Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

Alert

NEWS - June 26, 2012

by Carol~ Moderator / June 26, 2012 10:54 AM PDT
Researchers Devise Practical Key Recovery Attack Against Smart Cards, Security Tokens

A team of cryptographic researchers claim to have developed an attack method that can be used to recover secret keys in an acceptable time frame from cryptographic devices like smart cards, hardware security modules and USB security tokens.

The new attack method was documented in a research paper (pdf) that will be presented later this year at the CRYPTO 2012 cryptology conference and significantly improves previously known oracle padding attacks against asymmetric (RSA PKCS#1 v1.5) and symmetric (AES-CBC) encryption standards.

The method works on devices like the RSA Securid 800, Aladdin eTokenPro, Gemalto Cyberflex, Safenet Ikey 2032 and Siemens CardOS that use the vulnerable encryption standards for key export and import functions

Shortcomings in the implementation of such functions on some devices further improve the performance of this attack method and reduce the time required to recover keys.

Oracle padding attacks involve repeatedly sending an intentionally modified ciphertext to a decryptor in order to analyze the differences between the errors it generates. These bits of information can eventually be used to deduce the original text.

Continued : http://www.pcworld.com/businesscenter/article/258342/researchers_devise_practical_key_recovery_attack_against_smart_cards_security_tokens.html

Also:
Researchers steal keys from RSA tokens
Researchers break RSA SecurID 800 token in 13 minutes
Scientists crack RSA SecurID 800 tokens, steal cryptographic keys
Discussion is locked
You are posting a reply to: NEWS - June 26, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - June 26, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
'Carderprofit' Forum Sting Nets 26 Arrests
by Carol~ Moderator / June 26, 2012 11:17 AM PDT
In reply to: NEWS - June 26, 2012

The U.S. Justice Department today unveiled the results of a two-year international cybercrime sting that culminated in the arrest of 26 people accused of trafficking in hundreds of thousands of stolen credit and debit card accounts. Among those arrested was an alleged core member of "UGNazi," a malicious hacking group that has claimed responsibility for a flood of recent attacks on Internet businesses.

Federal officials are calling the operation the largest coordinated international law enforcement action in history directed at "carding" crimes, in which the Internet is used to traffic in and exploit the stolen credit card, bank account and other personal information of hundreds of thousands of victims.

According to documents released by the Justice Department, the sting — dubbed "Operation Card Shop" — began in June 2010, when the FBI established an undercover carding forum called "CarderProfit" (carderprofit.cc) to identify users who were buying and selling stolen credit card accounts and goods purchased with stolen accounts.

The FBI kept track of Internet addresses used by forum members, and used members' login information to gather additional information about registered users. The agency said it tightened the noose in May 2012, when it began imposing new membership requirements to restrict site membership to individuals with established knowledge of carding techniques or interest in criminal activity.

Continued : http://krebsonsecurity.com/2012/06/carderprofit-forum-sting-nets-26-arrests/

Also:
Feds Arrest 24 in Global Carding Ring Bust
FBI hauls in 24 credit card hackers in online sting

Collapse -
Double-Protected Bank Clients Tricked by $78M Crimeware Scam
by Carol~ Moderator / June 26, 2012 11:17 AM PDT
In reply to: NEWS - June 26, 2012

It used to be that a password was enough to keep your online bank account relatively safe. Then you needed a second factor — a text message or a one-time PIN, say — to be sure thieves weren't breaking into your account. Now, even this so-called "two-factor" authentication has been thwarted, thanks to new crimeware variants that crooks have been using to automate their bank heists in an attempt to steal more than $78 million.

That's according to security firms McAfee and Guardian Analytics, who released a report on the new banking trojans (.pdf). About a dozen groups have been using variants of Zeus and SpyEye that automate the process of transferring money from bank accounts. The stolen funds are transferred to pre-paid debit cards or into accounts controlled by money mules, allowing the mules to withdraw the money and wire it to the attackers.

Older versions of Zeus and SpyEye, which often get onto the machines of victims via phishing attacks or drive-by downloads, made the complicated process of bank robbery practically plug-and-play. Using "web injection" attacks, they tricked bank users into entering account details that were passed to the attackers.

But monetizing that information could be labor-intensive, since the attacker had to manually initiate a money transfer. The attacker might also be thwarted by two-factor authentication schemes that required a bank user to enter a one-time password or PIN sent to his phone. In order to grab the one-time number and use it, a hacker had to be online when the user entered it, to initiate a transfer while the number was still valid.

Continued : http://www.wired.com/threatlevel/2012/06/bank-malware-automates-fraud/

Also:
New Fraud Ring 'Operation High Roller' Targets the Rich
Sophisticated bank fraud attempted to steal at least $78 million
'Operation High Roller' bank hack nets cybercriminals £48 million

Collapse -
FTC Sues Wyndham Over Breaches Linked to $10m In Fraud
by Carol~ Moderator / June 26, 2012 11:23 AM PDT
In reply to: NEWS - June 26, 2012
UPDATE: The U.S. Federal Trade Commission has fined Wyndham Hotels for a string of data breaches that resulted in information on hundreds of thousands of customers being lost to cyber criminals.

An FTC complaint, filed on June 26, 2012, asks for "permanent injunctive relief" against Wyndham for failing to maintain what the FTC calls "reasonable security" necessary to keep intruders from compromising the network of the hotel chain. Wyndham's failure to protect its IT network laid the groundwork for a series of three data breaches in which cyber criminals based in Russia stole financial information later used to generate $10.6 million in fraudulent purchases. A Phoenix, Arizona, data center used by Wyndham was the source of the breach, the FTC said.

The complaint describes an epic failure on the part of Wyndham. It alleges that Wyndham Worldwide failed to adequately protect a property management system that was used to manage some 7,000 hotels under the Wyndham Hotels and Resorts under the Days Inn, Ramada and Super 8 brands. Among other things, the Wyndham is alleged to have used default administrative user names and passwords on servers that connected to the Hotels and Resorts network. Also, Wyndham Worldwide stored customer credit card data in plain text, and failed to adequately segregate the property management system from the company's corporate intranet and the public Internet. The result was a string of security breaches between April 2008 and January 2010 and the theft of customer data.

Continued : http://threatpost.com/en_us/blogs/ftc-sues-wyndham-over-breaches-linked-10m-fraud-062612

Also:
FTC files complaint against Wyndham Hotels for not protecting sensitive customer information
FTC Files Lawsuit Over Data Breaches at Large Hotel Operator
FTC Sues Hotel Operator Wyndham Worldwide Over Data Breaches
Collapse -
Mountain Lion to phone home looking for security updates
by Carol~ Moderator / June 26, 2012 1:21 PM PDT
In reply to: NEWS - June 26, 2012
Mountain Lion to phone home daily looking for security updates

"Fixes will either install automatically or at next restart."

Apple is showing signs that the company is taking the security of OS X far more seriously than it has in the past. In addition to features like app sandboxing and Gatekeeper, OS X Mountain Lion will also apparently check for critical security updates more regularly by default and will install them automatically.

Documentation accompanying a software update sent out to registered developers running the beta version of Mountain Lion shows that Apple is testing a new feature designed to mitigate potential security disasters like the recent Flashback malware problem. While regular OS X updates will come from the Mac App Store, security updates will be available directly through a new OS X Security Update system.

OS X Security Update will check for "required" security updates every day. The software will make use of a secure connection to Apple servers meant to keep hackers from hijacking the connection to spread malware. Users will be able to configure their Mac to either install security updates automatically or during the next restart.

Continued : http://arstechnica.com/apple/2012/06/mountain-lion-likely-to-phone-home-daily-looking-for-security-updates/

Also: OS X Mountain Lion will include automatic security updating
Collapse -
Ransomware Uses McAfee SECURE, Police Logos to Scam Users
by Carol~ Moderator / June 26, 2012 1:21 PM PDT
In reply to: NEWS - June 26, 2012

McAfee Labs researchers have seen an increase in instances of the McAfee SECURE logo being falsified as part of a "ransomware" campaign. Once a machine is infected, the malware checks to see which country the user is located in. It then displays a localized graphic containing a police logo and a message announcing that the machine has been locked and can be unlocked only after payment has been made via Ukash or a similar online payment mechanism. (For more on how ransomware operates, read this blog from my colleague Francois Paget.)

An infected machine located in Ireland might display an image similar to this: [Screenshot]

However, an infected machine in Germany might look like this: [Screenshot]

Both look official, yet both are unfortunately very much a scam. Users should never pay to have their machines "unlocked." We often see this type of ransomware attempt to download further malicious software to the machine; so even if the machine has been unlocked there can be more malware waiting in the wings.

We have seen ransomware in various forms for many years, but new variants are regularly released by malware authors to try to avoid detection. As ever, users should keep their antivirus definitions updated, run a personal firewall and URL reputation software, and employ best security practices at all times.

Continued: http://blogs.mcafee.com/mcafee-labs/ransomware-uses-mcafee-secure-police-logos-to-scam-users

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!