Saturday, September 22, 2007

Another one from SANS newsbites

A vulnerability scan would have warned them that their Cerberus implementation was open to attack. Either they were not validating their security compliance, or they were not following an effective process for curing their vulnerabilities.
--Layered Technologies Customer Data Stolen (September 19 & 20, 2007) An attack on a helpdesk application in Layered Technologies' support database has compromised the security of personally identifiable data of as many as 6,000 of the server hosting company's customers. The data include names, addresses, phone numbers and server login details.
Layered Technologies is asking all its customers to change their login credentials. The attack occurred on the evening of September 17, 2007.
http://www.theregister.co.uk/2007/09/19/layered_technologies_breach_disclosure/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9038040&source=rss_topic17

Wednesday, September 19, 2007

Highlights from a recent SANS News bites

From SANS ... note that bank account details are now worth $400/per account.

TOP OF THE NEWS

--Ameritrade May Have Been Aware of Breach for a Year (September 14, 15 & 17, 2007) Online brokerage TD Ameritrade Holding has acknowledged that a data security breach has compromised more than 6.3 million accounts. The database contains customer names, addresses, account numbers, Social Security numbers (SSNs) and birth dates. The attackers gained access to the database through a backdoor program they had installed on the TD Ameritrade network. TD Ameritrade says it has removed the rogue code from its systems. The intrusion was discovered in the course of an investigation into stock-related spam that had been reported by the company's customers. An attorney representing plaintiffs in a planned class action lawsuit against the online broker alleges that the company knew of the data security problem for a year before customers were notified. Furthermore, the suit alleges that the company kept entering customer data into the vulnerable database during an internal investigation.
http://www.theregister.co.uk/2007/09/15/ameritrade_database_burgled/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9036639&source=rss_topic17
http://www.amtd.com/newsroom/releasedetail.cfm?ReleaseID=264044
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=201807006

--Symantec Report: Malware Moves Toward Commercialism (September 17 & 18, 2007) Cyber attackers aiming to damage computers or inconvenience users are giving way to more financially motivated criminals. According to Symantec's most recent Internet Security Threat Report, cyber criminals are turning to good business practices to ply their trade. Some malware purveyors are offering guarantees about the performance of their products as well as updates to keep the products current. The report also notes that phishers are scouring social networking sites to gather personal information, which they then use to create targeted emails that lure recipients to phony sites where they can harvest valuable data.
Stolen bank account details are being sold online for as much as US $400 apiece. In addition, levels of pump-and-dump schemes and image-based spam have decreased.
http://www.technewsworld.com/story/59374.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9036819&source=NLT_SEC&nlid=38
http://www.itnews.com.au/News/61398,fraudsters-go-all-out-for-social-networkers.aspx