- Drupal.org hacked – Access to User data: The information exposed includes usernames, email addresses, and country information, as well as hashed passwords. According to Drupal.org, there are over 967,000 registered users affected.
- Anatomy of a hack: A great report how crackers ransack carelessly hashed password lists.
- Information that is pooled together for efficiency’s sake also makes a thief’s life easier: 5 big Database Breaches of spring 2013.
- How criminals cash in with mobile malware and how to protect yourself.
- The Infosec Institute published part 4 of a series about a Vulnerability Assessment of the SNMP Service.
- ENISA, the European Network and Information Security Agency has published its 2012 General Report, containing details of the Agency’s work and achievements during the year.
- HITB2013AMS: Videos from Day 1 of the the Security Conference ‘Hack in the box’ are now available on youtube.
- FIRST: The first security podcasts of the 25th Annual FIRST Conference podcast series can be downloaded.
- Want to improve the security of your SSH private key files? Here’s how it works.
- Brian Krebs on a Denial-of-service-for-hire-Service with FBI backdoor.
- Read in the NY Times Online how sales experts sell hacker services at a trade show in China.
- Twitter now provides two-step authentication: Read how you can activate it and if it makes sense.
- Kaspersky released information on IT Threat Evolution in Q1/2013.
Als Drive-By Exploit oder Drive-By Download bezeichnet man es, wenn auf dem Computer eines Internetnutzers nur durch das Aufrufen einer Webseite im Browser automatisch und unbemerkt schädliche Software installiert wird.
Nach der Infektion mit schädlicher Software haben Kriminelle meist unbegrenzten Zugirff auf den Computer und die darauf gespeicherten Daten und versuchen damit Geld zu verdienen. Trojaner stehlen z.B. Zugangs- und Kreditkarteninformation des Benutzers oder greifen in sein Ebanking ein. Ransomware versucht durch Einschüchterung des Benutzers und durch Blockade des PCs Geld zu erpressen.
Gemäss eines Berichts (PDF) der “European Network and Information Security Agency” ENISA stellen Drive-By Exploits für 2013 die grösste Bedrohung für Internetnutzer dar. Dies bestätigen auch die Zahlen aus der Schweiz. Continue reading
- Phishing: Patrick Nelson at Technewsworld wrote about 6 steps how to identify and deal with bogus banking e-mails.
- IE8 Exploit: If you (still) use Internet Explorer Version 8, note that a newly discovered vulnerability is being actively exploited. MS published an advisory and released an intermediate “stopgap” fix. (CVE-2013-1347)
- Ransomware: botfrei.de is reporting a new wave of ransomware infections. The malware downloads illegal pictures to the victims harddisk. Read how to get rid of the malware and the pictures.
- Online Banking: Read why to chose a Web-based platform for mobile banking instead of a Mobile app.
- Watering Hole Attacks are an attractive alternative to Spear Phishing, Jaeson Schultz explains on the Cisco blog.
- ‘The Onion’ explains how its Twitter account was hacked.
Der aktuelle SWITCH Security- und Privacy-Report 4/13 (PDF) ist online.
- LivingSocial, the ‘daily deals’ site owned in part by Amazon, has suffered a massive cyber attack this week. More than 50 million accounts have been compromised. And again, it’s a good idea to use different passwords (and e-mail addresses) on different sites.
- “For Their Eyes Only”: Citizen Lab released a 117-page report about the commercialization of digital spying: “The report features new findings, as well as consolidating a year of our research on the commercial market for offensive computer network intrusion capabilities developed by Western companies.”
- One finding in the Citizen Lab report: “We identify instances where FinSpy makes use of Mozilla’s Trademark and Code. The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest.” As a reaction Mozilla has sent Gamma (the FinSpy maker) a cease and desist letter.
- Multiple Twitter accounts of The Guardian were hacked. The Guardian said that the attack started with phishing emails to staff. Twitter warns Journalists: “We believe that these attacks will continue“.
- The Dutch government has announced plans to give police rights to hack into computers – including those located in foreign countries.
- Robert Lemos wrote about the “Five Habits Of Highly …Successful Malware“.
About a month ago the openresolver project published the results of a global scan enumerating open recursive DNS Servers. A daunting 27.200.613 systems where found.
In the past we’ve reported on large scale DDoS attacks in this blog. The attacks are real, and they are not just some rare random occurrences on the net. The recent attack on Spamhaus illustrates this quite clearly. People have different views on Spamhaus’ activities, but that’s not the point. The point is that there are people out there that can launch massive attacks that even Tier 1 carriers will feel. And it’s not only “Spammers against Spamhouse” that do this. A recent attack we analysed, weighting “only a few dozens MBits/s” was launched by a literal looser, someone who did not get what he wanted in an MMOG, against a game server. We also see attacks against competitors, to black mail people and, quite ironically in the name of “internet freedom of speech”, against disagreeable sites.