool is secure and no one connects it to public addresses? Nope."

At least 100,000 Internet-connected servers sold by Dell, HP, and other large manufacturers contain hardware that is vulnerable to potent remote hack attacks that steal passwords and install malware on their host systems, researchers said.

The threat stems from baseboard management controllers that are embedded onto the motherboards of most servers. Widely known as BMCs, the microcontrollers allow administrators to monitor the physical status of large fleets of servers, including their temperatures, disk and memory performance, and fan speeds. But serious design flaws in the underlying intelligent platform management interface, or IPMI, make BMCs highly susceptible to hacks that can cascade throughout a network, according to a paper presented at this week's Usenix Workshop on Offensive Technologies.

Heightening the risk, a recent Internet scan detected at least 100,000 IPMI-enabled servers running on publicly accessible addresses, despite long-standing admonitions from security professionals never to do so.

Continued : http://arstechnica.com/security/2013/08/remote-admin-tool-imperils-servers/
Collapse -
Department of Energy Hacked; PII Stolen
by Carol~ Forum moderator / August 16, 2013 3:10 AM PDT
In reply to: NEWS - August 16, 2013

Malicious hackers have broken into computer systems of the U.S. Department of Energy (DOE) to hijack sensitive personally information (PII) for about 14,000 past and current employees.

In a brief statement, the DOE confirmed the breach, which occurred at the end of July. "[It] resulted in the unauthorized disclosure of federal employee Personally Identifiable Information (PII)," the department said.

This is the second major hack at the DOE this year, coming on the heels of a February 2013 incident that penetrated 14 computer servers and 20 workstations at the DOE headquarters.

In the most recent hack, the DOE, which manages the country's nuclear energy programs, insists that no classified data was targeted or compromised.

A December 2012 report from the office of inspector general slammed the Department of Energy for lacking a department-wide cyber-security incident management system, five years after auditors flagged problems in how the department manages cyber-security incidents.

Continued : http://www.securityweek.com/department-energy-hacked-pii-stolen

Related:
Energy Dept. hacked; 14,000 employees affected
US Department of Energy Hacked for Second Time This Year [WSJ]
Deja vu all over again? DOE to workers: We've been hacked

Collapse -
Beware the scammers' crocodile tears!
by Carol~ Forum moderator / August 16, 2013 3:10 AM PDT
In reply to: NEWS - August 16, 2013

Kaspersky Antivirus Research Weblog:

Having realized that users are getting wise to their scams involving unclaimed inheritances of multi-millionaire African princes, so-called Nigerian scammers have resorted to other outlandish stories from their arsenal of social engineering. We recently caught a few messages in our traps that suggest the scammers are not only unscrupulous and greedy but also engage in self-irony.

In particular, we detected some mailings supposedly sent by the FBI and its agents. The messages state that in the course of a large-scale investigation they identified users who had fallen victim to spammers, fake "Nigerian brides", the organizers of non-existent lotteries, and bogus lawyers of deceased millionaires. The recipient of the "FBI" message was listed as a victim, and he/she could now receive compensation for any losses. The next step in the scam is most likely to be a request to send a payment to cover the costs of processing the compensation request, such as filling in all the necessary documentation. In other words, it uses the typical Nigerian scam scenario. [Screenshot]

At the very least, this message should set the alarm bells ringing because the mailbox of these supposedly diligent fighters of cybercrime is hosted on a free, publicly available resource and not on an FBI server.

In another mailing the fraudsters go even further...

Continued : http://www.securelist.com/en/blog/8130/Beware_the_scammers_crocodile_tears

Collapse -
NSA internal audit reveals thousands of privacy violations
by Carol~ Forum moderator / August 16, 2013 4:33 AM PDT
In reply to: NEWS - August 16, 2013

An internal NSA audit document and several other seen by The Washington Post journalists prove that there have been over a 1,000 violations of FISA and presidential executive orders each year since the agency was granted broader surveillance powers in 2008.

"The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance," Barton Gellman pointed out.

"In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence."

Some of the violations were caused by computer errors and other by operators. For example, in 2008, a computer mistake has resulted in the interceptions of calls made from Washington D.C. (US area code 202) instead of those made from Egypt (international dialing code 20). As a reminder: 2008 was an election year.

Continued : http://www.net-security.org/secworld.php?id=15418

Also: Newly published leaks show NSA's thousands of privacy violations

Collapse -
Targeted Attacks Delivering Fruit
by Carol~ Forum moderator / August 16, 2013 4:33 AM PDT
In reply to: NEWS - August 16, 2013

Symantec Security Research Blog:

Political news has always been one of the top topics used in targeted attacks. Last week we came across unique malicious emails targeting high-profile companies in Europe and Asia (in sectors such as finance, mining, telecom, and government). The payload is an updated version of a Java remote access tool (RAT) detected as Backdoor.Opsiness, also known as Frutas RAT.

Frutas RAT is not new and has been around for quite some time now. Back in February we released a blog about this: Cross-Platform Frutas RAT Builder and Back Door.

The crafted emails used in this campaign contain two files - the first one is a decoy (.pdf) and the second is the actual threat (.jar). Sample email subject lines used include:

• Subject: Obama Releases Three Declassified Spying Docs
• Subject: U.S. Consul General Hart Arrives in Hong Kong
• Subject: UK-Northern Ireland-Japan InfoSec Agreement

[Screenshot: Example Email]

If the social engineering is successful and the .jar file is executed, it will gather the following information from the compromised computer and connect to a command-and-control (C&C) server:

Continued: http://www.symantec.com/connect/blogs/targeted-attacks-delivering-fruit

Collapse -
Scam: Pedigree Food Kills Dogs, Fake Animal Control Officers
by Carol~ Forum moderator / August 16, 2013 4:33 AM PDT
In reply to: NEWS - August 16, 2013
Scam Alert: Pedigree Food Kills Dogs, Fake Animal Control Officers

Pedigree has published a notice on its website to warn customers of bogus Facebook posts that claim the company's products are responsible for the death of two dogs in Tampa, Florida.

Hoax Slayer provides a sample of the scam post which reads something like this (all in uppercase letters):

"If there is a chemist who can help, I have this bag of Pedigree dog food that killed my dogs, and need to know what poison was in there. Oh yes, Ii am angry. Pedigree dry dog food would be my answer.. 271 complaints 2013 online.. Symptoms similar to Parvo.

Vomit yellow bile, lethargic, then just before death. Just lost my precious dogs... happened so fast, within 48 hours. Tainted bag of pedigree dry small breed formula in my case. Epidemic. Buyer beware. No recall. If this happened in your family, get word out as there is no recall. I am hiring an attorney."

Both Hoax Slayer and Pedigree highlight the fact that the picture of the dog contained in the Facebook posts was actually taken over two years ago.

"The dog in the photo is unrelated to this situation and unrelated to our food. Like you, we are disheartened to see this photo cause confusion among our dog-loving community but we're glad to report that the dog in the photo is doing fine," Pedigree [urll=http://www.pedigree.com/update/]stated.

Continued : http://news.softpedia.com/news/Scam-Alert-Pedigree-Food-Kills-Dogs-Fake-Animal-Control-Officers-376019.shtml
Collapse -
Hackout: Philips Smart Lightbulbs Go Dark In Remote Attack
by Carol~ Forum moderator / August 16, 2013 4:54 AM PDT
In reply to: NEWS - August 16, 2013

Add lightbulbs to the list of everyday technology that is 1) Internet connected and 2) vulnerable to crippling remote attacks.*

Writing on Tuesday, security researcher Nitesh Dhanjani disclosed a proof of concept hack against HUE lightbulbs, a brand of wi-fi enabled bulbs manufactured by the firm Philips. The vulnerability discovered by Dhanjani allows a remote attacker to use her mobile device to control HUE.

HUE wi-fi enabled bulbs are sold at Apple stores and allow users to control the function and color of the bulbs using iPhone and Android mobile apps. Dhanjani published his findings in a paper, "Hacking Lightbulbs," which calls the HUE system of bulbs and a wireless bridge "wonderfully innovative," but also prone to hacking.

The most serious flaw discovered would allow a remote attacker to impersonate a white-listed (or "allowed") mobile device, sending commands to HUE bulbs that could cause them to turn off or manipulate the bulb's color. In a detailed report (PDF), Dhanjani said he discovered that the wireless bridge that relays commands to the deployed HUE bulbs relies on a list of allowed "tokens" to validate the HTTP-format requests from authorized administrators. However, in the case of the iOS app that is used with HUE devices, those tokens are merely an MD5 hash of the whitelisted mobile device's Machine Access Code (or MAC) - a publicly broadcast and easily retrievable bit of identifying information.

Continued : https://securityledger.com/2013/08/hackout-philips-smart-lightbulbs-go-dark-in-remote-attack/

Related:
Security Flaw in Philips Lighting System Lets Hackers Keep You in the Dark
Philips Light Bulb Vulnerability Could Leave Some In the Dark

Collapse -
NY Post and SocialFlow are latest victims of Twitter hackers
by Carol~ Forum moderator / August 16, 2013 9:48 AM PDT
In reply to: NEWS - August 16, 2013

ESET's "We Live Security" Blog:

The New York Post has become the latest victim of a prolific hacking campaign targeting the social media accounts of worldwide media outlets - and SocialFlow, a social media company used by the Post and other media outlets, has also fallen victim.

The Syrian Electronic Army claimed responsibility for the attack - which compromised the newspaper's official Facebook and Twitter accounts, as well as accounts for individual journalists, according to reports in Computing and elsewhere.

Sports writer Mike Puma's account was used to post the message, "Syrian Electronic Army was here" and a link to the group's own Twitter profile.

Posts on the official site for the hacktivist group showed off posts on the hacked acccounts, and that the group had also hacked SocialFlow, a social media platform used by the New York Post. "The Syrian Electronic Army hacked today "Social Flow" company website/accounts. SocialFlow is a social media optimization platform for leading brands and publishers. All of AlJazeera, WashingtonPost, New York Post and many media organizations uses Social Flow," the group said in a statement on its official site.

Continued : http://www.welivesecurity.com/2013/08/15/new-york-post-and-socialflow-are-latest-victims-of-twitter-hackers/

Collapse -
Wait, what? Twitter is a terrorist?
by Carol~ Forum moderator / August 16, 2013 9:48 AM PDT
In reply to: NEWS - August 16, 2013

Foreign Policy magazine ran an article this week that positions Twitter as a recruiter for Al-Qaeda:

There's a new jihadist recruiter on the Internet. Based in San Francisco and backed by a multimillion dollar bankroll, the recruiter orchestrates thousands of introductions every day, connecting people at risk of radicalization with extremist clerics and terrorist propagandists - even facilitating online meetings with hardcore al Qaeda members.

The recruiter is Twitter, and it's shaking up the world of online radicalization in ways both large and small.


This is ridiculous on its face, of course. Twitter is no more an Al-Qaeda recruiter than Craigslist is a pimp.

Yes, terrorists use Twitter as a recruiting tool, and if the author of the article is to be believed, it works well. But Twitter also works well for organizing protests against totalitarian regimes, discussing the latest security topic, immersing yourself in popular culture and sharing a link to your favorite cat video.

Continued : http://nakedsecurity.sophos.com/2013/08/16/wait-what-twitter-is-a-terrorist/

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Tech for the holiday

Find recipes for July 4 with these foodie apps

The Fourth of July means fireworks, fun and food. If you're planning on a barbecue this weekend, we've got the apps to help you find holiday-inspired recipes.