InfoSec Daily Podcast Episode 575 for January 23, 2012. Tonight's podcast is hosted by Rick Hayes, Dave Kennedy, Boris Sverdlik, Karthik Rangarajan, and Varun Sharma.
Announcements:
Unsung Heros
Have you ever stumbled on a tool and wondered “Why didn’t I know this existed!” or “If only I’d had this last week on that test”… Chris John Riley has started to gather suggestions for your “unsung hero” of the tools world. He is looking specifically to gather a list of tools that aren’t on every penetration testers, or forensic investigators list, but that you have respect for. http://blog.c22.cc/2012/01/13/unsung-heros
Information Security Blogger Awards 2012
Since we were over looked again for the Best Podcast on Security you can email ashimmy@hotmail.com with your name, email address and ISD Podcast as your write-in nominee. Please note, you have to provide your blog or podcast URL so that it can be verified that you are a blogger or podcaster. Vote for your favorite blogs as well on www.ashimmy.com.
Brad Smith (theNurse)
We all know and love Brad Smith, aka theNurse. His humor and smiling positivity is a wonderful example for our community. At Hacker Halted he had a massive stroke and has been in the hospital ever since.
Brad and his wife did not ask for this help, but as a community we feel that if we can help we want to. Please feel free to check in for status or to donate. Either way we thank you and I know Brad thanks your for your support, prayers and positive thoughts.
http://www.social-engineer.org/brad-smith-updates/
http://www.social-engineer.org/bradsmithdonation/
ShmooCon 2012
When: January 27th-29th, 2012
Where: Washington Hilton Hotel, Washington, DC
http://www.shmoocon.org
Schmoocon Epilogue
When: After Schmoocon
Where: Washington, DC
Hit up anyone in NOVA Hackers
Metasploit Framework Unleashed Cincinnati
When: February 11, 2012.
Where: Digitorium in Griffin Hall, the home of Northern Kentucky University’s College of Informatics
https://msfucincy.wordpress.com/
$20 donation for #HFC
Social Engineering Training
When: March 5-9, 2012
Where: Seattle, Washington
When: July 21-24, 2012
Where: Black Hat Vegas
When: August 20-24, 2012
Where: Bristol, UK
When: November 12-16, 2012
Where: Columbia, MD
http://www.social-engineer.com/social-engineer-training
Linuxfest Northwest 2012
When: Saturday, April 28th-29th, 2012
Where: Bellingham Technical College – Bellingham, WA
http://www.linuxfestnorthwest.org/
CFP now open!
AIDE 2012
When: May 21-25, 2012
Where: MU Forensic Science Center
Huntington, West Virginia
http://aide.marshall.edu
CFP now open!
LayerOne 2012
When: May 26-27, 2012
Where: Clarion Hotel – Anaheim, CA
http://www.layerone.org
CFP now open!
DerbyCon 2012 – "Dropping the Deuce"
When: September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com
Thanks to everyone that has purchased products from Amazon through the affiliate program. If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.
Stories
A bigot named their WiFi signal “F— All Jews and N—-” — and now cops are investigating.
The hateful signal I.D. popped up on the iPhone of a 28-year-old mom inside a Teaneck, N.J. recreation center, where her 3-year-old daughter was attending dance class.
The offending signal was coming from a router connected in the Richard Rodda Community Center in the the township, located 10 miles outside New York City.
…
Just last week Aaron Barr, the former HBGary Federal CEO whose email was hacked by Anonymous in February, was "schooling" the FBI on security and social media. Now he's been let go from his new job at another federal contractor, Sayres and Associates. His former boss at Sayres told HuffPost it was because Barr was acting like a "cowboy" on the company dime.
Barr's strange year in the public eye began in early 2011. At the time he was the CEO at HBGary Federal, an information security contractor working with both federal government agencies and with outside firms. In a Feb. 4 article, he claimed to the Financial Times that he was on the cusp of exposing the leaders behind the loose-knit confederation of hackers and activists known as Anonymous.
The Anons struck back, releasing thousands of internal emails from HBGary Federal — emails that showed that HBGary Federal was working for a law firm, which was in turn working for the U.S. Chamber of Commerce, to hurt Wikileaks by feeding it false information and discrediting its supporters in the media.
…
Source: http://techcrunch.com/2012/01/20/new-google-accounts-require-gmail-and-g-accounts/
Google appears to have made some changes to its account creation process. Whereas before, all it took was an email address of any kind and some basic demographic data, now you are required to create both a Gmail account and a presence on Google+. This doesn’t strike me as a user-friendly change.
On one hand, it’s harmless in a way: you create a throwaway email address and a dummy G+ account if you don’t want to use them. Problem solved. But is that really a step people should have to take if they just want to use Google Docs or YouTube? Certainly Google will say that this is all about the integration of services, but part of the attraction of Google services has always been how you can just use one or the other. This forced-signup device smells of an attempt to boost G+ numbers, and is reminiscent not of the Google of yore, but of the Apple and Facebook of today.
…
Source: http://techcrunch.com/2012/01/20/dreamhost-hacked-password-changes-made-mandatory/
Another day, another hack. The company whose data was compromised this time? DreamHost.
According to DreamHost’s status blog, the company detected “unauthorized activity within one of [their] databases”. In other words: someone was snooping around where they shouldn’t have been snooping, and DreamHost noticed the foot prints.
Alas, the company isn’t divulging much information as to the nature of the hack, beyond that they “don’t have evidence that customer passwords were taken at this time”. Still, they’re requiring password resets for all Shell/FTP accounts (read: not the account that DreamHost customers use to login to the billing/backend system, but the user accounts they use to access and maintain their actual websites.) for what seems to be all DreamHost customers. If you find yourself having trouble logging into your DreamHost FTP accounts today, it’s because your password has already been disabled.
….
A group of hackers temporarily wiped clean CBS.com, in what seemed to be further retaliation for the government shutdown last week of file-sharing site Megaupload.com.
Several Twitter accounts linked to Anonymous, a loosely organized collective of hackers, posted messages claiming responsibility for the hack, some of them mentioning "#OpMegaUpload," shorthand for Operation Mega Upload. At least one suggested Fox would be targeted next.
The group claimed responsibility for hacking the Justice Department's website earlier in the week after federal officials shut down Megaupload.com.
For a short period, visitors to CBS.com were presented with a single blank HTML file around mid-day on Sunday. The site has since been restored.
….
Source: http://www.scmagazine.com/arab-facebook-logins-posted-by-israeli-hacker/article/224338
In four separate posting on Saturday to the Pastebin website, an Israeil hacker calling himself Hannibal announced he had published emails and logins of 100,000 allegedly Arab Facebook users. He also made the data available on 14 other file-sharing sites.
According to a published report by an investigator who downloaded the data from the file-sharing sites, the number of stolen Facebook accounts is likely closer to 20,000.
The self-professed "general of Israel's hackers" claimed to have about 30 million email accounts, 10 million bank accounts and four million credit cards of Arabs from all over the world. His purpose, he stated, is to display his strength "to save Israel" from cyber attack.
"The Arabs should learn a lesson and know not to mess with me," he wrote.
Hannibal's actions are apparently in retaliation for a data dump earlier this month when OxOmar, who claimed to be a member of a Saudi hacking gang Group-XP, declared he had posted banking details on 400,000 Israelis. Israeil banks refuted the claim, asserting that most of the data was outdated and that in actuality only 14,000 records were exposed.
…
