Jupiter Broadcasting

Let’s Go Phishing | TechSNAP 7

chris

Our very own Allan got caught in the wake of a data breach, and he’ll share the details

In the recent weeks there have been 10 separate attacks against Sony, the details are like nothing we’ve ever seen before. Plus we’ve got a new batch of viewer emails and I’ll share my near disaster war story!

All that & much more on this week’s TechSNAP!

Please send in more questions so we can continue doing the Q&A section every week! techsnap@jupiterbroadcasting.com

Direct Download Links:

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:

[ad#shownotes]

Show Notes:

Topic: DirectAdmin customer database compromised

  • DirectAdmin (by JBMC Software) is a unix web hosting control panel much like cPanel
  • DirectAdmin allows more customization, and scripting than cPanel
  • DirectAdmin provides official support for FreeBSD
  • Customer information was compromised (name, address, email, username, hashed password)
  • Billing information was not compromised (Credit Cards are processed via a gateway and never pass through DirectAdmin’s servers)
  • Unauthorized code was run on the DirectAdmin servers, sending a targeted phishing email to all customers using their real names from the customer database, stating that the version of directadmin they are using was compromised and directing them to a link that would take advantage of a PDF vulnerabilities to install malware on their computer.

https://www.directadmin.com/forum/showthread.php?p=204094#post204094

Topic: Sony suffers a series of compromises around the globe

  1. PSN Compromised and shutdown
  2. SOE compromised and shutdown
  3. So-Net, a Japanese ISP owned by Sony was compromised, and virtual points were stolen from paying customers
  4. Sony Thailand defaced, replacing with credit card phishing site
  5. Sony Online Sweepstakes (2500 Contestants’ personal details leaked)
  6. PSN password reset page exploit (allowed anyone to reset another users’ password)
  7. Sony BMG Music Greece (8500 Usernames, emails, passwords and phone numbers)
    • SQL Injection was used to dump the database and deface the site by hacker b4d_vipera
  8. Sony Music Indonesia (Defaced By k4L0ng666)
  9. Sony Music Japan
    • SQL Injection attack, credit claimed by LulzSec
  1. Sony Ericsson Canada (2000 Usernames, email addresses and hashed passwords)
    • SQL Injection used to expose the database, credit claimed by the Lebanese hacker group Idahca
    • Sony has not notified customers, nor released a comment to the media about the compromise
    • Canadian Privacy Commissioner as of yet not contacted by Sony about the recent breach, and noted that Sony did not proactively notify them about the PSN/SOE breach.
    • OpenSSH 4.4 (Released Sep 2006, Latest: 5.8 Feb 2011)
    • Apache 2.2.10 (Released Oct 2008, Latest: 2.2.19 May 2011, 2.2.17 Oct 2010)
    • Apache 2.2.10 was subject to multiple known vulnerabilities
    • Excessively outdated software such as this indicates that the OS and packages were not being regularly updated or audited.

    2. Timeline Inforgraphic of Sony security woes: https://www.creditcardfinder.com.au/the-sony-playstation-hack-what-it-means-outside-the-gaming-world.html
    Details have come out about specifically what outdated software Sony was running for the PSN/SOE servers:
    As mentioned before on TechSNAP, security researches warned Sony about the problems months ahead of time.

    Q: (Adam) Is there a simple way to handle email encryption in Mozilla Thunderbird
    A: Yes, there is a plugin for Thunderbird called ‘EnigMail’ that allows you to easily implement GPG/OpenPGP in a cross platform way. It requires you to install GPG, you can get it from the official gpg website, or through your favourite package repository for your OS. For windows, there is also GPG4Win which provides an easy installed and some basic GUI utilities. Of course, with email encryption, it is only really useful if the person on the other end is encrypting their email as well. To send an encrypted email, you need the public key of the person you are sending the email to, then they use their private key to decrypt it. While not everyone will have email encryption setup, you can still sign all of your emails, this hash of your email encrypted to your public key means that anyone can use your public key to verify that only you, and no one else, could have sent a particular email, and that the email was not modified in transit.

    Q: (dstoeberl) Since dropbox has proven to be plagued with security design flaws, what about other services like Wuala
    A: Wuala used to be almost as bad as dropbox, but they have improved since then.
    Colin Percival, the FreeBSD Security Officer, makes a competing product, for unix called TarSnap. He talks about some of the problems with wuala and the claims they made:
    https://www.daemonology.net/blog/2007-10-21-wuala-willful-ignorance.html
    https://www.daemonology.net/blog/2007-10-26-wuala-update.html
    https://www.daemonology.net/blog/2008-11-07-wuala-security.html

    They used to make quite a few mistakes, however their system is not fundamentally flawed like dropbox, they encrypt each users’ files before they leave that users machine, so things are far more secure

    I would say they have learned some of the lessons dropbox is now learning. But if you really want secure online backups, you really have to understand the issues, and decide how much you trust the claims the service is making.

    Q: (DreamsVoid) I am building a home file server to go under my bed. It will have 5 hard drives, but I am concerned about cooling vs noise level, and power usage.
    A: There are a few basic principals to consider for cooling any computer. The first is airflow, specifically, you want to make sure you are always drawing cool air in the front of the machine, the exhausting the hot air out the back. Maintaining a consistent directional flow of fresh air will allow the components to displace their heat. Make sure the front intakes of your case have access to plenty of fresh air and keep them clear of dust and debris. Make sure you also gave the machine a decent margin for exhaust, don’t shove the machine tight against a wall, the fans won’t be able to push the hot air as far away from the machine. For noise considerations, where possible, use larger diameter fans, they can move the same amount of air with significantly less noise. Most fans will include 3 importat measurements on the package; Airflow (Cubic Feet per Minute), Air Pressure (millimeters of H2O) and dB(A) (Weighted noise level). You have to compare the numbers and make the tradeoffs that work best for you, a lower noise level fan will move less air, and likely with less pressure. As far as power usage, hard drives only use a few watts, even when active, their largest consumption is during boot up. Hard drives with a lower RPM will use less power, and there are also specific models designed to offer lower power consumption.

    LAS Episode covering Home Server Buils

    Chris War Story:

    https://www.drbd.org/
    Evernote infrastructure

Download & Comment: