InfoSec Daily Podcast Episode 636 for April 3, 2012. Tonight's podcast is hosted by Karthik Rangarajan, Boris Sverdlik, and Themson Mester.
Announcements:
Outerz0ne 8
When: April 20-21, 2012
Where: Wellesley Inn, Atlanta GA
http://www.outerz0ne.org
Linuxfest Northwest 2012
When: Saturday, April 28-29, 2012
Where: Bellingham Technical College – Bellingham, WA
http://www.linuxfestnorthwest.org/
AIDE 2012
When: May 21-25, 2012
Where: MU Forensic Science Center - Huntington, West Virginia
http://www.appyide.org/
LayerOne 2012
When: May 26-27, 2012
Where: Clarion Hotel – Anaheim, CA
http://www.layerone.org
Security 504: Hacker Techniques, Exploits & Incident Handling – Matt Romanek
When: June 20 – 27, 2012
Where: Courtyard Seattle Federal Way, WA
http://www.sans.org/mentor/details.php?nid=28014
Social Engineering Training
When: July 21-24, 2012
Where: Black Hat Vegas
When: August 20-24, 2012
Where: Bristol, UK
When: November 12-16, 2012
Where: Columbia, MD
http://www.social-engineer.com/social-engineer-training
Inside and Out of the Social-Engineer Toolkit (SET)
When: July 21 – 22, 2012
When: July 23 – 24, 2012
Where: Black Hat Vegas
http://blackhat.com/html/bh-us-12/training/courses/bh-us-12-training_social_engineer_toolkit.html
DerbyCon 2012 – The “Deuce” Reunion
When: September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com
Skydogcon
When: October 26-28
Where: Hotel Preston in Nashville, TN
http://www.skydogcon.com
Thanks to everyone that has purchased products from Amazon through the affiliate program. If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.
Stories
Source: http://averysawaba.blogspot.com/2012/04/global-payments-breach.html
It isn’t so much the size of this breach that is significant, but the fact that one of the largest global payment processors got popped. Visa has allowed them to continue processing credit cards, but dropped them off their service provider registry (which is a BIG deal). The breach only affects North American merchants and cardholders. To give you an idea of how bad a breach at a large credit card processor can be, if a month’s worth of the transactions they handle were exposed, it is entirely possible that over 90% of all cardholders in the US would need new credit/debit cards.
This doesn’t happen often. I only know of two other cases where a processor was hit by a breach. CardSystems Services, as a business, was literally destroyed by their breach. VISA and AMEX revoked processing rights, forcing CardSystems to have to shut down operations and sell off assets almost overnight. Heartland Payment Systems is the most recent case, and the second largest breach ever at 130 million. They were also stripped from the registry, but managed to recover, regain PCI compliance, and get back onto the registry within a year.
…
Global Payments has set up a whole separate site to communicate with customers regarding the breach: http://www.2012infosecurityupdate.com/
Oddly, it appears to be 100% static HTML 
Source: http://garwarner.blogspot.com/2012/04/uk-zeus-user-g-zero-sentenced.html
According to today's Daily Mail, court details have now emerged regarding Edward Pearson,
a 23 year old hacker from York, England known online as "G-Zero", and his activities involving the Zeus and SpyEye trojans.
Pearson was ultimately arrested after his girlfriend, Cassandra Mennim, tried to pay for hotel rooms at the Cedar Court Grand Hotel and the Lady Anne Middleton Hotel, both in York, using stolen credit cards. (Pictures of the hotels were in the Daily Mail's original story on this case on February 20 – Computer whizz faces jail for writing programme to steal personal details of 8 MILLION people, including 400 PayPal accounts.…
Source: https://threatpost.com/en_us/blogs/microsoft-investigate-alleged-xbox-credit-card-hack-040312
Microsoft is looking into a potential security issue affecting its Xbox 360 video game console this week after a group of college students claimed they were able to extract the credit card information of a console’s previous owner from the machine.
Ashley Podhradsky, Rob D’Ovidio, and Cindy Casey of Drexel University and Pat Engebretson of Dakota State University reportedly bought a refurbished Xbox from a Microsoft-authorized reseller in 2011 and were able to access old files containing the credit card information of the device's first owner. Despite having its hard drive wiped and its factory settings previously reset, the console was cracked after the students installed a software "modding" tool that allows Xbox owners to install applications that aren't sanctioned by Microsoft.
Microsoft called the hack unlikely in a statement obtained by ZDNet on Monday.
Jim Alkove, General Manager, Security of Microsoft’s Interactive Entertainment Business division, claimed the company launched an investigation into the hack. Alkove asserted that Xbox 360 consoles are not designed to store credit card data, adding that it was unlikely any information was recovered in the fashion the hackers described.
“When Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data,” Alkove said, “we can assure Xbox owners we take the privacy and security of their personal data very seriously.”
Gawker’s video game blog Kotaku interviewed Podhradsky about the device’s security late last week.
"Microsoft does a great job of protecting their proprietary information," she told the site, "but they don't do a great job of protecting the user's data."
…
Source: https://threatpost.com/en_us/blogs/us-airways-spam-redirects-blackhole-zeus-infection-040312
Cybercriminals are targeting US Airways customers with malicious spam emails containing a link that, once clicked, initiates a series of redirects, eventually leading users to a domain hosting the Blackhole exploit kit.
The fraudulent email presents itself as a check-in notification from US Airways. After a brief description of check-in procedures, there is a hyperlink that claims to lead to ‘online reservation details,’ but actually ends up taking victims to a page that infects them with the Zeus trojan.
According to Securelist’s Dmitry Tarakanov, the cybercriminals responsible are hopeful that someone receiving this email is flying somewhere sometime soon. However, most of the users targeted were not flying anywhere on the day in question, and, therefore, did not click the link.
…
Source: http://www.theregister.co.uk/2012/04/03/lulzsec_suspect_back_in_jail/
Teenage LulzSec suspect Ryan Cleary is back behind bars after breaching his bail conditions by going online, it has emerged.
Cleary, 19, from Wickford in Essex, who was charged with participating in denial of service attacks against the Serious Organised Crime Agency and the British Phonographic Industry last June, violated an order to stay off the internet, his solicitor said.
According to cops, the breach occurred when Cleary allegedly contacted Hector Xavier "Sabu" Monsegur – whom the FBI has fingered as the leader of the LulzSec hacktivist collective – several times over the Christmas period. Monsegur had allegedly been acting as an FBI informant since at least last August.
…
[...] Episode 636 – @sawaba's Global Payment Writeup … – InfoSec Daily [...]