All News (139 Posts)

<< Next - First ... 8 9 10 11 12 ... Last - Previous >>

Flame and the DEB93D trail

#69 - Posted on 6 June 2012 - Author: SM - Category: Security, Hacking

In the last few weeks there has been a lot of noise about what looks like the latest State sponsored malware, Flame. You can find a lot of information about it from Kaspersky and also from the CrySyS lab who seems to have done some parallel investigation and call it differently (sKyWIper).

This malware is quite interesting for several reasons:
1) It seems to focus on stealing information rather than being directly disruptive.
2) It has been active for 5+ years and has remained undetected until now.
3) It has an option to delete itself, but in doing so leaves one file. a ~DEB93D.tmp file.
4) It is modular and can/has been used to intercept Microsoft update using fake certificates t...
>>[READ MORE]

Apple in Denial

#68 - Posted on 7 April 2012 - Author: SM - Category: Security

Note: Many of the security articles I have written about Apple on this blog are negative and the reader could think I do not like Apple. This is actually very far from the truth, I am a big Apple fan; but I am also a security professional and I do not agree with their overall security strategy.

The title of this post is inspired directly from an Article I read on ZDnet, discussing the latest security threat that infected an estimated half a million Mac with malware: “BackDoor.Flashback.39″.

Mac Trojans are evolving and becoming more frequent, last August a Mac Trojan (Bash/Qhost.WB)was found in a fake Flash updater that once installed would redirect google search results to “bad sites”, then in September another Mac Trojan ( >>[READ MORE]

Satellite phones encryption attacked

#67 - Posted on 5 March 2012 - Author: SM - Category: Security

About a month ago, Arts Technica ran an article about the encryption standards used by satellite phones that have been broken.

This is yet another exemple of a proprietary encryption system which appears to have been weakly designed and implemented.
Although they have only been able to break the communication from the Satellite to the phone and not the other way around, it should still be of concern for anyone using those phones to transmit sensitive information without additional security.
Even if the audio codec still needs to be reversed engineered, this should be the easy part of this attack!

Someone is likely to get a great PhD as the paper exposing this issuewas co-written by such student.

...
>>[READ MORE]

Windows 8 Picture Password, great but…

#66 - Posted on 2 March 2012 - Author: SM - Category: Hacking

After looking at the new features listed for Windows 8, one in particular caught my attention: The Picture Password Login.
It is a very refreshing approach to authentication!

You are presented with a photo at log in and instead of entering a password, you have to touch the image according to the “allowed” touch sequence you registered your user with. In some respect it is similar to the existing gesture based authentication mechanisms you can find on some smartphones (anyone remember that feature on the Palm V?!), but I think it is taken to the next step.
Microsoft is maybe trying to do to passwords what Apple did to the Walkman.

By providing you with a photo of your choice (i.e.: your own family picture), and a restricted number of gestures (point, draw a line and circle) it is easier to remember a sequence, more natural and more personal. For exemple, you would circle the head of your best friend, touch the feet of your child and stroke your dog&...
>>[READ MORE]

John Nash on Cryptography

#65 - Posted on 1 March 2012 - Author: SM - Category: Security, Cryptography

John Nash is a famous mathematician whose life inspired the Hollywood movie “A beautiful Mind”. However, summerizing his life through that light hearted movie would be very inadequate!

So, this genius mathematician who worked in game theory, differential geometry, and partial differential equations as well as winning a Nobel Prize in 1994 appears to also have had some great insights into modern cryptography… back in the 1950s!

As seen in this article, NSA recently released a series of documents related to letters/conversationa between the NSA and Nash in 1955, where the mathematician made an unsuccessful but noted attempt to communicate his own take on a crypto machine.

If anything, reading at the hand written...
>>[READ MORE]

Another iPhone hack, this time with a paperclip!

#64 - Posted on 24 February 2012 - Author: SM - Category: Hacking

There is a new vulnerability with iOS5 powered device with a SIM card. I have tried it and it works.
You need to know the number of your victim and by combining a missed called, removing the SIM card, putting it back in and swiping the missed call alert it is possible to bypass the lock screen and access the phone.

Look at the video from the weirdly named group called iPhoneIslam, you need to get the timing right!

YouTube Direkt

...
>>[READ MORE]

Bringing Your Own Device, a Security challenge.

#63 - Posted on 14 February 2012 - Author: SM - Category: Security

There is an increasing level of noise in the enterprise about Bringing Your Own Device (BYOD). That you like it or not, it is most probably happening right now within your company unless your are “lucky enough” to be able to enforce strict controls as to what devices are allowed and able to access your data.

For a true BYOD concept, meaning with no restrictions on what that device might be, there are only 2 possible way to enable it:

1) To allow network access to your data/application directly from any devices
or
2) To make your data/application available from the Internet, and the easiest incarnation of that is through web applications.

With the first approach, focusing on the network access, the positives are that you can have more control over the environment from which the data/application is accessed from. Such as enforcing a minimum set of security controls and quarantine non compliant devices. The negatives, though, are the need for a ...
>>[READ MORE]

Smile, you are being recorded!

#62 - Posted on 13 February 2012 - Author: SM - Category: Hacking

The BBC has recently ran an article about a hacker who has published details on how to hack a certain type of webcam. This story is interesting for several reasons.

First, it further highlights how fragile our privacy has become since we live in a digital world with details of our life being kept on the internet: personal blogs, twitter feeds, Facebook or Government/Health records, etc. All this data is available online if you have the right access to the system it is held on. But it is not just still photos or lines of texts, it can also be live pictures through personal webcams or state surveillance cameras. Again, that data is available if you have the right credentials. In this case, hundreds of Trendnet webcam users thought/thinks their live video feed was protected through the use of a userid and password, but a bug in its firmware allows anyone to access it by...
>>[READ MORE]

Koobface, The dangerous game of naming and shaming

#61 - Posted on 24 January 2012 - Author: SM - Category: Security

There has been wide coverage of the naming and shaming of the supposedly perpetrators behind the Koobface botnet that has affected Facebook and other social sites for a few years.

The gang leader was first named on Dancho Danchev’s blog, then the Facebook’s security team threaten and did reveal the gang’s real identity, the New York times even ran an article on it and finally Sophos published another in-depth look at how they also discovered their identity. In between, many other sites jumped in to share that information.

I am slightly uncomfortable with this approach.

It appeared to have worked in this instance as the bonnet Command & Centre has been turned off, and it also appears they named the right perso...
>>[READ MORE]

Most websites are vulnerable to a hash collision DOS attack

#60 - Posted on 3 January 2012 - Author: SM - Category: Hacking, Security

By websites, I should really have said Web Applications, but the end result is the same: A server which is serving pages on the Internet could see its CPU usage increasing to a level making that server unusable for a few minutes or more. All that from a relatively small specially crafted malicious HTTP request.

This vulnerability exists in most languages used to develop web applications: PHP, ASP.Net, Java, Python, Ruby, etc. And it has been known to exist in theory since 2003!

Last week, Alexander Klink and Julian W�lde explained at the 28th Chaos Communication Congress in Germany how exactly the theory became reality and the impact on the different web application languages were affected.

The core of the issue is the way hash lists have been implemented in those languages. By “Hash” they both refer to a specific type of data structure and the cryptographic function. A >>[READ MORE]