We’re going back over the last couple of weeks here. I tend to write these early in the week and schedule them for later in the week (when I know I’ll be busy), but the information shouldn’t be too stale.
- There’s a keylogger trojan on Predator and Reaper drones in Nevada. Via HNTV, where John Strand notes very pointedly that if you have a keylogger installed, it is not benign!
- Also via HNTV (and PaulDotCom Security Weekly, where I heard about John and Larry talk about it first), American Express learns that you need to provide security contact information. Oh, and secure your pages. The information displayed on that page wasn’t as terrible as it could be, but that doesn’t mean you should leave it hanging around for anyone to see. But back to providing contact information… It may suck having to give a phone number with a human on the other end or e-mail address which a person actually reads, but disclosing security vulnerabilities through Twitter is unacceptable. You don’t need to provide names, but at least have an 800 number or e-mail address dedicated to this kind of stuff.
- Episode 12 of HNTV was awesome, too. The next two notes come from that.
- A peer-to-peer version of Zeus is out. As more companies become responsible and start taking down botnets (like Microsoft has been doing), bad guys will move to other techniques. (HNTV)
- Adaptive expectations don’t work. Simply looking at what may have (or, more likely, may not have) worked 3-5 years ago isn’t good enough. The world changes quickly enough that you’re always playing cat-and-mouse.
- If he’s guilty, this guy needs hanged.
- Physical security may have gotten a bit more fun again: German researchers have broken RFID encryption. Given their method of attack—measuring side channel bleed—this might not be all that easy to pull off in the field, however.
- DO NOT STORE PASSWORDS IN PLAINTEXT! What is wrong with you people?!
- The WineHQ database has been compromised. At least they stored the passwords in an encrypted (I hope they mean hashed) format.
- Time to bring back Has Sony Been Hacked This Week. More than 93,000 PlayStation/Sony network user accounts were compromised.
- Two of my favorite sources have talked about the Phoenix Exploit’s [sic] Kit 2.8, so I figured I’d link to it: here and here (second link via HNTV).
- Given the recent Linux-related exploits, perhaps the release of Artillery—a Python-based tool which is “a combination of a honeypot, file monitoring and integrity, alerting, and brute force prevention tool”—is serendipitous.