Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Russian Hacker story in today's news

From: Brad Judy <brad.judy () CU EDU>
Date: Wed, 6 Aug 2014 17:22:34 +0000
Brian Krebs has posted on the topic today:

http://krebsonsecurity.com/2014/08/qa-on-the-reported-theft-of-1-2b-email-accounts/

Brad Judy

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Keller, 
Alex
Sent: Wednesday, August 06, 2014 11:15 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Russian Hacker story in today's news

Hi Folks,

I read the NY Times article yesterday and it immediately triggered the BS meter. Article is exceedingly light on 
details.

Hold Security website is rudimentary and vague:
http://www.holdsecurity.com

WordPress admin interface is running over HTTP (no SSL available):
http://www.holdsecurity.com/wp-admin

They list Brian Krebs (of Krebs on Security) as a "special advisor":
http://www.holdsecurity.com/about/advisory-board/

But Brian has made no note of this story on his blog:
http://krebsonsecurity.com

None of this passes even the most basic sniff test.

Best,
alex


*http://www.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-more-than-a-billion-stolen-internet-credentials.html




Alex Keller
Information Technology
Stanford School of Engineering
axkeller () stanford edu<mailto:axkeller () stanford edu>
(650) 736-6421
[SoE_IT_Logo]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chuck 
Braden
Sent: Wednesday, August 06, 2014 6:02 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Russian Hacker story in today's news


As I read Hold Security's release this seems to be more of a marketing ploy to sell services combined with a 
credential collection scheme of their own.


A news resource I heard this morning said they would provide an ability for users to query to see if their ID or what 
websites had been compromised. No word when that would be available... Im not hearing a lot from the vendor either - 
other than crickets and a cash register bell ring. :-/


Jimmy C Braden
Information Security Officer
AgriLife Information Technology
979-862-7254
j-braden () tamu edu<mailto:j-braden () tamu edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Slocum, 
Stacy
Sent: Wednesday, August 06, 2014 7:57 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Russian Hacker story in today's news

Good morning,

A news story caught my attention this morning regarding the 1+ billion user accounts being collected by "Russian 
Hackers" over the last 18 months.

The story is based on Hold Security's news release dated yesterday (8/5/2014).  As I read Hold Security's release this 
seems to be more of a marketing ploy to sell services combined with a credential collection scheme of their own.  
Additionally their Terms of Service must be agreed to before registering for their "trial" service of matching your 
credentials with those from contained in the breach database and they offer to let you know if your password was also 
in the breached data... after you provide it to them...

Does this seem odd to anyone else?

Thanks,
Stacy

Stacy Slocum
Chief Information Officer
St. John Fisher College
3690 East Avenue
Rochester, NY 14618
(585) 385-8388

Previous By Date Next
Previous By Thread Next

Current thread: