WEEKLY DATA SECURITY NEWS ROUND UP

Ed. 25April 26, 2013

U.S. Department of Labor website hacked and redirecting to malicious code

The guys over at Alienvault Labs do some great research, and this story hit their website just yesterday.

“During the last few hours we have identified that one the U.S. Department of Labor website has been hacked and it is serving malicious code.”

Dishing out malicious code to the masses, ice cold U.S. Department of Labor, ice cold.

The method that these hackers has been seen before, but it’s still damn smart. They 3essentially re-direct the user to a version of the website that executes a script in the browser. This script gathers as much information from the user about the specific versions of antivirus they are using, and also the version of java, adobe, and other easily exploitable programs that they have on their computer. Once that information is compiled and sent to the hackers, getting access to any aspect of their computer is a complete joke. Alienvault noticed the method and pointed out that this technique has been used before.

“Some of the techniques used in this attack are very similar to the ones we identified a few months ago in an attack against a Thailand NGO website”

To go into the full details here is pointless, check out the extensive report on Alienvault yourself, it’s fascinating stuff.

WEEKLY DATA SECURITY NEWS ROUND UP

Ed. 26May 3, 2013

=

This is an odd one.

This has nothing to do with the technical side of hacking. It’s more of a social engineering story that is taken to an extreme.

It’s a story of Charles Cullen, a silent killer who used some pretty sneaky techniques to get access to certain drugs and administer them to patients in lethal dosage.

Charles didn’t go for the obvious drugs and substances, he went for the ones that were unsuspecting and would slip under the radar. Just when he felt someone was picking up on his trail, he would switch methods or drugs. The tracking system within the database kept get-ting tricked by his methods, and he’s been at this for entirely too long.

The story here is that cunning people within every business can learn these systems like the back of their hand. And once they do, they can choose to exploit it. One of our toughest jobs is making sure that everything is the way it should be both within and outside the system.

Source: Wired

LivingSocial Hacked, 50 Million Accounts Compromised

Social deals platform LivingSocial was hacked over the weekend and the accounts for 50 million users were affected by the breach. The breach allowed hackers to gain access to names, email addresses, encrypted passwords and, in some cases, date of birth.

CEO Tim O’Shaughnessy had this to say:

“LivingSocial recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue. We need to do the right thing for our customers who place their trust in us, and that is why we’re taking the steps described and going above and beyond what’s required. We all need to work incredibly hard over the coming days and weeks to validate that faith and trust.”

This breach comes just one month after CTO Aaron Battalion left the company. He must be giggling.

Your Mac, iPhone or iPad may have left the Apple store with a serious security risk

If you haven’t heard of the Wifi Pineapple, don’t waste a second longer and click that link right now. You can now get these devices for as little as $20, and they’re powerful in the right hands.

A great example of why it’s so powerful is in another blog post recently made by Troy Hunt, a self-proclaimed “Microsoft MVP”. In it, he details why your Apple device could be in danger as soon as it leaves the store.

The “Apple Demo” Wifi network that their devices are initially connected to is the name that the Wifi Pineapple exploits to gain access to your device. If not, it’s the “Apple Store” wifi that causes the issue. Troy explains a scenario in which he had to get his iPad looked at, and he left the store connected to the “Apple Store”. He had this to say:

“as soon as someone walks out of the Apple store after receiving support it’s highly likely that an attacker can begin immediately monitor-ing their internet traffic. It’s that easy.”

So what’s the overall summary?

if Apple helped you set your device up or provided you with support in the store it’s now exceptionally easy for an attacker to monitor and manipulate the majority of internet traffic that passes through it.

The entire account is an awesome read, check it out now.

How a Serial-Killing Night Nurse Hacked Hospital Drug Protocol