Archive for the Vulnerabilities Category

July 23rd, 2014, Episode 345, Show Notes

Posted in Vulnerabilities, Podcast, darkweb, Breach, ediscovery, Exclusive, The CyberJungle, Show Notes, Exclusive News with tags , , on July 23, 2014 by datasecurityblog

Episode 345 of The CyberJungle is about 26 minutes long. This is a special su root edition where we do a deep technical dive. This su root edition is an exclusive on a new countermeasure to Zues Trojan, and Enterprise Attacks, with Egemen Tas, Comodo VP of Engineering. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 345 via the flash player:

Interview

Exclusive: Egemen Tas, Comodo VP of Engineering,  Link to the software.

 

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

July 11th, 2014, Episode 343, Show Notes

Posted in Breach, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , on July 10, 2014 by datasecurityblog

Episode 343 of The CyberJungle is about 34 minutes long. Carl Wright, of TrapX starts at about 6:50min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 343 via the flash player:

Interview

Carl Wright, of TrapX . Here is a link to the report.

Our Take on This Week’s News

Android re-sets do not wipe data properly.

Tales from The Dark Web

Microsoft Macro attacks are back.

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

July 2, 2014, Episode 342, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on July 1, 2014 by datasecurityblog

Episode 342 of The CyberJungle is about 35 minutes long. Dr. Jason Nieh of Columbia University on Android Security, starts at about 18min;  InfoSec expert or cybercriminal for hire; Microsoft’s intentional collateral damage; Corporate boards wake up to infosec; PayPal chokes another legal business. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 342 via the flash player:

Interview

Android keys to the castle, with Dr. Jason Nieh of Columbia University. Link to the tool mentioned in the segment

Our Take on This Week’s News

Microsoft’s intentional collateral damage

Corporate boards wake up to infosec?

PayPal chokes another legal business?

Tales from The Dark Web

InfoSec expert or cybercriminal for hire?  You decide.

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

June 26, 2014, Episode 341, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on June 25, 2014 by datasecurityblog

Episode 341 of The CyberJungle is about 30 minutes long. Dr. Larry Ponemon, of The Ponemon Institute starts at about 16min, a new twist on WiFi attacks in Tales from the Dark Web, Dropbox Bank Trojans, and Miscrosoft’s new threat sharing initiatives, and the IRS email scandal in The News. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 341 via the flash player:

Interview

Threat Sharing; Dr. Ponemon, the Ponemon Institute. Email mentioned in the segment: research@ponemon.org .

Our Take on This Week’s News

Microsoft launches Interflow, a security and threat information exchange platform

Dropbox+Bank Trojan=Perfect Business User Storm?

Tales from The Dark Web

New WiFi attack

App mentioned in the segment: OperaMax

Wrap

No time for the Wrap this week.

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

June 3 2014, Episode 339, Show Notes

Posted in Breach, Conference Coverage, Court Cases, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on June 3, 2014 by datasecurityblog

Episode 339 of The CyberJungle is about 30 minutes long. Kelly Hazelton on industrial controls security starts at about 24min, attacks on PHI surge in our Tales from The Dark Web segment, and one the scariest cyber attacks we have ever seen in The News. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 339 via the flash player:

Interview

Kelly Hazelton on industrial controls security

Our Take on This Week’s News

Registry hack updates XP

ChildPorn+CryptoLocker=LegalNightmare

Cybercrime laws used to target legit infosec research?

Tales from The Dark Web

Cybercriminals target PHI

Wrap

Snowden on metadata

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

Cyberattack Puts Child Porn On Your Computer – How Do You Respond?

Posted in criminal forensics, darkweb, Vulnerabilities with tags , , , , , on May 25, 2014 by datasecurityblog

We’re seeing a horrifying variants of the Cryptolocker attack. Recall the “ransomware” that generated big cybercrime profit last year by holding data hostage and demanding money from the rightful owners after locking them out of their own files.

The new attack may target hiring managers who post online job openings. A resume comes in with a malware payload. Managers circulate the news about a promising candidate. The resume gets forwarded among the bosses, and the attack spreads.

The most frightening variant of this family of malware, called Kovter has been seen by adding child porn to the mix. Malware detection company Damballa reports that once this variant attacks a computer system, the sets out to find adult websites that may be sitting in the browser history. If there are none, it implants child porn into the computer, and then freezes a screenshot on the browser as an extortion tool.

While relatively few people have been affected so far, the number of systems impacted by this family of malware has more than doubled over the last month from 7,000 to 15,000, the impact of this attack could be devastating. It’s critical to understand that anyone accused of “storing” child pornography will be faced with a crushing round of legal problems.

Child porn is radioactive, and the law surrounding it is so unforgiving, that no matter what you do, you’re probably in trouble. We are even aware of a forensic expert who was prosecuted because he had images on his computer that were related to a case he was working on.

If child pornography were to suddenly appear on your screen (assuming you didn’t put it there), do not try to delete the files, do not forward them, and do not look to see what else is going on in the computer.

The best course of action is to immediately shut down the computer and take it to your attorney’s office, explain what happened, and request that he or she lock it up. If you’re at work, shut down your computer and go immediately to the HR manager or to your boss, and report the occurrence. Explain that the attack has the potential to spread throughout the organization unless it’s immediately isolated.

The next step will be locating people who understand the both the law, and the range of cyberattacks that may have taken place, then deciding how to approach law enforcement. Assuming you didn’t alter any data on your hard drive, a proper forensic examination of the machine should confirm when the files appeared, and that you do not have a history of browsing for child pornography.

In the workplace scenario, be very alarmed if your employer seems unconcerned, or directs you to turn on your computer and get back to work. If the company has in-house legal counsel, ask to speak with one of the attorneys.

If there’s no in-house lawyer, or if you have a contentious relationship with your employer, you may want to ask your own attorney to contact your employer and request the computer be put in quarantine pending further investigation.

In the worst possible case, a court order might be necessary. The employer might misunderstand the event, or use it as a reason to fire you.

One more problem – your attorney may not have encountered child porn, or may have limited knowledge about how to examine the evidence without getting you into trouble. He or she may need to research the subject first, and that could mean an uncomfortable couple of days for you at work.

Please take this seriously. Cryptolocker also started small, and became a significant danger in a short time. We hope the Kovter attack doesn’t achieve similar reach, but we also hope those who get hit will respond in a way that doesn’t compound their troubles.

By: Ira Victor, GIAC G17799 GCFA GPCI GSEC ISACA CGEIT CRISC

Digital Forensic Analyst, and Host, CyberJungle Radio

———————————————————————————-

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

 

 

 

 

May 21 2014, Episode 338, Show Notes

Posted in Breach, Conference Coverage, Court Cases, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , on May 20, 2014 by datasecurityblog

Episode 338 of The CyberJungle is about 27 minutes long. Eric Lachapelle on ISO27000 begins at about 18min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 338 via the flash player:

Interview

Eric Lachapelle, of Professional Evaluation and Certification Board

Our Take on This Week’s News

The indictments against members of the Chinese PLA for cyber espionage

LifeLock Wallet pulled from app stores and all user data deleted amid security concerns

Tales from The Dark Web

Fake mobile antivirus – attack of the clones

Wrap

Real, hovering SPEEDESTER BIKE can be YOURS for cheaper than a house

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

May 13 2014, Episode 337, Show Notes

Posted in Business Continuity, Conference Coverage, Court Cases, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , on May 11, 2014 by datasecurityblog

Episode 337 of The CyberJungle is about 25 minutes long. Steve Ross on cybersecurity and process, IT workers targeted, and “Heartbroken.” You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 337 via the flash player:

Interview

Risk Masters’ Steve Ross on cybersecurity and process

Our Take on This Week’s News

Foreign intelligence agencies are targeting IT workers

Surveillance camera clears woman hit by police car 

Tales from The Dark Web

Silly sysadmins ADDING Heartbleed to servers

Wrap

DEA to release man mistaken for drug dealer that stole his ID

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

 

Apr 30 2014, Episode 336, Show Notes

Posted in Breach, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , on April 30, 2014 by datasecurityblog

Episode 336 of The CyberJungle is about 30 minutes long You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 336 via the flash player:

Interview

SecureAuth’s Garret Grajeck on Enterprise 2FA . Garret’s blog postings.

Our Take on This Week’s NewsHeartbleed flaw hits Chrome and Android users

Heartbleed flaw hits Chrome and Android users

NSA weaponizing 0days

Blackphone gets good initial response

Welcome aboard ISACA members

 

Tales from The Dark Web

MISE 0Day mitigated by firewall rule? Read background on the flaw here.

Wrap

The Wrap is on a break this week

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

——————————————————————————-

Atola Insight is an all-in-one hard drive data recovery and forensic system. It offers complex data retrieval functions along with utilities for manually accessing hard drives at the lowest level.

ATOLOA TECHNOLOGIES….PLEASE VISIT THEIR SITE ATOLA.COM

 

Apr 20 2014, Episode 335, Show Notes

Posted in Breach, criminal forensics, darkweb, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , on April 21, 2014 by datasecurityblog

Episode 335 of The CyberJungle is about 28 minutes long, and the interview starts at about 15:30min. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 335 via the flash player:

Interview

Nimmy Reichenberg on the AlgoSec Report- The State of Network Security 2014: Attitudes and Opinions

Our Take on This Week’s News

Healthcare.gov users exposed to Heartbleed

Netcraft releases Heartbleed indicator for Chrome, Firefox, and Opera

Tales from The Dark Web

Attackers Exploit the Heartbleed OpenSSL Vulnerability to Circumvent Multi-factor Authentication on VPNs

Wrap

OpenSSL bug hunt: Find NEXT Heartbleed, earn $$$

Please support our sponsors, as they support The CyberJungle:

Basis Technology is helping investigators perform faster, more efficient, cost-effective, and complete investigations in cybersecurity and incident response.

BASIS TECHNOLOGY……PLEASE VISIT THEIR SITE BASISTECH.COM

logo-BasisTech_green_150

Basis Technology

 

 

 

 

——————————————————————————-

Atola Insight is an all-in-one hard drive data recovery and forensic system. It offers complex data retrieval functions along with utilities for manually accessing hard drives at the lowest level.

ATOLOA TECHNOLOGIES….PLEASE VISIT THEIR SITE ATOLA.COM

 

Follow

Get every new post delivered to your Inbox.

Join 1,106 other followers