TrustCC helps banks and credit unions navigate many kinds of IT threats. One of the most interesting threat vectors in recent years is “Scareware,” a pop-up window that displays a warning stating a victim machine is infected with some sort of virus or spyware, even though it is not.
Such programs are extremely widespread and are increasingly used by cybercriminals. Read the rest of this entry ?
This week we hacked a bank using an exploit that takes advantage of a vulnerability in Symantec’s Enterprise Anti-Virus Product (nerds say SYM09-007). And when we say hacked we are not talking about getting access to someone’s iTunes library. We were able to gain full domain admin privileges (equivalent to “god-like-privileges” in the Windows world). And with these privileges we were able to access any system in the domain and steal/change/delete all data. This week’s breach demonstrates that keeping Windows up-to-date is only a part of the solution.
You see, the bank we hacked this week was fully patched with regard to Windows. Read the rest of this entry ?
At both last week’s Washington Banker’s Association (WBA) Technology Conference and this week’s WBA Compliance Conference I presented on the emerging threat of nefarious banner ads. To reinforce the topic I thought I’d insert a little news clip from this week’s information security headlines:
Banner ads can be nasty!
The solution… Read the rest of this entry ?
A recent trend of cyber attacks on small and mid-size US firms is netting big profits for criminals in the multi-million dollar scam. According to a report in Tuesday’s Washington Post, SMB customers of financial institutions are infected with a virus through phishing or other malicious activities. The virus captures logon credentials for online banking systems and transmits the credentials to the cyber-thieves. Read the rest of this entry ?
Defcon finished last weekend and I’ve had nearly a week to execute my final post on this event. It has been tough to formulate my thoughts for my message is sobering. This blog is written primarily for a readership composed of community size banks and credit unions. My dilemma is how to tell them (YOU) that the “hacker” world is technically advanced, internally cooperative, curiously motivated, and unimpeded by corporate “talk” of security and controls. In other words, banks and credit unions, if you merely give security and controls lip service for compliance purposes, you may suffer dearly. Read the rest of this entry ?
Welcome to a series of four posts about the Defcon Conference in Las Vegas. TrustCC sends staff to the conference every year to ensure we are up to speed with the latest development of exploits in the hacking community. Today I witnessed the complete hack of a mobile phone, I witnessed people having their userids and passwords captured over insecure wireless networks, and I listened to a number of very interesting talks about new exploits and recent hacks.
First a photo of the room at Defcon set aside for contests. Read the rest of this entry ?
Most TrustCC clients have active and effective patch management programs. We have certainly encouraged, both through our audits and our blog posts, that everyone actively patch with as aggressive a schedule as you can manage. Today’s news however, points us to a flaw that we commonly find in our client’s patch management programs. Many clients are singularly focused on Microsoft patches and fail to stay on top of other third party products.
Third party products are equally critical. Case in point, a security research firm studying cyberattacks in the first 6 months of 2009 recently reported that 43% of the 1500 attacks identified by the firm (F-Secure) were attributed to Adobe Reader. Read the rest of this entry ?
Are you running anti-virus software on your ATMs? A new Trojan that specifically attacks Diebold ATMs has been detected in Eastern Europe. The virus logs data in a file on the ATM enabling the attacker to retrieve the data and perform other tasks through the ATM keypad. Read the rest of this entry ?
TrustCC’s blog is intended to provide articles relevant to financial institutions. Why an article about keeping home computers safe? It seems a bit more than 20% of our financial institution clients allow remote access to business systems from home. While this capability is often limited to select personnel, the criteria for allowing remote access is typically never connected to the ability to ensure the “home system” is secure. So we thought we post a quick one highlighting 5 steps to keep home computers safe. If you are responsible for managing remote access for your financial institution, you may want to craft a policy that requires those with remote access to comply with these recommendations. Read the rest of this entry ?
A security research firm* posted the results of their recent browser password tests about a week ago. I have to admit that I am susceptible to the risks they’ve uncovered… and I am genuinely concerned! I use Firefox on both my Mac and my PC and Firefox fared better than most other browsers. Read the rest of this entry ?
You are currently browsing the archives for the Emerging Threats category.
