Steve Ragan

Author Archives: Steve Ragan

Security basics for the holiday season, and the year to come

Let's go shopping!Image by Diariocritico de VenezuelaAs far as theft and fraud are concerned, consumers face (and willingly accept) a moderate amount of risk when they shop online or out in their local neighborhoods. This holiday season is no different, but the risk is elevated some, because criminals are looking for easy marks and low-hanging fruit.To read this article in full or to leave a comment, please click here

Security basics for the holiday season, and the year to come

Let's go shopping!Image by Diariocritico de VenezuelaAs far as theft and fraud are concerned, consumers face (and willingly accept) a moderate amount of risk when they shop online or out in their local neighborhoods. This holiday season is no different, but the risk is elevated some, because criminals are looking for easy marks and low-hanging fruit.To read this article in full or to leave a comment, please click here

Q&A: The myths and realities of hacking an election

Election hacking has become a key topic during this year's presidential elections, more so now that candidates and voters are being actively targeted by actors that are assumed to be acting with Russian support. In this modified edition of CSO Online's Hacked Opinions series, we explore the myths and realities of hacking an election, by speaking with a number of security experts.Q: Can the national election really be hacked? If so, how? "It’s unlikely that the national election could really be hacked to alter the outcome. Voter registration databases have recently proven vulnerable, but adding, modifying, or deleting records doesn’t produce the intended effect (changed outcome); it just raises questions about the integrity of the database on election day," said Levi Gundert, CP of Intelligence and Strategy, Recorded Future.To read this article in full or to leave a comment, please click here

Hacking an election is about influence and disruption, not voting machines

Every time there's an election, the topic of hacking one comes to the surface. During a presidential election, that conversation gets louder. Yet, even the elections held every two years see some sort of vote hacking coverage. But can you really hack an election? Maybe, but that depends on your goals.The topic of election hacking is different this year, and that's because someone is actually hacking political targets. Adding fuel to the fire, on Aug. 12, 2016, during an event in Pennsylvania, Donald Trump warned the crowd that if he loses the battleground state, it's because the vote was rigged.To read this article in full or to leave a comment, please click here

Five arrested for impersonating the IRS, listen to a recorded scam in progress

Five people have been arrested in Miami who are said to be responsible for scamming 1,500 people out of more than $2 million by impersonating IRS agents. Their scams centered on contacting individual taxpayers out of the blue and demanding payments under the threat of jail time.News of the arrests circulated Tuesday after the Associated Press reported on them. Sources in the Treasury Department said that the five individuals - all Cuban nationals - demanded money from their victims, threatening arrest if the payments were not wired immediately.In recent months, the scammers demanded payment via iTunes gift cards.Scams such as this, Deputy Inspector General Tim Camus told the Washington Post, have become the "largest and most pervasive" the IRS has faced over the last three decades. Some 6,400 victims have reported more than $36 million in losses, some paying up to $5,700 on average.To read this article in full or to leave a comment, please click here

Five arrested for impersonating the IRS, listen to a recorded scam in progress

Five people have been arrested in Miami who are said to be responsible for scamming 1,500 people out of more than $2 million by impersonating IRS agents. Their scams centered on contacting individual taxpayers out of the blue and demanding payments under the threat of jail time. News of the arrests circulated Tuesday after the Associated Press reported on them. Sources in the Treasury Department said that the five individuals - all Cuban nationals - demanded money from their victims, threatening arrest if the payments were not wired immediately. In recent months, the scammers demanded payment via iTunes gift cards. Scams such as this, Deputy Inspector General Tim Camus told the Washington Post, have become the "largest and most pervasive" the IRS has faced over the last three decades. Some 6,400 victims have reported more than $36 million in losses, some paying up to $5,700 on average.To read this article in full or to leave a comment, please click here

Comcast’s Xfinity Home Security vulnerable, fail open flaw leaves homes exposed

Researchers at Rapid7 have disclosed vulnerabilities in Comcast's Xfinity Home Security offerings. The flaws cause the system to falsely report that a home's windows and doors are closed and secured, even if they've been opened.Comcast's Xfinity Home Security system is one of the many next-generation alarm systems that are app controlled and promise to deliver real-time alerts and notifications to homeowners.However, researchers at Rapid7 have discovered flaws that would cause Comcast's system to falsely report that a home's doors and windows are closed and properly secured, even if they've been opened. In addition, the flaws also mean that Comcast's system would fail to sense an intruder's motion in the home.To read this article in full or to leave a comment, please click here

Microsoft updates trust list after private key for Xbox Live leaks

On Tuesday, Microsoft updated their Certificate Trust List (CTL) after the private key for xboxlive.com was leaked to the Web. The company didn't explain how the leak happened, but the exposed certificates were immediately revoked and replaced."Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks," the software giant explained in their advisory."To help protect customers from potentially fraudulent use of the SSL/TLS digital certificate, the certificate has been deemed no longer valid and Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of the certificate."To read this article in full or to leave a comment, please click here

Three indicted in JPMorgan hacking case

On Tuesday, Manhattan US Attorney Preet Bharara's office unsealed an indictment against three individuals charged with hacking several financial institutions, financial news publishers, and other companies.In a statement to Reuters, JPMorgan confirmed that the recently unsealed indictment is connected to last year's hack, which impacted 83 million households.Monday's indictment focuses on Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein.In court documents shared with CSO Online, the prosecutors say that between 2012 and 2015, the three pulled off "the largest theft of customer data from a U.S. financial institution in history" by stealing the personal information of more than 100 million people.To read this article in full or to leave a comment, please click here

Comcast resets nearly 200,000 passwords after customer list goes on sale

Over the weekend, a reader (@flanvel) directed Salted Hash to a post on a Dark Web marketplace selling a number of questionable, if not outright illegal goods. The post in question offered a list of 590,000 Comcast email addresses and corresponding passwords.As proof, the seller offered a brief list of 112 accounts with a going rate of $300 USD for 100,000 accounts. However, one wished to purchase the entire list of 590,000 accounts, the final price was $1,000 USD.Saturday evening, Salted Hash contacted Comcast about the account list being sold online. By the time our message reached them, Comcast had already obtained a copy of the list and their security team was checking each record against the ISP's current customer base.To read this article in full or to leave a comment, please click here

From start to finish, inside a PayPal Phishing scam

One of the world's most targeted brands...Image by PayPalPayPal is one of the most commonly targeted brands for Phishing, nearly equal to banks when it comes to potential financial gain for criminals.Today, we're revisiting the concept of how to spot a Phishing email by focusing on a recent Phishing campaign that's targeting PayPal customers. We'll start by pointing out visual cues that will help you avoid becoming a victim, but we'll also go thorough the scam completely so you can see what it looks like.To read this article in full or to leave a comment, please click here

Dow Jones & Co. discloses breach, incident likely related to Scottrade

On Friday, in a letter to customers, the CEO of Dow Jones & Co. disclosed a data breach affecting 3,500 people. Based on public details, the incident seems similar to a breach reported by Scottrade last week that impacted 4.6 million investors. In his letter, Dow Jones Chief Executive William Lewis said that law enforcement officials informed the company about the potential breach in late July. After bringing in outside help, an investigation turned up a confirmation that the systems housing the customer data was accessed – but there is no proof that data was exfiltrated. The investigators also determined that the attackers had access to the system between August 2012 and July 2015.To read this article in full or to leave a comment, please click here

Organizations should focus data sharing post-incident, not attribution

LAS VEGAS - There have been several notable security incidents in the news this year, from healthcare and retail breaches, to financial; even security firms themselves have been targeted.In each instance, attribution seems to take the lead during incident response, something organizations should resist. The key is collecting the right information and passing it on to the right people. When it comes to figuring out who did it and where they are, authorities are the ones who should take the lead – organizations that focus on this area first are wasting resources and time.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers US Attorney Ed McAndrew (DE), who has years of experience working cases dealing with Internet-based crimes under his belt, recently spoke to CSO Online and offered some unique insight into the federal side of incident response and what organizations can to do better prepare for law enforcement involvement.To read this article in full or to leave a comment, please click here

Social Engineering: 6 commonly targeted data points that are poorly protected

It's the little things that cause the biggest problemsImage by ThinkstockThis week, thousands of hackers have traveled to Las Vegas to learn about the latest in security research and techniques during BSides Las Vegas and Black Hat. This weekend, during DEF CON, the education continues as hackers roam the halls moving from talk to talk or head over to one of the villages.To read this article in full or to leave a comment, please click here

Newest RIG exploit kit driven by malicious advertising

LAS VEGAS - Earlier this year, a disgruntled reseller leaked the source code for version 2.0 of the RIG exploit kit.Since then, the RIG's author has released version 3.0, which was recently discovered by researchers from Trustwave. The latest version uses malvertising in order to deliver a majority of its traffic, infecting some 1.25 million systems to date.There have been a few notable changes made to RIG between versions, including a cleaner control panel that's easier to navigate, changes to the URL structure used by the kit that helps it avoid detection, and a security structure that prevents unauthenticated users from accessing internal files – clearly implemented to avoid leaks such as the one that exposed the source code for the previous version.To read this article in full or to leave a comment, please click here