California Lawmakers push to ban the sale of encrypted smartphones
Published in News

You would think that in 2016 the people in power would either understand technology, or would have been replaced by someone that does. Sadly, this is not the case in… well just about every place there is an elected official. Over the past few years we have seen some very stupid bit of technical legislation come over the wire. Everything from kill switches in smartphones to backdoors in software and encryption standards. All of the legislation proposed read like they were written by someone that has no clue about technology, but might watch a lot of TV… and bad TV at that.

Open Access to the GPU. Is this an open invitation to Malware?
Published in News

The average GPU is a pretty powerful computational device. The highly parallel design and efficient memory structure means that you can execute operations at a rate that puts most CPUs to shame. With the advent of Cuda and OpenCL the door was opened for developers to push workloads to the GPU and get back some pretty nice returns. Microsoft and many others joined in and began making access to the GPU simpler starting with DirectX 10.

The cloud, IoT, vendors and security: things that do not go together.
Published in Editorials

This is not the first time that I have spoken out about cloud computing (internet based, or the Internet of Things and the way they are impacting the ability to secure a network. It is also not going to be the last. Simply put, the concept that everything needs to be controlled by a computer and talk back to some sort of internet based cloud show a level of ignorance that should not still be out there. Sadly it is and companies are still trying to push the cloud and connected device mentality despite the inherent and known security flaws that exist.

Hackers using unencrypted satellite communication to hide C&C servers
Published in News

Security and malware research company, Kaspersky has recently released a paper describing what they say is the “ultimate level of anonymity” used by any malicious hacking group. In their report they describe a new attack by the group Ouroboros as “exquisite”. This is the same group that was linked to the Turla malware last year so we are not talking about amateurs or script kiddies. The attack uses commercial satellites’ unencrypted communication channels to send and receive traffic to their C&C servers.

Last year at Black Hat USA 2014 we met up with a company that was looking to make some changes in the way we protect our data, Ionic Security. The concept was very simple, but the implementation was sure to be complex. I was not sure that what they wanted to accomplish could even happen. However, after a conversation with them I became more than interested. It was a simple concept, but it did not need to be overly complex. To make things even more interesting this was not a truly new idea, but it was one that had never been implemented for real data security.

In addition to seeing more than a few products and ideas during Black Hat and DEF CON we also had the chance to see something really cool from the team at Trustwave. This was not a product, but a chance to see the back end of the command and control servers for a new and improved version of the RIG exploit kit. To say that what they showed was impressive is an understatement.

The one common thing that I keep hearing everyone talk about at Black Hat and even DEF CON is how to protect your data. It is pretty much a given that if someone wants to get into your network they are going to get in. The number of flaws, vulnerabilities and compromises that are out there are simply too many to protect against. So there needs to be some other method to make sure that any sensitive data that you have is keep out of the hands of the “bad guys”. There are many suggestions about this, but most of them still try to do the same things stop the barbarians at the gate.

Last year during DEF CON 22 we saw a demonstration of a UEFI root kit that was extremely worrying. This root kit was installed using a multipart systems to infect the UEFI BIOS in such a way as to grant the same level of access to an attacker as the CPU has (Ring 0). It was an almost unprecedented style of attack. When we reported on this many seemed to feel that it was not an issue. Now researchers are finding evidence of this same type of attack in the data lifted from the Hacking Team.

Although it will not come as a surprise, there seems to be yet another bug in Adobe’s flash player that allows for an attacker to potentially take control of a system by forcing a crash of the application. According to TrendMicro, CVE 2015-5123 is a critical bug in the latest version of Flash player for Linux, Windows, and OSX operating systems. Adobe has already released a customer advisory stating they are already aware of this flaw being exploited in the wild.

Hacking Team's Spyware source code released to the wild after Hack
Published in News

The Italian Security firm Hacking Team is now admitting that their spying software is potentially in the hands of bad guys. After a hack that saw roughly 400GB of company information liberated from their systems they have been monitoring what is being released online. They have now concluded that there is sufficient source code for their monitoring applications to allow someone to mount the same style surveillance that they were providing to their clients.