Pinboard (jm)
https://pinboard.in/u:jm/public/
recent bookmarks from jmPushwoosh and the Pincer Trojan2022-11-29T09:49:30+00:00
https://krebsonsecurity.com/2022/11/u-s-govt-apps-bundled-russian-code-with-ties-to-mobile-malware-developer/
jmA recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.
]]>trojans pushwoosh push-notifications apps mobilehttps://pinboard.in/https://pinboard.in/u:jm/b:eccce22367b1/The Target hack and PCI-DSS2014-01-17T15:03:44+00:00
http://www.wired.com/threatlevel/2014/01/target-hack/
jmBoth Heartland Payment Systems and Hannaford Bros. were in fact certified PCI-compliant while the hackers were in their system. In August 2006, Wal-Mart was also certified PCI-compliant while unknown attackers were lurking on its network. [...] “This PCI standard just ain’t working,” says Litan, the Gartner analyst. “I wouldn’t say it’s completely pointless. Because you can’t say security is a bad thing. But they’re trying to patch a really weak [and] insecure payment system [with it].”
Basically, RAM scrapers have been in use in live attacks, sniffing credentials in the clear, since 2007. Ouch.]]>ram-scrapers trojans pins pci-dss compliance security gartner walmart targethttps://pinboard.in/https://pinboard.in/u:jm/b:b8af53e8645d/Full iSight report on the Kaptoxa attack on Target2014-01-17T14:36:19+00:00
http://online.wsj.com/public/resources/documents/target.pdf
jmdebit-cards credit-cards security card-present attacks kaptoxa ram-scrapers trojans point-of-sale pos malware targethttps://pinboard.in/https://pinboard.in/u:jm/b:fc95e7c4949e/The Malware That Duped Target Has Been Found2014-01-17T14:33:21+00:00
http://www.wired.com/threatlevel/2014/01/target-malware-identified/
jmkaptoxa trojans ram-scrapers trojan.posram posram point-of-sale security hacks target credit-cards pin ftp netbios smbhttps://pinboard.in/https://pinboard.in/u:jm/b:e4f3d3374eb4/Breakthrough silicon scanning discovers backdoor in military chip [PDF]2013-07-15T09:59:42+00:00
http://www.cl.cam.ac.uk/~sps32/ches2012-backdoor.pdf
jm
This paper is a short summary of the first real world detection of a backdoor in a military grade FPGA. Using an innovative patented technique we were able to detect and analyse in the first documented case of its kind, a backdoor inserted into the Actel/Microsemi ProASIC3 chips for accessing FPGA configuration. The backdoor was
found amongst additional JTAG functionality and exists on the silicon itself, it was not present in any firmware loaded onto the chip. Using Pipeline Emission Analysis (PEA), our pioneered technique, we were able to extract the secret key to activate the backdoor, as well as other security keys such as the AES and the Passkey. This way an attacker can extract all the configuration data from the chip, reprogram crypto and access keys, modify low-level silicon features, access unencrypted configuration bitstream or permanently damage the device. Clearly this
means the device is wide open to intellectual property (IP) theft, fraud, re-programming as well as reverse engineering of the design which allows the introduction of a new backdoor or Trojan. Most concerning, it is
not possible to patch the backdoor in chips already deployed, meaning those using this family of chips have to accept the fact they can be easily compromised or will have to be physically replaced after a redesign of the silicon itself.]]>chips hardware backdoors security scanning pea jtag actel microsemi silicon fpga trojanshttps://pinboard.in/https://pinboard.in/u:jm/b:6f2d48239e0d/Trojan paralyses speed cameras in Moscow2013-02-28T10:00:48+00:00
http://translate.google.com/translate?sl=auto&hl=en&tl=en&u=http://izvestia.ru/news/545688
jmvirus trojans malware via:fanf kasperskyhttps://pinboard.in/https://pinboard.in/u:jm/b:428ea63f321e/Security Fix - Clampi Trojan: The Rise of Matryoshka Malware2009-08-01T10:21:06+00:00
http://voices.washingtonpost.com/securityfix/2009/07/clampi_trojan_the_rise_of_matr.html?wprss=securityfix
jmjoe-stewart secureworks malware reverse-engineering clampi trojans banking security danger risks windows microsoft fraudhttps://pinboard.in/u:jm/b:fef3de2648ed/