Fake ATM doesn’t last long at hacker meet

Criminals running an ATM card-skimming scam made a big mistake this week: They tried to hit the Defcon hacker conference in Las Vegas.

As the conference was kicking off a few days ago, attendees noticed that at ATM placed in the Riviera Hotel, which plays host to the annual event, didn’t quite look right, according to a senior conference organizer who identified himself only as Priest. “They looked at the screen where there would normally be a camera,” he said. “It was a little bit too dark, so someone shined a flashlight in there and there was a PC.”

The ATM looked like a working system, but when people would put their cards in the machine, it would scan their card information and record the PIN numbers they entered. He didn’t know how long the ATM had been at the Riviera.

Conference organizers notified local law enforcement who hauled away the machine on “Thursday or Friday,” said Priest, who said he works as a “civil servant” in his day job.

Source:
http://www.computerworld.com/s/article/9136179/Fake_ATM_doesn_t_last_long_at_hacker_meet

Posted in Hardware, Internet, Privacy, Security | No Comments

Laptop Lojack Vulnerability Exposed

A pair of computer security researchers have discovered a BIOS vulnerability caused by the Computrace Laptop Lojack software, serving as a rootkit to potentially let malware nest and thrive in an estimated 60% of newish laptops.

The research team of Alfredo Ortega and Anibal Sacco say that when malware infects a system BIOS, it is able to survive multiple attempts to reflash the core software, and extremely difficult to get rid of. Even worse, because Lojack is white listed by virus and malware scanners, any attacks exploiting this vulnerability on a computer will largely go undetected. And for Laptop Lojack to be effective, it must operate like a stealthy rootkit. Unfortunately, it’s installed in the majority of new notebooks from HP, Asus, Dell, Lenovo and Toshiba.

Source:
http://gizmodo.com/5327628/laptop-lojack-vulnerability-exposed-affecting-60-percent-of-new-notebooks

Posted in Hardware, Privacy, Security, Software | No Comments

Expired Microsoft Certificate

I had incredible timing tonight for wanting to change my email address and caught this expired certificate warning when loading profile.microsoft.com.  I’m sure it will be fixed soon so I wanted to document it.

Posted in General BS, Internet | 1 Comment

Massive Botnet Stealing Financial Info

A ferocious piece of malware that’s infected up to a million PCs is stealing a “tremendous” amount of financial information from consumers and businesses that log on to their bank, stock broker, credit card, insurance, job hunting and favorite e-shopping sites, a noted botnet researcher said today.

“Clampi is the most professional thieving pieces of malware I’ve ever seen,” said Joe Stewart, director of malware research for SecureWorks’ counter-threat unit. “We know of few others that are this sophisticated and wide-ranging. It’s having a real impact on users.”

The Clampi Trojan horse has infected anywhere between 100,000 and 1 million Windows PCs, said Stewart — “We don’t have a good way of counting at this point,” he acknowledged — and targets the user credentials of 4,500 Web sites.

That’s an astounding number, said Stewart, who has identified 1,400 of the 4,500 total. “There are plenty of other banking Trojans out there, but they usually target just 20 or 30 sites.”

Hackers sneak Clampi onto PCs by duping a user into opening an e-mailed file attachment or by using a multi-exploit toolkit that tries attack code for several different Windows vulnerabilities, Stewart said. Once on a machine, the Trojan monitors Web sessions, and if the PC owner browses to one of the 4,500 sites, it captures usernames, passwords, PINs and other personal information used to log on to those sites, or to fill out forms.

Source:
http://www.pcworld.com/article/169333/botnet_spreading.html?tk=rss_news

Posted in Internet, Privacy, Security | No Comments

Almost all Windows users vulnerable to Flash zero-day attacks

More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won’t patch until Thursday, a Danish security company said today.

According to Secunia, 92% of the 900,000 users who have recently run the company’s Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31% have Flash Player 9. (The total exceeds 100% because some users have installed both.)

The most-current versions of Flash Player — 9.0.159.0 and 10.0.22.87) — are vulnerable to hackers conducting drive-by attacks hosted on malicious and legitimate-but-compromised sites. Antivirus vendors have reported hundreds, in some cases thousands, of sites launching drive-bys against Flash.

Secunia’s PSI also pegged the installed base of the current Adobe Reader 9.1.2 and Abode Acrobat 9.1.2 at 48% and 2%, respectively. Because both include an interpreter to handle Flash content embedded in PDF files, they also can be exploited. The initial attacks, in fact, were based on rigged PDFs.

Adobe has acknowledged that Flash, Reader and Acrobat contain a critical bug. Last Wednesday, it kicked its security process into high gear, promising it would deliver patches for Flash by July 30, and fixes for Reader and Acrobat by July 31.

Source:
http://www.computerworld.com/s/article/9135937/Almost_all_Windows_users_vulnerable_to_Flash_zero_day_attacks?source=rss_security

Posted in Coding, Internet, Security, Software, Windows | No Comments