Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - March 24, 2014

Mar 24, 2014 12:45AM PDT
NSA targets sys admins to breach computer networks

A newly analyzed document from Edward Snowden's trove show that the NSA collects personal and account information on system administrators and uses it to compromise their computers in order to access the networks they manage.

"Up front, sys admins generally are not my end target. My end target is the extremist/terrorist or government official that happens to be using the network some admin takes care of," explains the author of the document, allegedly the same network specialist in the agency's Signals Intelligence Directorate that compiled a presentation about how the agency can identify users of the Tor browser.

The document is a collection of posts the author published two years ago on an NSA internal discussion board, and in them he or she explains how to identify system administrators of target networks - mostly those run by foreign phone and Internet companies - and what helpful things one can find on their systems (network maps, email correspondence, and so on).

Continued: http://www.net-security.org/secworld.php?id=16557

Related:
NSA hacker in residence dishes on how to "hunt" system admins
NSA targets sysadmin personal accounts to exploit networks
NSA Targets Sys Admins to Infiltrate Networks

Discussion is locked

- Collapse -
NSA hacked into servers at Huawei headquarters, reports say
Mar 24, 2014 12:56AM PDT

The U.S. National Security Agency has hacked into Huawei Technologies servers, spied on communications of company executives and collected information to plant so-called backdoors on equipment from the Chinese networking manufacturer, according to reports published over the weekend.

In response, the NSA said that it declines to comment on specific, alleged foreign intelligence activities. In a statement emailed to the IDG News Service, the agency elaborated, saying that "NSA's activities are focused and specifically deployed against—and only against—valid foreign intelligence targets in response to intelligence requirements."

Huawei officials were not immediately available for comment.

Continued: http://www.pcworld.com/article/2110960/nsa-hacked-into-servers-at-huawei-headquarters-reports-say.html

Related: NSA hacked Huawei servers, watched company's executives, NYT sources say

- Collapse -
Sources: Credit Card Breach at California DMV
Mar 24, 2014 12:57AM PDT

The California Department of Motor Vehicles appears to have suffered a wide-ranging credit card data breach involving online payments for DMV-related services, according to banks in California and elsewhere that received alerts this week about compromised cards that all had been previously used online at the California DMV.

The alert, sent privately by MasterCard to financial institutions this week, did not name the breached entity but said the organization in question experienced a "card-not-present" breach — industry speak for transactions conducted online. The alert further stated that the date range of the potentially compromised transactions extended from Aug. 2, 2013 to Jan. 31, 2014, and that the data stolen included the card number, expiration date, and three-digit security code printed on the back of cards.

Five different financial institutions contacted by this publication — including two mid-sized banks in California — confirmed receipt of the MasterCard notice, and said that all of the cards MasterCard alerted them about as compromised had been used for charges bearing the notation "STATE OF CALIF DMV INT".

Continued : http://krebsonsecurity.com/2014/03/sources-credit-card-breach-at-california-dmv/

Related: California DMV customers may be affected by a credit card breach

- Collapse -
Sony Pictures Plans Movie About Yours Truly
Mar 24, 2014 12:59AM PDT
Sony Pictures is reportedly planning to make a big screen movie based at least in part on my (mis)adventures over the past few years as an independent investigative reporter writing about cybercrime. Some gumshoe I am: This took me by complete surprise.

The first inkling I had of this project came a few weeks ago when New York Times reporter Nicole Perlroth forwarded me a note she'd received from a Hollywood producer who was (and still is) apparently interested in acquiring my "life rights" for an upcoming film project. The producer reached out to The Times reporter after reading her mid-February 2014 profile of me, which chronicled the past year's worth of reader responses from the likes of the very ne'er-do-wells I write about daily. Perlroth's story began:

"In the last year, Eastern European cybercriminals have stolen Brian Krebs's identity a half dozen times, brought down his website, included his name and some unpleasant epithets in their malware code, sent fecal matter and heroin to his doorstep, and called a SWAT team to his home just as his mother was arriving for dinner."

Continued : http://krebsonsecurity.com/2014/03/sony-pictures-plans-movie-about-yours-truly/

Related: Sony seeks to make a movie about the Target hack reporter
- Collapse -
AV Maker Blasts Microsoft for Ending Windows XP Support
Mar 24, 2014 12:57AM PDT

With less than three weeks to go until Microsoft officially stops supporting Windows XP on April 8, free antivirus maker Avast is criticizing the move, saying that too many will be left unprotected after that date.

In a blog posted to its site this week, Avast said that almost a quarter of its users are still on Windows XP and will be six times as susceptible to attack compared to Windows 7 users.

"Abandoning Windows XP is a big mistake, especially since Microsoft has not been very successful in transitioning XP users to newer systems," wrote Ondrej Vlcek, chief operations officer at Avast Software. "The Avast database shows that 23.6% of its more than 200 million users is still running Windows XP."

Continued : http://redmondmag.com/articles/2014/03/20/ending-xp-support.aspx

Related: Avast Lends Support for Windows XP for Three More Years, Cites Doom

- Collapse -
New Android Bug Causes "Bricked" Devices
Mar 24, 2014 12:57AM PDT

From the TrendLabs Security Intelligence Blog:

We recently read about an Android system crash vulnerability affecting Google's Bouncer infrastructure, one that, alarmingly, also affects mobile devices with Android OS versions 4.0 and above. We believe that this vulnerability may be used by cybercriminals to do some substantial damage on Android smartphones and tablets, which include "bricking" a device, or rendering it unusable in any way. In this context, the device is "bricked" as it is trapped in an endless reboot loop.

How did they do it?

Our analysis shows that the first crash is caused by the memory corruption in WindowManager, the interface that apps use to control the placement and appearance of windows on a given screen. Large amounts of data were entered into the Activity label, which is the equivalent of the window title in Windows.

Continued: http://blog.trendmicro.com/trendlabs-security-intelligence/new-android-bug-causes-bricked-devices/

- Collapse -
Bitcoin phishing attack targets Blockchain users
Mar 24, 2014 4:07AM PDT

If you're an advocate for the Bitcoin digital currency be on your guard, because phishers are after your cash.

Just like fraudsters try to trick you into handing over your login passwords for your online bank, your eBay account, or your Apple iCloud credentials, it seems they're not above trying to dupe you into opening the door to your Bitcoin accounts as well.

Check out this example of a phishing campaign that was spammed out this weekend, targeting users of Blockchain.info - which claims to be the world's most visited Bitcoin website with over a million registered users and 200 million pageviews each month: [Screenshot]

The social engineering in this example is pretty elementary, but I have no doubt it works.

Continued : http://grahamcluley.com/2014/03/bitcoin-phishing/