Bitstamp reopens Bitcoin exchange, adds security precautions

Major Bitcoin exchange Bitstamp reopened its virtual doors late Friday, four days after it suspended services because of an online theft of 19,000 bitcoins valued at more than $5 million.

Bitstamp, the second largest Bitcoin exchange for US dollars, moved its system to Amazon’s cloud services and added additional security features to make compromises more difficult, Bitstamp’s CEO Nejc Kodrič said in a statement on the company’s website.

“By redeploying our system from a secure backup onto entirely new hardware, we were able to preserve the evidence for a full forensic investigation of the crime,” he said. “While this decision means we have not been able to provide you with services for a number of days, we feel this extra measure of precaution was in the best interest of our customers.”

Read 6 remaining paragraphs | Comments

DDoS service targeting PSN and Xbox powered by home Internet routers

The miscreants taking credit for knocking image board site 8chan offline, and earlier for taking down Sony's and Microsoft's gaming networks, operates an attack platform powered mostly by thousands of hacked home Internet routers, according to a published report.

The revelation, in an article posted Friday by KrebsOnSecurity, is the latest evidence documenting a big uptick in the hacking of Internet routers. Over the past 18 months, researchers have uncovered several other large-scale attacks on routing devices, including those made by Asus, Linksys, and many other manufacturers. Routers are often ripe targets because users fail to change default passwords, and the devices often contain security vulnerabilities that can easily be exploited by attackers halfway around the globe.

Those compromising routers for financial gain appear to be members of the Lizard Squad, a group that operates an online attack service that promises to take down any site a paying customer has requested. KrebsOnSecurity namesake Brian Krebs cited security researchers assisting law enforcement officials investigating the group. The researchers asked to remain anonymous. According to Krebs, the for-hire denial-of-service service is powered by a network of compromised devices that mostly include home routers from around the world that are protected by little more than default usernames and passwords. Krebs wrote:

Read 1 remaining paragraphs | Comments

Heads up, dear leader: Security hole found in North Korea’s home-grown OS

North Korea is a technological island in many ways. Almost all of the country's "Internet" is run as a private network, with all connections to the greater global Internet through a collection of proxies. And the majority of the people of the Democratic People's Republic of Korea who have access to that network rely on the country's official operating system: a Linux variant called Red Star OS.

Red Star OS, first introduced in 2003, was originally derived from Red Hat Linux. In theory, it gave North Korea an improved level of security against outside attack—a Security Enhanced Linux operating system based on Red Hat that could enforce strict government access controls on the few who got to use it.

However, because Red Star has had so few people with access to it, one of the ironic side effects has been that security holes in the operating system may have gone undetected. And as a security researcher who tested the latest release of Red Star's desktop version reported today, one flaw in the system would allow any user to elevate their privileges to those of the system's root account and bypass all those security policies put in place by the North Korean regime.

Read 6 remaining paragraphs | Comments

Spotlight search in Yosemite exposes private user details to spammers

Using the Spotlight search feature in OS X Yosemite can leak IP addresses and private details to spammers and other e-mail-based scammers, according to tests independently performed by two news outlets.

The potential privacy glitch affects people who have configured the Mac Mail App to turn off the "load remote content in messages" setting, as security experts have long advised. Spammers, stalkers, and online marketers often use remote images as a homing beacon to surreptitiously track people opening e-mail. Because the images are hosted on sites hosted by the e-mail sender, the sender can log the IP address that viewed the message, as well as the times and how often the message was viewed, and the specific e-mail addresses that received the message. Many users prefer to keep their e-mail addresses, IP addresses, and viewing habits private, a goal that's undermined by the viewing of remote images.

Like Mozilla Thunderbird, Microsoft Outlook, and many other e-mail clients, Mail allows users to block remote images for precisely this reason. But even when remote image viewing is disabled in Yosemite-based Mail app settings, the images will be opened by Spotlight, according to two recent media reports. The feature is used to search a Mac for files or e-mail containing a specified search term. When spotlight returns a preview of e-mails containing the term, it loads the images, overriding the option. Images are loaded even when the previewed message has landed in a users' junk mail folder.

Read 1 remaining paragraphs | Comments