Archive for March, 2009

When Facebook Apps Attack!

March 2nd, 2009 No comments

Facebook, and other popular social networking services like Twitter and MySpace, are the new frontier when it comes to attack surfaces for the bad guys. They are the target of attack because, like Internet Explorer and like Microsoft Windows before it, that’s where the users are. All of these services have been struck by cross-site scripting attacks, malicious add-on applications, password attacks, and everything else in the Web 2.0 tool box.

There is absolutely nothing new in the way these attacks are delivered or the form in which they take. They mostly play on the typical curiosity that an end-user has for the shiny link, app, or video that is presented to them. But that old addage – don’t click on it unless you know what it is – still applies in the vast majority of these social networking attacks.

Facebook has seen several new rounds of malicious application attacks in the last week or so, including yet another tour of the Koobface worm. This particular piece of malware appears as a note from a friend on Facebook with some call to action to see a humorous, or potentially embarrassing, video. The actual payload passes itself off as an update to Flash or other such media viewer. Once installed, the trojan steals cookies for various sites, including Facebook, allowing itself to login and interact with Facebook via its API interface on your behalf. This is how it can then propagate further.

Think “Do I really need to add another smiling puppy to my Facebook page?” the next time that application request comes in. And, no, you probably weren’t caught on video doing something dumb.

Categories: Security Tags:

P2P File Sharing to Blame for Marine One Data Breach

March 1st, 2009 No comments

This seems like common sense to me — if you are responsible for administering or securing a corporate network, in any sector or industry, you are being negligent if you do not do everything in your power to stop P2P software from being used within your network or on machine under your control. This article from CNET is just another example of what can happen when you fail at this task:

An Internet security company claims that Iran has taken advantage of a computer security breach to obtain engineering and communications information about Marine One, President Barack Obama’s helicopter, according to a report by WPXI, NBC’s affiliate in Pittsburgh.

Tiversa, headquartered in Cranberry Township, Pa., reportedly discovered a security breach that led to the transfer of military information to an Iranian IP address, according to WPXI. The information is said to include planned engineering upgrades, avionic schematics, and computer network information.

The channel quoted the company’s CEO, Bob Boback, who said Tiversa found a file containing the entire blueprints and avionics package for Marine One.

“What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,” Boback told WPXI.

Tiversa makes products that monitor the sharing of files online. A representative for the company was not immediately available for comment.

Boback believes that the files probably were transferred through a peer-to-peer file-sharing network such as LimeWire or BearShare, then compromised.

Read more…

Categories: Security Tags: , ,