HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 18, 2014

HP Security Research Key Articles of Interest for July 18th, 2014 

 

Even Script Kids Have a Right to Be Forgotten
Indexeus, a new search engine that indexes user account information acquired from more than 100 recent data breaches, has caught many in the hacker underground off guard. That’s because the breached databases crawled by this search engine are mostly sites frequented by young ne’er-do-wells who are just getting their feet wet in the cybercrime business.

 

Aloha point-of-sale terminal, sold on eBay, yields security surprises
Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal--a brand of computerized cash register widely used in the hospitality industry--on eBay for $200. Oh found an eye-opening mix of default passwords, at least one security flaw, and a leftover database containing the names, addresses, Social Security numbers and phone numbers of employees who had access to the system.

 

Russian hackers placed ‘digital bomb’ in Nasdaq - report
Russian hackers managed to slip a “digital bomb” into the Nasdaq--one with the potential to sabotage the stock market’s computers and wreak havoc on the U.S. economy. That’s according to an investigative report by Bloomberg Businessweek, which revealed the details of a 2010 cybergrenade that never detonated.

UKMOD: Global Strategic Trends - Out to 2045
Global Strategic Trends (GST) describes a strategic context for those in the Ministry of Defence (MOD) and wider Government who are involved in developing long-term plans, policies and capabilities. Without a strategic context there is a risk that planners, policy-makers and capability developers may assume a future that adheres to preconceived thoughts and assumptions. As well as providing a strategic context, this fifth edition of GST (GST 5) identifies long-term threats and opportunities, out to 2045. 

Soraya: The Worst of Both Worlds
Soraya is the first of its kind, a hybrid piece of malware combining popular form grabbing techniques seen in Zeus and memory parsing techniques seen in Dexter and JackPOS. In this report, we join Junior AV Analyst Hong Kei Chan in describing Soraya’s installation then analyzing the two defining elements of Soraya--form grabbing and memory parsing. We will also review the command-and-control (C&C) communication protocol in detail by exploring the features found in Soraya’s control panel.

A Look into Repackaged Apps and its Role in the Mobile Threat Landscape
Repackaged applications, which are a category of fake applications, play a crucial role in the proliferation of mobile malware. Like fake apps, repackaged apps use social engineering tactics, displaying similar user interface (UI), icon, package names and app labels as the legitimate/official version of the apps they spoofed. This is done to trick users into downloading fake apps and consequently, generating profit.

Critical Infrastructure: Security Preparedness and Maturity
A recent survey of 599 security executives at utility, oil and gas, energy and manufacturing companies in 13 countries has found that 67 percent have experienced at least one security breach in the past 12 months that led to the loss of confidential information or the disruption of operations.

Amazon-hosted Malware Triples in 2014
In the first half of 2014, malware hosted by Amazon more than tripled. According to Solutionary’s Security Engineering Research Team (SERT) Quarterly Threat Intelligence Report for Q2, 2014, the web hoster has remained the top malware-hosting provider and saw an increase of approximately 250%, while Q4 13’s second-most afflicted provider, GoDaddy, fell 12%.

 

Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts
We explore how to manage a portfolio of passwords. We review why mandating exclusively strong passwords with no re-use gives users an impossible task as portfolio size grows. We find that approaches justified by loss-minimization alone, and those that ignore important attack vectors (e.g., vectors exploiting re-use), are amenable to analysis but unrealistic. In contrast, we propose, model and analyze portfolio management under a realistic attack suite, with an objective function costing both loss and user effort.

 

Here’s How Easy It Could Be for Hackers to Control Your Hotel Room
Shenzhen is the Silicon Valley of mainland China. Situated about 50 minutes north of Hong Kong, the modern city is home to the Shenzhen Stock Exchange and numerous high-tech giants and startups. So naturally, the city’s five-star hotels regularly host wealthy moguls in their luxury rooms. Last year, one of those hotels also hosted a hacker from Spain who discovered that he could seize control of the wealthy guests’ highly-automated rooms.

 

The information contained in this blog post is from publicly available sources. Avoid suspicious links and advertisements. These articles do not represent HP’s view or position on any of the topics listed. This blog post is provided as a news service only – it is not an official position by HP. The intent of this blog post is to share current events related to the cyber security industry within HP. 

Labels: HPSR
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.