Banks Are Just BEGGING For Identity Theft

November 19, 2009 — Mrs. Mecomber

WHAT a disgusting disgrace! Bank Sends Sensitive E-mail to Wrong Gmail Address, Sues Google.

A Wyoming bank sent an e-mail containing sensitive customer data to the wrong Gmail account, and now wants Google to reveal the identity of the account holder who received the data.

According to a court document in the case, in August a customer of the Rocky Mountain Bank asked a bank employee to send certain loan statements to a representative of the customer. The employee, however, inadvertently sent the e-mail to the wrong Gmail address. Additionally, the employee had attached a sensitive file to the e-mail that should not have been sent at all.

The attachment contained confidential information on 1,325 individual and business customers that included their names, addresses, tax identification or Social Security numbers and loan information.

After realizing what he’d done, the employee “tried to recall the e-mail without success.”

When that didn’t work, the employee sent a second e-mail to the recipient instructing the person to delete the e-mail and attachment “in its entirety” without opening or reviewing it. The employee also asked the recipient to contact the employee to “discuss his or her actions.”

Silence ensued.

That’s when the bank sued Google to identify the recalcitrant recipient.

I am NO fan of Google, but if this bank thinks that suing Google for the identity of the email recipient is going to solve anything, they are nutso.

Let me get this straight: the employee EMAILED all this sensitive information?! :-O

Do you have any idea how many hands an email passes through to get to the recipient? Emails are NOT secure, not at all. I am appalled that Social Security numbers and bank account numbers are strewn across the Internet and FAX machines. Are the banks just BEGGING to be stolen from? I know that banks (and government bureaus) do this stuff all the time. So what! So the bank employee sent it to the wrong person. He never should have sent it AT ALL.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in crime, Google, security news. Tags: , , , . 1 Comment »

Serious Browser Flash Flaw

November 16, 2009 — Mrs. Mecomber

Uh oh. I hate reading this stuff Monday mornings…. but this security issue looks like a doozy.

Flash flaw puts most sites, users at risk, say researchers
‘Frighteningly bad thing,’ said Foreground Security, of flaw allowing hackers to hijack sites, attack users

November 12, 2009 (Computerworld) Hackers can exploit a flaw in Adobe’s Flash to compromise nearly every Web site that allows users to upload content, including Google’s Gmail, then launch silent attacks on visitors to those sites, security researchers said today.

Adobe did not dispute the researchers’ claims, but said that Web designers and administrators have a responsibility to craft their applications and sites to prevent such attacks.

“The magnitude of this is huge,” said Mike Murray, the chief information security officer at Orlando, Fla.-based Foreground Security. “Any site that allows user-uploadable content is vulnerable, and most are not configured to prevent this.”

The problem lies in the Flash ActionScript same-origin policy, which is designed to limit a Flash object’s access to other content only from the domain it originated from, added Mike Bailey, a senior security researcher at Foreground. Unfortunately, said Bailey, if an attacker can deposit a malicious Flash object on a Web site — through its user-generated content capabilities, which typically allow people to upload files to the site or service — they can execute malicious scripts in the context of that domain.

“This is a frighteningly bad thing,” Bailey said. “How many Web sites allow users to upload files of some sort? How many of those sites serve files back to users from the same domain as the rest of the application? Nearly every one of them is vulnerable.”

Ugh. It does not look like anyone has a fix for this in the near future. These hacks are just getting crazy!!!

It is advised to either avoid browsing sites that have Flash (actually a very difficult thing today), or installing NoScript for Firefox browsers, or ToggleFlash for Internet Explorer. Nothing was said about using Opera, an alternative browser that I like and that has been immune from a lot of the security problems… so I’ll have to do some digging to find out.

In the meantime, use NoScript or ToggleFlash. NoScript (which is what I have used intermittently in the past) is a little complex sometimes, because you have to put everything on a white list… and some things I don’t know what are allowable or not (not all things on websites are adequately labeled). So this puts a real crimp in my own browsing style… hopefully, a fix will roll out soon.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in ad blocks, browsers, security news. Tags: , , , , . Comments Off »

Internet Warfare

November 9, 2009 — Mrs. Mecomber

Disturbing news from ComputerWorld. China is gearing up for “cyber warfare” while the United States blindly favors China with “Most Favored Nation” status, pandering to its Communist oppressive government, and free trade of endless toxic crap from the country…. unbelievable.

Looking to gain the upper hand in any future cyber conflicts, China is probably spying on U.S. companies and government, according to a report commissioned by a Congressional advisory panel monitoring the security implications of trade with China.

The report outlines the state of China’s hacking and cyber warfare capabilities, concluding that “China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and industry by conducting a long term, sophisticated computer network exploitation campaign.”

Published Thursday, the report was written by Northrop Grumman analysts commissioned by the U.S.-China Economic and Security Review Commission.

Government agencies and military contractors have been hit with targeted, well-crafted attacks for years now, many of which appear to have originated in China. But this report describes in detail how many of these attacks play out, including an attack that exploited an unpatched flaw in Adobe Acrobat that was patched earlier this year.

Citing U.S. Air Force data from 2007, the report says at least 10TB to 20TB of sensitive data has been siphoned from U.S. government networks as part of a “long term, persistent campaign to collect sensitive but unclassified information.” Some of this information is used to create very targeted and credible phishing messages that then lead to the compromise of even more computers.

…The report describes sophisticated, methodical techniques and speculates on possible connections between Chinese government agencies and the country’s hacker community, increasingly a source of previously unknown “zero-day” computer attacks.

“Little evidence exists in open sources to establish firm ties between the [People's Liberation Army] and China’s hacker community, however, research did uncover limited cases of apparent collaboration between more elite individual hackers and the [People's Republic of China's] civilian security services,” the report says.

I remain totally baffled that the U.S. STILL maintains this one-sided relationship. In more realistic days, such activities would have been called for declarations of war. Our pink-puffy politicians just rake in the donations while they rip us off and sell us out! When will our coddling of China end?

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in crime, news, security news. Tags: , . 3 Comments »

Beware of Clicking Twitter Links

September 28, 2009 — Mrs. Mecomber

It’s very risky to click on links, any links, be it in emails, in social networking sites, etc. A recent study said that there has been a 233% increase of malicious sites on the Internet, almost all propagating through social networking and emails. Yikes.

Twitter is especially susceptible to malicious clicking. Because urls are shortened for Twitter, the users cannot tell where the link is going. Who knows whether the link truly leads to Aunt Sally’s wedding dress, iscsi san or a worm? There are now several browser addons and such for detecting the origins of shortened urls, but still, it’s very difficult to know exactly where you are being led. And who knows what trojan, phishing scam, or virus awaits.

Symantec recently warned of the dangers of clicking links in Twitter:

The security software company released a warning and a video Friday on the dangers of clicking on the short URLs that link users from a tweet to a story, photo or video. Twitter isn’t the only place on the web users might find such shortened web addresses, but it is the most popular one.

The problem is that you don’t know where it will take you in most cases until you click on the link, something Symantec said malware authors have caught on to.

“Using enticing tweets and commonly used twitter search terms, their goal is to get other users to click on their links, leading to malicious code,” the Cupertino company said.

It offered examples with a YouTube video, which can be seen by clicking here.

The company said that in addition to its own security software, some browsers like Firefox and Internet Explorer allow users to check the full URL of a link before clicking on it.

“While this won’t tell you for sure if the link is malicious, it will at least allow you to look more carefully before clicking,” the company said in its post.

I heard in August that Twitter was starting to filter links that pass through their system, but I haven’t heard it directly from Twitter. Have you? Symantec published their statement about Twitter-clicking over the weekend, so I assume malicious links still pass through.

Nonetheless, please be careful what links you click!

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in Internet, news, security news. Tags: . 3 Comments »

How To Keep Your WordPress Blog Secure

September 10, 2009 — Mrs. Mecomber

In case you haven’t heard, there’s a virulent worm spreading and hacking WordPress blogs that have not been updated to the latest version, 2.8.4. WordPress founder Matt Mullenweg advises everyone to update their WordPress blogs:

Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.

The tactics are new, but the strategy is not. Where this particular worm messes up is in the “clean up” phase: it doesn’t hide itself well and the blogger notices that all his links are broken, which causes him to dig deeper and notice the extent of the damage. Where worms of old would do childish things like defacing your site, the new ones are silent and invisible, so you only notice them when they screw up (as this one did) or your site gets removed from Google for having spam and malware on it.

I’m talking about this not to scare you, but to highlight that this is something that has happened before, and that will more than likely happen again.

Hacking blogs and worms are not new to bloggers, whether you have Blogger or WordPress, but I certainly didn’t like to read Mullenweg’s “this is something that has happened before, and that will more than likely happen again.” :yikes:

The only thing Mullenweg has to say about future hacking is:

There is only one real solution. The only thing that I can promise will keep your blog secure today and in the future is upgrading.

I admit, I sometimes wonder if hack attacks are built by certain people who use such attacks to get everyone to upgrade. This particular worm is relatively harmless, and easily detectable. I’ve heard of horrible hacker attacks, where entire blogs are wiped out or are used as vehicles to spew p*rn and other filth. This worm seems quite tame, and leaves behind broken links, which is easily detectable. Did someone create this worm simply to scare WordPress users into forcing them to update their blogs? I’m not saying I believe this is so, just that there is that possibility. Maybe there’s more to this worm than is being publicized… But if that’s all the worm does, what else could be the motive?

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in crime, security news, Wordpress. Tags: , , , . Comments Off »

Hackers Prefer Opera

September 9, 2009 — Mrs. Mecomber

This news isn’t very surprising, not to me, an Opera fan:


One-in-four hackers runs Opera to ward off other criminals

Hackers using multi-exploit attack “toolkits” take defensive measures of their own against other criminals, a security researcher said today.

“Exploit kit operators do use mainstream browsers, but they’re much more likely to use Opera than the average user, because they know that the browser isn’t targeted by other hackers,” said Paul Royal, a principal security researcher with Atlanta-based Purewire.

While the most generous Web measurements peg Opera, a browser made by Norwegian company Opera Software, at a 2% share of the global market, 26% of the hackers who Purewire identified use the far-from-popular application.

Because of its small market share, few hackers bother to unleash exploits for Opera vulnerabilities, said Royal.

Purewire obtained this insight, and others, by infiltrating hackers’ systems using a bug in the analytics software included with a pair of hacker toolkits, notably one dubbed “LuckySploit,” said Royal. “We forged a ‘refer’ field and put in a little JavaScript,” he explained, “and that revealed the hackers to us via their IP addresses.”

So basically, a security experts group put out some bait for hackers– exploit tool kits with some javascript code. The hackers went for it, and their computer information was sent back to the security group. Besides grabbing IP numbers and country of origin where they could, the security group saw that hackers use the Opera browser. It’s safer than the other browsers (Firefox, Internet Explorer, etc). But it’s not that Opera is BUILT any safer than the others– it’s safer only because so few people use it, that it’s not worthwhile to attack or exploit it.

Well, if it works for me… ! I guess I’ll even take a left-handed mode of safety, as long as its safety.

Also– no browser is really, really safe. A browser is an open door to your computer, just because by necessity there must be that transfer of information between Internet servers (where the websites for you to surf sit) and your computer. There are things you can do to minimize that risk of intrusion: use a firewall; use an anti-virus and keep it updated; don’t use Internet Explorer browser; avoid risky sites (such as music sites, viral video sites, etc); turn off Active X, javascript, and image rendering. Some of these are extreme measures- it’s really up to you to determine your risk.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in browsers, crime, Internet, security news. Tags: , , . 3 Comments »
« Older posts «
Newer posts » »