In case you don’t have a television, radio, or even the Internet, which means you wouldn’t be reading this. One of the greatest cyber crimes of all time has finally come to a halt, or so they think…
Eleven people in the US city of Boston have been charged with credit card fraud. The US authorities say the suspects stole the data from more than 40 million credit cards.
The hackers obtained the information by installing software in computers and databases of banks and major store chains. They also drove through residential districts with a laptop to hack into personal computers with wireless connections.
Prosecutors speak of the biggest credit card swindle in US history. The suspects, who have US, Estonian, Ukrainian, Belarus and Chinese nationalities, allegedly embezzled tens of millions of dollars.
So while I’m sitting at DEFCON 16 enjoying a “free” bar tab, I wonder if I’ll see it show up my own credit card since I could quite possibly be funding one of these parties and not even know until it’s too late. Oh well, that’s what the fraud department is for right…
Filed in News by Jay | August 6, 2008 | Have your say
If you haven’t already heard about the meetup and are going to Defcon, there will be a meetup on Saturday, August 9th in the skybox which the folks at i-hacked.com reserved. You can find the full information at mubix’s site located here.
While I won’t be attending Defcon, three of our crew will be. Chris Mills, Jay Mueller, and Rob Fuller. Keep an eye out for them as at some point they will likely be wearing their SecuraBit T-Shirts and passing out free stickers. Jay should have a backpack full of t-shirts to sell should you want one. I am sending off the box today to him, so any further donations to the site for them will be filled by him either by shipping it to you or giving it to you in person at Defcon.
Episode 8 will be delayed until the Wednesday after Defcon, though we expect at least one more SecuraByte in the interim.
Thanks for listening!
Filed in News by Chris | July 30, 2008 | Have your say
On this episode of SecuraBit, we talk to Chris Eng and Chris Wysopal from Veracode about SOURCE Boston, as well as Jennifer Leggio about Twitter and more:
I’m going to be installing wiki software and recruiting some folks to help us do proper full show notes for each episode. We’re also looking for people to help out with the forums, IRC, and research for technical segments. If you can contribute in any way we’ll make sure you get recognized.
Direct link to show here.
Remember to hit up the T-Shirt and Sticker page. Soon I will remove the T-Shirt donate link as I will be shipping the box of T-Shirts to Jay to take with him to Defcon. Hit us up on the forums, or at irc.freenode.net #securabit. Thanks for listening!
Filed in Show Releases by Chris | July 27, 2008 | Have your say
Last night we decided to discuss a little more on the DNS vulnerability issue that’s been the hot topic everywhere in terms of detection and defense. Thanks to guest Chris Wilson for his invaluable insight into the snort signature we were provided by alexkirk in #snort on irc.freenode.net.
We also discussed detection of encrypted traffic on a network, and some of the implications of it.
Direct link to the mp3 is here.
Apologies for Chris Wilson’s audio, his speakers were on unbeknown-st to us, and I cleaned it up as best I could. 
Also, the stickers are finally in! Get your T-Shirts and stickers here!
Filed in Show Releases by Chris | July 25, 2008 | Have your say
I came across these guys a month or so back when I was looking at topics for one of our shows, and I don’t remember whether I touched on them or not, but this project is definitely worth a second look. Their community seems small right now, but the idea behind what they’re doing seems like common sense to me, and I’m not aware of anyone else out there collecting packet captures from anyone who wants to upload one.
Obviously, be careful what you download, but if we can get some traffic their way and get people to upload both malicious and normal traffic captures to them, I think it will end up being an extremely useful resource for anyone who uses packet data for their job, such as writing snort signatures!
Their site is https://www.openpacket.org. Remember that this isn’t for uploading 10 gigs of traffic you captured off of your neighbor’s wifi, and don’t submit your own traffic that includes your paypal and online banking sessions either. :) Make sure you have permission if you’re going to be submitting a capture with information someone other than you generated.
Filed in General by Chris | July 25, 2008 | Have your say
