Jan 31 2014

How I almost lost my $500,000 Twitter user name @jb… and my startup

Josh Bryant is the co-founder and CEO of Droplr, a collaboration tool for sharing files. He has also worked for Incredible Labs (makers of Donna) and Ancestry.com. He lives in Bend, Oregon. This post originally appeared on his personal blog.

If you haven’t read it yet, check out Naoki Hiroshima’s account of how he was blackmailed into giving his Twitter account away. I read it on Wednesday, and the story was all too familiar to me. My version also has a few implications that are far worse.

I’m @jb on both Twitter and Instagram. My user name is a very heavy target for these types of attacks. It used to be primarily because of the Jonas Brothers, but of course now it’s all related to Justin Bieber. Because of the marketing power behind Bieber's name, there are thousands of companies or hackers who would love to get their grubby hands on my user name for profit. Like Naoki, I too have been offered inordinate sums of money for my user name, and I get a regular stream of "forgot password" e-mails to my inbox.

Read 11 remaining paragraphs | Comments

Jan 31 2014

Upgrading From OpenX to Revive Adserver Is a Minor Upgrade

We have recently gotten a number of questions about how much disruption upgrading from OpenX to the new Revive Adserver causes and as other undoubtedly have the same questions we wanted to address those for a wider audience. The good news is that the upgrade should be seamless in most instances. While the software has new name – due to ownership of the software being transferred – and a jump in version number from 2.8 to 3.0, the changes so far have been under the hood. This means that you won’t have to make changes to zones, campaigns, banners, ad positions, etc.

Two of the releases of Revive Adserver (3.0.0 and 3.0.2) have fixed security vulnerabilities that could lead to the ad server being hacked, so if you haven’t upgrading yet you should do that as soon as possible. There have also been bug fixes and modernization, including support for PHP 5.4 and 5.5, included in the new versions so far.

If you have previously done an upgrade between versions of OpenX 2.8 then you should find the process to be the same when upgrading to Revive Adserver.

So far the only issue we have run in to with the upgrade is that in one instance the upgrade failed to remove the OpenX Market plugin, which had been deprecated. The failure to remove that caused the admin interface to not work due to a Failed Opening Required error for the file /lib/ox/m2M/xmlrpcexecutor.php. If that occurs you can delete the /www/admin/plugins/oxMarket/ directory allowing access to the admin interface where you can fully remove the plugin and the openXWorkflow plugin, which should also have been removed.

If you are looking for someone to handle the upgrade for you, we can do a one-time upgrade for you or we can handle upgrades on an ongoing basis for you (insuring that you always get security fixes applied within a day of their release).

Jan 31 2014

Hotel Franchise Firm White Lodging Investigates Breach

White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin appears to have suffered a data breach that exposed credit and debit card information on thousands of guests throughout much of 2013, KrebsOnSecurity has learned.

whitelodgingEarlier this month, multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels from roughly March 23, 2013 on through the end of last year. But those sames sources said they were puzzled by the pattern of fraud, because it was seen only at specific Marriott hotels, including locations in Austin, Chicago Denver, Los Angeles, Louisville and Tampa.

Turns out, the common thread among all of those Marriott locations is that they are managed by Merrillville, Indiana-based White Lodging Services Corporationwhich bills itself as “a fully-integrated owner, developer and manager of premium brand hotels.” According to the company’s Web site, White Lodging’s property portfolio includes 168 full service hotels in 21 states, with more than 30 restaurants.

White Lodging declined to offer many details, saying in an emailed statement that “an investigation is in progress, and we will provide meaningful information as soon as it becomes available.”

Update: Feb. 7, 9:32 a.m. ET: White Lodging has issued a statement acknowledging a breach at 14 hotels, including Marriott, Starwood, Intercontinental and other brands. Also, NBC is reporting that White Lodging knew about this breach two weeks before this breaking story was first published.

Original story:

Marriott also issued a statement, noting that “one of its franchisees has experienced unusual fraud patterns in connection with its systems that process credit card transactions at a number of hotels across a range of brands, including some Marriott-branded hotels.” The statement continues:

“They are in the midst of the investigation and are in close contact with the banks and credit cards companies.  We are working closely with the franchisee as they investigate the matter.  Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide.  As this impacts customers of Marriott hotels we want to provide assurance that Marriott has a long-standing commitment to protect the privacy of the personal information that our guests entrust to us, and we will continue to monitor the situation closely.”

Other hotel chains franchised by White Lodging — including Hilton and Starwood Hotels (which owns the Sheraton and Westin brands) — could not be immediately reached for comment.

Sources say the breach appears to have affected mainly restaurants, gift shops and other establishments within hotels managed by White Lodging — not the property management systems that run the hotel front desk computers which handle guests checking in and out. In the case of Marriott, for example, all Marriott establishments operated as a franchise must use Marriott’s property management system. As a result, the breach impacted only those Marriott guests who used their cards at White Lodging-managed gift shops and restaurants.

News of the breach comes on the heels of similar attacks against major retailers. Last week, in response to questions about banks tracking a pattern of fraud on cards that were all recently used at Michaels Stores Inc., the nationwide crafts and framing retailer said it “may have experienced a data security attack.” The company has so far declined to offer more information about the matter.

On January 10, upscale retailer Neiman Marcus confirmed that it was the victim of a hacker break-in that exposed customer card data. In a subsequent Q&A published on its Web site, the company said the breach at its stores extended from July 16, 2013 to Oct. 30, 2013, and may have impacted more than 1.1 million customer cards.

Target has said its breach — which ran from Nov. 27 through Dec. 15 — may have affected more than 40 million customer credit and debit cards, and name, address, email address and phone numbers for at least 70 million customers.

Jan 31 2014

New Snowden docs show Canadian spies tracked thousands of travelers

According to newly published documents, Canadian spies tracked thousands of travelers online for days after they left an unnamed Canadian airport.

This revelation, gleaned from 2012 slides (PDF) provided by whistleblower Edward Snowden, shows that the Communications Security Establishment Canada (CSEC) conducted a real-world test that began with a “single seed Wi-Fi IP address” from an “international airport” and assembled a “set of user IDs seen on network address over two weeks.”

The technique appears to be related to one outlined by University of California San Diego and Microsoft researchers in a 2010 research paper (PDF).

Read 22 remaining paragraphs | Comments