IT News had an interesting article about a bank here in Australia discovering a physical wire tap and phoney card reader installed in a branch that was siphoning off credit card informaion and PINs and broadcasting them over radio to the 'bad guys'. I wonder how long it had been there?

Very old school hacking, considering these days most credit cards are stolen from half a world away without the need for physical access.

With all the emphasis on protecting against the virtual attacks, sometimes the physical vulnerabilies get forgotten, such as the 'cutting the phone lines' attack I blogged about in 2009.

It's the 90s all over again as a 'death worm' (Morto Worm) is squirming through the internet knocking on RDP ports (3389/TCP). In this day and age an attack as simplistic as this one, it replies on brute forcing admin accounts from a predefined username password list, shouldn't be able to infect any corporate machine....right?

Microsoft have some more info on this retro attack, including listing the usernames it attacks:

1
actuser
adm
admin
admin2
administrator
aspnet
backup
computer
console
david
guest
john
owner
root
server
sql
support
support_388945a0
sys
test2
test3
user
user1
user5

...and the passwords:
*1234
0
111
123
369
1111
12345
111111
123123
123321
123456
168168
520520
654321
666666
888888
1234567
12345678
123456789
1234567890
!@#$%^
%u%
%u%12
1234qwer
1q2w3e
1qaz2wsx
aaa
abc123
abcd1234
admin
admin123
letmein
pass
password
server
test
user

If you are using any of those passwords (especially on Windows boxes), change them immediately and go sit in the naughty corner for half an hour.

One of the big tech stories of the week is that HP has suddenly killed off it's WebOS tablet after lackluster sales.

The sudden death of a OS is not such a common thing, especially in consumer devices (obsolescence is another matter) which left me wondering what happens to those WebOS users if (when?) security vulnerabilities are found in their shiny new tablets?

Admittedly it's a tiny minority of the tablet market and the internet user base as a whole, but most of the time consumers have had a good few years (14 years in the case of Windows XP!) to use their PC/Tablet/phone/etc before support is yanked - not a matter of weeks or days - or in the case of the bargain hunters, no support from the get-go.

It's an unusual situation. Maybe they just all install Android....

McAfee have released an interesting piece of research called 'Operation Shady RAT'.

According to Dmitri Alperovitch (McAfee's VP of threat research):

I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.

With the recent (allegedly) state-sponsored high-profile attacks such as 'Operation Aurora' and 'Night Dragon' [pdf] it's a statement that is (depressingly) possibly more accurate than not.

Terms like 'state sponsored' or 'state actor' are often a PC way of saying 'China'. McAfee don't go as far as to name the state they suspect, but China has nonetheless taken offence to the report - slamming it (via the People's Daily) as 'irresponsible'. McAfee do point out some of the interesting attacks that occurred around the time of the Beijing Olympics on targets of "likely no commercial benefit", such as the IOC and World Anti-Doping Agency, and if there's one thing I learnt from watching too many cop shows growing up - whenever there's an investigation the first question from the detective is "who stands to benefit from the crime?"

Who indeed?

The pdf verision is also available here [pdf]

Courtesy xkcd.org