+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 23 of 23
  1. 2014-04-14 08:51 #21
    xerodok
    xerodok is offline
    jponry
    Join Date
    Jul 2006
    Posts
    1,401
    BG Level
    6
    FFXI Server
    Phoenix

    Quote Originally Posted by Mazmaz View Post
    900 Social Insurance Numbers stolen from Revenue Canada

    Not sure how they know these were compromised. I thought the exploit didn't leave a trail. Also, I have a feeling this was incompetence, as it sounds like the information was stolen AFTER the exploit was made public, which means someone did it right before they patched it up.
    Maz, plz. They are probably just announcing it now that the exploit went public to give themselves less heat for getting hacked.
    Reply With Quote Reply With Quote
  2. 2014-04-29 20:29 #22
    6souls
    6souls is online now
    BG Content
    Join Date
    Oct 2005
    Posts
    62,924
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    Darkweb is being targeted
    The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data.

    Discovered in early April, Heartbleed lets attackers steal data from computers using vulnerable versions of some widely used security programs.

    Now it has given anti-malware researchers access to forums that would otherwise be very hard to penetrate.

    The news comes as others warn that the bug will be a threat for many years.

    French anti-malware researcher Steven K told the BBC: "The potential of this vulnerability affecting black-hat services (where hackers use their skills for criminal ends) is just enormous."

    Heartbleed had put many such forums in a "critical" position, he said, leaving them vulnerable to attack using tools that exploit the bug.

    The Heartbleed vulnerability was found in software, called Open SSL, which is supposed to make it much harder to steal data. Instead, exploiting the bug makes a server hand over small chunks of the data it has just handled - in many cases login details or other sensitive information.

    Mr K said he was using specially written tools to target some closed forums called Darkode and Damagelab.

    "Darkode was vulnerable, and this forum is a really hard target," he said. "Not many people have the ability to monitor this forum, but Heartbleed exposed everything."

    Charlie Svensson, a computer security researcher at Sentor, which tests company's security systems, said: "This work just goes to show how serious Heartbleed is. You can get the keys to the kingdom, all thanks to a nice little heartbeat query."

    Individuals who repeat the work of security researchers such as Mr K could leave themselves open to criminal charges for malicious hacking.

    The widespread publicity about Heartbleed had led operators of many websites to update vulnerable software and urge users to change passwords.

    Paul Mutton, a security researcher at net monitoring firm Netcraft, explained that while that meant there was no "significant risk of further direct exploitation of the bug", it did not mean all danger had passed.

    He said the problem had been compounded by the fact that a large number of sites had not cleaned up all their security credentials put at risk by Heartbleed.

    In particular, he said, many sites had yet to invalidate or revoke the security certificates used as a guarantee of their identity.

    "If a compromised certificate has not been revoked, an attacker can still use it to impersonate that website," said Mr Mutton.

    In addition, he said, web browsers did a poor job of checking whether security certificates had been revoked.

    "Consequently, the dangers posed by the Heartbleed bug could persist for a few more years."

    His comments were echoed by James Lyne, global head of security research at security software developer Sophos.

    "There is a very long tail of sites that are going to be vulnerable for a very long time," said Mr Lyne, who pointed out that the list of devices that Heartbleed put at risk was growing.

    Many so-called smart devices, such as home routers, CCTV cameras, baby monitors and home-management gadgets that control heating and power, were now known to be vulnerable to Heartbleed-based attacks, he said.

    A survey by tech news site Wired found that smart thermostats, cloud-based data services, printers, firewalls and video-conferencing systems were all vulnerable.

    Other reports suggest the makers of some industrial control systems are also now producing patches for their software to limit the potential for attack.

    How tempting this was for malicious attackers was difficult to gauge, said Mr Lyne.

    "We do not really know how much Heartbleed is being used offensively because it's an attack that is hard to track and log."
    http://www.bbc.co.uk/news/technology-27203766
    http://www.wired.com/2014/04/heartbleed_embedded/
    http://www.theregister.co.uk/2014/04..._in_scada_kit/
    http://www.scrapesentry.com/
    http://www.sophos.com/en-us.aspx
    Reply With Quote Reply With Quote
  3. 2014-06-07 07:58 #23
    6souls
    6souls is online now
    BG Content
    Join Date
    Oct 2005
    Posts
    62,924
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    More Heartbleed-like vulnerabilities found within OpenSSL, no need to panic according to security firm SOPHOS
    More security holes have been uncovered in the same software that was found to harbour the dangerous "Heartbleed" bug.

    Heartbleed was found in security software used on many websites to ensure data was not spied upon as it passed back and forth.

    About 500,000 websites were believed to be vulnerable to attacks that exploited the Heartbleed vulnerability.

    The newly discovered bugs are not thought to be as serious as Heartbleed and are harder to exploit.

    The software package harbouring all the vulnerabilities is known as OpenSSL and is used to scramble, or encrypt, data as it is swapped between users and a site.

    Tech companies including Google, Facebook, Yahoo and Amazon and many others all use OpenSSL.

    The fresh batch of vulnerabilities was found as a result of work done to close Heartbleed and ensure other parts of the software were secure. The discovery of Heartbleed led to many big firms pledging cash to the small organisation that developed OpenSSL to help it improve its bug finding and fixing efforts.

    Updated versions of OpenSSL that have the bugs patched are now available and anyone running vulnerable versions are being urged to update as soon as possible.

    "They are going to have to patch. This will take some time," Lee Weiner, a spokesman for security firm Rapid7 told Reuters.

    If exploited the bugs would let attackers run their own programs on a target server or stop it working. The most serious bug would let an attacker interpose themselves between a victim and the server they were using and spy on the data as it passed back and forth.

    Writing on the blog of security firm Sophos, Chester Wisniewski said there was no need to panic about the latest bug reports.

    "Patch early and patch often," he said. "You will likely see updates for many of your programs on your computer and Android smartphones being updated over the next few weeks."
    http://www.bbc.co.uk/news/technology-27732266
    http://www.reuters.com/article/2014/...0EG2MV20140605
    http://nakedsecurity.sophos.com/2014...ution-and-dos/
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. Who is making all of the current changes to the site
    By Dense in forum General Discussion
    Replies: 1
    Last Post: 2007-04-19, 05:19