CUISPA Podcast #22 - Numb with Oddness over reasonable expectation of privacy…

CUISPA Podcast #29 – Year of malware?
Panelists: John Brozycki, Alex Rams, Larry Porres
Recorded: 3/11/2009

Questions, comments, or something you’d like us to cover? Contact us at: podcast@cuispa.org

I. News stories

1) It’s shaping up to be the year of malware exploits

As 2009 ended, we were already seeing personal and business accounts being cleaned out after criminals compromised PCs used for Internet Banking with malware. 2010 is already shaping up to be a very bad year for this.

a) Texas bank sues customer who lost $800k in cyber fraud last year. Banks are not famous for making their customers whole after fraud. In an interesting twist, one bank is preemptively suing a customer over losses! We expect this will continue and we’ll probably see some even stranger stories.

http://www.krebsonsecurity.com/2010/01/texas-bank-sues-customer-hit-by-800000-cyber-heist/

b) NY firm faces bankruptcy after owner’s malware-infected laptop results in loss of $164K. Zeus strikes again! Interestingly, all of the transfers were to domestic accounts. At least one was to a “money mule” who naively

http://www.krebsonsecurity.com/2010/02/n-y-firm-faces-bankruptcy-from-164000-e-banking-loss/

c) FFIEC revisiting guidelines. Are current guidelines enough? Have we followed them correctly? Will we need to wait for court outcomes to get a final answer?

http://www.krebsonsecurity.com/2010/03/regulators-revisit-e-banking-security-guidelines/

d) …and FDIC reports on these losses:

http://www.sans.org/newsletters/newsbites/newsbites.php?vol=12&issue=19&rss=Y - sID200

2) Huge botnet in Spain dismantled. Purportedly 12.7 million zombie PCs strong, the Mariposa botnet was taken down in December and 3 Spaniards taken into custody a couple of months later. (A forth person is being sought out.) It’s great that law enforcement has these successes. Unfortunately, when a void is created it seems someone quickly steps in to fill it.

http://www.theregister.co.uk/2010/03/04/mariposa_police_hunt_more_botherders/

http://www.theregister.co.uk/2010/03/08/botnet_takedown_analysis/

3) A trillion Web requests processed in 2009
Malicious PDF files comprised 80 percent of all exploits for 2009. You heard it right: 80% of all exploits in 209 had Adobe Reader and Acrobat to blame. Yikes.

http://blogs.zdnet.com/security/?p=5473

4) Pwn2Own Competition $100K in prizes
“Pwn2Own, which will kick off March 24 at the CanSecWest security conference in Vancouver, British Columbia where award cash prizes of $15,000 to anyone who can break into an iPhone, BlackBerry Bold, Droid or Nokia smartphone.”

http://www.computerworld.com/s/article/9157098/Hackers_at_Pwn2Own_to_compete_for_100K_in_prizes

5) 75,000 Systems Compromised in Cyberattack
75GB of cache of stolen data has been discovered by NetWitness and only accounts for one-month snapshot of data from a campaign that has been in operation for more than a year. NetWitness did not release the names of the companies compromised but state that 68,000 corporate login credentials have been collected in the single month alone.

http://www.computerworld.com/s/article/9158578/Over_75_000_systems_compromised_in_cyberattack

http://online.wsj.com/article/SB10001424052748704398804575071103834150536.html?mod=igoogle_wsj_gadgv1

6) If relying on Android's swipe gesture passwords for security, you'd better doing constant wipe-downs!

http://gizmodo.com/5474130/swipe-gesture-passwords-maybe-arent-such-a-good-idea
http://www.intomobile.com/2010/02/17/this-is-when-lock-screen-gesture-passwords-dont-work.html

II. Tech Segment

Larry adlibs on Zeus blocklists.

III. Cooltility (Cool + Utility = Cooltility)

Application Recommendation: Back4Sure
“Back4Sure is a freeware program for making backup copies of your documents, pictures, music, videos and anything you find valuable.”
http://freenet-homepage.de/ukrebs/english/back4sure.html

IV. Smarter U.

BackTrack 4. If you haven’t heard of BackTrack, it is a bootable Linux distribution designed for security professionals with many of the best open source security tools. It is a great resource to have in your toolkit. The cost? It is free. Offensive Security offers some very reasonably priced online training modules worth checking out. However, they also provide some videos on getting up and running. Download BackTrack from the offensive-security.com website and then check out the following link on their site:

http://www.offensive-security.com/backtrack-howto.php

Got a suggestion for this space? Please send it to podcast@cuispa.org.