The recently reported malicious software attacks against Israeli and Palestinian targets have expanded to hit other targets, including individuals working within the U.S. Congress, the UK government and government workers in countries ranging from Turkey to Slovenia and New Zealand, according to a report from security firm Trend Micro. In a blog post on Wednesday, Trend Senior Threat Researcher Nart Villenueve wrote on the company’s Security Intelligence blog that those attacks are ongoing and involve a much wider list of targets that initially reported. The attacks first came to light after a Times of Israel report revealed on October 28 that computer systems used by that country’s police departments were taken offline following a virus infection. Subsequent analysis by Trend and others (PDF) revealed that the malware used in the attacks was a variant of the common Xtreme Remote Access Trojan (Xtreme RAT) – an information stealing program that can be […]
Government
Adobe Acknowledges Hack of User Forum For Connect Service
Software giant Adobe on Wednesday confirmed claims by a self-proclaimed “Egyptian” hacker to have compromised a user support forum frequented by customers of its Connect web conferencing technology, stealing user account information and posting some of it online. Adobe’s Director of Connect, Guillaume Privat, acknowledged in a blog post on Wednesday that the compromise of the Connectusers.com forum by an “unauthorized third-party” was for real and that the company has disabled the forum while it investigates the incident. The breach was first disclosed on Tuesday when a hacker calling himself “ViruS_HimA” posted what appeared to be account e-mail and password information online through web sites like pastebin.com and sendspace.com. The hacker claimed to have compromised a database server used to maintain the Connnectusers.com forum and downloaded information on 150,000 account holders, including the users names, login IDs, hashed password values, employer and e-mail address. The motive for the hack was […]
Report: Insecure SEC Laptops Toted To Black Hat
What’s worse than neglecting to encrypt the data on the government-issue laptop you use to handle sensitive data related to the workings of U.S. equities markets? How about hopping on a plane and bringing said laptop with you to the Black Hat conference in Las Vegas, one of the world’s largest gatherings of hackers. That’s just one of the allegations in an as-yet unreleased Inspector General report on irregularities at the U.S. Securities and Exchange Commission (SEC), according to a report on Friday by Reuters. The Inspector General’s report, a copy of which was reviewed by Reuters, found evidence of widespread lapses in information security within the agency that acts as a watchdog over stock markets and exchanges within the U.S. Among other errors, staff at the SEC failed to encrypt laptops containing sensitive stock exchange data or even install antivirus software on those systems, Reuters reported. The Inspector General […]
Support Forums Reveal Soft Underbelly of Critical Infrastructure
We hear a lot about vulnerabilities in industrial control system (ICS) software. In fact, that’s all we seem to hear about these days. The truth is: there’s a lot to write about. In just the last month, the Department of Homeland Security’s ICS-CERT warned its members about the ability of sophisticated – and even unskilled – attackers to use tools like the Shodan and ERIPP search engines to locate and attack vulnerable industrial control systems (PDF) that are accessible from the public Internet. In the meantime, every couple of weeks brings revelations about serious and remotely exploitable software holes. Most recently, ICS-CERT warned about a critical vulnerability EOScada (PDF), a Windows-based Energy Management System that is used to configure and manage intelligent electronic devices (IEDs) used in electrical, water, sewage and gas applications. But what about real evidence of compromised SCADA and industrial control systems? That’s a taller order. After all: most […]
Forget Cyberwar, Sandy Puts Continuity Plans To the Test
We’ve all read a lot about the potentially devastating impact of a pre-emptive, nation-state backed cyber attack on our critical infrastructure in recent years. Why, it wasn’t more than two weeks ago that Defense Secretary Leon Panetta warned about the dire consequences of a “digital Pearl Harbor.” An “aggressor nation or extremist group,” he warned “could use these kinds of cybertools to gain control of critical switches … [and] derail passenger trains, or even more dangerous, trains loaded with lethal chemicals,” according to a report in Stars and Stripes. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.” It’s scary stuff, for sure. But not unprecedented. In fact: anyone on the Eastern Seaboard of the United States can look out their window right now and see a major dry run (more like a wet run) of a massive […]
