“Anonymous’ failed attack against Israeli websites last month has left security experts cautiously optimistic that the hacktivist group will be unsuccessful in its plans to disrupt U.S. government and banking sites.
Anonymous plans to launch distributed denial of service (DDoS) attacks on May 7 against nine government sites and more than 130 financial institutions….”
Experts hope for another failure in next Anonymous attack.
Networkworld (ShareThis)
Secure your devices. Bottom-line, there are malicious users on the web that can find your device (webcams, IP cameras, routers, SCADA and other devices). Change the default passwords and update software/firmware when it is available. Disable UPNP and look for vulnerabilities that may affect your device.
CNN’s Money on “Hacking anything connected to the internet“
Mickey found a great site that gives the approximate time it will take to break your password. The site, howsecureismypassword.net gives the approximate time and a background color that indicates how secure your password is. There are other things to worry about. One of the things people don’t realize is that the code in your website may reveal even the most complex passwords. It is up to the webmaster of your site to keep you secure.
This post is for educational purposes and any use of these tools against a network without explicit permission could be illegal. Metasploit is designed to identify weaknesses in networks and hardware/software on a network. Do NOT use metasploit for other reasons.
Want to protect your network and the computers in your network? You can get updates for your operating systems (Linux, Mac, iOS, Android, Windows or whatever) along with updates for third party programs yet you can still be unsecure. When updating these products, you also have to remember firmware and updates for wireless devices, access points, bridges, firewalls, routers, switches, SCADA devices, robots, mobile devices, printers and any device on your network.
Metasploit
http://www.metasploit.com/download/
Metasploit Community is free and allows for a free scan of your network or server. Although limited (Try Pro for details and Brute Force), Metasploit Community is a first step in finding open services and ports on your operating system, hardware devices such as routers and other devices. The trick to installing Metasploit is to disable your antivirus or make exceptions to what your antivirus finds. You should truly install the software inside of a VM (Virtual Machine) so that your computer remains protected.
You can use Metasploit to protect your network by ‘seeing’ what a hacker or malicious person would see. Truly for network professionals and auditors, this software can help you identify services, ports and weaknesses in your network.
There are several versions of Metasploit – Community, Pro, Express and Framework (Compare Editions)
The above scan was in a controlled lab. Malicious scanning of networks may be illegal. Read Penetration Basics on Metasploit’s website.
Tutorials (Videos)
From Help Net Security
47 individuals were arrested on Wednesday by the officers of the Royal Canadian Mounted Police following an investigation of a highly organized and disciplined criminal ring that has managed to steal at least $7 million via cloned bank cards…read more
Please tweet, share or reblog this post. With this problem coming up, get the word out. See how to check your computer at the end of this article.
In July thousands of computers will be without internet. Over 300,000 users still infected! DNS Changer is a piece of malware that could possibly affect thousands of computers that are currently running through FBI computers. This Malware redirected you to malicious DNS servers.
What is DNS? DNS is a form of services all computers, notebooks, tablets, netbooks and phones run through in order to use the internet. When you type a url such as http://www.wordpress.com your computer goes to a DNS server and the name is converted to an IP address so that your information can be routed to the webserver you are trying to view.
Scan your computer for viruses, malware and spyware. Use your anti-virus program (Download AVG free or Microsoft Security Essentials) and scan with Malwarebytes or SuperAntispyware portable edition. Check your computer by using the information found below.
Want to learn about malicious activities and the internet? Be sure to visit each of the links below.
Fortunately, the FBI intercepted these (all known) malicious DNS servers in order for users to travel to legitimate sites. However the intercepted DNS servers and redirects by the FBI will be turned off in July. It is estimated over 300,000 people are infected. Be sure to check your network and computers for these infections.
DCWG gives information on Detect, Fix and Protecting your computer.
FBI – Check to see if your computer is using a rogue DNS server – Link
Operation Ghost Click Information
Dark Readings Article on Teaming Up to Take Down Threats
Team Cymru Information (Security)
Team Cymru helps organizations identify and eradicate problems in their networks, providing insight that improves lives.
Check out their movie on one day of malicious activities
Team Cymru Battle Project
Botnet Analysis and Tactical Tool for Law Enforcement (BATTLE) displays IRC and HTTP botnet, crimeware, and phishing data on an interactive world map in near real time. It is intended to provide enough information to enable law enforcment to identify botnets and attacks that are of interest to them. On the right-hand side of this page you can see an example screen shot of the BATTLE interface.
Security professionals are leery of one-way public-private partnerships, but Operation Ghost Click shows that the model is necessary to take on international threats
Advanced IT Professionals – Information on Servers
Advanced IT Professionals can see DNS server status here.
Sample Status for IT Professionals – below (use the link above to check DNS status)
Sandia National Laboratories gives an analysis of your domain here
Sample Status of DNS/Domain information
(provides DNSSEC, Responses, Servers and the ability to Analyze domains)
Thanks to Dawn Babian our Network Admin, Mickey Chilton and Virginia Dennis for links and information.
LulzSec mastermind “Sabu” was identified today as 28-year-old Hector Monsegur, who has been working with the FBI since being arrested last summer and pleaded guilty to computer hacking crimes. We’re digging into court documents and planning detailed coverage of the story…All the latest on the unmasking of LulzSec leader
Shared by Share/Email
Every year we feature the Identity Theft Resource Center and their database on companies that were hacked during the past years. Go over and visit their site. Remember these are KNOWN breaches. ID Theft Resource Center
In apparent retaliation for the federal takedown of online storage and file transfer site Megaupload announced by the Department of Justice today, the Anonymous hacktivist collective went to work waging mass distributed denial-of-service (DDoS) attacks that knocked offline the websites of the DoJ, Motion Picture Association of America, the Recording Industry Association of America, and Universal Music.
Anonymous’ Back With A Vengeance: Downs DoJ, MPAA, RIAA, Universal Music Websites – Dark Reading.
Symantec confirmed that a hacking group has gained access to some of the source code of its Norton Antivirus product, but also stated the code was old and not stolen directly from Symantec servers.
MSNBC’s Red Tape recently posted information about printers that have internet access could be remotely programmed (firmware) and information could be obtained from print jobs allowing that information to be forwarded to other computers. Very interesting article. (November 2011)
HP has fixed firmware security for many printers (http://www.hp.com/cgi-bin/hpsupport/index.pl) Look for your printer and make sure you have the latest firmware (Normally listed below drivers).
This applies to all printers – keep the firmware up to date. Often firmware adds more features and not just security features.
While we don’t support any malicious activity, it is very easy to find online printers by using Google. Make sure you lock down your printer if it is a network printer. You can set passwords on most printers’ web interface. Many printers store documents in cache and this can be a real security problem regardless if the firmware hack existed or not. This will lock down the updating of firmware for some printers. Look for manufacturers to update firmware for these printers.
Zone-h.org has an excellent site to see defacements and what is going on across the internet. Reviewing the archives and live defacements, Linux is defaced (hacked) more times than Windows. What exactly does this mean? Is Linux unsafe? Not at all. It truly falls on the administrator who configured Linux. There is a false sense of security when you install Linux based on all of the sites and forums that support Linux’s ability to be safe and reliable. Truly it can be the safest if the following holds true -
All operating systems have vulnerabilities. And yes Apple, Microsoft and Linux is only as safe as the end user.
