Skip to main content

The WiKID Blog

Viewing posts tagged Authentication Attacks

kim-cameron-on-fingerprint-readers

Read the post: Fingerprint charade.

lexis-nexis-breach

As Adam had pointed out the Lexis Nexis breach was due to " misappropriation by third parties of IDs and passwords from legitimate customers".

logins-for-ftp-sites-offered-for-sale

According to Techworld, Finjan has discovered that logins for 8,700 FTP servers are for sale.

Using the Alexa.com domain ranking, Finjan found 10 of the top 100 domains in the database, 100 of the top 500 domains, and 50 of those between 500 and 1,000.
My reaction: FTP? Really? You've got to at least hope that it's SFTP.
The hacked servers could be used to distribute crimeware by injecting iframe tags into any webpage stored on the compromised FTP servers. Indeed the server accounts were themselves being traded by a web application able to rank and price them according to their Google page rank for re-sale to other criminals.
Fancy.

majority-of-lexisnexis-breaches-the-result-of

As pointed out by Adam at Emergent Chaos:

The company said that the 59 identified incidents -- 57 at Seisint and two in other LexisNexis units -- largely related to the misappropriation by third parties of IDs and passwords of legitimate customers and stressed that neither LexisNexis nor the Seisint technology infrastructure was breached by hackers.

So, essentially, if LexisNexis had been using strong authentication for their customers, none of this would have happened.

micro-targeted-attacks-on-the-rise

According to MessageLabs via ZDNet:

During March, MessageLabs intercepted 716 e-mail messages that were part of 249 targeted attacks aimed at 216 of its customers, the Gloucester, England-based provider of hosted e-mail filtering services said in a research report. Of the attacks, almost 200 consisted of a single malicious e-mail designed to infiltrate an organization, MessageLabs said.
Emphasis added.

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom