Tuesday, November 30, 2010

How Much Do You Think Your Identity Is Worth??

Lets start off by thinking how much we assume our identity is worth in dollars. Think about it for a minute.

Okay, now that everybody has their assumed "identity worth" in their head, let me show you how much you're actually worth on the black market.
  1. The average stolen credit card with corresponding security code goes for about $1.
  2. Freshly stolen credit cards go for about $2.
  3. If you specify which bank you want the credit card from its about $4.
  4. Searches for the mothers maiden name of a potential victim costs around $10.
  5. Look ups for a Social Security number are around $4.
Each one of these can be purchased on multiple underground websites dedicated to selling your compromised identity at a very low cost. If we think about this strictly from a supply and demand mindset, the volume of stolen information is incredible.

Good luck!!

Sunday, November 28, 2010

Department of Homeland Security is Seizing Domain Names (ICE)

Immigration and Customs Enforcement (ICE) one of the legs of the Department of Homeland Security has seized over 70 domain names in the past few days. Right now they're looking for sites that sell illegal goods, copyrighted music, etc and are replacing the site with the image on your left.

I actually don't have a problem with the government stepping in and seizing these domains IF the site was actually serving illegal content. I do feel slightly uncomfortable about the owners not being contacted first before their domain names were seized. I also believe that the owners of these domains have the right to defend themselves and their actions in the court of law. Or in most cases probably disappear and create a new site.

If these sites were selling or performing illegal actions that were against the law I'm proud of the DHS for taking the step towards cleaning the internet. I don't think its going to be very successful since they'll just switch domain names but its the thought that counts right?

Now when ICE starts taking down sites that they deem "inappropriate" we have an issue. Its always a fine line giving the government any type of power. They normally end up abusing it.

Lets see if ICE can show some self constraint, because we all know its little brother the TSA obviously can not.

Saturday, November 27, 2010

Hackers Take Advantage of the Holiday Season

As the Christmas season is now officially upon us hackers are poised to take advantage of our good cheer and generosity. Unbeknownst to the average consumer, hackers are using SEO (Search Engine optimization) in order to have their malicious sites pushed towards the top of search engine return queries.

The hackers have sites created with search terms like "Cyber Monday", "Black Friday", "Walmart Sales", etc. in order to have their polluted sites brought up when consumers are searching for deals on the Internet.

These sites will normally attempt to install malware through vulnerabilities located within the unsuspecting victims browser. The type of malware being installed could be anything, but its always financially motivated. This could be anything from fake-antivirus to trojan based code stealing credentials. Either way its bad news.

So if you're shopping on the Internet this holiday season stick to the sites you know are secure and valid. Don't go poking around for deals on the Internet this season, because if its to good to be true, it most likely is.

Friday, November 26, 2010

Network card based rootkits (The Rootkit Game Changer)

Guillaume Delugré, a security engineer for a French security firm has been able to create a working hardware based rootkit within the firmware of a NIC using only publicly available documentation on the internet.

Read the article here:

This will allow "The Bad Guys" an entry way to a device that doesn't have code living on the operating system itself. This completely renders any anti-malware/rootkit software utterly useless since this software is only looking on the operating system itself. You can format the machine as much as you like, but this rootkit's here to stay.

Speaking with a well known Information Security expert 2 weeks ago on this very subject he seemed very unconcerned with the possibility that hardware based rootkits would become a threat in the near future. I wonder if he's changed his mind after seeing this news.

Since the majority of all hardware is made over seas in countries like Taiwan, whats to stop someone or some organization implementing code into this hardware that will essentially give them complete control over hardware they sell?

Albeit its probably not good for business if this was to be found (Google "SONY Rootkit"), but what about a rouge group that's working within one of these companies? We've already seen digital signatures stolen out of Taiwan to be used in Stuxnet.

This is not out of the realm of possibility.

TSA (The Squeezing Administration)

For all of us that will be traveling during the holiday seasons be prepared to get more then you bargained for!!

The TSA is taking more then just your privacy from you, they're taking away your rights. When a TSA agent can't tell the difference between a shy 3 year old and a terrorist, America has a fundamental problem and needs to get back to basics. How are you supposed to tell your kids that strangers aren't allowed to touch them unless they're wearing a shiny TSA badge. Its warped.

For the TSA employee saying that we "Gave up our rights when we bought an airline ticket", we never gave them up they were taken from us by force and now they're being abused.

This in the words of Bruce Schneier is only accomplishing one thing, "Security Theater". This is a knee jerk reaction that's only trying to intimidate people into compliance against our personal freedoms.

Whats next? Freedom-Pats for trains, buses, taxi cabs, and car pools?

Thursday, November 25, 2010

Stuxnet a Wake-Up Call

With all the hullabaloo created by Stuxnet and the Iranian centrifuges in recent weeks, its hard not to think about possible dooms-day scenarios. According to one inside report the Stuxnet worm has caused the following damage on the Iranian certfuges causing them to shut down until further notice. (This is all hearsay):

The worm “specifically controls frequency converter drives” that normally run between 807 Herz and 1210 Herz, researcher Eric Chien of the computer security company Symantec, said in an e-mail to the AP. “These are subsequently changed to run at 1410Hz, then 2Hz, and then 1064Hz.”

Iran nuclear expert David Albright said it was impossible to say what would cause a disruption strong enough to idle the centrifuges but “Stuxnet would do just that. “It would send (centrifuge) speeds up and then suddenly drop them,” said Albright of the Washington-based Institute for Science and International Security, which has tracked Iran for signs of covert proliferation.

Albright and a colleague, Andrea Stricker, last week released a study applying Chien’s finding to centrifuges. He said the worm appeared capable of pushing centrifuge speeds above their normal speeds, up to 1,410 Herz, or cycles per second, and then suddenly dropping speeds to 2 cycles per second, disrupting their operations and destroying some in the process.

Read the entire article here:

So if this is true the designers of the worm seem to have created it in a way that it would only disrupt and destroy the equipment capable of bringing Iran into the "Nuclear Club". With all the focus going on about the who and the why of Stuxnet, we're not looking into the future about what I'm calling "Stuxnets Revenge".

What if the designers didn't want to just stop the machinery from working? What if they wanted mass causality of life? With global terror roaring through the world I see this as only a matter of time. When will we wake up and start protecting our critical infrastructure? We can't wait for a "Cyber 9/11" before we start taking action. At that point its just too late.