Hacking & Security
Office supply retailer Staples is investigating a possible breach of its systems following reports from the banking industry of fraudulent credit and debit card transactions at stores in the northeastern United States.
On Tuesday, the company acknowledged that a breach may have occurred and that it had contacted the appropriate law enforcement agencies. The retailer declined to provide further details.
“Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement,” a spokesperson said in a statement sent to Ars. “If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis.”
Last week, Ars reported on the story of Anonabox, an effort by a California developer to create an affordable privacy-protecting device based on the open source OpenWRT wireless router software and the Tor Project’s eponymous Internet traffic encryption and anonymization software. Anonabox was pulled from Kickstarter after accusations that the project misrepresented its product and failed to meet some basic security concerns—though its developers still plan to release their project for sale through their own website.
But Anonabox’s brief campaign on Kickstarter has demonstrated demand for a simple, inexpensive way to hide Internet traffic from prying eyes. And there are a number of other projects attempting to do what Anonabox promised. On Kickstarter competitor Indiegogo there’s a project called Invizbox that looks almost identical to Anonabox—except for the approach its team is taking to building and marketing the device.
Based on the Chinese-built WT 3020A—a small wireless router that appears identical to the box that was the basis for the Anonabox—the Invizbox will have similar specs to the cancelled Kickstarter: 64 megabytes of RAM, 16 megabytes of Flash storage, and the Linux-based OpenWRT embedded OS. The main difference, according to the Dublin, Ireland-based team behind Invizbox (Elizabeth Canavan, Paul Canavan, and Chris Monks) is that their Tor router will be locked down better—and they won’t pretend that they’re using custom-built hardware.
US-CERT nabádá uživatele, aby si dávali pozor před e-mailovými podvody zneužívajícími šíření viru Ebola. Phishingové e-maily mohou obsahovat odkazy, které vedou uživatele na stránky sbírající osobní informace, jako jsou přihlašovací údaje, nebo obsahují nebezpečné přílohy, které mohou infikovat systém.
Poslední desktopový operační systém společnosti Apple známý jako Mac OS X 10.10 Yosemite, posílá bez vědomí uživatele informace o poloze uživatele a jeho vyhledáních na servery společnosti Apple.
Nový typ scareware advertisement útoku klame uživatele tvrzením, že jejich systém byl infikován a nyní je potřeba pomoc expertů, kteří malware odstraní. Mechanismus šíření malware je docela jednoduchý. Poté, co je nejdříve nakažen počítač adwarem, "vyskočí" na uživatele při surfování neočekávaně reklama na falešný antivirus.
Společnost Cisco analyzuje své produkty za účelem identifikování těch, které jsou dotčené nedávno odhalenou zranitelnosti v protokolu Secure Sockets Layer (SSL) verze 3.
"Tarjeta BIP!" is the electronic payment system used in Chile to pay for public transportation via NFC incorporated in the user's smartphone. Numerous projects enabling mobile NFC ticketing for public transportation have been already executed worldwide. This is a trend. It means that criminal minds should be interested in it. Moreover, they are.
More and more people keep talking about the feature of payments via NFC. The problem in this particular case is that somebody reversed the "Tarjeta BIP!" cards and found a means to re-charge them for free. So, on Oct. 16 the very first widely-available app for Android appeared, allowing users to load these transportation cards with 10k Chilean pesos, a sum equal to approximately $17 USD.MD5 (PuntoBIP.apk) = 06a676fd9b104fd12a25ee5bd1874176
Immediately after appearing on the Internet, many users downloaded it and proved they were able to recharge their travel cards. All they had to do is to install the mentioned app on a NFC capable Android device, to approach the travel card to the phone and then to push the button "Cargar 10k", which means "Refill the card with 10,000" Chilean pesos.
According to the metadata of the .dex file package, it was compiled on October 16, 2014 and it has 884.5 kB (884491 Byte) size. The feature it incorporates interacts directly with the NFC port: android.hardware.nfc
The app has four main features: "número BIP" - to get the number of the card, "saldo BIP" - to get the available balance, "Data carga" - to refill available balance and finally, maybe the most interesting is "cambiar número BIP" - allowing the user to change the card number altogether. Why would we say this last feature is the most interesting? Well, a source suggested the authorities were going to block fraudulently refilled BIP cards. However, as we can see, the app is able to change the BIP number.
Since the original links to download the app were taken down, new links appeared, now pointing to new servers and actually hosting a new app:MD5 (PuntoBIP-Reloaded.apk) = 2c20d1823699ae9600dad9cd59e03021
This is a modified version of the previous app, compiled on the next business day Oct 17, 2014 and which is a lot bigger 2.7 MB (2711229 Byte). This includes an advertisement module which shows ads via the doubleclick network.
Since both apps allow users to hack a legitimate application, they are now detected by Kaspersky as HEUR:HackTool.AndroidOS.Stip.a
Since the app is a hot one and a lot of people from Chile are looking for it, I expect some bad guys to come along and create fake similar apps but trojanized to infect mobile users and take some advantage of their interest.
At the same time, it is important to mention that mobile payments are getting more and more popular. NFC is one of the most promising ports in this field. This is a good example of how fresh new payment schemes often present the same old problems.
Thanks to Roman Unuchek for his analytical insights.
You may follow me on twitter: @dimitribest
2-Step Verification offers a strong extra layer of protection for Google Accounts. Once enabled, you’re asked for a verification code from your phone in addition to your password, to prove that it’s really you signing in from an unfamiliar device. Hackers usually work from afar, so this second factor makes it much harder for a hacker who has your password to access your account, since they don’t have your phone.
Today we’re adding even stronger protection for particularly security-sensitive individuals. Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google. Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished.
Security Key and Chrome incorporate the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, so other websites with account login systems can get FIDO U2F working in Chrome today. It’s our hope that other browsers will add FIDO U2F support, too. As more sites and browsers come onboard, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported.
Security Key works with Google Accounts at no charge, but you’ll need to buy a compatible USB device directly from a U2F participating vendor. If you think Security Key may be right for you, we invite you to learn more.
Posted by Nishit Shah, Product Manager, Google Security
Introduction In recent weeks, security experts at Kaspersky Lab have observed several attacks on Automated Teller Machines (ATMs) which were infected by malware dubbed Tyupkin. Tyupkin is one of the most popular malwares used by criminals to compromise ATMs and force these machines to release cash on demand. Experts at [...]
Introduction In this article we’re going to take a look at how to secure a WordPress installation against attackers in an IaaS virtual machine. Virtual machines can be rented with various IaaS cloud providers, and only a credit card is needed to actually rent a virtual machine, which is quite [...]
The post Protecting WordPress Installations in an IaaS Environment appeared first on InfoSec Institute.