Displaying items by tag: Hacking

Hey remember the group that launched the DDoS attack on Steam? Well they are back and have decided to make a little bit bigger of a statement than just throwing packets at a group of servers. This time they appear to have managed to grab a large number of user information from companies like Blizzard, Ubisoft and many others. They have taken this information and (unsurprisingly) dumped it to paste bin. If you do not know who we are talking about it is the DerpTrolling “hacker” group and they have been on a mission to shame just about every game publishing/distribution company on the planet.

The world lives in fear of zero-day exploits although the average person does not even know it. A zero-day exploit is a bug or a flaw that has not been discovered by the developers yet, but is known to someone outside. This can be good guys, bad guys or other, but it is still a flaw that can be used to do harm to a computer system and no one has a patch for it yet. When the good guys (security researchers) know about them they work with companies to patch them. When the bad guys know about these things get very ugly indeed. But what happens if someone knows about one (or a bunch of them) and does not tell anyone at all?

Just when you thought it was safe to get back on the internet privately. Although we have maintained that TOR has never been the end-all of anonymity we are surprised to finally see public conformation of techniques that have been around for years. In a report that discusses the use of flow records for detecting users on proxy networks we find that the tools to track you through TOR and many other networks have been right there all along.

Encryption is an interesting thing. On the surface it offers protection from prying eyes and sense of security in protecting your communication and files. At least that is what you should feel when talking about encryption. The problem is that encryption is only as secure as the protocol and API that is in use. Even if you have a rock solid certificate the protocol and APIs that you use to connect can be compromised to by-pass this. This is what has happened to almost every major SSL/TLS stack. So far in 2014 we have watched them fall one at a time to the dismay of security experts.

The targeting of travelers is something that is a very old idea. To the would-be attacker you are getting a target that is not familiar with their surroundings and (in many cases) has a lot of money on them. In the “old days” the target was the cash they brought with them. This quickly changed to a number of scams to get access to their credit card numbers and the cash that they protected. Still the idea was to go after the traveler because they were easy targets when they were out and about.

It would seem that even the next generation of “secure” payment systems are showing up with flaws before they really hit the streets. According to security researchers there is a flaw in the next generation of electronic payments dubbed chip-n-PIN. This new technology has been hailed as the more secure means of using your cash without all the worry of swipe fraud or other hassles of using the more traditional magnetic cards. However, as with far too man y technologies these days, someone missed a rather big loophole for the bad guys to exploit

When you hear people talking about anonymity on the internet it most people will think privacy. When companies hear anonymity on the internet they think piracy, crime, hacking and lost revenue. This is probably the biggest disconnect in the internet age, companies want to monetize your personal information. This is big money and (as we have said more than once) is a commodity that they have been trying to legalize for more than a decade.

If you are in the information security field then the latest “news” that Cisco fixed a flaw in a protocol that should not be used will probably give you a chuckle. I am talking about Telnet which is not exactly what you would call a secure means of communicating with any device. In most cases Telnet is one of those options that you turn off right out of the box. Still it is nice to know that Cisco is patching it.

There appear to be developments in the way that Shellshock is used to push malware around. According to new information the Bash Bug is now being used to send malware out through the use of compromised SMTP gateways. The clever attackers are trying to use altered headers (from, to, subject) to force the SMTP gateway to pull down additional code that contains the Shellshock attack.

When you are a sysadmin there is nothing like waking up to not one, but two troubling bits of news. The first one centers on a new and fun Zero-Day vulnerability that affects just about every version of windows that Microsoft still supports. Dubbed Sandworm by iSight, the security firm that discovered it this bug exploits yet another flawed internal mechanism in Microsoft’s OS.