Networking Monitoring News – Feb 2016

By Ron Samson Jr February 1, 2016

Credit Card Liability

There are reports that fast-food chain Wendy’s has been hacked. Wendy’s spokesman Bob Bertini has stated that they are investigating reports of unusual payment card activities used at some of their locations. “We have been working with our payment industry contacts since recently learning of these reports and we have launched a comprehensive investigation with the help of cybersecurity experts to gather facts, while working to protect our customers,” he said in an email.

The real story here is with Wendy’s swiping terminals. Mastercard, Visa and American Express along with other card providers have been pushing US merchants to change their swipe terminals to the new EMV chip terminals by October 31 of last year. Merchants that are not compliant face much higher liability risk if they suffer a data breach. If it turns out Wendy’s was indeed breached, this will be the first time the new liability processes will be tested in a large scale.

https://www.usatoday.com/story/money/2016/01/27/wendys-investigating-unusual-payment-activity/79397598/

Fortinet SSH Backdoor

Fortinet has acknowledged that an SSH backdoor detected in some of its products exists in some of the company’s new products as well. The accounts with a hardcoded password are “remote management” features, according to Fortinet.

This vulnerability has been heavily probed and it needs to be addressed as soon as possible. An exploit is trivial if the attacker is able to connect to a vulnerable firewall.

https://www.theregister.co.uk/2016/01/23/thought_you_were_safe_from_the_fortinet_backdoor_think_again/

Moving away from Browser Plugins

As some of you know, web browser vendors are slowly moving away from supporting web browser plugins, eliminating the ability to embed Flash, Silverlight, Java and other plugin based technologies. This is a very good thing for all of us. Plugins such as Flash Player and Java account for the vast majority of drive by infections because of all the programming errors that exist within the code base.

Oracle has stated that it is finally migrating away from browser plugins for Java and moving developers to their new Java Web Start technology. Unless you need Java for specific applications, it should be removed from all machines.

Oracle plans to deprecate the Java browser plugin in JDK 9. This technology will be removed from the Oracle JDK and JRE in a future Java SE release.

Early Access releases of JDK 9 are available for download and testing at https://jdk9.java.net/. More background and information about different migration options can be found in this short whitepaper from Oracle.

https://blogs.oracle.com/java-platform-group/entry/moving_to_a_plugin_free