July 21, 2011
Anonymous is at it again, this time exfiltrating a gigabyte of protected data from NATO.
“Yes, #NATO was breached. And we have lots of restricted material,” the group tweeted on its AnonymousIRC Twitter feed, one of several it and another hacker group, AntiSec, use to release information and news about their activities.
July 20, 2011
According to a recent report, German federal law enforcement computer networks were compromised for nearly a year before the intrusion was noticed. The attackers, who call themselves the “No Name Crew”, used that time to gather tremendous amounts of privileged information on government and law enforcement operations.
Many companies are still using the “hard shell, chewy center” model of computer security – lock down the perimeter so that nobody can get through. As the French discovered with the Maginot Line, that’s not a valid means of defense. Any network of noticeable size has compromised machines on it; that’s just a fact of life these days. Do you have the internal controls in place to find and limit the access of these machines?
May 31, 2011
Lockheed Martin, the country’s largest defense contractor, has suffered a serious network attack. Their VPN architecture was exploited, likely using code from the RSA SecureID intrusion earlier this year.
This is probably the first of many. After all, people have looked at the multifactor authentication afforded by SecureID as the gold standard for years; if that’s cracked, we’re all in a lot of trouble.
May 6, 2011
There has apparently been a sizable data exfiltration at LastPass, an application service provider who stores passwords for user accounts. The data was of sufficient size that it probably includes hashed “master passwords”, which serve as the crypto keys to unlock the stored passwords on the service.
If you’re using LastPass, you may want to change your password. And you may also want to reconsider the wisdom of storing all of your passwords in a stranger’s datacenter.
May 2, 2011
The recent Amazon cloud services outage has caused some consternation, especially among the customers who permanently lost data that they had entrusted to Amazon for safekeeping.
It is important to remember that one of the three pillars of information security is “availability”: that is, ensuring that your information environment is robust enough to survive catastrophic events and continue providing information resources to the people who need them. Clearly, simply handing over your business data to a third-party and then washing your hands of responsibility for it is not a valid practice.
April 27, 2011
Sony is not having a great week. Looks like some “external attacker” has made off with the mother lode of data from the subscription section of Playstation Network.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
April 27, 2011
The police in Seattle have seized a black Mercedes thought to be used for large-scale “wardriving” data theft from area businesses. The owners were cruising around the city, looking for small businesses using vulnerable WEP encryption on their wireless networks, and then intercepting data for later use.
If your company has a wireless network, PLEASE be aware of the security implications of what you’re doing. Wireless isn’t like traditional Ethernet – the radio waves can travel right through the walls into the parking lot or other public space, and simple point-and-click eavesdropping tools make it easy for even a technical neophyte to gather data from a misconfigured network.
April 15, 2011
The popular blog hosting site WordPress has been compromised – some source code and other proprietary information appears to have been copied. Apparently the intruders were not aware that most of the source code for the project is freely available under an Open Source license.
April 1, 2011
Nearly four hundred thousand URLs have been compromised by a massive spree of SQL injection attacks. The affected sites are being used to redirect visitors to fake antivirus software and other malicious content.
March 30, 2011
In the wake of last week’s compromise at Comodo, which was use to issue fraudulent certificates, two more breaches have been announced.
Certification Authorities, or CAs, are at the top of the trust hierarchy for SSL connections. They are the people that verify that a certificate claiming to be from google.com is actually from Google. If a large CA is compromised, and certificates can be forged, the entire trust system built into SSL implementation begins to crumble. This is, to put it lightly, a Bad Thing.