Endpoint Protector Appliance: Stop data theft on Windows and Mac

Stuxnet Worm: New threat targets Scada Systems and other industrial environments

September 20th, 2010 by Agent Smith (1) In the News,Malware Infections
Research in the area of malware has revealed a new and sophisticated threat that targets and exploits four zero-day vulnerabilities in an attempt do disrupt industrial systems. The new threat is caused by an older malware, the Stuxnet worm which appeared for the first time in July and was spread via USB devices. It now seems that it has been designed to target supervisory control firms and data acquisition (Scada) systems.

These systems have a mainly industrial usage. They are being used to control pipelines’ pressure or motor work rates on industrial factory floors. Typical environments can be oil pipelines and power-plants, factories etc. Read more

Making the connection: Exposed data and consequences

October 2nd, 2009 by Agent Smith (0) Data Theft & Loss,DLP,Security Voyeurism,Sneak Peeks

Remember our recent post on Californian commuters being forced by the law to submit their private details to a site that was clearly exposing them and doing nothing about it?  While we emphasized the cause of the problem, an SQL injection vulnerability, and the fact that the site failed to fix it after its being reported, another security writer thought of exploring the consequences that could be triggered.

So here’s a fictional take on what could actually happen if anyone would exploit such a vulnerability, along with a few famous data theft cases that have rocked the security world, including the now world famous case of record holder Albert Gonzales.

Website exposes sensitive data on Californian commuters

September 11th, 2009 by Agent Smith (2) Identity Theft,In The Spotlight

Military personnel included in exposed group of carpooling employees

A website built to help commuters carpool to work is exposing sensitive information of workers for hundreds of employers in Southern California, including at least one military installation. The reason for the data breach was caused by programming errors in the website code.

The bugs, discovered on the RideMatch.info website enable hackers to easily access personal information such as names, home addresses, phone numbers, the times they commute to and from work, and in some cases employee numbers. According to a recent article published by The Register, the SQL injection vulnerability was still active 2 days ago, although it has been discovered two weeks before and reported to a developer who runs the website.

The issue has been discovered and reported bu Kristian Hermansen, a security researcher. Upon receiving a form to fill in by his employer, apparently a legal requirement for all employees, he investigated the website where the information was to be posted.

Endpoint Security and Device Control Solutions with low TCO and great ROI.

RideMatch.info is a joint project developed by transit authorities in five regional governments in Southern California. Each individual using the website enters work and home addresses and the time they leave from each. Based on the data, the website then teams them with others who live and work nearby and commute at similar times, thus providing an effective carpool matchmaking services. Too bad the same range of data can be accessed by any hacker willing to exploit the vulnerability!

New Flaws in Wireless Security Exposed

November 20th, 2008 by Agent Smith (0) In The Spotlight,Wireless Vulnerabilities

The Wi-Fi Protected Access or WPA is aone of the most popular forms of security used by wireless networks. Yet the potential risk and ease of breaching it might trigger some alarms for a lot of poeple especially if they were at PacSec 2008 confefence in Tokyo.

A week before the conference, the Register announced two German researchers, Martin Beck and Erik Tews, were going to expose a vulnerability exposing WPA protected networds to an attack that could compromise certain communications in less than 15 minutes. If anyone reding our blog attended the conference, we’d love to hear how it all went.

But this is far from being the first vunlerability to go public.

In 2001, three researchers found a way to reliably break the previous wireless security protocol, known as Wired Equivalent Privacy (WEP), in less than two hours. By 2007, the latest refinement in attacks against WEP – found by Tews and two other researchers – reduced the time to recover a WEP key to less than a minute of calculations.

While those discovering how to tear security systems apart, those actually depending on them seem to be learning one thing: you’re never really safe! So if any extra security is at hand, apply it asap!

IRS – Helping You Put Your Data at Risk

October 29th, 2008 by Agent Smith (0) In the News,security breach

Everyone fears the Internal Revenue Service! But now it’s for a new reason. It seems using two applications they provide exposes taxpayers’ data to security breaches. The IRS deployed two critical computer systems although they new of their weak security and the risks they embedded.

The Treasury Inspector General for Tax Administration (TIGTA) office, explains DarkReading, has recently issued a statement saying the IRS’s mainframe-based Customer Account Data Engine (CADE) for managing taxpayer accounts and its Account Management Services (AMS) for IRS access to taxpayer data contained security flaws that the IRS identified but did not fix before deploying them last year.

The billion-dollar, high-sensitivity CADE system is one of the key elements of the IRS’s computer modernization program, and processed about 20 percent of the 142 billion tax returns filed to the IRS.

AMS, meanwhile, includes taxpayer identification numbers in its application error log, and its operating system has only a 77.8 percent compliance rate with the required security settings, according to the report.

TGTA has no proof on any data being compromised or being accessed by any wrong doers, yet the risk has been quite real.