Iran vs. Las Vegas Sands

Posted on December 14, 2014 by Carmelo

You may have heard that Las Vegas Sands was hacked recently, but it happened nearly a year ago on February 10th of 2014.

PCs and Servers were getting shut down and their hard drives started to erase. The phone lines were dead. Even systems that run the loyalty rewards plans for Sands customers; programs that monitor the performance and payout of slot machines and table games at Sands’ U.S. casinos; and a multimillion-dollar storage system. They wiped out more than $40 million in equipment and data.

Why?
This was a fight between Iran’s Supreme Leader Ayatollah Ali Khamenei and chief executive officer and majority owner, the billionaire Sheldon Adelson.

Iranian hackers posted private employee information stolen in the attack including names, titles, Social Security numbers, and e-mail addresses. One message left specifically for Adelson read, ”Damn A, Don’t let your tongue cut your throat.”

Sands has been slow to adapt to digital threats. Two years ago it had a cybersecurity staff of five people protecting 25,000 computers, according to a former executive. The board authorized a major upgrade of tools and personnel in 2013, but the project was slated to be rolled out over 18 months.

Hackers found a weakness in a Web development server used by Sands Bethlehem to review and test Web pages before they went live. Once inside, hackers used a tool called Mimikatz to reveal passwords used previously to log in to a computer or server. They found login credentials of a senior computer systems engineer from Sands corporate company headquarters.

Read more here.

Posted in Security Blog | Tagged , , , , , , | Comments Off on Iran vs. Las Vegas Sands

Hypercom of Scottsdale, Arizona’s Equinox Payments

Posted on December 12, 2014 by Carmelo

Equinox Payments

Equinox is working with customers, distributors, and channel partners to replace the certificates to return terminals to an operational state after all payment terminals bricked themselves. Why? Because cryptographic certificates used in the devices has expired en masse. Many merchants freaked out thinking its a grand scale hack on all their Point-of-Sale credit card readers.

Equinox-Hypercom-L4250

Equinox completely failed to warn its customers of the impending certificate expirations. Business Resiliency experts must now prepare for mass extinction of POS devices at the manufacturer level. How’s that for a table top exercise?

It’s definitely time to replace those terminals with chip card readers. If there is a perfectly good excuse to, this is it.

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on Hypercom of Scottsdale, Arizona’s Equinox Payments

Iowa Might Go Walletless

Posted on December 11, 2014 by Carmelo

With Google Wallet and Apple Pay starting to take off, Geico putting your insurance on an app on your phone with digital ID cards, the only thing left for wallets is the driver’s license. Well, that too may go digital. Iowa is implementing digital driver’s licenses.

Starting next year, the digital driver’s license will be an option for all Iowa drivers. It’s currently unclear as to which platforms will be supported, but it’s a safe bet that iOS and Android will be the priority. The new app should be highly secure. People will use a pin number for verification…

Read more here.

Posted in Security Blog | Tagged , , , | Comments Off on Iowa Might Go Walletless

US Navy Laser Weapon System

Posted on December 11, 2014 by Carmelo

The Afloat Forward Staging Base (Interim) USS Ponce (ASB(I) 15) conducts an operational demonstration of the Office of Naval Research (ONR)-sponsored Laser Weapon System (LaWS) while deployed to the Arabian Gulf.

The LaWS consists of a 30-kilowatt solid-state infrared laser, a Phalanx CIWS (close-in weapon system) radar detection and tracking system, and a special computer terminal that controls the LaWS. Somewhat amusingly, the main interface with LaWS is a controller that looks a lot like an Xbox gamepad — but more ruggedized and military-looking.

Lasers have to be extremely focused, and thus very accurately targeted. You can’t blow up a house with a laser — but you could snipe a soldier in the head from miles away without touching anything else.

I hope they pen test and vulnerability scan their systems continuously.

Read more here.

Posted in Security Blog | Tagged , , , , , , | Comments Off on US Navy Laser Weapon System

POODLE attack through TLS

Posted on December 11, 2014 by Carmelo

POODLE = Padding Oracle On Downgraded Legacy Encryption

Once upon a time, in October, I wrote about SSL POODLE, a flaw in how browsers handle encryption; by negotiating down to SSL 3.0, attackers can alter padding data at the end of a block cipher in a way that forces a slow leak of data. Many of the cipher suites in SSL 3.0 have already been abandoned as insecure, due to small key sizes, biases, and simply having support already removed from browsers.

Everything less than TLS 1.2 with an AEAD cipher suite is broken. Qualys SSL Labs has released a tool to check websites, which you should use before going to them.

POODLE has returned and is likely to affect some of the most popular web sites in the world — including those owned or operated by Bank of America, the US Department of Veteran’s Affairs, and Accenture.

Read more here.

Posted in Security Blog | Tagged , , , , , , , | Comments Off on POODLE attack through TLS

Smartwatch to Smartphone Data Interception

Posted on December 11, 2014 by Carmelo

Data sent between a Smartwatch and an Android smartphone could be a subject to brute force hacks to intercept and decode users’ data, including everything from text messages to Google Hangout chats and Facebook conversations.

Liviu Arsene explains.

Read more here.

Posted in Security Blog | Tagged , , , , , , , , , , | Comments Off on Smartwatch to Smartphone Data Interception

Robocops is Now

Posted on December 5, 2014 by Carmelo

Robotics firm Knightscope has announced its plans to deploy autonomous guards for hire in Silicon Valley. You can rent some too, starting as low as $6.25/hour with at least a year contract on a MaaS (Machine-as-a-Service) rental basis. The robots can be equipped for the following.

  • Video
  • Audio
  • Automatic license plate recognition (ALPR)
  • Hyper local weather station Badge / card reader
  • Radio frequency identification (RFID) reader
  • Rogue router detection
  • Infrared vision
  • Thermal imaging
  • Face detection
  • Radiation detection
  • Chemical weapon detection
  • Biological weapon detection
  • Pathogen sensor

Pre-Order here –> http://knightscope.com/preorder-survey.html

I wonder how much testing has been done to make sure we don’t have an evil Robocop botnet army attacking us.

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Robocops is Now

3 Ways on How I Stay Current On Cyber Security News

Posted on December 5, 2014 by Carmelo

I’m often told ‘late breaking news’ by others in my profession about a breach or hack and it is sometimes something that I’ve already known about and read, and probably even already posted on my website!
I have my resources and you should too! Here are some ways to stay in the know on late breaking cyber security news.

  1. Set up Google Alerts to email you when something new gets indexed. For self reputation management, I like to do a Google alert on myself.
    GoogleAlerts
  2. Get a news aggregator. I like to use Feedly.com. I then subscribe to a bunch of rss feeds, which are fed out by time stamp.
    When I click on the top category Security in the left pane, it lists everything on the right pane in chronological order.
    StayingCurrentOnCyberSecurityNews
  3. Use Twitter and follow the right news sources. Twitter has a 140 character limit, making news digestible. Often times a tweet is quicker and faster for news sources to get out, than a well written article with multimedia embedded. Plus the ability to favorite a tweet or re-tweeting gives you quick bookmarks that you can come back to if you are on a busy schedule. I’ll often re-tweet interesting things during the day so I can read and absorb later when I’m on the couch at the end of the day.
    CarmelosTweets

 

Posted in Security Blog | Tagged , , | Comments Off on 3 Ways on How I Stay Current On Cyber Security News

Mad Rambo is Mad… At the Sony Pictures Hack!

Posted on December 5, 2014 by Carmelo

Sony pictures was breached and several movies were leaked. Movies like Fury, Annie, etc, have been found on torrent download sites.

It’s believed to be tied to North Korea and a Sony movie making fun of, and the assassination of, the N.K. dictator. In order to wipe the tracks of the hack, wiper malware (malicious software) was placed on the computers used in the hack to wipe the systems and erase hacker tracks, hindering investigations.

Malicious software that affected Sony will be the first of many, as predicted by the FBI.
Should you find mbr_remote_wiper on your systems, you should contact federal agents.

Due to the Sony Pictures hack, 47,000 Social Security numbers, including Sylvester Stallone’s have been copied/stolen.

Other data copied/stolen and leaked was top executives pay charts,
spreadsheet

and a listing of 30,000 employees of Deloitte. An HR person employed by Sony Pictures who used to work at Deloitte had some of Deloitte’s files saved on a computer.
deloitte

In the initial hack last week, an image of a skeleton appeared on company computers with a message that said, “Hacked by #GOP,” with the group behind it calling itself “Guardians of Peace”.
gop

One of the worst findings was that Sony kept thousands of passwords in a folder called “Password”.
Password

Posted in Security Blog | Tagged , , , , , , , , , , , , | Comments Off on Mad Rambo is Mad… At the Sony Pictures Hack!

Hey Bebe!

Posted on December 4, 2014 by Carmelo

According to an article written by Brian Krebs, it sounds like Bebe is undergoing a credit/debit breach investigation. The data copied from the magnetic stripe on the backs of credit cards, which bad-guys can use to write to blank cards and sell them on the deep web. Usually that type of data is copied through some malware on the point-of-sale systems. The same type of malware that was on the point-of-sale systems at Home Depot, Target, Neiman Marcus, Michaels and other break-ins.

Posted in Security Blog | Tagged , , , , , , , , , , , , | Comments Off on Hey Bebe!