Advertisements

Security

  • September 24, 2012

    Pwn2Own 2012 Results

    Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference and began in 2007.  Contestants are challenged to exploit widely used software and mobile devices with previously unknown vulnerabilities. For 2012 the rules were changed to a capture-the-flag style competition with a point system.  Google withdrew from sponsorship of the event because the 2012 rules did not require full disclosure of exploits from winners. When Pwn2Own 2012 concluded we saw Chrome, Internet Explorer, and Firefox all being compromised Apple’s Safari was the only browser to be left standing.  This was the first year Chrome got hacked it’s been untouchable up till this year. The list of exploits we saw used and executed were CVE-2010-3346 (Internet Explorer) CVE-2009-3077 (Firefox) CVE-2011-0115 (Safari) CVE-2010-0050 (Safari) CVE-2010-0248 (Internet Explorer) CVE-2010-2752 (Firefox) There was another pwn2own this year the Zero Day Initiative (ZDI) sponsored by RIM and AT&T is taking place in Amsterdam.  Where hackers were asked to compromise 4 devices BlackBerry Bold 9930 Samsung Galaxy SIII Nokia Lumia 900 Apple iPhone 4S Using exploits of Mobile Web Browsers Near Field Communication (NFC) Short Message Service (SMS) Cellular Baseband What we learned from this information is the iPhone 5 is vulnerable to the same attack that successfully breached an iPhone 4S at the mobile Pwn2Own hacker contest.  A fully patched iPhone 4S device was compromised and contacts, browsing history, photos and videos were stolen from the phone. The iPhone took an epic hit when an exploit was built for the vulnerability in WebKit to beat Apple’s code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, which means iPhone 5 is also vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable. The Samsung Galaxy S3 can be hacked via NFC allowing attackers to download...
  • September 18, 2012

    Microsoft Internet Explorer Security Flaw

    Microsoft discovered a bug or as us techies call it zero day vulnerability in the Internet Explorer web browser.  The bug makes PCs vulnerable to attacks by hackers and malicious code.  The security flaw affects hundreds of millions of Internet Explorer browser users.  Microsoft said attackers can exploit the bug to infect the PC of somebody who visits a malicious website and then take control of the victim’s computer. All but one supported edition of IE is affected: 2001’s IE6, 2006’s IE7, 2009’s IE8 and last year’s IE9. Together, those browsers accounted for 53% of all browsers used worldwide.  The only exception is  IE10, the browser bundled with the new Windows 8, which does not contain the bug. Windows users are advised to switch from Internet Explorer to Chrome, Firefox or Opera until the bug is patched.  Microsoft did not say how long that will take, but several security researchers said they expect the update within a week.  The when Microsoft patches it will be rated “critical” the company’s highest threat ranking. Update: Microsoft will be releasing an out of band “critical” patch on Friday at close to 10 a.m. PT to patch this vulnerability.
  • Mitt Romney’s tax returns are reportedly in the hands of a team of hackers who plan on releasing them publicly on Sept. 28 unless a $1 million ransom is paid in Bitcoins. The group allegedly obtained the files from PricewaterhouseCooper’s Tennessee office on Aug. 25, in what was described on the groups PasteBin post: Romney’s 1040 tax returns were taken from the PWC office 8/25/2012 by gaining access to the third floor via a gentleman working on the 3rd floor of the building. Once on the 3rd floor, the team moved down the stairs to the 2nd floor and setup shop in an empty office room. During the night, suite 260 was entered, and all available 1040 tax forms for Romney were copied. A package was sent to the PWC on suite 260 with a flash drive containing a copy of the 1040 files, plus copies were sent to the Democratic office in the county and copies were sent to the GOP office in the county at the beginning of the week also containing flash drives with copies of Romney’s tax returns before 2010. A scanned signature image for Mitt Romney from the 1040 forms were scanned and included with the packages, taken from earlier 1040 tax forms gathered and stored on the flash drives. A recent PasteBin document from the group stated the following: “The keys to unlock the data will be purged and whatever is inside the documents will remain a secret forever.  Failure to do this before September 28, the entire world will be allowed to view the documents with a publicly released key to unlock everything. And the same time, the other interested parties will be allowed to compete with you.” From what I have read Mitt Romney is not concerned with the threat he says...
  • September 11, 2012

    Anonymous Hacker Takes Down GoDaddy

    Millions of websites hosted by GoDaddy went down today from 2pm EST to around 7pm EST due to a DNS service outage.   A hacker using the “Anonymous Own3r” Twitter account claimed credit for the outage. Three of GoDaddy’s DNS (Domain Name System) servers failed to resolve as a result of the attack.  The inaccessibility of GoDaddy’s DNS servers specifically CNS1.SECURESERVER.NET, CNS2.SECURESERVER.NET, and CNS3.SECURESERVER.NET are the cause of the outage.  For the vast majority of clients hosting with GoDaddy, the DNS issue wasn’t fixable because GoDaddy holds all the MX records for these sites, and users usually have to log into the GoDaddy site in order to switch DNS providers. Anonymous online activist collective who has boasted of causing the outage with a distributed denial-of-service (DDoS).   AnonymousOwn3r purportedly perpetrated the attack on his own saying, “the attack is not from Anonymous [collective], the attack it’s coming only from me”. Last year GoDaddy was pressured by Reddit activists following the transfer of tens of thousands of domain names from GoDaddy to other companies.  The company has been the center of a few other controversies.  The Wikimedia Foundation famously moved away from GoDaddy after the non-profit group protested months earlier in opposition of SOPA by blacking out its entire English-speaking website for 12 hours. However, despite speculation that this could be connected to the previous support for SOPA, AnonymousOwn3r said: “I’m not anti go daddy, you guys will understand because I did this attack. I’m taking godaddy down because well i’d like to test how the cyber security is safe and for more reasons that I cannot talk now,” the hacker said in another tweet. GoDaddy is back up and released a statement saying at no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised.  Making customers...
  • Despite a claim made by hacking group AntiSec, which said in a tweet that they compromised 12 million Apple iOS Unique Device IDs (UDIDs) and personal information from a FBI (Federal Bureau of Investigation) laptop. The original file contained 12 million IDs, including personal information, but they released only 1 million (leaving out the personal data) in an encrypted file published on pastebin.com. Things the file contained are: Unique Device Identifiers (UDID) User names Names Of Devices Types Of Devices Apple Push Notification Service Tokens ZIP Codes Cellphone Numbers Addresses The FBI is refuting a statement made by members of AntiSec this weekend that they hacked the laptop of an FBI special agent and stole a file containing 12 million Apple device IDs and associated personal information. The FBI has said there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data. The concern of most people is if the FBI did not collect this data. Then where did the cache of UDID’s come from? How were they collected? Who else had access to them? What other information does the anonymous source have?
  • Pirate Bay founder Gottfrid Svartholm Warg (online name Anakata) has been arrested in Cambodian. He was sentenced to one year in jail for his involvement in The Pirate Bay but has been missing for some time. Svartholm was wanted internationally but exact details as to why he was arrested have not yet been made public. According to stories he was arrested in an apartment above the Cadillac Bar on the riverfront, a place where he is known to have stayed in the past. The 27-year-old became wanted internationally after he failed to return to Sweden to serve his 12 month jail sentence earlier this year. Gottfrid should have returned to Sweden to begin serving his sentence January 2nd this year, but again he failed to appear. Svartholm Warg and the site’s three other founders were convicted in 2009 by a Swedish court of assisting copyright infringement by helping millions of the site’s users to illegally download music, movies and computer games. All were sentenced to one year in prison and ordered to pay $3.6 million to entertainment companies, including Warner Bros., Sony Music Entertainment, EMI and Columbia Pictures. The Pirate Bay doesn’t actually host any copyright-protected material itself. Instead, it provides a forum for users to download content through so-called torrent files. The technology allows users to transfer parts of a large file from several different users, increasing download speeds.
  •   Project HellFire by the hacktivist group GhostShell claims to have released one million account details from websites, in a project under the alias “Hellfire”. GhostShell a hacker group linked with the Activist group Anonymous is claiming that they have hacked some major U.S. institutions including major banking institutions, accounts of politicians and has posted those details online. The dumps comprising of millions of accounts has been let loose on the web by the hacking collective. The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies. Some of the hacked databases included over 30,000 records, although the actual figures were “hard to count and verify”. While “a lot of the data” does not appear to be sensitive, through CMS exploits GhostShell was able to steal a “very large portion” of the files, which noticeably included credit history reports.  Other information included usernames, passwords, email addresses and the real names of account holders. The group justifies its operation, Project HellFire, as a “final form of protest this summer against the banks, politicians and for all the fallen hackers this year”.
  • Can some one say conspiracy Wikileaks reports a government spy network using Trapwire to capture surveillance cameras in stores, casinos, and other businesses around the country. Apparently agents can use facial recognition software to analyze this footage for people of interest.  http://io9.com/5933966/wikileaks-reveals-trapwire-a-government-spy-network-that-uses-ordinary-surveillance-cameras Then mysteriously Wikileaks gets taken down for nine days do to DDoS Attack.  This has happened in the pas to wikileaks after major leaks but never this long.  A group called AntiLeaks claims responsibility behind the attack.  The DDoS attack is apparently their way of making sure that the group can’t release any more cables. http://www.webpronews.com/wikileaks-has-been-down-for-nine-days-following-massive-ddos-attack-2012-08
  • August 13, 2012

    OpenSSH Security

    OpenSSH is a free SSH/SecSH protocol suite providing encryption for network services like remote login or remote file transfer.  OpenSSh is an Open Source Project which provides a lot of features and since the software is open source that makes it free for everyone under Open Source Definition (OSD) Strong Encryption (3DES, Blowfish, AES, Arcfour) X11 Forwarding (encrypt X Window System traffic) Port Forwarding (encrypted channels for legacy protocols) Strong Authentication (Public Key, One-Time Password and Kerberos Authentication) Agent Forwarding (Single-Sign-On) Interoperability (Compliance with SSH 1.3, 1.5, and 2.0 protocol Standards) SFTP client and server support in both SSH1 and SSH2 protocols. Kerberos and AFS Ticket Passing Data Compression Strong Encryption OpenSSH supports 3DES, Blowfish, AES and arcfour as encryption algorithms. These are patent free. Triple DES is a time proven and well understood cipher that provides strong encryption. Blowfish is a fast block cipher invented by Bruce Schneier that can be used by people that require faster encryption. AES is the US Federal Information Processing Standard (FIPS) Advanced Encryption Standard developed as a replacement for DES. It is a fast block cipher. Arcfour is a fast stream cipher. It is believed to be compatible with RC4[TM], a proprietary cipher of RSA Security Inc. Encryption is started before authentication, and no passwords or other information is transmitted in the clear. Encryption is also used to protect against spoofed packets. X11 Forwarding X11 forwarding allows the encryption of remote X windows traffic, so that nobody can snoop on your remote xterms or insert malicious commands. The program automatically sets DISPLAY on the server machine, and forwards any X11 connections over the secure channel. Fake Xauthority information is automatically generated and forwarded to the remote machine; the local client automatically examines incoming X11 connections and replaces the fake authorization data with the real data (never telling the remote machine...