Displaying items by tag: Hacking

The Italian Security firm Hacking Team is now admitting that their spying software is potentially in the hands of bad guys. After a hack that saw roughly 400GB of company information liberated from their systems they have been monitoring what is being released online. They have now concluded that there is sufficient source code for their monitoring applications to allow someone to mount the same style surveillance that they were providing to their clients.

Irony is one of those things that is not appreciated by security guys. They do not find humor in it nor do they enjoy it when someone points an ironic situation involving them out. This has to be the case for the privacy company LifeLock. A pair of security researchers (Eric Taylor and Blake Welsh) have found an interesting feature in LifeLock’s web site. The flaw allows for a cross-site scripting attack to be used to do a fair amount of damage including injecting malware.

Cisco has acknowledged (and released patches for) a fairly serious security bug in three of their virtual appliances that, oddly enough, are related to security. The three products in question are the Cisco Web Security Virtual Appliance, the Email Security Virtual Appliance and the Security Management Virtual Appliance. These three devices all share a default preinstalled SSH encryption key. This meddlesome little fact means that it is very simple to get into an SSH session because you can grab the key off of another copy of the product. We are pretty sure that the default keys are already floating around on the internet somewhere as well.

There is nothing worse than thinking you are protecting your internet travels when in reality you are participating in a giant botnet. That appears to be the case that is happening with VPN provider Hola. According to security researchers the use of the service still leaves you at risk of being tracked regardless of what you do and leaves you at even greater risk than just tracking.

Want to play a trick on your iPhone owning friends? Well we have a good one for you. According to Reddit there is a sequence of symbols and Arabic characters that will cause an iPhone to crash and reboot. Oh the joy you will have playing this game over and over with your friends. To add even more to the fun the original text that caused the issue will still be in the messenger app. That means if you open it up… your phone reboots again.

On March 2 2015 CVE-2015-1187 was released. This alert indicated that a simple cross-site request forgery allowed someone (the “bad” guys) to hijack DNS settings on a wide range of routers. By doing this they were able to point people to their own DNS server and in turn direct them to malicious sites. These sites could be anything they wanted them to be from phishing sites to sites with malware intended to compromise the target system. The exploit is a pretty smart one especially when you take into account the fact that the bad guys do not need to remotely manage the target router to get this going.

Over the weekend there was a lot of talk about how Windows in particular is vulnerable to a flaw that is linked to SMB. This flaw could allow someone to grab user information by forcing a redirect to a malicious server using the SMB protocol. The way it works is pretty simple; if you give someone a URL that begins with the work “file” then Windows (and some other systems) will think that you want to use SMB to connect to a file share. If the server that the link (URL) points to uses even basic authentication then you can try and tempt a user to put in their own credentials and grab them during the exchange.

The Point of Sale (PoS) station is probably one of the most targeted devices in recent years. There are multiple reasons for this: older operating systems, the need to POS users to have admin rights, generic logons for the “windows” accounts, and more. Most PoS softare is very resistant to attempts to properly secure it including getting all sorts of bent out of shape when you try to apply restrictive security policies to them. I have even seen them stop working because the removable drive mount option is removed from USB ports using a group policy object.

Back in August of 2014 while covering DEFCON 22 we sat in on a talk about how insecure the UEFI BIOS was and how it could potentially grant a malicious person ring zero access to your system. The talk was given by Corey Kallenberg and Xeno Kovah and they showed just how easy it would be to plant non-removable malware into the UEFI BIOS as well as how easy it would be to kill the BIOS remotely by affecting only two lines of code in the BIOS.

Gasp! There has been another published attack on the TOR Project. This time the attack and compromise technique comes from the gang at Princeton. The Princeton team claims that their new methods are around 95% successful and only require traffic in one direction. The information that they have presented is interesting and certainly could be used to grab information from users of the anonymous service, but it is not really new and not surprising to hear about.