Hackers Have Used A Refrigerator To Attack Businesses

January 17, 2014 – 5:25 AM

Security researchers at Proofpoint have uncovered the very first wide-scale hack that involved television sets and at least one refrigerator.
Yes, a fridge.

This is being hailed as the first home appliance “botnet” and the first cyberattack from the Internet of Things.

A botnet is a series of computers that seem to be ordinary computers functioning in people’s homes and businesses, but are really secretly controlled by hackers. The Internet of Things, is a new term in the tech industry that refers to a concept where every device in your house gets its own computer chip, software, and connection to the Internet: your fridge, thermostat, smart water meter, door locks, etc.

To a hacker, they all become computers that can be hacked and controlled.

In this case, hackers broke into more than 100,000 everyday consumer gadgets, such as home-networking routers, connected multi-media centers, televisions, and at least one refrigerator, Proofpoint says. They then used those objects to send more than 750,000 malicious emails to enterprises and individuals worldwide.

Source:
http://www.businessinsider.com/hackers-use-a-refridgerator-to-attack-businesses-2014-1

Blackphone – A New Android-based Phone Built Around Privacy

January 16, 2014 – 5:20 AM

Blackphone is a new venture from the collaboration of US Silent Circle and Spain’s Geeksphone. Its website is registered in privacy-conscious Switzerland. Most notably it includes the renowned cryptographers Phil Zimmermann and Jon Callas, the originators of PGP. As yet there is little technical information beyond a brief video on the Blackphone website – but the pedigree is impressive. Silent Circle, like Lavabit, shut down its secure email service when it became clear it could not protect its customers from court orders and NSA surveillance.

Zimmermann explains that secure email was just a detour. His real interest was secure telephony; but the technology did not at the time exist. “I had to wait for the rest of the technology infrastructure to catch up to make it possible to do secure telephony. PGP was kind of a detour for me while waiting for the rest of the technology to catch up to make really good secure telephony possible.”

Now the technology and a pressing need combine. “The time has come,” announces the video. “Data and humans have become one. Technology was supposed to make our lives better. Instead we have lost our privacy. We have become enslaved. Now it’s time for a change.”

“The number one priority in creating Blackphone,” says Zimmermann, “is to uphold the objectives of privacy. It’s not to serve some other business model of monetizing customer data. What we’re trying to do is make a smartphone who`s whole purpose is to protect users’ privacy.”

Source:
http://www.infosecurity-magazine.com/view/36481/blackphone-a-new-androidbased-phone-built-around-privacy/

Neiman Marcus notifying customers after card data breach

January 12, 2014 – 12:33 PM

Neiman Marcus has been notifying customers of a data breach after hackers stole merchant card information for an undisclosed number of shoppers.

The high-end retailer said it was working with the U.S. Secret Service and a forensics firm to investigate the theft, which it said it learned about in December from its merchant card processor.

“On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers cards were possibly compromised as a result,” Neiman Marcus said in an emailed statement.

“We have begun to contain the intrusion and have taken significant steps to further enhance information security,” the company said.

Neiman Marcus didn’t say how the break in occurred or how many of its customers were affected, but it confirmed some customers’ card numbers were used improperly after they shopped at the store.

“We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after purchasing at our stores,” the company said via Twitter late Friday.

Source:
http://www.networkworld.com/news/2014/011214-neiman-marcus-notifying-customers-after-277624.html

New ransomware, more insidious than CryptoLocker, to go on market

January 7, 2014 – 4:46 PM

Researchers warn that a new threat, using harder-to-crack encryption methods than comparable ransomware, may hit the black market soon.

The malware, which locks users out of their computer until they pay a ransom, is being called Prison Locker and Power Locker on underground forums, according to a Friday blog post at Malware Must Die.

According to researchers for the blog, a user in an underground forum who goes by the online alias “Gyx,” first announced he was working on the ransomware on Nov. 20.

Gyx later tested the waters again on Dec. 7th (see screenshot), alerting potential buyers that “substantial progress” had been made in the malware’s development.

When a user is infected with Prison Locker, the locker module of the malware opens a new display window and disables Windows and the users’ escape key. Other Windows processes, like taskmgr.exe and cmd.exe, are also disabled, making a Ctrl+Alt+Del out of the window impossible, screencaps from the underground forum showed.

The malware author also designed Prison Locker to accept payments from victims via Bitcoin, or through online payment systems like uKash and Paysafe (though those options could change or expand before the ransomware’s release).

Source:
http://www.scmagazine.com/new-ransomware-more-insidious-than-cryptolocker-to-go-on-market/article/328307/

Yahoo users exposed to malware attack

January 5, 2014 – 9:09 AM

Yahoo.com visitors over the last few days may have been served with malware via the Yahoo ad network, according to a security firm in the Netherlands. Users clicking on some of the ads were redirected to sites armed with code that exploits vulnerabilities in Java and installs a variety of different malware.

In a blog post, Fox IT estimated that, based on sample traffic, the number of visits to the site carrying the malicious code was visited around 300,000 times per hour.

“Given a typical infection rate of 9% this would result in around 27,000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Britain, and France. At this time it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo,” Fox IT said on its blog.

The security firm found evidence that the redirects go to domains hosted in the Netherlands, but was unable to identity the perpetrators. Traffic has slowed to the exploit, Fox IT noted, suggesting that Yahoo is addressing the vulnerability.

Yahoo confirmed the presence of malware on its servers and said it had taken steps to combat the issue.

“We recently identified an ad designed to spread malware to some of our users,” Yahoo said in a statement. “We immediately removed it and will continue to monitor and block any ads being used for this activity.”

Source:
http://news.cnet.com/8301-1009_3-57616617-83/yahoo-users-exposed-to-malware-attack/