A new piece of software cleverly titled Sneakey makes it possible to copy keys using nothing more than a photograph, even if that photograph was taken from far away, according to Peter Murray at Singularity Hub.
In one demonstration, the software helped create working keys using a picture taken with a cell phone camera and a picture taken with a telephoto lens over 200 feet away.
Thursday, June 30, 2011
Wednesday, June 29, 2011
The Navy Bought Fake Trojanized Chinese Microchips
The Navy Bought Fake Trojanized Chinese Microchips. They weren't only low-quality fakes, they had been made with a "back-door" and could have been remotely shut down at any time. If left undiscovered the result could have rendered useless U.S. missiles and killed the signal from aircraft that tells everyone whether it's friend or foe.
The problem remains with these "trojan-horse" circuits that can be built into the chip and are almost impossible to detect -- especially without the original plans to compare them to.
The Intelligence Advanced Research Projects Agency (IARPA) is now looking for ways to check the chips to make sure they haven't been hacked in the production process.
The problem remains with these "trojan-horse" circuits that can be built into the chip and are almost impossible to detect -- especially without the original plans to compare them to.
The Intelligence Advanced Research Projects Agency (IARPA) is now looking for ways to check the chips to make sure they haven't been hacked in the production process.
Is One of the LulzSec Members a Staffer at Facebook?
According to this pastbin page, one of the LulzSec members is a Facebook staffer.
From the article:
57. Name: Sean Lynch
58. Occupation: Software Engineer at Facebook
The text that follows describes a chat session that ends up exposing the probable identity of group member Joepie91. Oops.
A few other members are identified as well. I keep mentioning to colleagues how hacking has become a sport. I think articles like these, both for and against LulzSec and Anonymous, prove it quite well.
From the article:
57. Name: Sean Lynch
58. Occupation: Software Engineer at Facebook
The text that follows describes a chat session that ends up exposing the probable identity of group member Joepie91. Oops.
A few other members are identified as well. I keep mentioning to colleagues how hacking has become a sport. I think articles like these, both for and against LulzSec and Anonymous, prove it quite well.
Tuesday, June 28, 2011
Old Style MBR Viruses are Back
Microsoft is telling Windows users that they'll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine's boot sector.
A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center (MMPC), said last week on the group's blog.
If this reminds you of the 80's, it should. At least back then you could boot to your DOS rescue disk and type FDISK /MBR to get rid of boot sector viruses. Now that there is too much money to be made off of viruses, I'm sure this command no longer works.
A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center (MMPC), said last week on the group's blog.
If this reminds you of the 80's, it should. At least back then you could boot to your DOS rescue disk and type FDISK /MBR to get rid of boot sector viruses. Now that there is too much money to be made off of viruses, I'm sure this command no longer works.
DMCA Takedown
Today we had to send out a DMCA Takedown Notice to a site that has stolen from me and my consulting firm twice in the past. Now we're in for round 3. We aren't sure what kind of nonsense game these charlatans are playing, but this time we decided an immediate takedown at the ISP level was required.
It is impossible to tell how much damage The Management Group have caused their unwitting customers. Even more pathetically, they appear to sell their lies to the US Government. I wonder if there are laws against that.
By openly stealing my content and making false claims about the origin of my published work, these guys do a disservice to all in the Information Security industry, and especially to their customers and partner organizations.
---- letter body follows ----
I am the sole copyright owner of the text content and IP rights being infringed at:
http://www.mgt-gp.com/articles/view/information-security-servicecapabilities
https://www.gsaadvantage.gov/ref_text/GS35F0658N/GS35F0658N_online.htm
The owner of these sites has been asked to remove this content twice in the past. After first claiming that he indeed is the writer of the Offensive Operations Model (A claim falsely repeated throughout the above named websites), the owner said he would remove the content and the fraudulent claims that he is the developer of the model. The Offensive Operations Model is a model I wrote in 1998 and was published by the IEEE in 2004, and is available online from many sites who do properly credit me as the author and developer. The owner of these above referenced sites has no right to abuse my copyrights in this manner. The entirety of text content on these pages was written by myself years before they appeared on these websites. After several phone calls from myself to the owner of these pages, the text disappeared only for a short time, and has at some point resurfaced with nothing more than a cosmetic makeover. This is now my THIRD time approaching these people about the offending content. I am willing to provide absolute proof via the WAYBACK MACHINE on archive.org which demonstrates clearly that the entirety of the text content of these pages was written by myself years before they began appearing on these 2 sites in question. Comparing this way shows the exact month and year that this person began stealing my work. The Offensive Operations Model that this person claims he wrote, is available from the IEEE website, and of course is listed with my name as the author.
Here is a link to an article I wrote about this thievery back in 2006. You will notice the mgt-gp site is specifically referenced. The link I proviced no longer works since the owner did change the URLs after I phoned him repeatedly.
http://penetrationtestdotcom.blogspot.com/2006_10_01_archive.html
Please note: At the time I initially caught this person stealing my content, there were 7 other sites infringing my content in the same manner. All sites removed the content without question, save for the owner of these two sites listed above. He is not only cheating me by claiming copyright to the Offensive Operations Model. He also cheats his customers since in our phone conversation in 2006 it was clear he didn't even know really what the Offensive Operations Model was.
This letter is official notification under the provisions of Section 512(c) of the Digital Millennium Copyright Act (“DMCA”) to effect removal of the above-reported infringements. I request that you immediately issue a cancellation message as specified in RFC 1036 for the specified postings and prevent the infringer, who is identified by its Web address, from posting the infringing text and references to the Offensive Operations Model to your servers in the future. Please be advised that law requires you, as a service provider, to “expeditiously remove or disable access to” the infringing content upon receiving this notice. Noncompliance may result in a loss of immunity for liability under the DMCA.
I have a good faith belief that use of the material in the manner complained of here is not authorized by me, the copyright holder, or the law. The information provided here is accurate to the best of my knowledge. I swear under penalty of perjury that I am the copyright holder.
Please send me at the address noted below a prompt response indicating the actions you have taken to resolve this matter. If this DMCA Takedown Notice needs to be sent to any other parties, please let me know who they are.
-----
DMCA takedown template written by attorney Carolyn E. Wright.
It is impossible to tell how much damage The Management Group have caused their unwitting customers. Even more pathetically, they appear to sell their lies to the US Government. I wonder if there are laws against that.
By openly stealing my content and making false claims about the origin of my published work, these guys do a disservice to all in the Information Security industry, and especially to their customers and partner organizations.
---- letter body follows ----
I am the sole copyright owner of the text content and IP rights being infringed at:
http://www.mgt-gp.com/articles/view/information-security-servicecapabilities
https://www.gsaadvantage.gov/ref_text/GS35F0658N/GS35F0658N_online.htm
The owner of these sites has been asked to remove this content twice in the past. After first claiming that he indeed is the writer of the Offensive Operations Model (A claim falsely repeated throughout the above named websites), the owner said he would remove the content and the fraudulent claims that he is the developer of the model. The Offensive Operations Model is a model I wrote in 1998 and was published by the IEEE in 2004, and is available online from many sites who do properly credit me as the author and developer. The owner of these above referenced sites has no right to abuse my copyrights in this manner. The entirety of text content on these pages was written by myself years before they appeared on these websites. After several phone calls from myself to the owner of these pages, the text disappeared only for a short time, and has at some point resurfaced with nothing more than a cosmetic makeover. This is now my THIRD time approaching these people about the offending content. I am willing to provide absolute proof via the WAYBACK MACHINE on archive.org which demonstrates clearly that the entirety of the text content of these pages was written by myself years before they began appearing on these 2 sites in question. Comparing this way shows the exact month and year that this person began stealing my work. The Offensive Operations Model that this person claims he wrote, is available from the IEEE website, and of course is listed with my name as the author.
Here is a link to an article I wrote about this thievery back in 2006. You will notice the mgt-gp site is specifically referenced. The link I proviced no longer works since the owner did change the URLs after I phoned him repeatedly.
http://penetrationtestdotcom.blogspot.com/2006_10_01_archive.html
Please note: At the time I initially caught this person stealing my content, there were 7 other sites infringing my content in the same manner. All sites removed the content without question, save for the owner of these two sites listed above. He is not only cheating me by claiming copyright to the Offensive Operations Model. He also cheats his customers since in our phone conversation in 2006 it was clear he didn't even know really what the Offensive Operations Model was.
This letter is official notification under the provisions of Section 512(c) of the Digital Millennium Copyright Act (“DMCA”) to effect removal of the above-reported infringements. I request that you immediately issue a cancellation message as specified in RFC 1036 for the specified postings and prevent the infringer, who is identified by its Web address, from posting the infringing text and references to the Offensive Operations Model to your servers in the future. Please be advised that law requires you, as a service provider, to “expeditiously remove or disable access to” the infringing content upon receiving this notice. Noncompliance may result in a loss of immunity for liability under the DMCA.
I have a good faith belief that use of the material in the manner complained of here is not authorized by me, the copyright holder, or the law. The information provided here is accurate to the best of my knowledge. I swear under penalty of perjury that I am the copyright holder.
Please send me at the address noted below a prompt response indicating the actions you have taken to resolve this matter. If this DMCA Takedown Notice needs to be sent to any other parties, please let me know who they are.
-----
DMCA takedown template written by attorney Carolyn E. Wright.
Tuesday, June 21, 2011
Amazon's cloud is full of holes
Thomas Schneider, a postdoctoral researcher in the System Security Lab of Technische Universität Darmstadt, said on Monday that Amazon's Web Services is so easy to use that a lot of people create virtual machines without following the security guidelines.
In what they termed was the most critical discovery, the researchers found that the private keys used to authenticate with services such as the Elastic Compute Cloud (EC2) or the Simple Storage Service (S3) were publicly published in Amazon Machine Images (AMIs), which are pre-configured operating systems and application software used to create virtual machines.
But the consequences could be expensive: With those keys, an interloper could start up services on EC2 or S3 using the customer's keys and create "virtual infrastructure worth several thousands of dollars per day at the expense of the key holder," according to the researchers.
In what they termed was the most critical discovery, the researchers found that the private keys used to authenticate with services such as the Elastic Compute Cloud (EC2) or the Simple Storage Service (S3) were publicly published in Amazon Machine Images (AMIs), which are pre-configured operating systems and application software used to create virtual machines.
But the consequences could be expensive: With those keys, an interloper could start up services on EC2 or S3 using the customer's keys and create "virtual infrastructure worth several thousands of dollars per day at the expense of the key holder," according to the researchers.
Anonymous steals 10,000 Iranian government emails, plans DDoS attack
After hacking into the Iranian Government email sites and procuring 10,000 official's email addresses and their associated emails, Anonymous is planning a full day of DDoS attacks to mark the election day anniversary.
'LulzSec suspect' arrested by New Scotland Yard
New Scotland Yard has confirmed that it has arrested a 19-year old suspected hacker in Essex, UK, in connection with a series of hacks and denial-of-service attacks against a number of organisations.
It is being widely speculated that the arrest is in connection with the high-profile attacks by the LulzSec hacking group, which has claimed amongst its victims Sony, the CIA, the FBI, and the Serious Organised Crime Agency (SOCA).
It is being widely speculated that the arrest is in connection with the high-profile attacks by the LulzSec hacking group, which has claimed amongst its victims Sony, the CIA, the FBI, and the Serious Organised Crime Agency (SOCA).
Monday, June 20, 2011
Japan Criminalizes Creation, Acquisition or Storage of Computer Viruses
A new law in Japan makes creation or distribution of a computer virus without reasonable cause punishable by up to three years in prison, and acquisition or storage of a virus punishable by up to two years.
I am not sure how stringent their definition of "reasonable cause" is in this case, but it sounds like a good start.
I am not sure how stringent their definition of "reasonable cause" is in this case, but it sounds like a good start.
Sunday, June 19, 2011
Quantum Cryptography Not All It's CRACKED Up To Be.
This story is an easy-to-read easy-to-understand description of a flaw in quantum cryptography that allows an observer to determine the quantum key. Until now, this was theoretically impossible. If my 20 years in information security has taught me one thing, it is that hackers love impossibilities.
Saturday, June 18, 2011
The Amazing Orgasm Facebook scam
Sophos details the latest Facebook social engineering attack. A link purporting to be a woman having an exceptionally enthusiastic orgasm turns out to be a series of survey questions that once completed, makes money someone apparently in Finland. You'll never get to see the video. The survey questions are of the same ilk you find in connection with fake torrents.
Cleverly, the Age Verification prompt asks if you are above the age of 18 with the word "Jaa" written on the button. While Jaa appears to mean "Yes", it is actually Finnish for "Share". The trouble begins right about there.
Cleverly, the Age Verification prompt asks if you are above the age of 18 with the word "Jaa" written on the button. While Jaa appears to mean "Yes", it is actually Finnish for "Share". The trouble begins right about there.
PC World Confuses LulzSec with Batman
Why on earth is PC World thanking LulzSec? This article is far too similar to subplots in the Batman or Spiderman movies. Talk about mixed messages... PC World has lost any credibility they may have once had.
Read this article for a more appropriate response to LulzSec's behavior.
Read this article for a more appropriate response to LulzSec's behavior.
Con artists pose as security companies in growing scam
Criminals posing as computer security engineers are having success in calling victims at home and stealing their money, according to a survey issued Thursday by Microsoft. Fifteen percent of 7,000 computer users polled in the United States, Canada, U.K. and Ireland said they have been been contacted by a phone scammer, and 22 percent of those were tricked into following the fraudsters' directions, which included giving them remote access to a computer or providing credit card information. Seventy-nine percent of those suffered a financial loss as a result. Victims were out an average $875 in the United States, the survey found.
Thursday, June 2, 2011
Hackers stole secret Canadian government data
Hackers who attacked two of Canada's federal departments stole classified information before being discovered last January.
Hackers sent malicious emails to staff that appeared to be coming from senior managers. When staff opened the attachments, hackers found a path into the federal network, providing access to classified information.
The linked article contains a chronology of the attack.
Hackers sent malicious emails to staff that appeared to be coming from senior managers. When staff opened the attachments, hackers found a path into the federal network, providing access to classified information.
The linked article contains a chronology of the attack.
Subscribe to:
Posts (Atom)