Showing posts with label hack. Show all posts
Showing posts with label hack. Show all posts

Thursday, February 16, 2012

Spoofed mail messages...

I was reading about email hack attacks advisory by FINRA and it shows what I'm constantly stress in my education talks about email service: It is very insecure service in general and it shouldn't be used for anything serious. What is not clear is why it is necessary to hack someone's mail account in order to spoof a message. I suppose that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reason is some secret code (i.e. password) that is necessary to provide within mail message in order to prove message aucá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365nticity? In any case, email is insecure and that's it. Yeah, I know, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are S/MIME and PGP, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are still not used much!

But, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is always but, and it is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 case when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 correspondence is internal to an organization. That case can be treated as a more trustworthy for a simple reason that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 messages are passing through mail server, and in general through network infrastructure, under cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 local control (e.g. some company). Of course, this assumes that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network of that company is sufficiently secure, or that a threat of unauthorized access to a network is sufficiently small.

Now I here you saying that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is a problem: someone from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 outside can falsify a message so that it looks like it originates from some internal users. Basically, this is not a problem for users that know where to look (i.e. headers), but for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 majority, and those that don't look offten headers, this is indeed a problem. Still, I think, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are two possible solutions. The first one is for mail server (actually spam filter) to reject messages claiming to originate from some internal user and coming from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 outside. The second one is via some plugin for mail client (which doesn't exist yet as far as I know) that would analyze From and Received attributes in a message header and in case cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y match (mail originating IP address is internal and From field is internal mail address) it would show a message in a green color, ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise in a red color, signalizing to a user that something is strange with this message.

For cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 post, here is a link to educational games I found during search for a original advisory from FINRA. Namely, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 article I first encountered about email attacks didn't provide its source, so I googled for it and in due course I found those games which I think are interesting!

Friday, February 3, 2012

More news about security incidents...

During this week cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re were several hacks and security related events. I'll summarize cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m here.

First, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re was a news that VeriSign was hacked, which is actually quite a big news. Here are some reactions to it. Not much is known what happened or what is a damage. It turns out that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hack happened in 2010. but neicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r management nor public were notified by technical staff. VeriSign reported incident in SEC filling where Reuters spotted it. What is important is that VeriSign is actually in a security business and it runs two very important services, issuing of SSL certificates and DNS system.


Second incident is related to Anonymous posting a recording of a conference call between FBI, Scotland Yard and some ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r law enforcement agencies. The conference call was about investigation of Anonymous and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r similar groups. The mail message was sent to 44 different addresses across 8 different organizations. Quite a huge number. Apparently, anonymous got hold on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mail from one or more of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 recipients of a mail message. The mail message contained also access code and conference call bridge telephone number (BridgeTN). This probably allowed crackers to dial to conference call bridge, enter access code and get into a conference call. Actually easy. The point is that Anonymous didn't intercept cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 call as many Web pages are screaming!

About Me

scientist, consultant, security specialist, networking guy, system administrator, philosopher ;)

Blog Archive