TrustedSec Security Podcast Episode 32 for January 22, 2016. This podcast is hosted by Rick Hayes, Scott White, Justin Elze and Geoff Walton.
Visit the show notes page to download the Podcast or check us out on iTunes!
Download Page https://www.trustedsec.com/podcasts/trustedsec-security-podcast-episode-32.mp3
XML Page https://www.trustedsec.com/podcasts/trustedsecsecuritypodcast.xml
Announcements:
TrustedSec TV
https://www.youtube.com/watch?v=4Vxh7hGMDnE
Bsides Huntsville
When: Feb 6, 2016
Where: Huntsville, AL
https://www.bsideshuntsville.org
CypherCon
When: March 11-12, 2016
Where: Milwaukee, WI
http://cyphercon.com
Atlantic Security Conference
When: April 7-8, 2016
Where: Halifax, Nova Scotia
http://atlseccon.com
Bsides Rochester 2016
When: April 23, 2016
Where: Rochester NY (RIT, GCCIS Building)
https://twitter.com/bsidesroc
Stories:
Source: https://github.com/cxxr/lostpass
http://news.softpedia.com/news/lastpass-vulnerable-to-extremely-simple-phishing-attack-499023.shtml
Security researcher Sean Cassidy has developed a fairly trivial attack on the LastPass password management service that allows attackers an easy method for collecting the victim’s master password.
Mr. Cassidy discovered that whenever LastPass sessions expire while the user is browsing the Web, LastPass shows this using notifications injected in a page’s content. The subsequent login page and the two-factor authentication code, if enabled, are also displayed in the same way.
Source: http://www.fastcompany.com/3055684/fast-feed/ad-blocking-firm-unceremoniously-dumped-from-ad-industry-conference
The Interactive Advertising Bureau (IAB) has booted Adblock Plus from its yearly conference with little more than “sorry, not sorry.” The company, which boasts more than 400 million downloads of its ad-blocking browser extension, was dismissed with a curt email from the IAB, according to an Adblock Plus blog post.
A screenshot posted to Adblock Plus’s blog shows an email exchange between the company and the IAB, in which a representative of the IAB simply states that Adblock Plus’s registration had been canceled and the fee refunded.
Source: http://arstechnica.com/security/2016/01/ios-cookie-theft-bug-allowed-hackers-to-impersonate-users/
Apple has squashed a bug in its iOS operating system that made it possible for hackers to impersonate end users who connect to websites that use unencrypted authentication cookies.
The vulnerability was the result of a cookie store iOS shared between the Safari browser and a separate embedded browser used to negotiate “captive portals” that are displayed by many Wi-Fi networks when a user is first joining. Captive portals generally require people to authenticate themselves or agree to terms of service before they can gain access to the network.
Source: http://www.securityweek.com/fireeye-acquires-isight-partners-275-million-deal
FireEye announced on Wednesday that it has acquired cyber threat intelligence firm iSIGHT Partners, in a deal valued at up to $275 million.
Under the terms of the agreement, FireEye will pay roughly $200 million in cash to acquire 100 percent of the outstanding shares of iSIGHT, with performance based incentives that could earn former iSIGHT shareholders $75 million in cash and equity upon the achievement a bookings target on or before the end of FireEye’s second quarter of 2018.
The transaction closed on January 14, 2016, and FireEye said it would add new intelligence subscription models catered to specific industry verticals, similar to FireEye’s planned partnership with Visa.
Source: http://www.theridgefieldpress.com/57055/rso-website-hacked-by-anonymous/
What does the Ridgefield Symphony Orchestra have in common with the Church of Scientology, ISIS, the U.S. government, Mastercard, VISA, PayPal and child pornography websites?
They’ve all, apparently, been hacked by Anonymous, the international “hacktivist” network.
The orchestra has no idea why, if indeed the hackers to hit its website on Jan. 19 were, as claimed, part of Anonymous — a shadowy group that seems to combine criminal hacking skills and instincts with seemingly idealistic motivations. The group made headlines not long ago by announcing it was going to go after ISIS on the web, following the terrorist group’s Paris bombings.
Source: http://www.computerworld.com/article/3024404/security/worst-most-common-passwords-for-the-last-5-years.html
Splashdata has again released its annual list of the most popular and therefore worst passwords found in over two million leaked passwords during 2015. If your password is on the list, then Splashdata said you are continuing to put yourself “at risk for hacking and identity theft by using weak, easily guessable passwords.”
Source: https://www.grahamcluley.com/2016/01/msn-home-page-spreads-malware-malicious/
The likes of Forbes and Yahoo Mail are reportedly trying to block access to users who are running ad blockers. But it’s an argument that is losing ground as more and more internet users find their computers are compromised by malvertising.
According to security firm MalwareBytes, the latest high profile site to be found spreading malware to its visitors via dodgy ads is MSN.
As researcher Jerome Segura reports, the attack appears to have been primarily focused on German users – posing as an ad for the cheap-and-cheerful supermarket chain Lidl.
Source: http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html
Cybersecurity experts at SEC Consult revealed a secret doorway that’s built into a popular conference calling product built by a company called AMX.
AMX makes tablet panels used to control conference calls for businesses, government agencies and universities.
The company hard-coded backdoor access into its system. AMX created a “secret account” with a permanent username and password, which means a hacker who already sneaked into a computer network could tap into actual meetings, if the hacker knew the backdoor access code.
Source: http://www.bloomberg.com/news/articles/2016-01-19/e-mail-spam-goes-artisanal
When a group of hackers sought to steal iTunes passwords from Apple customers in France, they didn’t spam the entire country. They sent out just 5,000 e-mails to French-speaking targets containing links to a fake login page.
The attack, which took place in October, was a success, at least by spamming standards. Most of the e-mails found their way to their intended recipients’ inboxes, a rare occurrence with today’s sophisticated spam filters. Agari Data, a cyber-security company that tracked the incident, said more spammers are adopting this kind of small-batch approach in the hopes of breaking through junk-mail blocking software.
As anyone with a Gmail or Yahoo! account knows, spam e-mail is mostly relegated to a folder you probably never check. Unlike the old days of the Internet, in-boxes are no longer clogged with poorly worded come-ons for Viagra pills and Nigerian banking scams. Modern anti-spam filters block more than 99.99 percent of junk messages.
The post TrustedSec Security Podcast Episode 32 – LastPass, AdBlock Blocked, RSO, FireEye, MSN, AMX, Spam appeared first on TrustedSec - Information Security.