Spyware, Viruses, & Security forum


NEWS - March 18, 2013

by Carol~ Forum moderator / March 18, 2013 12:31 AM PDT
High-rolling gambler uses casino's own surveillance system to scoop $32 million...

A high-rolling gambler has allegedly won $32 million at a casino in Melbourne, Australia, thanks to a little network hackery carried out by accomplices.

Games like poker are much easier to win if you know some or all of your opponents' cards.

After all, it's hard to sustain a bluff if the person you're bluffing has actually seen your hand.

In this case, the un-named "whale" - casino argot for a player who wagers large amounts of money, often on giant-sized individual bets - is said to have relied on his accomplices to feed him information about what other players at his table were holding.

His accomplices were able to snoop on the other players because they had remote access to the casino's own surveillance system, giving them a bird's eye view from CCTV cameras right inside the high-rollers' room.

Continued : http://nakedsecurity.sophos.com/2013/03/17/high-rolling-gambler-uses-casinos-own-surveillance/

Ocean's 11 gang stole $33 million from casino by hijacking CCTV
Casino Loses $32 Million After Poker Player Hacks Surveillance Cameras
Australian casino loses $32m after 'high roller' guest colludes with staff to spy on other players
Post a reply
Discussion is locked
You are posting a reply to: NEWS - March 18, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - March 18, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
The Perfect Hardware Spy Tool for $35 Plus Change
by Carol~ Forum moderator / March 18, 2013 2:39 AM PDT
In reply to: NEWS - March 18, 2013

A new computer espionage tool built on the $35 Raspberry Pi microcomputer has been detailed in a presentation (pdf) at this year's BlackHat conference in Amsterdam. This highly-advanced hardware keylogger is small enough to fit into a laptop docking station and powerful enough to intercept keystrokes, sniff network traffic, take screenshots, and more.

The Raspberry PI is a credit card-sized computer with a 700 MHz ARM processor rigged with 512 MB of RAM - enough to run its own operating system - and is equipped with two USB ports, an Ethernet connection, HDMI and an array of general-purpose ports.

As detailed in the presentation by Andy Davis, the Dell docking station for Latitude E series of laptops provide enough room to cram the Raspberry PI microcomputer along with the cables and, possibly, with a 3G modem that will be used to siphon stolen data. This approach ensures the rogue network traffic does not get detected or blocked in the company network. Screenshots and unauthorized video camera captures can be recorded on a third device such as Videoghost, although this will add some $150 extra to expenses.

Continued : http://www.hotforsecurity.com/blog/the-perfect-hardware-spy-tool-for-35-plus-change-5680.html

Collapse -
Huawei 3G/4G USB sticks put users' security at risk
by Carol~ Forum moderator / March 18, 2013 2:39 AM PDT
In reply to: NEWS - March 18, 2013

At the Black Hat Europe conference that is currently in progress, Russian security expert Nikita Tarakanov has presented the results of his analysis of the driver software that Huawei ships with its 3G/4G USB sticks. According to the researcher, the various components - drivers, configuration software, update mechanisms - are all of insufficient quality.

The central update server was identified as a massive attack vector by Tarakanov: the Huawei software installs an application and driver auto-update component on every computer. The researcher said that the service in question will contact a server in the Netherlands and query it for updates every 15 minutes. Apparently, the web server is still running on Microsoft's outdated Internet Information Server (IIS) version 6.0, which is part of Windows Server 2003. Tarakanov pointed out that whoever hacked that machine could infect millions of computers worldwide with malicious software.

After the presentation, three Huawei representatives who had listened eagerly in the first row of the auditorium, written everything down and frantically taken pictures of every presentation slide with a tablet PC told The H's associates at heise Security that they had assumed the update server's security was adequate. Tarakanov didn't give the manufacturer any advance notice of his discoveries.

Continued : http://www.h-online.com/security/news/item/Huawei-3G-4G-USB-sticks-put-users-security-at-risk-1823894.html

Huawei 3G and 4G Modems Leave Consumers Exposed, Researcher Says
3G and 4G USB modems are a security threat, researcher says

Collapse -
'NotCompatible' Android malware rears its ugly head, again
by Carol~ Forum moderator / March 18, 2013 2:39 AM PDT
In reply to: NEWS - March 18, 2013

The "NotCompatible" malware, designed to infect Android devices and turn them into unwitting Web proxies, is suddenly showing a sharp uptick in activity, according to mobile security vendor Lookout.

The malware is essentially a simple network proxy, which pretends to be a system update in order to get unwitting users to install it. The idea seems to be gaining access to protected networks through victims' infected Android devices. It was named for its apparent command-and-control server, at notcompatibleapp.eu.

Last weekend saw the number of detections for NotCompatible rise to 20,000 per day as of last Sunday and Monday, wrote researcher Tim Strazzere, who said that the malware had been largely dormant since it was discovered in May 2012.

But while the initial discovery saw the malware being installed by hacked websites, the latest wave of NotCompatible is being spread by email spam. The usual subject line is "hot news," and the infected messages appear to contain links to fake weight-loss articles.

Continued : http://news.techworld.com/security/3435519/notcompatible-android-malware-rears-its-ugly-head-again/

Collapse -
Bank of America on Short List of Scammers' Spam Lures
by Carol~ Forum moderator / March 18, 2013 2:42 AM PDT
In reply to: NEWS - March 18, 2013

The dust has barely set on the Bank of America security breach, and crooks unleashed a series of aggressive spam campaigns that include the Bank of America in the title as bait.

In the context of a security breach, the name of the bank was used to catch customers' attention, infect them with malware, have them type in sensitive data or entice them into sending money in advance for a service they will never receive.

"Online Banking Passcode Modified" invites people to click a link to reset their online banking passcode. The same template and con is entirely recycled from a similar attack in November 2012. This new spamvertised malware campaign attempts to get Bank of America customers to click a link to a webpage associated with the Redkit Exploit Kit - a crimeware tool that exploits vulnerabilities in browsers and plugins to silently infect victims' PCs. [Screenshot]

Continued : http://www.hotforsecurity.com/blog/bank-of-america-on-short-list-of-scammers-spam-lures-5668.html

Collapse -
Java Code, Details Released for Potential Sandbox Bypass .
by Carol~ Forum moderator / March 18, 2013 3:20 AM PDT
In reply to: NEWS - March 18, 2013
.. Issue

Additional details and code demonstrating a possible security vulnerability in Java were released this morning by a Polish security research company, bringing to a head a three-week long debate between the researcher and Oracle over whether the issue is indeed a vulnerability or an allowed behavior in Java.

Adam Gowdiak of Security Explorations has been back and forth with Oracle since Feb. 25 over the lack of a security check in a certain Java operation that when combined with another vulnerability discovered by the firm can result in a complete Java sandbox bypass.

Oracle has refused to confirm the issue is a security vulnerability and told Gowdiak that it continues to investigate. A request for comment from Oracle was not returned by the time of publication. Gowdiak said he sent Oracle detailed information on Feb. 25 about two vulnerabilities he calls Issue 54 and 55, along with source and binaries for proof of concept code. Oracle confirmed Issue 55 as a vulnerability, but said 54 is an "allowed behavior."

"Security Explorations believes that three weeks (from Feb. 25 to March 18) constitutes enough time for a major software vendor to be able to deliver a final confirmation or denial of a reported security issue," he wrote in a PDF linked to from Full Disclosure.

Continued : https://threatpost.com/en_us/blogs/java-bug-code-details-released-allowed-behavior-issue-031813
Collapse -
AT&T Hacker 'Weev' Sentenced to 3.5 Years in Prison
by Carol~ Forum moderator / March 18, 2013 4:56 AM PDT
In reply to: NEWS - March 18, 2013

A hacker charged with federal crimes for obtaining the personal data of more than 100,000 iPad owners from AT&T's publicly accessible website was sentenced on Monday to 41 months in prison followed by three years of supervised release.

The judge handed down the sentence following a minor skirmish in the courtroom when the defendant, Andrew Auernheimer, aka Weev, was pinned and cuffed. Auernheimer was reportedly asked to hand the court a mobile phone he had with him during the hearing, and after handing it to his defense attorney instead, court agents cuffed him.

Andrew Auernheimer, 26, of Fayetteville, Arkansas, was found guilty last November in federal court in New Jersey of one count of identity fraud and one count of conspiracy to access a computer without authorization after he and a colleague created a program to collect information on iPad owners that had been exposed by a security hole in AT&T's web site.

The two essentially wrote a program to send Get requests to the web site.

Continued : http://www.wired.com/threatlevel/2013/03/att-hacker-gets-3-years/

Grey-hat gets 41 months in prison for exposing iPad user's privates
Andrew Auernheimer AKA "The AT&T Hacker" Sentenced To 41 Months In Prison, 3 Years Probation And Restitution Of $73K
US hacker gets 41 months prison for AT&T email extraction

Collapse -
Express Shipment Notification emails contain malware
by Carol~ Forum moderator / March 18, 2013 4:57 AM PDT
In reply to: NEWS - March 18, 2013

Have you received an email with the subject line "Express Shipment Notification"?

If so, be on your guard - you could be at risk of infecting your Windows computers.

Online criminals have spammed out a large number of messages, claiming to come from DHL Express International, that are designed to install malware onto the computers of unsuspecting PC users.

Here is what a typical example of an email spammed out in the attack looks like: [Screenshot]

DHL Express
Tracking Notification: 449762627

Custom Reference: 594078O440
Tracking Number: XFLNH94244
Pickup Date: Mon, 18 Mar 2013 12:39:03 +0100
Service: AIR
Pieces: 1

Mon, 18 Mar 2013 12:39:03 +0100 - Processing complete successfully
Refer to attached report for full details.

Attached to the emails is a ZIP file, containing malware. The filename of the ZIP file can vary, but takes the form "DHL reportXXXXXX.zip" (where the 'X's are a random code).

Continued : http://nakedsecurity.sophos.com/2013/03/18/express-shipment-notification-emails-malware/

Collapse -
Microsoft to push Windows 7 SP 1 to users starting March 19
by Carol~ Forum moderator / March 18, 2013 5:32 AM PDT
In reply to: NEWS - March 18, 2013

"Microsoft is starting to push Windows 7 SP1 to Windows 7 users via Windows Update, ahead of the early April end-of-support date for the RTM version of the product."

As Microsoft marches toward its early April 2013 end of free support deadline for Windows 7, the company is planning to update automatically some of those who still have yet to install the first (and seemingly only) Service Pack for the operating system.

As announced on March 18 on the Microsoft "Blogging Windows" blog, [Microsoft plans to begin rolling out Windows 7 SP1 automatically, via Windows Update to Windows 7 users who still are running the release-to-manufacturing (RTM) version without SP1 installed. This process will begin on March 19.

From the blog post:

Continued : http://www.zdnet.com/microsoft-to-push-windows-7-service-pack-1-to-users-starting-march-19-7000012769/

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


CNET bought a house!

Take a look inside the house where we will be testing connected locks, thermostats and other smart home products so we can tell a complete story.