More than E-mail at Stake in Google Gmail Attack

There is a lot of talk--and diplomatic tension--this week related to reports that attacks originating from China have breached Google Gmail accounts, including those of senior US government officials. The focus is on e-mail, and whether or not e-mail accounts were hacked, but a breached Gmail account is a much bigger prize than just the e-mail account it is attached to.

Google claims that the spear phishing attacks that targeted Gmail accounts of White House staff, and successfully exposed accounts of senior US government officials, high-ranking military personnel, and political activists, originated from China. China denies any state-sponsored involvement in the attacks, and the FBI is investigating.

A hacker with access to Gmail credentials can get much more than just e-mail.
The Gmail e-mail accounts are getting all of the attention. Catalin Cosoi, head of the BitDefender Online Threats Lab, notes in a blog post, "Just as in the previous attack against the Gmail service, we can assume that cyber-criminals went after sensitive documents the users might have inadvertently forwarded from their business inboxes."

Read more »


Are You a Data Breach Victim? Here's What to Do

Alas, another day, another data breach. Late Thursday, word broke that the hacker group LulzSec broke into and gained access to 1 million user accounts (the group apparently posted details for 50,000 accounts online). If you have a Sony Pictures account, the bad news is that your personal information may be out there. You can't change that fact, but you can take a few steps to limit the potential for damage.

The tips in this story are intended to be general and are not specific to this particular hack, so they're good to keep in mind in case of any data breach.

1. Change Your Passwords.

Read more »


LulzSec Hacks; 1 Million Accounts Exposed

Just when it looks like Sony was finally recovering from the PlayStation Network hack, it happened again. This time, it wasn't PSN, but Sony Pictures: hackers may have compromised 1 million user accounts, stealing personal information including e-mail addresses and passwords, as well as street addresses, dates of birth, and more. On top of that, the hacker group posted a file containing information on 50,000 users.

Apparently the hack wasn't even that difficult for LulzSec to pull off: Gizmodo quotes LulzSec as saying, " was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING."

In addition, none of the passwords were encrypted; instead, they were stored in plain text.

Read more »


As MacDefender Evolves, Cat-and-Mouse Security Comes to Mac

Mac users and those who offer administration and support to them find themselves in the security rat race for the first time, as MacDefender scareware has rapidly adapted to avoid Apple's detection.

On Tuesday afternoon, Apple released a long-awaited security update for Mac OS X 10.6 Snow Leopard, designed to detect and eliminate known versions of the malware, which has been making the rounds for a month now.

Mac users installed the update, which didn't even require a reboot, then breathed a collective sign of relief, and went about their business, thinking their machines about as secure as prior to the outbreak.

Read more »


Malware Spikes, Spam Plummets, Says Report

It has been the busiest quarter on record for malware according to a new report from McAfee. The McAfee Threats Report: First Quarter 2011 claims six million unique malware samples were recorded during the first quarter of 2011, and also points out that spam traffic is down, and mobile malware threats are on the rise.

A McAfee press release points out, "Fake anti-virus software had a very active quarter as well, reaching its highest levels in more than a year, totaling 350,000 unique fake-alert samples in March 2011." That was before the recent scourge of rogue AV scareware on Mac OS X--which doesn't show any sign of slowing down either.

McAfee logo
The McAfee Threat Report: First Quarter 2011 is now available.
McAfee also released a white paper today titled Downloading from Mobile App Stores is Risky Business, which focuses on the rise of mobile malware and the security risks of mobile app stores--specifically alternative, third-party app stores. McAfee says that most Android smartphones and tablets allow "side-loading" of apps, and Android devices are not restricted to just the Google Android Market, so there is no central clearinghouse where Google--or anyone else--can check apps to verify they are safe and clean of any malware.

Read more »


Tupac (and Wikileaks Hacktivism) Live On at PBS

A report on the PBS NewsHour Website, claimed rap icon Tupac Shakur is alive and well--living with his arch-nemesis Biggie Smalls in a small town in New Zealand. Unfortunately, the story says more about the longevity of Wikileaks hacktivism than it does about Tupac.

As a Tupac fan, it wouldn't even be all that hard to believe that Tupac lives on. Tupac has appeared in at least three movies, and released nine new albums since his death. He is credited as the screenwriter of an as-yet-untitled movie currently being filmed. Tupac has been more prolific in the 15 years since his murder than most living entertainers.

The rumors of Tupac living in exile in New Zealand are the result of Wikileaks hacktivism.
Sadly, though, the story is not true. The PBS site was hacked by a group known as LulzSec in retaliation for a PBS documentary on WikiLeaks. The show, titled "WikiSecrets: The inside story of Bradley Manning, Julian Assange and the largest intelligence breach in U.S. history" does not speak kindly of Wikileaks, and hacktivists have already demonstrated solidarity with Wikileaks and what they perceive to be a violation of free speech and an attempt to obscure the truth.

Read more »


Lockheed-Martin Attack Signals New Era of Cyber Espionage

The network of defense contractor Lockheed-Martin was attacked using counterfeit electronic keys. Since the RSA Security network was hacked and the keys to its SecurID tokens were compromised a few months ago, the world has been waiting for the proverbial other shoe to drop. Well, it dropped.

In an analysis of the breach at RSA Security, NSS Labs predicted, "This was a strategic move to grab the virtual keys to RSA's customers--who are the most security conscious in the world. One or several RSA clients are likely the ultimate target of this attack. Military, financial, governmental, and other organizations with critical intellectual property, plans and finances are at risk."

Cyber attacks have evolved into precision tools for corporate and government espionage.
Since the compromise of the SecurID keys, there have been malware and phishing campaigns probing for specific data connecting RSA tokens to the end-user, suggesting that those attacks were being conducted by the original RSA Security attackers with a goal in mind.

Read more »