So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.
Privacy, Security Archive
The number of rogue SSL certificates issued by Dutch CA DigiNotar has balooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor project shared the full list of the rogue certificates, it became clear that fraudulent certificates for domains of a number of intelligence agencies from around the world were also issued during the CA's compromise - including the CIA, MI6 and Mossad. Additional targeted domains include Facebook, Yahoo!, Microsoft, Skype, Twitter, Tor, Wordpress and many others.
Linux, which is a very versatile operating environment, caters for an array of different needs of different users. One such specific usage of Linux is in the area of computer security and penetration testing. Among the digital forensic tools available for Linux, BackTrack is well known as an all-in-one platform that offers security professionals all the tools that they may need to carry out various security related tasks.
Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by experts. In the last decade, many researchers have tested the security of the AES algorithm, but no flaws were found so far. The new attack applies to all versions of AES even if it used with a single key. The attack shows that finding the key of AES is four times easier than previously believed; in other words, AES-128 is more like AES-126.
Hackers armed with a browser and specially crafted search queries are using botnets to generate more than 80,000 daily queries, identify potential attack targets and build an accurate picture of the resources within that server that are potentially exposed. By automating the query and result parsing, the attacker can carry out a large number of search queries, examine the returned results and get a filtered list of potentially exploitable sites in a very short time and with minimal effort. Because searches are conducted using botnets, and not the hacker's IP address, the attacker's identity remains concealed.
Aruba Networks, which provided and maintained the wireless network for last week's Black Hat USA 2011 conference, today provided some interesting statistics around the network's use. Apple devices were most prevalent at 43.3 percent of all devices (28.4 percent alone for iOS iPad and iPhone, with another 14.9 percent running OS X). Linux users composed 35 percent of the total, while Windows users represented 21.8 percent. While the majority of attendees used the Black Hat PSK network, almost 200 attendees utilized the PEAP/EAP-TLS "secured" network. Aruba captured a huge amount of security events, the most interesting of which were IP spoofing, AP spoofing, Power save DoS attacks and Block ACK attacks. Talk about a hostile environment.
A new Trojan horse app has emerged to target Android devices, and this one's particularly creepy. The app records a user's phone calls and then uploads them to a remote server. The app was revealed Tuesday by security researcher Dinesh Venkatesan on the Security Advisor Research Blog, published by CA Technologies, now known as Total Defense. While this particular Trojan doesn't appear to be a threat in the wild--at least not for North American users--it's a good reminder of the growing threat of mobile malware.
The cost of a data breach per year is on the rise, and a significant percentage of data loss is from stolen or lost company laptops. It’s time to act. Sandro Villinger describes how to determine if you’re doing enough to prevent such a disaster in your IT department by locking down or even remote wiping laptops, with details specific to most popular OSes.
ACROS Security has discovered a vulnerability in Sun Java, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading an executable file in an insecure manner when an out of memory condition occurs.
In an unexpected move for a security company, SecurEnvoy today said that cyber break-ins and advanced malware incidents, such as the recent DDoS attack by LulzSec, should actually be welcomed and their initiators applauded. The company's CTO Andy Kemshall said: "I firmly believe that the media attention LulzSec’s DDoS attack has recently received is deserving. It’s thanks to these guys, who’re exposing the blase attitudes of government and businesses without any personal financial gain, that will make a difference in the long term to the security being put in place to protect our own personal data!"
Well, after 50 days of causing amok on the web, the guys and/or girls behind LulzSec have called it quits last night. After hacking into the systems of various Arizona law enforcement agencies and releasing countless internal documents, they published a statement on Pastebin yesterday, dumping yet another boatload of data on The Pirate Bay, and announcing their disbanding.
Oh boy, what do we make of this? We haven't paid that much attention to the whole thing as of yet, but with a recent public statement on why they do what they do, I think it's about time to address this thing. Yes, Lulz Security, the hacking group (or whatever they are) that's been causing quite a bit of amok on the web lately.
RSA has finally admitted publicly that the March breach into its systems has resulted in the compromise of their SecurID two-factor authentication tokens. The admission comes in the wake of cyber intrusions into the networks of three US military contractors: Lockheed Martin, L-3 Communications and Northrop Grumman - one of them confirmed by the company, others hinted at by internal warnings and unusual domain name and password reset process.
"The hacker group LulzSec on Thursday posted information it took from Sony Entertainment and Sony BMG on its site, called the LulzBoat. The information includes about a million usernames and passwords of customers in the U.S., Netherlands and Belgium and is available for download and posted on the group's site. A release posted on LulzSec's page said the group has more, but can't copy all of the information it stole. The group also said none of the information it took from Sony was encrypted."
FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the Wi-Fi that your mobile is connected to. It is possible to hijack sessions only when Wi-Fi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). It's kind of like Firesheep for Android and it works on WPA2.
"A little over two weeks have passed since the appearance of MAC Defender, the fake AV solution targeting Mac users. And seeing that the approach had considerable success, it can hardly come as a surprise that attackers chose to replicate it. This time, the name of the rogue AV is Mac Protector, and the downloaded Trojan contains two additional packages. As with MAC Defender, the application requires root privileges to get installed, so the user is asked to enter the password."
Sony just restarted its Playstation Network, after the massive security fail dismissed as a 'hiccup' by Sony CEO Howard Stringer. Well, the PSN has barely been up two days, and a massive security oversight has already been discovered. Yes, Sony just got Sony'd. Again. Unbelievable.
Microsoft published volume 10 of the its Security Intelligence Report which provides perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches in both Microsoft and third party software. Microsoft found out that vulnerabilities in applications versus operating systems or web browsers continued to account for a large majority of all vulnerabilities in 2010, although the total number of application vulnerabilities declined 22.2 percent from 2009. The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010 and surpassed every other exploitation category that the MMPC tracks, including generic HTML/scripting exploits, operating system exploits, and document exploits.
"Nikkei.com on Monday reported that an online Sony gaming network has once again fallen victim to a cyberattack. This time, the attack may have exposed the credit card numbers of thousands of Sony customers from around the world. According to the report, over 12,700 customer credit card numbers were stolen during a breach of Sony’s online gaming network, Sony Online Entertainment. According to Nikkei.com, Sony discovered the possible attack on Sunday."
If you download and use what appears to be a version of the commercial "Walk and Text" Android app from a file sharing site, you're in for a surprise. When you run it, it shows you that it's being "cracked" but it's really gathering information from your device, in preparation for an e-smackdown. It sends a bunch of personal information (name, phone number, IMEI) off to a server, and, just for lulz, text messages everyone on your contact list: