Surviving the Week 7/13/12

Nvidia developer forums had been hacked, 400,000 user account compromised.

More games with “Who’s got the biggest bounty?”  400,000 is fairly respectable.  Remember back in the day when the bounty was credit card data?  Now it’s about getting large numbers of accounts.  Nvidia was prepared, they at least randomly salted their passwords cache to make it more difficult to crack.  Because users generally reuse passwords and to mitigate the same attack against all their internet facing forums, Nvidia took down a total of five websites as they investigated the compromise.  Good job Nvidia.  http://www.zdnet.com/nvidia-confirms-hackers-swiped-up-to-400000-user-accounts-7000000903/

7 lessons learned from the Yahoo Password Breach

This is a great article and well worth the read.  It’s easy to agree with the writer in that we all need to enforce better password management standards, from the app developers with stronger encryption (bCrypt), to users to stop using dictionary words or simple strings, even hacker-ease style is becoming obsolete, and even with regulators adjusting fines when certain standards are not met.  http://www.informationweek.com/news/security/attacks/240003692

Tumblr patched the critical Persistent XSS vulnerability

This is a fairly popular site and for them to take 3 weeks to fix a persistent cross site scripting vulnerability is a bit troublesome.  Kudos, at least they fixed it.  http://www.ehackingnews.com/2012/07/tumblr-patched-critical-persistent-xss.html

Globally, more than 300,000 people, including many in the US and UK, may have lost net access as the FBI shut down servers answering to the DNS Changer virus.

This event has been in the recent news quite frequently.  There seemed to be a lot of speculation of greater impact than how this really played out.

Top 10 DNS Changer infections by Country

  • US – 69,517

  • Italy – 26,494

  • India – 21,302

  • UK – 19,589

  • Germany – 18,427

  • France, 10,454

  • China – 10,304

  • Spain – 10,213

  • Canada – 8,924

  • Australia – 8,518

More details can be found at –

http://packetstormsecurity.org/news/view/21217/Thousands-Hit-By-FBI-Net-Shut-Off.html

Formspring disables user passwords in security breach

Formspring is the place to share your perspective on anything. Formspring was attaked and they gave up their user name and password data.  Rightfully, they forced all their users to change their password. The CEO posted on his blog about the issue.  “We found that someone had accessed into one of our development servers and was able to extract account information from a production database. We were able to immediately fix the hole and are reviewing our internal security policies and practices to help ensure that this never happens again.

A few questions quickly come to mind;  Why are dev systems connected to production systems?  and  What is the vulnerability path for access to the dev system? such as an unpatched system or through SQLi of a dev web application.

Recently, we heard of similar issues from LinkedIn, Yahoo, Nvidia, and e-Harmony where web apps provided the path to the user data.

Review your application with NTOSpider to find out vulnerabilities in your application, engage NTObjectives professional team to verify other mitigation controls.

http://packetstormsecurity.org/news/view/21228/Formspring-Disables-User-Passwords-In-Security-Breach.html

Microsoft Security Bulletin

Microsoft released patches earlier this week which included two critical fixes for vulnerability in Internet Explorer. Patch those Windows.

http://technet.microsoft.com/en-us/security/bulletin/ms12-jul

facebooktwittergoogle_plusredditpinterestlinkedin
About Dan Kuykendall 159 Articles
Connect with Dan on Google+

Be the first to comment

Leave a Reply

Your email address will not be published.


*