17 total posts
McDonald's, Walgreens Warn Customers of Data Theft
McDonald's is warning its customers of the theft of a database of customers who signed up for promotions, such as its Monopoly game. The data breach makes them vulnerable to phishing attacks and other scams and identity theft.
A similar warning was also issued by Walgreen's.
McDonald's stressed that its records don't include financial information or Social Security Numbers. But it would include customers' ages, phone numbers, email addresses and physical addresses.
The world's largest fast food chain said it hired Arc Worldwide to do its promotional email campaign. That company, in turn, hired another firm to coordinate and distribute emails. It was that unnamed company whose records were accessed, McDonald's said.
"Law enforcement officials have been notified and are investigating this incident," McDonald's said in an email to its customers.
Continued : http://www.walletpop.com/2010/12/11/mcdonalds-warns-customers-of-data-theft/
Also: Hackers Steal McDonald's Customer Data
Gawker wrestles with reader data breach, hacking
Gawker.com has apparently been the victim of a pair of security compromises this weekend, one of which put reader's data at risk.
The news, pop culture, and gossip site informed readers today in a blog post that its database of 1.5 million reader-commenting accounts had been compromised and urged its users to change their passwords:
' Our user databases appear to have been compromised. The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack. You should change your Gawker password and on any other sites on which you've used the same passwords.
We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us. '
Later in day, it was revealed that the site itself was compromised as well when a post appeared there reportedly linking to the site's source code at The Pirate Bay. The story appeared under the byline of Gawker writer Adrian Chen, but Chen tweeted that he had not written the story and the site had been hacked.
Continued : http://news.cnet.com/8301-1009_3-20025424-83.html
Hackers Disrupt Sites Run by Gawker Media
Gawker rooted by anonymous hackers
Twitter diet spam splurge blamed on Gawker compromise
Compromised Twitter accounts are being abused to post spam messages promoting a diet website.
Tens of thousands of messages promoting an acai berries diet website appeared on Sunday, prompting speculation that a worm was spreading across the micro-blogging service.
However, it seems the spam fest was not caused by twits tricked into visiting a maliciously constructed website. Rather it seems that the compromised Twitter accounts promoting the spam messages were hit as a result of last weekend's Gawker compromise.
Exposed users made the mistake of using the same login credentials for both Gawker and Twitter. The attack illustrates the importance of using different login credentials on different websites, as well as the common sense approach of using hard-to-guess passwords.
Twitter has begun pushing password resets to affected accounts. The micro-blogging service blames the snafu on the Gawker compromise and bad password security rather than anything under its direct control.
Continued : http://www.theregister.co.uk/2010/12/13/twitter_diet_spam_gawker_compromise/
Passwords compromised at Gawker, Gizmodo, Lifehacker, Kotaku
... Deadspin and more
Following a security breach at Gawker Media, computer users who have left comments on websites such as Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot are being advised to change their passwords as a matter of priority.
In a statement published on their websites, the media group said:
'We understand how important trust is on the internet, and we're deeply sorry for and embarrassed about this breach of security - and of trust. We're working around the clock to ensure our security (and our commenters' account security) moving forward.
If you've registered an account on any Gawker Media web site (that includes Gawker, Gizmodo, Jalopnik, Jezebel, Kotaku, Lifehacker, Deadspin, io9, or Fleshbot), and you didn't log in using Facebook Connect, then it's best to assume that your username and password were included among the leaked data. '
Up to 1.3 million passwords are said to have been stolen from the websites by a hacking group calling itself Gnosis. The grabbed credentials were then posted up on Pirate Bay, allowing others - potentially - to compromise accounts.
Continued : http://nakedsecurity.sophos.com/2010/12/13/gawker-gizmodo-lifehacker-password-change/
Connecticut AG Demands Google Street View WiFi Data
"Connecticut state Attorney General Richard Blumenthal compelled Google to turn over data collected from Connecticut citizens via insecure WiFi networks with Street View."
Connecticut state Attorney General Richard Blumenthal ratcheted up his July request for data Google collected from Connecticut citizens via insecure wireless networks by demanding the search engine to cough it up.
Blumenthal's office issued a civil investigative demand, or the equivalent of a subpoena, to make Google turn over the data its Street View cars inadvertently grabbed from personal and business WiFi networks across the state.
Google admitted in May its Street View cars, which rove streets all over the world to grab imagery for Google Maps, had grabbed 600GB of WiFi network data from more than 30 countries around the world since 2007.
Continued : http://www.eweek.com/c/a/Security/Connecticut-AG-Demands-Google-Street-View-WiFi-Data-234961/
Spammers Send Fake Twitter-Themed Emails About WikiLeaks
Spammers are trying to capitalize on the Twitter WikiLeaks buzz by sending out fake emails that purport to come from the microblogging site and direct users to rogue online pharmacy sites.
"The email is very well crafted, containing a fake version of the headers which Twitter is adding," warns Sorin Mustaca, a data security expert at German antivirus vendor Avira.
The spammers also make use of Twitter's real email template, which includes its logo, color scheme and disclaimer, in order to add credibility to the fake messages.
The emails bear a subject of "WikiLeaks on Twitter!" and read "Hello, Twitter-er! [date] @WIKILEAKS on Twitter! http://twitter.com/WIKILEAKS/[CENSORED]." They are signed by "The Twitter Team."
Instead of leading to WikiLeak's Twitter account, the included link takes users to rogue online pharmacy websites pushing the usual male enhancement pills.
WikiLeaks and the leaked U.S. Department of State cables are such a hot topic in the world right now that this kind of attacks were bound to happen.
Continued : http://news.softpedia.com/news/Spammers-Send-Fake-Twitter-Themed-Emails-About-WikiLeaks-172067.shtml
Overdue patches published for RealPlayer
RealNetworks has released a monster update that closes an impressive 27 security holes in Windows RealPlayer 11.1. Other versions, such as RealPlayer SP, RealPlayer Enterprise and the Mac / Linux versions are also partially affected. Apparently the current RealPlayer 14.0 does not exhibit any of the vulnerabilities.
RealNetworks does not comment on the severity of the flaws in its announcement. Most of the holes are related to flaws in the handling of certain multimedia formats, which cause buffer overflows and other memory management problems. Such errors can often be exploited to inject and execute malicious code; in extreme cases, computers can be infected with spy software.
iDefense comes to a similar conclusion [1, 2]. A look at its advisories also explains why RealPlayer 14 is not vulnerable. RealNetworks was notified of some of the holes six months ago, but apparently waited until now to patch older versions after the patched version 14 was published at the end of October.
Continued : http://www.h-online.com/security/news/item/Overdue-patches-published-for-RealPlayer-1151696.html
Further Details - Vulnerabilities & Fixes
Google, Twitter Tools Helped Protests
Student protesters last week turned to social media sites, including Twitter and Facebook, to co-ordinate their mass demonstration in Westminster, U.K. and other areas.
Google Maps was also used extensively as protesters pinpointed what was happening and where.
The sites were used equally by the police, who watched for information on the protesters' plans. Police officers were present in large numbers around the planned route and at changed locations.
The demonstration, which in places turned violent and led to police cordoning off parts of central London, was held in protest at the near trebling of university fees to ?9,000 a year. The change was narrowly passed in a controversial vote in the House of Commons the same day.
The extensive use of social networking sites to co-ordinate and track demonstrations comes in a week when Twitter and the blogosphere were alive with comments on US ambassadors' cables leaked by Wikileaks. Blogs and forums are also being extensively used to co-ordinate hacking attacks on businesses unwilling to work with the whistleblower website.
Students have claimed they were making easy use of social media and Google to co-ordinate their actions.
A few days ago I suggested the protesting students could do with some kind of "anti-kettling app," to outwit the efforts of the police to stop them protesting," said Ben Goldacre on his blog.
Continued : http://www.pcworld.com/article/213340/google_twitter_tools_helped_protests.html
Why GSM-Based ATM Skimmers Rule
Earlier this year, KrebsOnSecurity featured a post highlighting the most dangerous aspects of GSM-based ATM skimmers, fraud devices that let thieves steal card data from ATM users and have the purloined digits sent wirelessly via text message to the attacker's cell phone. In that post, I explained that these mobile skimmers help fraudsters steal card data without having to return to the scene of the crime. But I thought it might be nice to hear the selling points directly from the makers of these GSM-based skimmers.
So, after locating an apparently reliable skimmer seller on an exclusive hacker forum, I chatted him up on instant message and asked for the sales pitch. This GSM skimmer vendor offered a first-hand account of why these cell-phone equipped fraud devices are safer and more efficient than less sophisticated models - that is, for the buyer at least (I have edited his sales pitch only slightly for readability and flow).
Throughout this post readers also will find several images this seller sent me of his two-part skimmer device, as well as snippets from an instructional video he ships with all sales, showing in painstaking detail how to set up and use his product. The videos are not complete. The video he sent me is about 15 minutes long. I just picked a few of the more interesting parts.
Continued (with video) here : http://krebsonsecurity.com/2010/12/why-gsm-based-atm-skimmers-rule/#more-6782
Amazon knocked offline by 'hardware failure'
Online retailer Amazon has said its European websites were temporarily offline because of a "hardware failure".
British, French, German, Austrian and Italian sites were down for about 30 minutes on Sunday during a peak pre-Christmas shopping period.
The outage occurred during a time of ongoing threats against major sites by pro-Wikileak activists.
A group known as Anonymous is targeting firms, including Amazon, that withdrew services from the whistle-blowing site.
"The brief interruption to our European retail sites last night was due to hardware failure in our European datacentre network and not the result of a [distributed denial of service] attempt," said a spokesperson for the firm.
Amazon sites ending .it, .de, .uk, .fr and .at - which are all hosted in Dublin - were unavailable for about half an hour at about 2115 GMT on Sunday, according to a Twitter posting by web monitoring firm Netcraft.
Continued : http://www.bbc.co.uk/news/technology-11980125
Amazon goes offline in Europe
Amazon blames hardware - not hackers - for European outage
IPv4 Unallocated Space Running Out, Film at 11
There is a tracker at http://twitter.com/IPv4Countdown which currently calculates that all of IPv4 address space will be allocated by the end of February 2011. The 100,000,000 address mark was broken on Sunday.
Prediction: A couple of years from now, we will scoff at this campaign sort of like we now scoff at the Y2K panic back in 1999, except this time, there's quite a lot less of alarmist coverage in the popular media.
Because, let's face it, this is not armageddon. "Allocated" does not mean "used". What we are seeing is a gold rush to stake out the last available unallocated pieces of IPv4 space. Or rather just a land grab, because it's unlikely that there is a lot of gold in them thar hills. But certainly, the operators who are now buying the remaining available pieces of IANA's unallocated address space are hoping to make some good money putting it up for sale or lease, or at least turn a profit. If the laws of demand and supply hold, and IPv6 doesn't suddenly take off spectacularly, IPv4 address prices can be expected to rise, and some actors are no doubt gambling that they will rise a lot.
Continued : http://www.f-secure.com/weblog/archives/00002074.html
Free makeup scam spreads rapidly across Facebook
A scam targeting women on Facebook is spreading very rapidly across the social network, pretending to offer free makeup.
If you see a message like the following being posted by one of your Facebook friends, do not click on the link. [Screenshot]
"anyone want some free makeup? ive just ordered mine for free and i thought i would post it here before the offer runs out. its stuff like mac, maybeline, estee lauder etc! The site is: "
Of course, many women on Facebook might be tempted by the offer of free makeup and (without thinking about the possible consequences) click on the link, especially as it appears to have been shared with them by one of their online friends.
Net neutrality lobbying to peak this week
Expect lobbying around net neutrality to reach fever pitch through Tuesday. After that, the Federal Communications Commission will go into its bunker to deliberate a draft of rules that will be voted on Dec. 21.
One group, Free Press, plans to let the FCC know that it doesn't like what it has heard so far. The public interest group will deliver a petition to the agency, with 2 million signatures, saying draft rules that don't regulate wireless networks with anti-discrimination provisions do not go far enough. The petition also will call for stronger rules that prohibit network operators from offering paid prioritization of some services that could effectively make the delivery of other Web sites worse. Free Press and dozens of other media reform and consumer advocacy groups jointly sent a letter along these lines last week.
Continued : http://voices.washingtonpost.com/posttech/2010/12/expect_lobbying_around_net_neu.html
Website Attackers Could Be Easily Traced, Researchers Say
People using a tool to conduct distributed denial-of-service (DDOS) attacks against other websites in support of WikiLeaks can easily be traced, according to computer security researchers.
Thousands of people have downloaded the "Low Orbit Ion Cannon," a tool that bombards a targeted website with garbled traffic in an attempt to knock it offline. The tool has been promoted by Anonymous, a loose-knit group of online campaigners that has attacked companies that cut off support for WikiLeaks since it began releasing secret U.S. diplomatic cables in late November.
But researchers at the University of Twente in Enschede, Holland, say it is easy for ISPs to identify those using the tool, as it takes no measures to protect the identity of its users, according to their paper.
Continued : http://news.yahoo.com/s/pcworld/20101213/tc_pcworld/websiteattackerscouldbeeasilytracedresearcherssay
Operation Payback Has New Target: Corporate Fax Machines
The activists behind Operation Payback have come up with a new way to annoy corporations that have severed their ties with WikiLeaks: bombard them with faxes.
In online chats, group members have posted the fax numbers for about a half-dozen corporations and are calling volunteers to fill up the fax machines, using free online fax services such as MyFax.com and FaxZero.com. They're recommending that people use anonymizing software such as the Tor Project to access these sites, so that they cannot be traced by authorities.
The latest development comes after websites belonging to Visa, MasterCard International and PayPal have been hit with distributed denial of service attacks, launched by Operation Payback in an effort to pressure the companies to resume payment processing for WikiLeaks.
"The enemy is adapting to our strategies, Gentlemen, but they are a lumbering bureaucracy. We can change faster," the group said in a note being circulated on its chat servers Monday.
Continued : http://www.pcworld.com/businesscenter/article/213473/operation_payback_has_new_target_corporate_fax_machines.html