Gentlemen, Start Your NGINX | TechSNAP 128

Gentlemen, Start Your NGINX | TechSNAP 128

A zero day flaw has Microsoft scrambling, and the banking hack that only requires a nice jacket.

Then it’s a great big batch of your questions, our answers, and much much more!

On this week’s TechSNAP.

Thanks to:


GoDaddy


Ting

Direct Download:

HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

– Show Notes: –

Crooks Hijack Retirement Funds Via Social Security Administration Portal

  • Traditional SSA fraud involves identity thieves tricking the beneficiary’s bank into diverting the payments to another account, either through Social Security’s 800 number or through a financial institution, or through Treasury’s Direct Express program
  • The newer version of this fraud involves the abuse of the SSA’s my Social Security Web portal
  • The SSA added the ability to change direct deposit information via their my Social Security Web portal. Shortly thereafter, the agency began receiving complaints that identity thieves were using the portal to hijack the benefits of individuals who had not yet created an account at the site.
  • As of August 23, 2013, the SSA has received 18,417 allegations of possibly fraudulent mySocialSecurity account activity.
  • There is no suggestion that SSA’s systems have been compromised; this is an identity theft scheme aimed at redirecting existing benefits, often to prepaid debit cards.” – via Jonathan Lasher, assistant inspector general for external relations at the SSA’s Office of Inspector General.
  • Banks usually will alert customers if the beneficiary account for SSA payments is changed. But she said those communications typically are sent via snail mail.
  • Many customers will overlook such notices.
  • If you receive direct deposits from the Social Security Administration but haven’t yet registered at the agency’s new online account management portal, now would be a good time take care of that.
  • Because it’s possible to create just one my Social Security account per Social Security number, registering an account on the portal is one basic way that consumers can avoid becoming victims of this scam.
  • In Canada, registering on the Canada Revenue Agency’s website, requires information from your previous years tax returns, and an activation code is snail mailed to you

Microsoft warns of a 0day in all versions of Internet Explorer, working on a patch for IE 6 – 11

  • The flaw in question makes remote code execution possible if you browse to a website containing malicious content for your specific browser type
  • Actively being exploited against IE8 and 9
  • Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
  • The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
  • The company is offering the following workarounds and mitigations:
  • Apply the Microsoft Fix it solution, “CVE-2013-3893 MSHTML Shim Workaround,” that prevents exploitation of this issue. Note: This ‘fixit’ solution only works for 32bit versions of IE
  • Set Internet and local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones.
  • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones.
  • CVE-2013-3893
  • Additional Coverage

Cyber Police Arrest 12 Over Santander Bank Heist Plot

  • The Metropolitan Police’s Central e-Crime Unit (PCeU) has arrested 12 men as part of an investigation into an “audacious” plot to take control of a Santander Banking computer.
  • The PCeU is committed to tackling cyber-crime and the damage it can cause to individuals, organisations and the wider economy.”
  • According to the police, the group sent a man in dressed as a maintenance engineer, who managed to attach a IP-KVM (keyboard video mouse) device to a machine in the bank, allowing the attackers to remotely carry out actions on the computer
  • The men, aged between 23 and 50, were arrested yesterday, whilst searches were carried out addresses in Westminster, Hounslow, Hillingdon, Brent, Richmond and Slou

Feedback

10.1.10.254:/mnt/fart /mnt/nfs nfs auto,noatime,nolock,defaults,user=1001 0 0

Round Up:

iOS 7 Swamps the Internet

Question? Comments? Contact us here!