Largest data breach ever?

It’s just being reported that Heartland Data Systems, a credit card processing company, was breached for a large portion of 2008. They’ve just recently discovered the problem. They process CC transactions for millions of merchants and accept Mastercard, Visa, Discover. You may want to watch your statement carefully — but if the culprits have captured god-knows-how-many-numbers what’s the chance they would use yours?

Heartland has created a website about this event here:


If you’re not a member of Bruce Schniere’s CRYPTO-GRAM mailing list I suggest you sign up right now. It’s a wonderful monthly mailing where Bruce talks about everything from security to cryptographyand comments on the latest news.

In the latest CRYPTO-GRAM there’s an interesting story about one of the first well published cases of impersonation, Martin Guerre.  Guerre was a 16th century French peasant who was impersonated for 3yrs — the impersonator living with his wife and kids!!!

Obama’s cyberspace security roadmap?

In Late December the Center for Strategic and International Studies published Securing Cyberspace for the 44th Presidency. It’s a very good read albeit some parts can become long and dry.  It sounds more like a child’s unrealistic Christmas wish list than anything else.  The whitepaper is heavily suggesting creating a new agency to head up cyberspace security and recommends creating a spot in the president’s inner council.

You can find some interesting critiques of the whitepaper here:

Storm botnet makes a comeback

It is official: Storm is back. The notorious botnet that ballooned into one of the biggest botnets ever and then basically disappeared for months last year is rebuilding — with all-new malware and a more sustainable architecture less likely to be infiltrated and shut down.

Storm all but disappeared off of the grid last year, basically going dormant in mid-September after its last major spam campaign in July — a “World War III” scam. In October, researchers started to write off Storm, at least in the short term. But now they say the big botnet has reinvented itself with new binary bot code, and that it is no longer using noisy peer-to-peer communications among its bots. It has instead moved to HTTP communications, which helps camouflage its activity among other Web traffic.

The manager of security research for Arbor Networks says he was initially skeptical of speculation that Waledac and Storm were one in the same. But the latest findings on the malcode and its activity, the botnet is using many of the same IP addresses that were used in Storm, changed his mind.  But the biggest difference is it is no longer as easily detectable now that it has converted to HTTP communications. “P2P was part of the reason for Storm’s demise. It was easy to filter it,” the manager says. “With HTTP, it is a little harder [to filter] because you have got to know what you are looking for.”
Source: Dark Reading