Alert Note by US-Cert reff POS malware.
https://www.us-cert.gov/ncas/alerts/TA14-212A
Friday, August 22, 2014
Wednesday, August 20, 2014
David Paddon, The Canadian Press
Published Monday, August 18, 2014 1:01PM EDT
Read more: http://www.ctvnews.ca/business/study-estimates-36-of-canadian-businesses-know-they-ve-been-hit-by-cyber-attack-1.1964550#ixzz3AzlC08kY
Published Monday, August 18, 2014 1:01PM EDT
TORONTO -- More than one-third of Canada's IT professionals know -- for
sure -- that they'd had a significant data breach over the previous 12
months that could put their clients or their organizations at risk, a
cybersecurity study suggests.
And as startling as that statistic may be, the actual number of breaches could be higher since the same international study found 56 per cent of the 236 Canadian respondents said they believed threats sometimes fall through the cracks.
"Even the best-protected networks have regular security incidents," says Jeff Debrosse, director of security research for Websense, a U.S.-based security company that commissioned the study.
And as startling as that statistic may be, the actual number of breaches could be higher since the same international study found 56 per cent of the 236 Canadian respondents said they believed threats sometimes fall through the cracks.
"Even the best-protected networks have regular security incidents," says Jeff Debrosse, director of security research for Websense, a U.S.-based security company that commissioned the study.
Read more: http://www.ctvnews.ca/business/study-estimates-36-of-canadian-businesses-know-they-ve-been-hit-by-cyber-attack-1.1964550#ixzz3AzlC08kY
Tuesday, August 19, 2014
This is from another client that is using incorrect authntication in the clear.
This is from another client that is using incorrect authentication
in the clear. The original developer thought this would be good enough to use
BASE64 https://en.wikipedia.org/wiki/Binary-to-text_encoding
, but the problem is the following, it is in the clear, any hacker that has
basic understanding of computer binary to ASCII can convert this back. As this
is not encryption
The other problem with this system, they didn’t employ
correct SSL encryption.
So now they have 2 options:
- Correctly encrypt the message. Use a AES key
- Or keep the same system and encrypt the TCP request to the server using SSL.
Best practice would be to Encrypt the Steam via SSL as this
would also protect against other identifying information of this system.
Below is the example of the intercepted http stream:
GET “/clients/aug-2012/CLIENTDATA.pdf” HTTP/1.1
Host: “serverhostedbytheclient.com”
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0)
Gecko/20100101 Firefox/31.0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
The reality is a large number of providers are still using
this. As some systems have been in place since the early 1990s.
Thursday, August 14, 2014
STUXNET: The Virus that Almost Started WW3
Real security work is not as fun as this movie makes it. never the less This is a great video as it outline the working of one the early cyber weapons.
So we decided to embed twitter feed directly into our main website, this is not a security blog post but more of a tech how to, in short all the info that was needed to do so was explained in this link from twitter.
https://dev.twitter.com/docs/embedded-timelines#customization
The result now looks like this:
Tweets by @CanadaCyber
https://dev.twitter.com/docs/embedded-timelines#customization
The result now looks like this:
Tweets by @CanadaCyber
Tuesday, August 5, 2014
Subscribe to:
Posts (Atom)