Editor’s Note: Updated to include information on the brand of EAS device that was compromised. – PFR 2/14/2013 OK – the good news is that the dead aren’t rising from their graves and the Zombie Apocalypse hasn’t begun (yet…). The bad news: a phony EAS (Emergency Alerting System) warning about just such a cataclysm earlier this week may have been the result of a hack of what one security researcher says are known vulnerabilities in the hardware and software that is used to distribute emergency broadcasts to the public in the U.S. The warning from Mike Davis, a Principal Research Scientist at the firm IOActive, comes just days after unknown hackers compromised EAS systems at television stations in the U.S. and broadcast a bogus emergency alert claiming that the “dead were rising from their graves” and attacking people. Published reports say that at least four television stations were the victims […]
Tag: Government
Whitelist Goes Black: Security Firm Bit9 Hacked
Application “whitelisting” offers an alternative to signature based malware protection. Rather than trying to spot the bad guys, the thinking goes, just identify a list of approved (whitelisted) applications, then block everything else. But what happens when the whitelist, itself, becomes compromised? That’s the scenario that’s playing out with customers of whitelisting firm Bit9, which acknowledged a breach of its corporate network that allowed unknown assailants to gain control of an application code signing server. The acknowledgement came after Bit9 was contacted regarding the breach by Brian Krebs of Krebsonsecurity.com, which broke the news Friday. Little is known about the incident. In a blog post, Bit9’s CEO, Patrick Morley, said that only three of the company’ s customers were affected. Those customers identified malware on their networks that had been signed by one of Bit9’s code signing servers. The lapse was the result of a breach on Bit9’s own network. […]
Wealthy Countries Better At Protecting Citizens…From Malware
To paraphrase a quote attributed to the great American novelist F. Scott Fitzgerald: ‘Rich countries aren’t like you and me. They have less malware.’ That’s the conclusion of a special Security Intelligence Report released by Microsoft on Wednesday, which found that the rate of malware infections was relatively lower in countries that were wealthy than those with lower gross income per capita. The study, “Linking Cybersecurity Policy and Performance” investigated the links between rates of computer infections and a range of national characteristics including the relative wealth of a nation, observance of the rule of law and the rate of software piracy. The conclusion: wealthier nations, especially in Europe, do a better job preventing malware infections than poorer and developing nations. The report marks an effort by Microsoft to dig into some of the underlying causes of cyber insecurity globally. Using data gathered from its Malicious Software Removal Tool (MSRT) […]
You’ve Been Hacked By APT! (The Video)
The whole APT – or “Advanced Persistent Threat” – meme has received a lot of attention in the media. This site and others have written about APT-style hacks, such as the recent compromise at The New York Times. But what does an APT hack look like? And what would it mean if you or your employer were in the crosshairs of an APT-type actor? The SANS Institute’s Securing The Human project has put together a nice training video that helps answer some of these questions, and to explain how APT-style attacks work. This is good stuff – explaining the difference between cyber crime and APT, and generic enough that any organization could use it as a training video. SANS says that it will produce one of these a month, and post them on the first of each month. My only criticism here is that, after they do a solid job describing […]
Friday Night Massacre: Twitter Hacked, Info on 250k Exposed
What better time to drop some really bad and embarrassing news than late on a Friday afternoon, as everyone is heading out the door? So it was with social media giant Twitter, which dropped a bombshell late Friday: revealing that it had been compromised in an “extremely sophisticated” attack that yielded the account credentials for around 250,000 users. A blog post by Twitter Security Team member Bob Lord on Friday said that the company has been investigating the breach all week long, after detecting unusual patterns of account access across its network. After stopping an attack that was in progress, the company’s investigation revealed that the attackers “may have had access to limited user information – usernames, email addresses, session tokens and encrypted/saltedversions of passwords – for approximately 250,000 users,” Lord wrote. Twitter did not discuss the circumstances of the breach, but reiterated guidance from the U.S. Department of Homeland Security for users to disable Java […]
