6/30/2011

Hackers steal personal data of military, gov personnel

Filed under: — Aviran Mordo

Hackers breached the security of a defense industry news website and stole sensitive subscriber information that could be used in attacks targeting the US military and its contractors.

Gannet Co., publisher of DefenseNews, disclosed the bad news in an advisory published Monday. Data exposed included subscribers’ first and last names, usernames, passwords, email addresses, and in many cases military duty status, paygrade, and branch of service.

6/24/2011

Hackers break into Arizona police computers

Filed under: — Aviran Mordo

Computer hackers who previously broke into a U.S. Senate server and brought down the CIA web site struck an Arizona police web site on Thursday, releasing dozens of internal documents over the Internet.

Lulz Security, saying it opposed a tough anti-immigration law in Arizona, said it was releasing documents that related to border control and other law enforcement activities. Its headline was “Chinga La Migra,” Spanish for a more profane way of saying “Screw the Immigration Service.”

It released about a half a gigabyte of data, including account names, passwords and contact information for several people. Reuters was able to reach two of them to establish that they were accurate.

A scan of the dozens of files released revealed what appeared to be security bulletins from other law enforcement agencies, internal planning documents and even routine reports on traffic incidents.

6/3/2011

Google Says Hundreds Of Gmail Accounts Hijacked

Filed under: — Aviran Mordo

Google has detected a campaign to gather Gmail account credentials that appears to originate from Jinan, China, and is warning users to take a few minutes to review their security settings.

Eric Grosse, engineering director for Google’s security team, said in a blog post that hundreds of users have been affected, including senor U.S. government officials, Chinese political activists, officials in several Asian countries such as South Korea, military personnel, and journalists.

“The goal of this effort seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings,” Grosse said.

By changing these settings, which are only evident through the appropriate Gmail Settings tab page, the attackers could generate copies of incoming and outgoing email that would be forwarded without the account holder’s knowledge.

5/29/2011

March RSA Hack Hits Lockheed, Remote Systems Breached

Filed under: — Aviran Mordo

A March attack on RSA’s SecurID authentication service has possibly claimed its first big victim: Lockheed Martin.

According to a source speaking to Reuters, unknown hackers have broken into Lockheed Martin’s security systems by using duplicate SecurID tokens to spoof legitimate authentications into the network. These SecurID tokens are analogous to Blizzard’s World of Warcraft Authenticators: Tiny little keyfobs that display an ever-changing code one must enter to log into a protected service.

Lockheed hasn’t issued comment on alleged breach itself, leading only to speculation as to what data, if any, those breaching the company’s network were able to acquire. But the plunder could be vast: Lockheed is the nation’s largest military contractor, and it undoubtedly has treasure troves of data about existing and future weapons systems as well as information related to the various cybersecurity services the company provides.

5/27/2011

Researchers crack Microsoft, eBay, Yahoo, Digg audio captchas

Filed under: — Aviran Mordo

Researchers have figured out how to to crack captchas, making it possible to launch automated attacks against sites such as Microsoft, eBay and Digg where opening phony accounts could be turned into cash.

Software written by researchers at Stanford University and Tulane University can interpret human speech well enough to crack audio captchas between 1.5% and 89% of the time - often enough to make sites that use them vulnerable to setting up false user accounts, the researchers say.

3/10/2011

pwn2own day one: Safari, IE8 fall, Chrome unchallenged

Filed under: — Aviran Mordo

Fully patched versions of Safari and Internet Explorer 8 were both successfully hacked today at pwn2own, the annual hacking competition held as part of the CanSecWest security conference. If a researcher can pwn the browser—that is, make it run arbitrary code—then they get to own the hardware the browser runs on. This year, not only did they have to run arbitrary code, they also had to escape any sandboxes—restricted environments with reduced access to data and the operating system—that are imposed.

3/7/2011

Google using remote kill switch to swat Android malware apps

Filed under: — Aviran Mordo

Google removed a number of malicious applications from the Android Market last week. The programs exploited a vulnerability in the platform that allows attackers to gain root access and apparently create a backdoor for deploying further malware. In a statement posted on the official Google Mobile blog this weekend by Android security lead Rich Cannings, the company has clarified the situation and described the steps it is taking to address the problem.

In addition to preventing further infection by removing the malicious applications from the Android Market, Google will also be using its remote kill switch to forcibly uninstall the application from infected handsets. The company is also pushing out an update to the Android Market that can reverse the exploit, thus preventing the attackers from using it to cause further damage. Google has already started to send out e-mails to affected users in order to explain the situation.

2/22/2011

Government Tries to Keep Secret What Many Consider a Fraud

Filed under: — Aviran Mordo

For eight years, government officials turned to Dennis Montgomery, a California computer programmer, for eye-popping technology that he said could catch terrorists. Now, federal officials want nothing to do with him and are going to extraordinary lengths to ensure that his dealings with Washington stay secret.

The Justice Department, which in the last few months has gotten protective orders from two federal judges keeping details of the technology out of court, says it is guarding state secrets that would threaten national security if disclosed. But others involved in the case say that what the government is trying to avoid is public embarrassment over evidence that Mr. Montgomery bamboozled federal officials.

1/19/2011

Facebook thinks twice on giving dev access to phone, address data

Filed under: — Aviran Mordo

Facebook has put off its plan to allow developers access to users’ phone numbers and home addresses. The company posted an update on its Developer Blog Tuesday morning, saying that it got “useful feedback” about the decision and that it would be making changes so that it’s clearer when users are about to share such sensitive info. As a result, the “feature” is being turned off until a better solution is found.

Privacy advocates got up in arms after the company announced that developers would be able to access a whole new level of personal info through its API, as long as the users gave them permission. Security firm Sophos issued a solemn warning on its blog about the move; the firm pointed out that Facebook app developers already manage to trick users into giving them access to personal data, and the situation will only get worse with real addresses and phone numbers in the mix.

Less-than-honest developers could use the data to spam users via SMS or sell their info to marketers, and could even expose them to theft or physical attacks. And even though Facebook would likely pull access to any apps that break the rules, that usually happens after the fact

1/9/2011

Google Bangladesh Site “OwN3D by TiGER-M@TE”

Filed under: — Aviran Mordo

Techcrunch just got an anonymous tip that Google’s been ‘hacked’ – sure enough, visitors of the company’s Bangladesh search site (Google.com.bd) see a defaced landing page rather than the usual search site. As far as I can tell, www.google.com.bd functions properly, so whether this really constitutes a ‘hack’ is up for debate.

Local Bangladesh media, including online newspaper bdnews24.com, reported on the news as well, quoting a CTO of a local ISP, who confirmed the hack.

12/20/2010

‘Big App’ is watching you, with iPhone worse offender than Android

Filed under: — Aviran

Your smartphone may be secretly transmitting to “outsiders,” such as ad networks, your name, your location, your age, your gender, your phone number, your unique device number and other personal data without your knowledge or consent.

As part of a series of articles on privacy, Scott Thurm and Yukari Iwatani Kane reported in the Wall Street Journal that smartphones “don’t keep secrets. They are sharing this personal data widely and regularly.”

The reporters, reviving the spyware controversy in the new era of apps, examined 101 apps and found that 56 of them transmitted the smartphone’s unique device ID and 47 apps transmitted the phone’s location.

Daniel Eran Dilger said in Apple Insider: “The findings might be news to some smartphone users, who are rarely presented with simple, straightforward information about individual apps’ privacy policy.”

The limited survey—where Apple offers hundreds of thousands of apps for the iPhone—found: “iPhone apps transmitted more data than the apps on phones using Google Inc.’s Android operating system.”

12/9/2010

Microsoft Develops JavaScript Malware Detection Tool

Filed under: — Aviran Mordo

As browser-based exploits and specifically JavaScript malware have shouldered their way to the top of the list of threats, browser vendors have been scrambling to find effective defenses to protect users. Few have been forthcoming, but Microsoft Research has developed a new tool called Zozzle that can be deployed in the browser and can detect JavaScript-based malware at a very high effectiveness rate.

Zozzle is designed to perform static analysis of JavaScript code on a given site and quickly determine whether the code is malicious and includes an exploit. In order to be effective, the tool must be trained to recognize the elements that are common to malicious JavaScript, and the researchers behind it stress that it works best on de-obfuscated code.

Powered by WordPress