Tag Archive for 2012

| September 27, 2012
One comment

Map of the Internet

Map of the InternetFlowing Data pointed out a cool map of the Internet created by Ruslan Enikeev. The map of the Internet is a searchable Internet map of links and bubbles, showing over 350,000 sites and two million links from 196 countries.

According to the developer’s blog, the Internet map is a scheme displaying objects’ relative position; but unlike real maps (e.g. the map of the Earth) or virtual maps (e.g. the map of Mordor), the objects shown on it are not aligned on a surface. Mathematically speaking, The Internet map is a bi-dimensional presentation of links between websites on the Internet. Every site is a circle on the map, and its size is determined by website traffic, the larger the amount of traffic, the bigger the circle. Users’ switching between websites forms links, and the stronger the link, the closer the websites tend to arrange themselves to each other.

The Internet Map 2012

rb-

This is cool and a time sink. Don’t check the Map of the Internet out at work, or you’ll find yourself exploring the Google cluster until its quitting time.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , ,
| September 25, 2012
Comments Off on IVR Security Threats

IVR Security Threats

IVR Security ThreatsOn his excellent VoIP/UC Security Blog, Mark Collier points to some interesting work on Interactive Voice Response (IVR) security threats by Rahul Sasi. IVR systems are used in phone banking, call centers, hospitals, and corporations mainly for information retrieval and account management via phone lines. As a security researcher for iSIGHT Partners, Sasi is doing research on a variety of security vulnerabilities that may be present in IVRs.

The author says that IVR security threats are present in IVR systems used for financial transactions. Sasi presented some of his findings at Hack In The Box Malaysia 2011 and the video is available here. Collier summarizes the IVR security threats in his blog:

  • Telcom closetInformation harvesting – for account numbers and PINs, guessing a static 4-digit PIN for a range of account numbers. The odds of a hit are pretty good. Some IVRs lock the account but reset at midnight.
  • Injection – through the input of spoken words (“test”, “.”, “com”, etc.), supporting VXML servers can be fingerprinted, affected, and possibly even crashed.
  • DTMF DoS – by entering a large number of tones or adjusting frequency/tone duration, it may be possible to affect or crash DTMF processing software in IVRs. This could be particularly nasty, as DTMF processing is very common.

Collier concludes that since most of these IVR attacks simply involve the transmission of DTMF, they are very easy to execute and automate. These vulnerabilities could impact any IVR, whether it is TDM, VoIP, the latest UC.

rb-

None of these issues seem new to me, they are just new applications of old attack vectors.

  • Ma Nell telephone operatorsWho remembers blue boxes or the most famous phone phreak John “Captain Crunch” Draper.
  • Info harvesting is a typical technique in web 2.0. Attackers successfully harvest personal info from websites like LinkedIn all the time.
  • Does VXML injection = SQL injection? time for the programmers to step up.
  • DTMF DOS can lead to a buffer-overflow, are your systems patched? 

All in all these vulnerabilities create IVR security threats.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| September 22, 2012
Comments Off on SmartPhone Zombie Apocalypse

SmartPhone Zombie Apocalypse

SmartPhone Zombie ApocalypseIf you have a smartphone, online criminals may soon have your number. Smartphone malware is getting increasingly sophisticated, and MIT‘s Technology Review reports that a security researcher has created software that turns a smartphone into a “zombie” that can be controlled remotely. The blog says Georgia Weidman created the program, which controls a Google (GOOG) Android phone via short message service (SMS) to bring about a smartphone zombie apocalypse.

malicious software on mobile phonesOnce only theoretical, real-world cell-phone viruses are becoming more common. The article reports the most famous was a scam in Russia that tricked users into installing malicious software on Android phones and using the SMS functionality to send messages to a number that charged a premium fee. In late 2010, a Chinese virus for Android devices stole personal data according to the article.

Botnets have become a staple of Internet crime. They can be used to attack other systems, host attack tools, send spam, or just steal data. The blog says this type of attack has been rare with mobile devices, but that seems to be changing. “We have been taking down Internet botnets for years now, but there is not as much understanding [of telecom networking],” Ms. Weidman says. “I definitely see criminals going more and more toward using the telco’s network.”

zombie nodes of a botnetTR explains that Ms. Weidman’s program is one of the first known to turn smartphones into zombie nodes of a botnet. Her attack works like this: After infecting a phone with a rootkit, she uses that phone to send spam text messages, takes part in a denial-of-service, or degrade the communications of the phone—all without the user knowing. The techniques apply to any smartphone, Weidman says.

Today’s smartphones have multiple layers of defense. For one, they can block malicious applications. They also have managed channels, such as the Apple (AAPL) App Store and Google’s Android Marketplace, for applications.

botnet controlAs a result, Weidman says, infecting a smartphone is not easy. “The hurdle with any malware is infecting the phone,” she told Technology Review, noting that the methods used by cybercriminals usually do not work. “More of what you see of malware is people downloading applications for their phone that are infected,” she says.

The problem of cyber-criminals targeting consumers’ phones will only get worse Kevin Mahaffey, chief technology officer of mobile-security startup Lookout told the author. Because the control of phones is so easy to turn into cash via premium text messages, criminals will be drawn to attack the devices.

Lookout logo“I always tend to look at the economics of the problem to ask myself whether it will continue in the future,” the CTO explained. “And because there is an incentive for attackers to compromise mobile phones, and the cost of compromising is not that high, that says it will become more prevalent in the future.”

Using the telecommunications network, rather than the Internet, for botnet control allows attackers to hide their actions from users. When the attacker does it using malicious software, the user has little chance of detecting it, says Weidman.

smartphone botnet zombie“When I infected a phone in my botnet—my lab botnet—with malware, the smartphone would receive a message through SMS and I would check to see if it has botnet instructions in it,” she says. “If it does, it would perform the functionality requests, and then it would swallow the message, so the user does not know that there was a message at all.”

While phones do not have the computing power of more traditional computers, they are hefty enough to handle many of the tasks that cyber-criminals desire, she says. She adds that the sheer number of smartphones means that any botnet could be “a real threat” to create a smartphone zombie apocalypse.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| September 20, 2012
2 comments

Students – Insider Threat At K12 Schools

Students - Insider Threat At K12 SchoolsI have spoken to several tech people outside of K-12 lately. When the topic of information security comes around, they talk about how much they are focusing on the “growing insider threat” their employers face. I always smile because those of us in K12 have always faced a hostile internal threat, students. Here are a couple of examples of how students can be an insider threat at school.

student hackers changed gradesAt Colorado’s Jefferson County K12 Schools KUSA reports that administrators are investigating reports that student hackers got into Golden High School’s computer system and changed grades. Investigators are looking into whether students inside the school hacked the campus portal system. A student said, “People started giving themselves A’s.”

Golden High School students told the media that the hackers changed the grades for themselves and others just before winter break and the end of the first semester.

Administrators do not even know how many grades were changed. It could be low as 15 students or as high as 200. The district will not say if any students were caught or how many are suspected of hacking into the system.

do not even know how many grades were changedJefferson County Schools Superintendent Cindy Stevenson told local TV her staff is working hard to find out how it happened. When they do, she says security will be improved.

Berkeley High School

Prestigious Berkeley High School in Berkeley CA succumbed to the student insider threats. The media reports nearly three dozen students were suspended and face expulsion for hacking into the K12 school’s attendance system, an act that could lead to criminal prosecution according to SFGate. At least four students used an administrator’s stolen password to clear tardies and unexcused absences from the permanent records of 50 students, offering the service or the password for a price, Principal Pasquale Scuderi said.

The hackers erased from the system hundreds of cut classes and tardies from October through December, and charged classmates $2 to $20 for the illicit help, Scuderi told the SFGate.

Orange County K12 schools

student insider threatThe student insider threat struck K12 schools in Orange County, California. Omar Khan a former student of Tesoro High School, pled guilty to charges of having installed spyware on his high school’s computers and having used the collected passwords to get access to the grading system and change his grades according to CSO Online.

Khan and another student, Tanvir Singh were arrested for breaking into the school’s assistant principal’s office at night. Khan’s goal was to destroy the evidence that he cheated on a statistics test by stealing it.

Khan had faced a maximum of 38 years in prison on the felony burglary and public-record tampering charges is expected to be sentenced to 30 days in jail, 500 hours of community service, and ordered to pay about $15,000 in restitution.

years in prison on the felony public-record tampering chargesThe article says Khan admitted he was guilty of breaking into school offices and installing spyware on computers and then using the passwords to change some of his grades and that of 12 other students.

He also acknowledged that he changed his transcript grades to appeal rejection letters from the University of Southern California, the University of California, Berkeley, and the University of California, Los Angeles.

Nevada salutation

PC World reports that in Pahrump, Nevada, K12 schools Tyler Coyner, Pahrump Valley High School’s 2010 salutation with a 4.54-grade point average, was arrested as the ringleader in a group of 13 students who have been charged with conspiracy, theft, and computer intrusion. The article states that Coyner somehow obtained a password to the school’s grade system and, over the course of two semesters, offered to change grades in return for cash payments.

salutation arrested as the ringleader in a group of students charged with conspiracy and computer intrusion.According to PC World, ten juveniles have also been arrested for having profited from Coyner’s offer to bump up their grades. It turns out that Coyner, somewhat foolishly – chose to make himself the one that profited most from his scheme. In fact, the 4.54-grade point average that made him the school’s salutation is the result of his own grade manipulation.

rb-

Looks like Coyner is gotten a head start on his dream of becoming a Wall Street hedge fund trader by facing criminal charges as a student insider threat at school.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| September 18, 2012
Comments Off on Emma Watson Most Dangerous Online Celebrity

Emma Watson Most Dangerous Online Celebrity

Emma Watson Most Dangerous Online CelebrityComputer security company McAfee warns fans of “Harry Potter” star Emma Watson to be careful when searching for photos of the actress.  In the sixth annual Most Dangerous Celebrity study, the Intel (INTC) owned security technology company says there is a one-in-eight chance of landing on a malicious site if you Google Ms. Watson.

Emma Watson Most Dangerous Online CelebrityThe blog says that the 22-year-old actress is dangerous because many cyber-criminal sites use her name or photos to trick users into downloading malicious software or to steal personal information. “It goes without saying that we are a celebrity-obsessed culture. We hyper-focus on their lives, what they look like, what they’re doing,” Robert Siciliano, McAfee’s online security expert told the LA Times. “Currently Emma Watson is one of those people that criminals have determined is a good target, based on the demographics of those who pay attention to her.”

Mr. Siciliano said criminals know that they can dupe a teenage boy to click on a link that infects the family’s computer, potentially giving them access to, say, a parent’s tax files that contain social security numbers.

“It’s a really a brilliant scam — and it’s so simple,” McAfee’s Siciliano said. “Hackers set up the websites, they use … search engine optimization to get the websites high up in search [rankings]. And once they get them high up in search, lace it with links and downloads that are infected.”

Female stars dominate the list of celebs used to dupe the unsuspecting. Late-night talk show host Jimmy Kimmel was the only guy to make McAfee’s “most dangerous” list, weighing in at No. 13.

rb-

McAfee recommends these steps to protect yourself:

  • Stick to sites you know and trust. If you don’t recognize the URL, don’t click.
  • Avoid search results that look too good to be true.
  • Alluring keywords like “nude” or “sex tape” are especially risky. Keep it clean.

following these steps will protect you from malware spread by Emma Watson, the most dangerous celebrity online.

McAfee's Most Dangerous Online Celebrities

2012201120102009
Emma WatsonHeidi Klum Cameron DiazJessica Biel
Jessica Biel Cameron Diaz
Julia Roberts
Beyonce
Eva Mendes
Piers Morgan
Jessica Biel
Jennifer Aniston
Selena Gomez
Jessica Biel
Gisele Bundchen
Tom Brady
Halle Berry
Katherine Heigl
Brad Pitt
Jessica Simpson
Megan Fox Mila Kunis
Adriana Lima
Giselle Bundchen
Shakira
Anna Paquin
Jennifer Love Hewitt & Nicole Kidman
Miley Cyrus
Cameron DiazAdriana Lima
Tom Cruise
Meghan Fox & Angelina Jolie
Salma Hayek
Scarlett Johansson
Heidi Klum & Penelope Cruz
Ashley Tisdale
Sofia Vergara.Emma Stone, Brad Pitt & Rachel McAdamsAnna PaquinBrad Pitt
For the 6th year in a row, McAfee researched popular culture’s most famous people to reveal which ones are the riskiest to search for online

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
« Older Entries   Recent Entries »