ISD Podcast Episode 138 for May 26, 2010. This podcast is our contribution back to the community where we will discuss the vulnerabilities of interest, information security related news hopefully providing you a few laughs and a little knowledge.
Announcements:
MyHardDriveDied.com:
- MHDD Data Recovery Class current dates and locations:
- San Francisco – June 14th -18th
- Atlanta – July – 12th-16th
- Dallas, TX – October – 11th – 15th
- Washington DC – December 6th – 10th
- Cost is $3500 for all classes to reserve and register, call (678) 445-9007, email: [email protected] or go to http://www.myharddrivedied.com. Use the Discount Code: isdpodcast for a $300 discount.
SANS Mentoring Program:
- Jason Lawrence will also be putting on the SANS Mentor Forensics 508 – Computer Forensics and Investigations course in Sandy Springs starting Tuesday, June 22, 2010 – Tuesday, August 24, 2010 (http://www.sans.org/mentor/details.php?nid=21538). Use the Discount Code: isdpod15 for a 15% discount.
Atlanta ISSA:
- ISSA International Conference – September 16, 2010 (http://www.issa.org/page/?p=105)
North Alabama ISSA:
- Hosting Second annual North Alabama Cyber Security Summit to be held on June 9th in Huntsville AL. Event is open to ISSA members at a discounted price ($35 full price is $50). For more information please visit the North Alabama ISSA’s web site at: http://northalabama.issa.org/. Email [email protected].
Friends of the Podcast:
Webhosting services:WebSpeedway
Stories of Interest:
News item 1: http://www.news.com.au/breaking-news/firing-dispatcher-for-facebook-drug-joke-was-right-wisconsin-council-claims/story-e6frfku0-1225870794794
“A city council in Wisconsin defended its decision to fire a Police and Fire Department dispatcher who joked about drug addiction on her Facebook page.”
The arbitrator said the dispatcher could come back after a 30 day suspension but the police chief appears to believe her joke was so inappropriate and “an embarrassment to the city”.
Personally this seems a bit extreme, however social networking users should be aware investigating face book pages of employees is becoming more common. Interested in seeing other status messages or postings then checkout: http://youropenbook.org.
News item 2: http://www.net-security.org/secworld.php?id=8786
Brian Thomas Mettenbrink from Nebraska has been sentenced to a year in federal prison for his participation in the cyber attacks on the Church of Scientology’s servers a couple of years ago.
Metterbrink pleaded guilty in January. Back then, he admitted that he downloaded computer software from an “Anonymous�� message board and used that software to bombard Scientology websites to the point that it impaired the integrity and availability of those websites in a variation of a DDoS attack.
News item 3: http://twitter.com/AmericanExpress/status/14717827795
American Express may be in hot water after a computer engineer discovered a portion of the card brand’s website, which claims to be secure, is sending private information in the clear.
Joe Damato wrote in a blog post Tuesday that he received a promotional email from American Express encouraging him to sign up for the Daily Wish service, through which cardholders can receive hefty discounts on a limited amount of merchandise, such as computers and camcorders.
If users click on the “Sign up for Daily Wish” button, they are prompted to enter personal information, such as name, card number, security code, expiration date and billing zip code, into a pop-up box. The box includes a “This page is secure” notification link, but upon further review, Damato found this not to be the case.
The domain for the sign-up box was not using “https,” an encrypted form of information transfer, he said. Damato used the open-source packet analyzer Wireshark to confirm that the (fake) information he entered into the form was delivered in clear text back to American Express’ server.
The card company, in a tweet posted this evening said “Aware of situation, under investigation. Site is secure & we’d always contact Cardmembers w any potential acct issue.”
News item 4: http://www.wired.com/threatlevel/2010/05/lanrev/
A controversial remote administration program that a Pennsylvania school district installed on student-issued laptops contains a security hole that put the students at risk of being spied on by people outside the school, according to a security firm that examined the software.
The LANrev program contains a vulnerability that would allow someone using the same network as one of the students to install malware on the laptop that could remotely control the computer. An intruder would be able to steal data from the computer or control the laptop webcam to snap surreptitious pictures.
The vulnerability was discovered by researchers at Leviathan Security Group. They began examining the program after customers who saw media coverage of the Pennsylvania case expressed concern that the program might be exposing their employee computers to intrusion from outsiders. The same software is used by many businesses to monitor and maintain their employee laptops.