Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Affinity Gaming got hacked into its system for the second time

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

May 6, 2014

Click here to order the best dedicated server and at a great price.

US Casino operator Affinity Gaming has had its credit card processing system hacked into for the second time in less than a year.

The Las Vegas-based company said that hackers were successful in breaching a system in April that processed customer credit and debit cards, but that it had no evidence at that time that cards were compromised.

"Affinity Gaming and its IT experts indicate that no credit card data was stolen after late afternoon April 28, 2014," it said in a statement.

Affinity Gaming, which ran eleven casinos across four U.S. states, recruited security consultancy firm Mandiant to investigate the security breach.

It did not say how many customers may be affected, however. The security breach comes after the company's payment systems were hacked into last year with up to 300,000 credit cards compromised.

Worse, hackers had maintained full access to the payment systems between March and October 2013. Black hats also owned payment systems operating at a gas station run by parent company Terrible Herbst.

In Febuary 2014, the websites of several Las Vegas casinos were also defaced after Sheldon Adelson suggested the United States bomb Iran.

In other internet security news

A group of researchers from universities in Luxembourg, Germany and the United States say they can dramatically improve the detection of privacy leaks between various processes in the Android operating system.

The researchers, led by Li Li of the University of Luxembourg, are looking for various methods to identify mobile apps that send private data outside the app's own domain without the user's consent (often by accident), via intra-component leaks, inter-component communications (ICC) and also inter-application communication (IAC).

They claim that the tool they describe in this paper at Arxiv detected 88.3 percent of inter-component privacy leaks, and when used in combination with ApkCombiner, also detected inter-application privacy leaks as well.

As noted in the paper, privacy leaks have been the subject of lots of academic research into Android, with Yajin Zhou a noted discoverer of different kinds of leaks.

The Android components that can contribute to those leaks include calls like StartActivity, StartActivityForResult, Query, StartService and so on and so forth.

To be sure, the Li Li paper outlines a technique called Static Taint Analysis, using a tool called IccTA that analyses inter-component and inter-app links.

IccTA takes existing tools Epicc (from Pennsylvania State University, whose Damien Octeau and Patrick McDaniel contributed to the study) and FlowDroid (the German contribution, with Steven Arzt, Siegfried Rasthofer and Eric Bodden from EC SPRIDE), and extends them into the Android environment.

Their goal is to look both at how an app behaves both on its own, and how it interacts with other apps-- “IccTA enables a data-flow analysis between two components and adequately models the lifecycle and callback methods to detect ICC based privacy leaks,” the researchers wrote.

“When running IccTA on three thousands applications randomly selected from the Google Play store as well as other third-party markets, it detects 130 inter-component based privacy leaks in twelve applications.”

The good news must be that only a dozen apps out of the 3,000 tested actually revealed privacy leaks. Li Li's colleagues at the University of Luxembourg, Alexandre Bartel, Jacques Klein, Yves Le Traon, also took part in the project.

In other internet security news

Google is hoping that phishers will have a tougher time attacking victims if a new feature introduced into its beta Chrome browser makes it into a future full release.

Google's so-called origin-chip feature cleans up Chrome's omnibox (the address bar) by removing lengthy URLs and replacing them with just the domain name shorn of "htttp://" and "www". There's also the origin chip that produces the full URL.

Apple also introduced a similar arrangement in Safari on iOS 7 and it seems to work pretty well. Google has tested the new feature in beta versions of Chrome, but users didn't care for it and it was subsequently relegated to a default off state in later updates to the experimental Chrome fork, dubbed Canary.

There was opposition to the feature centred on the disorientation it caused to users who wandered lost on the internet unsure of what pages they were perusing, despite that URLs can be viewed with a click.

Google Chrome's own front-end developer Paul Irish offered to share his distaste for the feature despite its anti-phishing function and adding that its future was a bit on shaky grounds.

"We're looking at a few key metrics to see if this change is a net positive for Chrome users. I imagine it may help defend against phishing," Irish said in a forum post.

"My personal opinion is that it's a very bad change and runs against Chrome's ultimate goals set forth by its development team. I hope the data backs that up as well."

Opposition from users would certainly impact the feature's future, he added. But fellow Chrome developer Jake Archibald backed the feature and said it would have saved him from nearly losing his bank details to a phishing site.

"Find someone who doesn't work in technology, show them their bank's website, and ask them what about the URL tells them they're on their bank's site. In my experience, most users don't understand which parts of the URL are the security signals," Archibald wrote.

"Browsers stopped showing the username / password part of URLs because it made phishing too easy. This is a natural progression," he added.

Archibald's card was nearly taken by clever phishers who established a mock Halifax.co.uk website which replaced forward slashes in the legitimate URL with full stops.

When rendered in the experimental browser, Canary sings an alarm in the form of a whopping big origin box. But with so much opposition from Chrome power users and Google's own developers, combined with its relegation to a default off state, origin-chip's days seem numbered.

In other internet security news

According to internet security consultant FireEye, a group of hackers have apparently attacked several U.S. government agencies, defense contractors, energy companies and banks by exploiting the now well known security hole in Microsoft's Internet Explorer.

FireEye is the cybersecurity company that revealed the software bug last week. The company discovered that hackers took advantage of a software design flaw in the Internet Explorer Web browser to secretly take control of computers.

The cyber attack has been called "Operation Clandestine Fox," and affects all versions of Microsoft's IE Web browser. Microsoft has since issued a fix, but FireEye's announcement yesterday greatly underscores that there are already victims.

FireEye also spotted that hackers are now specifically targeting older computers as well running on the outdated Windows XP operating system and those using the Internet Explorer 8 version of the browser.

Among those still using Windows XP are (incredibly) the Defense Department, the IRS and, yes, bank ATMs! And that's a huge issue, because Microsoft has taken its 12-year-old operating system off life-support and ceasing all regularly scheduled security updates.

It's easy to ignore Internet security scares, especially when there's a deluge of news about them. In the month of April alone, the internet community was bombarded with news about the pervasive Heartbleed bug, a massive AOL hack and the Internet Explorer glitch. One arrest has already been made in Canada by the RCMP regarding the Heartbleed bug.

But there are real world consequences. The Heartbleed bug was used to steal personal information of Canadian taxpayers. The AOL hack led to a flood of spam that could link to virus-infected websites or internet sites that contain various forms of malware.

An attack like Clandestine Fox is of the more serious variety-- a cyber reconnaissance mission by a foreign government that reveals weaknesses in industries crucial to the United States' economy, defenses and power.

It targeted power plants, banks, government agencies and military technology, which is essentially a precursor for war, said David Kennedy, CEO of security consulting firm TrustedSec.

"They're going after the core critical infrastructure of the United States, so in the event of a war, they can take it down," Kennedy warned. "The scary part is that the financial sector and energy segment are extremely vulnerable."

A typical power plant, for example, makes expensive investments on equipment that's meant to last decades. It's common to find 1970s-era software on turbines, Kennedy said. But that's a real danger since the internet wasn't publicly accessible until 1994.

"When you have old technology, the defenses they made back then aren't adequate at all today," he said. FireEye wouldn't say who is launching the attack, but offensives of this nature are typically conducted by foreign governments.

In the past, cybersecurity firms have pointed to China and Iran, and still are. We'll keep you informed on these as well as other stories.

In other internet security news

Despite all the numerous recent warnings from security experts around the globe and a massive public awareness campaign, internet users are less aware of the Heartbleed security flaw than other recent risks, and that has the internet community really concerned, especially people at the Pew Research Center.

According to a public survey of 1,500 people conducted by Pew, about 18.3 percent feel they are well aware of the dangers of the security hole, and less than 40 percent have taken action to protect their accounts to a certain degree.

The survey polled internet users on both the level of their awareness on the data-leaking OpenSSL flaw and the various steps they have taken to change credentials which may have been harvested by attackers.

The study of 1,500 American adults was taken in the midst of the Heartbleed scare between the April 23 to 27. During that time, researchers also found that about 59.8 percent of adults had heard of Heartbleed in some form or another, though 41 percent said that they had "a little" information about the security flaw and just 19 percent had heard "a lot" about it.

Additionally, just 39 percent of those polled said they had taken steps to secure their accounts against attacks by changing passwords or canceling unused accounts.

Those numbers, say researchers, indicate far less interest among the public in Heartbleed than other recent security threats. Pew studies in the past found that events such as the Edward Snowden data leaks drew heavy interest from more than half of all internet users, while other recent current events have caught the public attention at a higher rate than Heartbleed coverage.

"The Heartbleed story registered roughly the same level of public awareness as the U.S.-Iran negotiations and agreement to allow monitoring of Iran’s nuclear program in November and December 2013, and Catholic Bishops in the U.S. protesting Obama Administration policies they believe restricted religious liberty (July 2012)," Pew wrote in its report on the survey.

While public awareness is lacking, many of the enterprises and service providers most impacted by Heartbleed have been taking major steps to alleviate the danger posed to their systems by the OpenSSL vulnerability.

While the Heartbleed fix has been a challenge for system administrators, end users can and should reduce their exposure with simple steps such as updating their software and firmware, as well as changing their passwords.

In other internet security news

Earlier today, Microsoft has warned the internet community of a new security hole in all available versions of its Internet Explorer web browser.

Security vulnerability No. CVE-2014-1776, to give the issue its formal name, allows hackers to hijack at-risk Windows computers. It's all due to the way Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated, Microsoft explained to us.

The security vulnerability means that the browser may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.

"Microsoft is aware of limited, targeted attacks that attempt to exploit this security issue in Internet Explorer," Microsoft added.

"A potential attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view a specific website, most likely containing viruses or some malware.”

And Internet Explorer 6 through 11 are all at risk, on all current versions of Windows from Vista to Windows 8 and even Windows Server 2003 to 2012 R2.

The security problem is understood to be present in IE on Windows XP, although that operating system is no longer supported since April 8, 2014.

Microsoft's recommended reaction to the issue is to deploy version 4.1 of The Enhanced Mitigation Experience Toolkit (EMET), as that software “helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the issue harder to exploit.”

The U.S. Homeland Security's Computer Emergency Readiness Team (CERT) has urged "users and system administrators enable Microsoft EMET where possible and consider employing an alternative web browser until an official update is available".

Microsoft suggests a few other workarounds, such as switching on IE's Enhanced Protected Mode or setting security levels to “High” to stop ActiveX controls and Active Scripting working.

The good news is that Windows Server's default settings make it rather difficult to create the kind of honeypot website that could exploit this security hole.

Microsoft hasn't said for now when a new security patch will be available, but is looking into it. We'll keep you posted on this and other stories as they happen.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Source: Affinity Gaming.

Click here to order the best dedicated server and at a great price.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.












Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer









Click here to order our special clearance dedicated servers.


Get your Linux or Windows dedicated server today.





Click here to order our special clearance dedicated servers.