All News (137 Posts)

<< Next - First ... 5 6 7 8 9 ... Last - Previous >>

SANS Brochure Challenge Write-Up

#97 - Posted on 1 January 2015 - Author: SM - Category: Challenges

Last Summer SANS organised a security/hacking challenge through 4 of their brochures, each brochure had an “easy” challenge in the form of a hidden message to de-cipher to get a URL to the second level of each of the 4 challenges.

Below is a brief explanation of the steps I took for the main technical challenges:

1. Challenge 1, level 2: Alice’s encrypted file for Bob
First you need to load the pcap file provided for that question into Wireshark, two type of traffic should catch your attention: some HTTP and SMB traffic. Doing a quick search (CTRL-F) for the string Bob in the “packet bytes” will get you to Frame 669, which is a web chat over HTTP where Alice mentions to someone that she needs to send a file to Bob and R...
>>[READ MORE]

BlackHat Europe 2014 – Some Highlights

#96 - Posted on 27 October 2014 - Author: SM - Category: Conferences

Hacking conferences are a great way to learn he latest hacking techniques and more underground ways of thinking on IT Security. They complement nicely more corporate Security Training courses such as the ones offered by SANS.

They tend to be more chaotic, the talks are not as polished, some of the techniques discussed will have limited effect in the real world and connecting to the event WIFI is asking for trouble.
On the other hand, the atmosphere is buzzing with brain activities, convictions (right or wrong!), passion and cutting edge topics. If you can follow the rythme and embrace the moment then you will get out of this type of conferences energised and full of new ideas!

This year I attended the “Nuit du Hack” in France which runs other 24h, literally. You get some talks during the day, there is only 1 track so you get to watch/listen to all the talks. And during the night there is a traditional Capture The ...
>>[READ MORE]

iOS Backdoors

#95 - Posted on 24 July 2014 - Author: SM - Category: Hacking, Security

In the last few days there has been an increasing noise related to some iOS backdoors. Apple does not deny they exist, but contests how they can be used.

This is not new, and the security researcher who presented his findings did highlight that, it is likely related to methods being used by certain forensic software sold to law enforcement.
What is “concerning” is the following:
– These backdoors are actively maintained and developed by Apple, how much more data will they allow to be extracted from iOS device in future;
– Those backdoors provide access to SMS, Contact, and other potential sensitive data on the phone; they also allow to bypass full disk encryption. This highlight the fact that unless you phone is off, the data on your phone is no longer encrypted per say, but only protected by access control (PIN);
– If it can be used by law enforcement, it can be used by “greyer” parties ...
>>[READ MORE]

Critical Infrastructure and Cyber attacks

#94 - Posted on 3 May 2014 - Author: SM - Category: Security

I recently came across an article on a UK newspaper, the Guardian, about Mt Kaspersky predicting a riot. Well, not exactly. He is predicting a major cyber terrorist attack on UK soil which will disrupt major critical infrastructure.

http://www.theguardian.com/technology/2014/may/01/eugene-kaspersky-major-cyberterrorist-attack-uk

I find this interesting, not because it is new, it isn’t. I find it interesting because there has been an increasing media visibility and attention to this topic in the last few years. By the way, I am also a big believer of “it will happen soon”. The internet of things is not a secure affair.

And I also find it quite a coincidence that Mr Kaspersky is warning us about a real life Die Hard 4 risk scenario as only yesterday I came across that following article:

...
>>[READ MORE]

Heartbleed, do not panic!

#93 - Posted on 10 April 2014 - Author: SM - Category: Security

The security issue related to OpenSSL has been all over the news in the last couple of days.

It is indeed a very bad issue, one that can let an attacker access the login details, including passwords, of registered users from vulnerable Websites/Servers. Yahoo mail, was one of those sites…out of nearly a million others!

This vulnerability has been around for 2 years, it affects servers usingOpenSSL 1.0.1 through 1.0.1f (inclusive).

Those servers could be running consumer websites or other applications. For example, the Network Security Monitoring suit: Security Onion, was vulnerable until yesterday when a security fix/update was released. The same applies to the Penetration Testing platform Kali 1.06, which was vulnerable until today!

If those applications/environments were internet facing, userids and passwords may have been compromised in the last 2 years.

This issue allows the attacker to access the memory of a vulnerable server, it means that ...
>>[READ MORE]

Bluetooth under attack

#92 - Posted on 4 February 2014 - Author: SM - Category: Hacking

I have heard of Ubertooth for a while now and it seems it use to attack bluetooth devices keep growing. Once recent attack described HERE can leverage the Ubertooth sniffing capability to crack the encryption algorithm used by the Bluetooth Low Energy (BLE) standard. BLE is also referred to as Bluetooth Smart.

 

Sure, BLE/Bluetooth Smart is different from Bluetooth, but it issupported by most recent mobile devices (i.e.: the latest iPads and iPhone as well as some Android devices), and will be increasingly used in “smart” appliances, from toothbrushes to fridge if you believe this >>[READ MORE]

Apple Security in the Enterprise

#91 - Posted on 3 February 2014 - Author: SM - Category: Guides

There is a good document from the UK government describing the different security features available in Apple Mac OS X 10.8 and the ones you should consider if using a Mac as an enterprise end point:

OS X 10.8 UK Gov security guidance document.

In light of all the noise created by the NSA and GCHQ surveillance programs you might be tempted to dismiss governments’ position and view when it comes to IT Security. However,I found that document quite good and high level enough to be understood by mid-level management at least :)

They do refer to an MDM solution for some of the controls without specifying which one, so I assume they are referring to a OS X Server Profile Management solution as described by Apple HER...
>>[READ MORE]

A new look

#90 - Posted on 23 January 2014 - Author: SM - Category: Misc

It seems I refresh the look of this website every 3 years and 3 years was up so here the new look :)

I decided to go with a slick, low maintenance theme.

It has also been a few months since I updated this website, hopefully this should change soon!

...
>>[READ MORE]

Using a phone as a keylogger, next it will be a smartwatch!

#89 - Posted on 30 October 2013 - Author: SM - Category: Hacking, Security

There is an interesting paper from Georgia Tech College describing a clever proof of concept where a phone is used to eavesdrop on keystrokes.
This is done by leveraging the phone motion sensor capability and placing it next to a keyboard. They managed to create a dictionary of words/vibrations that is able to recognise words typed on a keyboard just by analysing the vibrations made from typing.
Of course, you are likely to notice someone’s else phone sitting next to your keyboard but what if your phone got hacked and that software loaded onto it?

They conducted their proof of concept on an iPhone 4 but this is likely to be also possible on other platforms/devices.

In fact, with upcoming smart watches this concept will be even more relevant! Now I can see a use for that Apple M7 chip! ;)

As I am typing this note, my phone is next to my keyboard. Maybe I should move it awayR...
>>[READ MORE]

New iPhone 5S Fingerprint reader, a step in the right direction!

#88 - Posted on 13 September 2013 - Author: SM - Category: Security

Apple has just announced two new models of iPhones, one of them is the iPhone 5S which comes with a fingerprint reader. Like others I believe this is no silver bullet, but it is a step in the right direction in terms of helping the masses to secure their iPhones.

There are two main areas of potential security failures:
– Fingerprints can be copied and once compromised you can’t “change” for new ones;
– The Fingerprint reader security implementation will be very important, any defects or flawed could be exploited to gain unauthorised access.

Apple may not be the first company to provide an embedded fingerprint reader into their phones, but like it did for tablets and smartphones, it will be the company that will popularise it...
>>[READ MORE]