Hacking links June 5, 2014

'Half of American adults hacked' in the past year - really? - John Zorabedian - Naked Security

Recently, CNN reported on a study that claimed that 47% of US adults have been hacked. The thing is those percentages and the numbers might not actually be representative of the population. Also at question, the term hacked. Should employee negligence or insider theft be considered negligence? Probably not.

Thieves Planted Malware to Hack ATMs - Brian Krebs - Krebs on Security

This occurred in the Chinese territory of Macau. The process for the hack is quite interesting. The criminals slide a long skimming board down the ATMs card slot to install the malware. The malware would log anyone that used that information and a few days later they'd follow the same process to get the logged information and to remove the malware. Pictures of the device and the rest of the kit are featured in the article.

Hacking the Registry to keep Windows XP Updating - A Bad, Bad Idea - Rafal Los - Following the Wh1t3 Rabbit

Apparently, someone has figured that you can change the registry of a Windows XP machine to make it look like a Point-of-Sales (POS) terminal, which are still getting Windows XP updates. This might not be the best idea in the world as POS terminals are much different than a computer installed with Windows XP and patches could negatively affect system stability. If you're that desperate to get Windows Updates, just go ahead and upgrade your system. It will save you a love headache in the long run.


InfoSec Links April 16, 2014

Xbox password flaw exposed by five-year-old boy - BBC

This five-year-old boy is now on Microsoft's page thanking people for finding problems in their software. The boy found that if you hit spacebar multiple times in a password field he could get access to his dad's Xbox live account. Not surprising, his dad works in security.

XPocalypse: Experts Warn of Attackers Hoarding Windows XP 'Forever Days' - Fahmida Y. Rashid - Security Week

Just another reason to upgrade your Windows XP computers to a newer operating system. Attackers are saving their exploits for after support so that they are not discovered and patched.

IRS another Windows XP laggard, will pay Microsoft for patches - Peter Bright - ars technica

That is unless you're the IRS and you procrastinated on upgrading your computers to a newer operating system. It's going to cost $30 million dollars to finish the upgrade. Before they do that though they're going to give Microsoft anywhere from $500K to $11M (actual number to be published later) to continue to support their old XP boxes. Oh, and the IRS made it very clear that this won't be an excuse for you to miss the April 15 tax filing deadline. Hooray government.