July 2008

You are currently browsing the articles from IT Security Top Headlines written in the month of July 2008.

Citibank ATM breach highlights PIN security issues

Yahoo News reported 1st July 2008 that hackers broke into Citibank’s network of ATMs inside 7-Eleven stores and stole customers’ PIN codes. This highlighted a disturbing security hole in the most sensitive part of a banking record: the PIN.

Apparently this netted the thieves millions of dollars in illegal profits.

More importantly for the average consumers, it showed that criminals were able to access PINs by attacking the back-end computers responsible for approving the cash withdrawals (the 3rd party processor). That means, they probably did not have to touch the ATMs at all.

A critical issue is that how the hackers infiltrated the system has not been publicly answered yet.

It could only be speculated that:
(i) they could’ve gained admin access to the server through a flaw in the network or by figuring out their passwords; or
(ii) they installed malware on a banking server to capture unencrypted PINs as they passed through.

Yes, this is a more sophisticated method than phishing.

Full story

Written by pinolobu on July 31st, 2008 with no comments.
Read more articles on news.

DNS cache poisoning exploits has begun

Attack code that exploits flaws in the net’s addressing system are starting to circulate online, say security experts. The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details. In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread. Net security groups say there is anecdotal evidence that small scale attacks are already happening.

Full story

Written by pinolobu on July 28th, 2008 with no comments.
Read more articles on news.

ICANN’s icann.com and iana.com hijacked, but recovered in 20 minutes

The domain names hijacked were ICANN.com and IANA.com — for the ICANN subdivision known as the Internet Assigned Numbers Authority. Visitors to those addresses are normally redirected automatically to the organization’s main sites at ICANN.org and IANA.org, neither of which was affected by the attack.

ICANN said Thursday that new, unspecified security measures should prevent such attacks in the future. The organization also said it was reviewing other security procedures.

Source

Written by pinolobu on July 12th, 2008 with no comments.
Read more articles on news.