InfoSec Daily Podcast Episode 534 [ 46:21 | 21.24 MB ] Play Now | Play in Popup | Download (167)

InfoSec Daily Podcast Episode 534 for November 30, 2011.  Tonight's podcast is hosted by Rick Hayes, Boris Sverdlik, Karthik Rangarajan, and Keith Pachulski.

Announcements:
Brad Smith (theNurse)
We all know and love Brad Smith, aka theNurse.  His humor and smiling positivity is a wonderful example for our community.  At Hacker Halted he had a massive stroke and has been in the hospital for almost a month.

Brad and his wife did not ask for this help, but as a community we feel that if we can help we want to.  Please feel free to check in for status or to donate.  Either way we thank you and I know Brad thanks your for your support, prayers and positive thoughts.

http://www.social-engineer.org/brad-smith-updates/
http://www.social-engineer.org/bradsmithdonation/

SANS Mentoring: Security 401 SANS Security Essentials Bootcamp Style
When: Starts January 24, 2012
Where: Atlanta, GA
Discount Code:
http://www.sans.org/mentor/details.php?nid=25484

ShmooCon 2012
When: January 27th-29th, 2012
Where: Washington Hilton Hotel, Washington, DC
http://www.shmoocon.org

DerbyCon 2012 – "Dropping the Deuce"
When:  September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com

Thanks to everyone that has purchased products from Amazon through the affiliate program.  If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.

Stories:

Source: https://www.networkworld.com/news/2011/112411-hungarian-hacks-marriotts-systems-to-253458.html

A Hungarian citizen has pleaded guilty to stealing confidential information from the computers of Marriott International, and threatening to reveal the information if the hotel chain did not offer him a job maintaining the company's computers, the Department of Justice said on Wednesday.

Attila Nemeth, 26, pleaded guilty in the District of Maryland before U.S. District Judge J. Frederick Motz, according to a statement by DOJ. He was detained after he traveled to the U.S. on a ticket purchased by Marriott for a fictitious job interview.

Nemeth is said to have admitted that he used an infected email attachment sent to some Marriott employees to install malicious software on the company's system that gave him a "backdoor" access to proprietary email and other files.

Nemeth sent an email to Marriott staff on Nov. 11 last year, informing them that he had been accessing Marriott's computers for months and had obtained proprietary information, according to Nemeth's plea agreement. He threatened to reveal the information if Marriott did not give him a job maintaining the company's computers.
…

Source: http://www.smh.com.au/world/thai-crackdown-on-facebook-remarks-on-king-20111125-1nz1t.html

Thailand has warned users of Facebook that they could face prosecution under harsh lese-majeste laws if they press ''share'' or ''like'' on images or articles considered unflattering to the Thai monarchy.

The prosecution of a Thai-born US citizen who has pleaded guilty to translating a banned biography of King Bhumibol Adulyadej has signalled that authorities are also targeting lese-majeste offences committed overseas.

Thailand's Information and Communications Technology Minister, Anudith Nakornthap, says that even though Facebook clicks of ''like'' or ''share'' are only done to show support for messages, they could violate laws that carry sentences of three to 15 years jail for each charge.
…

Source: http://www.echannelline.com/usa/brief.cfm?item=18717

Google replaced Microsoft as the number one vendor for reported vulnerabilities, with a total of 82, due to existing vulnerabilities in Chrome as the browser grows in popularity. Oracle came in second, with 63; Microsoft fell to third place, with 58, all according to Trend Micro's Third Quarter Threat Report.

Trend Micro threat researchers also witnessed a significant shift from mass compromises to targeted attacks, particularly against large enterprises and government institutions. Their work led them to the uncovering of one of the most notable groups of targeted attacks during the third quarter – the LURID downloader.

These attacks, which were classified by Trend Micro as advanced persistent threats (APTs), targeted major companies and institutions in over 60 countries, including Russia, Kazakhstan, and the Ukraine. The cybercriminals behind these attacks launched over 300 malware campaigns in order to obtain confidential data from and take full control of affected users' systems over an extended period of time. LURID was successful because it was targeted by its nature. By zoning in on specific geographic locations and entities, LURID compromised as many as 1,465 systems.

Source: http://www.telegraph.co.uk/technology/news/8915245/Criminals-and-cyber-bullies-to-be-banned-from-the-web.html

Criminals who commit offences online and cyber bullies will be banned from the internet as part of the Government’s new cyber security strategy, announced today.   

It calls for police and courts to make more use of existing “cyber sanctions” to restrict access to the social networks and instant messaging services in cases of hacking, fraud and online bullying. Sex offenders and those convicted of harrassment or anti-social behaviour also face more internet restrictions under the new strategy.

Similar orders have been imposed on those charged with involvement in a series of cyber attacks by the Anonymous and LulzSec groups earlier this year, while they await trial.
Cyber sanctions were also used following the riots this summer. Two teenagers in Dundee were banned from the web for inciting riots via Facebook.

Officials are now looking into whether "cyber tag" technology could be used to monitor offenders and report to authorities if break their bail or sentence conditions by using the internet.

"The Ministry of Justice and the Home Office will consider and scope the development of a new way of enforcing these orders, using ‘cyber-tags’ which are triggered by the offender breaching the conditions that have been put on their internet use, and which will automatically inform the police or probation service," cyber security strategy said.  
…

Source: https://torrentfreak.com/mpaa-costs-hollywood-more-than-us-bittorrent-piracy-111122/

During the last year Netflix managed to outgrow BitTorrent in terms of the amount of US Internet traffic it generates. A promising finding for Hollywood as it shows that there’s an overwhelming interest for the legal movie streaming service. At TorrentFreak we wondered what might happen if all US BitTorrent users made the switch to Netflix, and the results of this exploration are quite intriguing.
   
The movie industry claims that piracy is costing them billions of dollars a year.

Luckily for Hollywood, many Americans choose to consume their online media through legal services such as Netflix. In fact, there are now so many that the total Internet traffic generated by Netflix has outgrown that of BitTorrent.

This made us wonder – what would happen if all movie-downloading BitTorrent users made the switch to Netflix? What if movie piracy via BitTorrent disappeared?

Before we crunch some numbers we have to say that the model we use relies on a lot of assumptions. However, we try to keep these in favor of the movie industry to maximize their potential ‘profits’. We obviously chose Netflix as a BitTorrent replacement because it comes closest to what ‘pirates’ want.
…

Source: http://techcrunch.com/2011/11/24/eu-court-rules-isps-cant-be-forced-to-filter-out-illegal-content/

The European Court of Justice this morning ruled that content owners can not strong-arm Internet service providers (ISPs) into filtering out copyright-infringing content.

This case has its origin in a dispute between ISP Scarlet and SABAM, a Belgian management company responsible for authorizing the use by third parties of the musical works of authors, composers and editors. In 2004, the right-holders group established that users of Scarlet’s services were downloading such musical works from its catalogue by means of peer-to-peer (p2p) file-sharing networks.

Belgium’s Court of First Instance ordered Scarlet, on pain of a periodic penalty, to bring those copyright infringements to an end by making it impossible for its customers to send or receive in any way electronic files – a filter, in other words. Scarlet appealed the decision, claiming the ruling was incompatible with EU law as well as the e-Commerce Directive.

Indeed, EU law says national authorities must not adopt measures which would require an ISP to carry out general monitoring – let alone filtering – of the information that it transmits on its network.
…

InfoSec Daily Podcast Episode 533 [ 54:16 | 24.86 MB ] Play Now | Play in Popup | Download (168)

InfoSec Daily Podcast Episode 533 for November 29, 2011.  Tonight's podcast is hosted by Rick Hayes, Boris Sverdlik, Karthik Rangarajan, and Varun Sharma.

Announcements:
Brad Smith (theNurse)
We all know and love Brad Smith, aka theNurse.  His humor and smiling positivity is a wonderful example for our community.  At Hacker Halted he had a massive stroke and has been in the hospital for almost a month.

Brad and his wife did not ask for this help, but as a community we feel that if we can help we want to.  Please feel free to check in for status or to donate.  Either way we thank you and I know Brad thanks your for your support, prayers and positive thoughts.

http://www.social-engineer.org/brad-smith-updates/
http://www.social-engineer.org/bradsmithdonation/

Vote For Wim Remes & Dan Houser (@1cissp on twitter)
When: Starts November 16, 2011
Where: ISC2
Who: CISSP’s
http://blog.isc2.org/isc2_blog/2011/11/cast-your-vote-isc%C2%B2-board-of-directors-election-begins-nov-16-2011.html

SANS Mentoring: Forensics 408 – Computer Forensic Essentials
When: Starts November 30, 2011
Where: Atlanta, GA
Discount Code: M1011IPAD (free iPad 2)
http://www.sans.org/mentor/details.php?nid=25504

SANS Mentoring: Security 401 SANS Security Essentials Bootcamp Style
When: Starts January 24, 2012
Where: Atlanta, GA
Discount Code:
http://www.sans.org/mentor/details.php?nid=25484

ShmooCon 2012
When: January 27th-29th, 2012
Where: Washington Hilton Hotel, Washington, DC
http://www.shmoocon.org

DerbyCon 2012 – "Dropping the Deuce"
When:  September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com

Thanks to everyone that has purchased products from Amazon through the affiliate program.  If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.

We have an interesting discussion with Thomas Ryan.  Thomas is the creator of Robin Sage (http://en.wikipedia.org/wiki/Robin_Sage). 

InfoSec Daily Podcast Episode 532 [ 41:57 | 19.23 MB ] Play Now | Play in Popup | Download (161)

InfoSec Daily Podcast Episode 532 for November 28, 2011.  Tonight's podcast is hosted by Rick Hayes, Dave Kennedy, Boris Sverdlik, Beau Woods, Karthik Rangarajan, and Varun Sharma.

Announcements:

Brad Smith (theNurse)
We all know and love Brad Smith, aka theNurse.  His humor and smiling positivity is a wonderful example for our community.  At Hacker Halted he had a massive stroke and has been in the hospital for almost a month.

Brad and his wife did not ask for this help, but as a community we feel that if we can help we want to.  Please feel free to check in for status or to donate.  Either way we thank you and I know Brad thanks your for your support, prayers and positive thoughts.

http://www.social-engineer.org/brad-smith-updates/
http://www.social-engineer.org/bradsmithdonation/

Vote For Wim Remes & Dan Houser (@1cissp on twitter)
When: Starts November 16, 2011
Where: ISC2
Who: CISSP’s
http://blog.isc2.org/isc2_blog/2011/11/cast-your-vote-isc%C2%B2-board-of-directors-election-begins-nov-16-2011.html

SANS Mentoring: Forensics 408 – Computer Forensic Essentials
When: Starts November 30, 2011
Where: Atlanta, GA
Discount Code: M1011IPAD (free iPad 2)
http://www.sans.org/mentor/details.php?nid=25504

SANS Mentoring: Security 401 SANS Security Essentials Bootcamp Style
When: Starts January 24, 2012
Where: Atlanta, GA
Discount Code: M1011IPAD (free iPad 2)
http://www.sans.org/mentor/details.php?nid=25484

ShmooCon 2012
When: January 27th-29th, 2012
Where: Washington Hilton Hotel, Washington, DC
http://www.shmoocon.org

DerbyCon 2012 – "Dropping the Deuce"
When:  September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com

Thanks to everyone that has purchased products from Amazon through the affiliate program.  If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.

Episode 531 - Weekend Wrap-up with Dr. Bonez [ 42:35 | 19.7 MB ] Play Now | Play in Popup | Download (157)

InfoSec Daily Podcast Episode 531 for November 26, 2011.  Tonight's podcast is hosted by Dr. Bonez, and Boris Sverdlik.

InfoSec Daily Podcast Episode 530 [ 55:20 | 25.35 MB ] Play Now | Play in Popup | Download (187)

InfoSec Daily Podcast Episode 530 for November 23, 2011.  Tonight's podcast is hosted by Rick Hayes, Boris Sverdlik, Geordy Rostad, Dr. Bonez, and Varun Sharma.

Announcements:
No Show on Thursday (11/24) or Friday (11/25).  
In order to allow our hosts to enjoy the Holiday and spend time with their families we will not have any shows on Thursday (11/24) or Friday (11/25).  Dr. Bonez will have his weekend show on 11/26 9PM EST.  The normal show will return on 11/28.

Brad Smith (theNurse)
We all know and love Brad Smith, aka theNurse.  His humor and smiling positivity is a wonderful example for our community.  At Hacker Halted he had a massive stroke and has been in the hospital for almost a month.

Brad and his wife did not ask for this help, but as a community we feel that if we can help we want to.  Please feel free to check in for status or to donate.  Either way we thank you and I know Brad thanks your for your support, prayers and positive thoughts.

http://www.social-engineer.org/brad-smith-updates/
http://www.social-engineer.org/bradsmithdonation/

Vote For Wim Remes & Dan Houser (@1cissp on twitter)
When: Starts November 16, 2011
Where: ISC2
Who: CISSP’s
http://blog.isc2.org/isc2_blog/2011/11/cast-your-vote-isc%C2%B2-board-of-directors-election-begins-nov-16-2011.html

SANS Mentoring: Forensics 408 – Computer Forensic Essentials
When: Starts November 30, 2011
Where: Atlanta, GA
Discount Code: M1011IPAD (free iPad 2)
http://www.sans.org/mentor/details.php?nid=25504

SANS Mentoring: Security 401 SANS Security Essentials Bootcamp Style
When: Starts January 24, 2012
Where: Atlanta, GA
http://www.sans.org/mentor/details.php?nid=25484

ShmooCon 2012
When: January 27th-29th, 2012
Where: Washington Hilton Hotel, Washington, DC
http://www.shmoocon.org

DerbyCon 2012 – "Dropping the Deuce"
When:  September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com

Thanks to everyone that has purchased products from Amazon through the affiliate program.  If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.

Stories:
Source: http://moneyland.time.com/2011/10/27/now-credit-card-companies-want-your-dna/

All Your DNA Are Belong To Us
“According to a Visa patent application published in April, the company sees potential to use a wide array of personal details to create profiles that could be used for ad targeting well beyond shopping details. It describes the possibility of also using “information from social network websites, information from credit bureaus, information from search engines, information about insurance claims, information from DNA databanks,” and other sources.”
…
-thanks to Ciphersson for this story

Source:  http://www.allvoices.com/contributed-news/10935252-dhs-says-illinois-water-utility-wasnt-hacked

On Tuesday, the Department of Homeland Security said it could not confirm a report from an Illinois intelligence fusion center which stated that an Illinois water utility had been hacked. The DHS and FBI had been working with the Curran-Gardner Public Water District in Springfield, Ill.

Earlier, the Illinois Statewide Terrorism and Intelligence Center had reported an attack from a Russian IP address. The report said that by accessing a SCADA (supervisory control and data acquisition) system, the hackers had burned out a water pump at the facility.

The statement, by DHS spokesman Chris Ortman, said:
"After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois. There is no evidence to support claims made in initial reports–which were based on raw, unconfirmed data and subsequently leaked to the media–that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant. In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported. Analysis of the incident is ongoing and additional relevant information will be released as it becomes available."

Authorities are now investigating a claim that a hacker broke into computers that run a South Houston, Texas water system. pr0f said he hacked into the system because he was dismayed that the DHS downplayed the Illinois incident. He later added that the Texas system had been protected with only a three character password.

Joe Weiss, the security expert who first took note of the Illinois Statewide Terrorism and Intelligence Center report, titled, "Public Water District Cyber Intrusion," was suspicious of the DHS' conclusions. He said,

“This smells to high holy heaven, because when you look at the Illinois report, nowhere was the word preliminary ever used. It was just laying out facts. How do the facts all of a sudden all fall apart?”

http://pastebin.com/wY6XD97L
http://pastebin.com/TgRTgrAK
http://pastebin.com/HLNB6SAZ

Source:  http://reviews.cnet.com/8301-18438_7-20024644-82/amazons-free-shipping-secret

Want free two-day shipping on Amazon but don't want to pay for it? Well, if you know the right person, you don't have to.
That's right, last year around the holidays I offered up a little Amazon Prime tip for folks planning to do a lot of last-minute online shopping on Amazon.com. Now, with the holidays approaching again and a lot of people interested in the Kindle Fire, I thought I should update the story with some additional info.

Here's the deal. If you own or are considering purchasing an Amazon Prime membership ($79 for the year), which enables you to get free two-day shipping on a whole host of items in Amazon's catalog, you can actually share your Prime membership with up to four "household" members. A lot of people don't know about this option because it's buried in the settings menu under "Your Account."
To get there, just click on your "Your Account" (it's a little link in the top-right corner of your screen when you sign into Amazon). Look at the "Settings" section, and find "Manage Prime Membership." Once you click on that, you'll be able to send invitations to folks you're close to. You just select your relationship, and enter an e-mail address and a birthday of the recipient to send out the invitation.

Of course, some people balk at paying $79 for Amazon Prime, but if you could share the cost with a roommate or just want to be a generous family member, it starts to look like one of the great bargains, especially if you use Amazon a lot. Also, if you're a student, you can pick up six months of Prime with Amazon Student (just enter a .edu address to get your free six months).
It's worth mentioning that Amazon additionally has a program called Amazon Mom. As one reader pointed out in the comments section, the program, which is not gender specific (dads can use it as a primary caregiver), gives you three months of free Prime membership, and for every $25 you spend on "baby" items, you get another month free. Alas, Amazon Mom is currently closed to new members (you can add your name to a wait list).

Source:   http://www.pcadvisor.co.uk/news/security/3320374/microsoft-denies-xbox-live-has-been-hacked
Microsoft has denied that accounts belonging to Xbox Live users have been hacked.
            
Reports began surfacing this week that users of the online gaming service from Microsoft for the Xbox console were finding charges on their credit or debit cards for Microsoft Points, the currency used within the service. The purchases were for Microsoft Points, which allow Xbox Live users to buy extra games, add-ons and in-game items. It is thought the Microsoft Points that were obtained fraudulently had been used to buy extra content for a number of EA Sports games including FIFA 12, Madden and NBA.
This has lead to speculation that the tech giant had suffered at the hands of hackers, in the same way Sony did earlier this year, when the account details of 77 million users of the PlayStation Network were obtained by cybercriminals.
However, Microsoft has denied this is the case and has instead blamed a phishing scam.
"In this case, a number of Xbox Live members appear to have recently been victim of malicious 'phishing' scams (i.e. online attempts to acquire personal information such as passwords, user names and credit card details by purporting to be a legitimate company or person)," Microsoft said.

Source:   http://news.cnet.com/8301-30686_3-57329081-266/is-facebook-building-its-own-phone

Rumors of a "Facebook phone" are back in the news with a story from the technology Web site AllThingsD, which reports that the social-networking company is working with a cell phone manufacturer to build it.

The rumor of a Facebook phone, or a smartphone with deeply integrated Facebook social-networking tools in it, first emerged a little more than a year ago. Back then, CNET had confirmed the social network had reached out to hardware manufacturers and carriers seeking input on a Facebook-branded phone. But rumors faded as devices with Facebook buttons were announced this year. Now it looks like Facebook may have revised its plans to build its own phone.

On Monday, the AllThingsD Web site reported that Facebook is working with cell phone maker HTC to build a smartphone with the Facebook social-networking technology built into the core of the device. The new phone is code-named "Buffy" after the television show about a vampire slayer. The phone will be based on a modified version of Android, which has been tweaked by Facebook so that its services are deeply integrated, AllThingsD reported, citing unnamed sources.

Source:  http://news.techworld.com/security/3320263/asian-company-hit-by-mega-ddos-attack

DDoS criminals are trying to batter down DDoS defences with larger attacks and new techniques, mitigation outfit Prolexic has said, only weeks after the company detected a huge assault on an Asian company.
The attack on the unnamed organisation and its DNS provider happened between 5 and 12 November and reached 45Gbit/s at peak, equivalent to 69 million packets or 15,000 connections per second, way above the level that can be easily stemmed using standalone appliances, the company claimed.
The assault was sustained over nearly eight days in four different waves, focussing on the vulnerable application layers, a clear attempt to knock the business offline.
               
“This attack was three times larger in packets per second volume than the biggest attack Prolexic has mitigated previously,­­­ which also occurred in 2011” said Prolexic CTO, Paul Sop.
What is new is that the attackers had tried to hit the DDoS defences, which suggests sophistication; attackers assumed that the organisation would have some defences in place that needed to be overcome.

Source:  http://news.cnet.com/8301-31921_3-57329001-281/how-sopa-would-affect-you-faq

When Rep. Lamar Smith announced the Stop Online Piracy Act last month, he knew it was going to be controversial.
But the Texas Republican probably never anticipated the broad and fierce outcry from Internet users that SOPA provoked over the last week. It was a show of public opposition to Internet-related legislation not seen since the 2003 political wrangling over implanting copy-protection technology in PCs, or perhaps even the blue ribbons appearing on Web sites in the mid-1990s in response to the Communications Decency Act.

To learn how SOPA, and its Senate cousin known as the Protect IP Act, would affect you, keep reading. CNET has compiled a list of frequently asked questions on the topic:

Q: What's the justification for SOPA and Protect IP?
Two words: rogue sites.

Q: Who's opposed to SOPA?
Much of the Internet industry and a large percentage of Internet users. An informal poll of its readership by BetaNews found that 95 percent oppose SOPA.

Q: How would SOPA work?
It allows the U.S. attorney general to seek a court order against the targeted offshore Web site that would, in turn, be served on Internet providers in an effort to make the target virtually disappear. It's kind of an Internet death penalty.

Q: How is SOPA different from the earlier Senate bill called the Protect IP Act?
Protect IP targeted only domain name system providers, financial companies, and ad networks–not companies that provide Internet connectivity.

Q: What are the security-related implications of SOPA?
One big one is how it interacts with the domain name system and a set of security improvements to it known as DNSSEC.

Q: What will SOPA require Internet providers to do?
A little-noticed portion of the proposed law, which CNET highlighted on Friday, goes further than Protect IP and could require Internet providers to monitor customers' traffic and block Web sites suspected of copyright infringement.

Q: Are there free speech implications to SOPA?
SOPA's opponents say so–a New York Times op-ed called it the "Great Firewall of America–and the language of the bill itself is quite broad. Section 103 says that, to be blacklisted, a Web site must be "directed" at the U.S. and also that the owner "has promoted" acts that can infringe copyright.

Q: Who supports SOPA?
The three organizations that have probably been the most vocal are the MPAA, the Recording Industry Association of America, and the U.S. Chamber of Commerce. A Politico chart shows that Hollywood has outspent Silicon Valley by about ten-fold on lobbyists in the last two years.