Two young hackers have been arrested in the Netherlands and Australia in a multinational operation prompted by tips from a South Korean student, police said Thursday.
View full post on Security News Headlines – Yahoo! News
View full post on National Cyber Security
Individuals convicted of a wide range of hacking offences in the EU will face a minimum of 2 years in prison anywhere in the 27-nation bloc under new proposals accepted by an influential European Parliament committee.
View full post on hacking tools – Yahoo! News Search Results
View full post on National Cyber Security
Darren Kitchen, 29, founder of Hak5 and creator of the WiFi Pineapple Mark IV honeypot.
(Credit:
Declan McCullagh/CNET)
AUSTIN, Texas–Some funny things were happening at the South by Southwest conference here today. My virtual private network connection kept getting disabled, and even stranger, on a friend’s laptop a window popped up showing an animated cartoon cat flying through the air with a rainbow in its wake.
The image, known as Nyan Cat after a popular 2011 Internet meme, immediately alarmed me because it was used by the hacker group LulzSec on at least one occasion. I joked about being hacked, and my friend quickly turned off his laptop. (See CNET’s related story about how to protect your Wi-Fi links, and a slideshow.)
A few minutes later we found the culprit around the corner standing in a Starbucks line: Darren Kitchen, founder of the Hak5 show, who had just given a talk about security at the conference. In his session he demonstrated for the audience how easy it can be to intercept unsecured Wi-Fi connections with a special router and custom software he wrote that he calls the WiFi Pineapple. His talk was appropriately titled “Securing Your Information in a Target Rich Environment.” During the demo, audience members who were surfing the Web were surprised when the silly music that plays during the Nyan Cat video blared out of their laptops.
Thousands of SXSW attendees with lots of social-media moxie but little to no security savvy were easy prey for a hacker like Kitchen. The interface he was using on his Galaxy Note smartphone showed a long list of BlackBerrys, iPhones, Androids, and laptops that thought they were connecting to the hotel or Starbucks Wi-Fi (which uses the name “attwifi”), but were actually being tricked by Kitchen’s WiFi Pineapple. “Nobody has any sense of security here,” he said, scrolling through the list of devices connected to his Wi-Fi router.
If he wanted to, Kitchen could do something malicious, like a man-in-the-middle attack, and steal passwords and other data from unwitting victims. But his mission is to educate people by demonstrating what the risks are and not attack them. So his device was programmed to replace every Web page on the Internet with a Nyan Cat.
“When the device is kicked off it tries to get back on the network, and since I’m in closer proximity than the Wi-Fi router, it picks up my signal instead,” Kitchen said. “In the demo I had half the audience connected to my Wi-Fi router.”
Basically, his WiFi Pineapple is what is known as a “Hot-spot Honeypot” that attracts the devices looking to connect to Wi-Fi. The devices send out probe requests when the user turns the Wi-Fi on or turns on the device, and then Wi-Fi is automatically enabled. The messages are asking for a connection from a list of Wi-Fi networks that the device has remembered. Kitchen’s router pretends to be the Wi-Fi network the user’s device is seeking. This only works with an open Wi-Fi network, not one that’s protected with the WPA encryption standard, which requires users to type in a password to connect. “It’s an inherent flaw in the trust model of open Wi-Fi,” he said.
Prototype software on his laptop was doing something similar with Wi-Fi connections, only the messages it was sending were de-authorization packets to interfere with the current Wi-Fi connection by saying the security equivalent of “this is not the Wi-Fi router you are looking for.”
The problem is that the devices are set to automatically remember networks they’ve connected to in the past and it reconnects automatically when in range. “The security is in the way vendors implement it and all they care about is network name,” Kitchen said. The solution would be requiring a challenge and response protocol for authentication and encryption, he said. But the mobile device makers haven’t implemented that, probably because users would need to make a few more clicks to get on the network, he added.
Kitchen has a more ominous version of his WiFi Pineapple that resides in a simple aluminum box with a rechargeable lithium battery and magnets on the back so he can attach it to many surfaces in public spaces. He attached one on an ATM and an escalator. The box also could easily be designed to plug into a hidden wall outlet under a hotel hallway bench, for instance. “You could plug it into an outlet and remote-in over a 3G network and it can stay there forever,” he said.
Kitchen sells his WiFi Pineapple for $90, mostly to governments and security professionals that are hired by corporations to do penetration testing of their own networks as part of security audits.
View full post on National Cyber Security » Computer Hacking
If you run a small business, and think that none of your data was of interest to a hacker, consider this: what if a hacker could take stolen bank account or credit card information from your computer and package it with the same information from a hundred or a thousand other small businesses? Would it be worth something then?
“SMBs don’t know how defenseless they’ve become, especially to automated and industrialised attack methodologies by organised crime,” Christopher Porter says. Porter, a principal with the Verizon RISK Team, is the author of a new report from Verizon on security risk.
“[Hackers] scan the Internet, looking for remote access services, and then try the default credentials. Once they gain access, they automatically install keyloggers to collect password information [as it's typed in],” Porter says. “Then they send the information it out via email or by uploading it to an FTP server or a website. They aggregate the data and sell it on the black market.”
Hackers could use the keylogger to figure out how access and drain a small business’ bank account, but more commonly, Porter said, they’ll target point-of-sale systems, as four Romanians did recently. “That kind of attack is increasing, because they’re low risk and low-cost attacks for organised crime.” Because they’re geographically widespread, it’s hard for any one police department to follow up.
But if small businesses are increasingly vulnerable, Porter characterised the tactics they should employ in response as “quite simple”.
If you have a point-of-sale system, make sure to change the password from the default it came with. It shouldn’t be microsmicros or alohaaloha,” citing two common POS systems. “The problem is that when small businesses think about their POS system, they worry about whether it’s going to be available when they sell the shirt or charge for the burger,” Porter says. “They’re not worried about confidentiality. They’re worried about margins.”
The fifth annual Verizon 2012 Data Breach Investigations Report, produced in conjunction with the United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting Information Security Service and the London Metropolitan Police’s cybercrime unit, reveals seventy-nine percent of attacks represented in the report were opportunistic.
Of all the attacks the report studied, it found 96 percent were not difficult to achieve and 97 percent were avoidable, “without the need for organizations to resort to difficult or expensive countermeasures.”
What does the Verizon report recommend small businesses do? The report cites three simple things:
In addition, Porter recommends some other simple steps:
Porter stresses that, in most cases, these infiltrations are targets of opportunity. If small business follows the simple procedures outlined, they’re less likely to be targeted. “The criminals will pass right by you.”
View full post on National Cyber Security » Computer Hacking
This story appears in the April 9th issue of Forbes magazine. -run competition in -Vancouver last month, the search giant's famously secure Chrome Web browser fell to hackers twice.
View full post on hacking tools – Yahoo! News Search Results
View full post on National Cyber Security
Banks are beefing up security for consumers who bank online. Protect yourself with these tips.
View full post on bank security hacker – Yahoo! News Search Results
View full post on National Cyber Security
Computer hackers could create malicious software that crosses the line from technology to biology, crafting viruses that spread dangerous epidemics, researchers said at Black Hat Europe.
“We are really on the border between the living and the not living,” said Guillaume Lovet, senior manager of Fortinet’s Threat Research and Response Center, during a keynote speech discussing the similarities between biological and computer viruses.
The comparison between computer and human viruses was made to give security researchers a better understanding of why the human immune system is so much better in battling viruses then antivirus systems.
“We came to wonder if there can be some kind of convergence between human viruses and computer viruses,” Lovet added. “It may sound like a scenario for a bad Hollywood movie, but it is not such a stupid question.”
One of the main things that led Fortinet researchers to that conclusion is the similarity between computer and human viruses. In essence they behave the same way, including information coding for parasitic behaviour inside a host system.
Reasoning along this line of thought, a Denial of Service (DoS) attack can be compared to HIV (Human immunodeficiency virus), because both aim at overloading a system, said Ruchna Nigam, security researcher at Fortinet.
There are other comparisons between computer viruses and HIV. HIV attacks the immune system, making humans more vulnerable to certain diseases. Computer viruses such as W32/Sality also use this strategy, terminating antivirus programs and setting a malicious program as an authorised application to bypass Microsoft’s firewall.
The researchers also pointed out that both humans and computers infect themselves. A human visiting a doctor and getting an infection is not an unthinkable scenario, Lovet and Nigam pointed out. Likewise, computers can get infected by visiting a website and downloading a so-called drive-by download, malware that is embedded in the site that tries to install itself on computers. “This is how the ZeuS Trojan built a botnet of an estimated 3.6 million hosts in the USA alone,” noted Lovet and Axelle Apvrille, another Fortinet researcher, in a research paper.
Biological viruses, such as the influenza virus, are also known to change upon replication. When viruses replicate “they mutate themselves,” Nigam said. This behaviour is comparable to the way the Conficker and Koobface viruses work. It’s a nightmare for security analysts, because every replicated sample is significantly different from its predecessor. This can render antivirus signatures, designed to detect malicious viruses, close to useless.
One important difference between these polymorphic viruses, as these adaptive variants are known, is that computer viruses only change form. “Only the package is changed,” the code is not rewritten, Nigam explained. Computer viruses like Conficker are also known to incubate, nestling themselves on systems to attack at a later time, which is comparable to the flu. “These ideas are taken from the physical world,” said Nigam.
There are differences between biological and computer viruses, the researchers noted. If someone wrote the influenza virus in code, the file containing the virus would be no bigger than 22KB. Computer viruses are far bigger than that. In addition, they are more advanced. Biological viruses are not able to implement techniques comparable with encryption and anti-debugging tricks, the researchers noted. This is fortunate, because drugs would have severe problems eliminating such virus variations.
However, Lovet speculates that human and computer viruses could converge in the future. Most human viruses are essentially DNA or RNA code, strands that contain essential genetic instructions for all known living organisms. “In a nutshell: a biological virus is information that codes for behaviour in a host system,” the researchers say. Computer viruses are essentially the same.
The frontier between the digital and the biological world is already blurring, the researchers said, citing cybernetic prosthesis as a good example. Some people have several electronic devices in their body, such as pacemakers, deep brain stimulators and cochlear implants, they noted. As soon as those devices communicate with an external machine, which in most cases is necessary at some point, they become theoretically vulnerable to computer viruses.
In 2002, scientists were able to synthesise the poliovirus. Since then, biotechnology has moved on, making it possible to synthesise bacteria, and organisms are genetically modified almost every day, the researchers said. In addition, all the code for synthetic DNA is stored on computers.
“Seeing that the infamous Stuxnet virus, in 2010, was able to creep through a uranium enrichment plant, seize control of its PLC (programmable logic controller), and destroy its centrifuging gear, one could reasonably think that a virus infecting the computers sporting DNA databases is not outside the realm of possibility,” the researchers said in their paper.
“Conversely, software used when sequencing DNA of a living organism, and databases storing bits that code for that sequence, are probably not absent of vulnerabilities.” But whether it is possible to make a virus with malicious DNA sequences that could, once transcribed into bits, exploit those vulnerabilities, remains to be seen.
Using a coded virus to affect human biology for military purposes is highly unlikely, since a spreading computer virus is much harder to control than, for example, anthrax bacteria. Releasing a virus might backfire and infect a nation’s own army. However, bioterrorists might be interested in the use of attacks based on such viruses, Lovet said. “And that is a very scary thought.”
View full post on National Cyber Security » Computer Hacking
Android is still the most attractive smartphone operating system for malevolent hackers, so devices based on the platform will continue to get compromised, researchers said at Black Hat Europe last week.
Mobile devices are loaded up with private data, a very attractive target for hackers, though not all information on a phone is useful. “They won’t go after 200,000 Yelp credentials, that wouldn’t help them much,” said Dan Guido, a researcher at information security company Trail of Bits, in a combined keynote with Mike Arpaia, security consultant with Isec Partners.
The researchers compared the attractiveness of Google’s Android mobile OS and Apple’s iOS platform for malware makers. As it turns out, Android is still by far the most preferable smartphone OS to target, according to data the researchers presented at the Black Hat conference, held in Amsterdam.
For malware makers to get anything out of attacking a mobile phone, the cost of exploiting the system has to be lower than the revenue gained, the researchers explained. The attacks also have to be easy and the risk of being caught has to be low. The attackers are most likely to go after bank credentials.
Trying to load malicious apps on an iOS or Android phone is the most likely method used by attackers, and that is easier with Android devices. Because iOS is a closed system, app developers have to sign up for $99 and provide information including their real identity. If Apple were to discover a malicious app, the risk of the attacker being caught is high.
Apple employees review the code of all the apps that are submitted to the App Store. Even if an attacker managed to slip a malicious app through the initial review, Apple’s monitoring system is such that it would probably be pulled within a week. “Say what you will about police states, but they keep down the crime,” Guido joked.
This makes iOS unattractive. Android, on the other hand is cheaper and the risk of getting caught is lower. Google charges $25 for registration, a process that only consists of filling out an online form. “And nobody here has ever filled in false information in a web form,” Guido said jokingly to the audience. In addition, Android allows runtime modifications, which iOS does not.
“Android definitely has a bad future in front of them, they going to keep being exploited,” Guido emphasised.
Does this mean that iOS is entirely safe? “There is no evidence of abuse by malware authors at all,” Arpaia said, adding that “security researchers don’t count.” Security specialist Charlie Miller has proven malicious apps can be uploaded to the App Store. However, according to Arpaia, it is highly unlikely that any malware maker will ever try that for real.
iOS users that jailbreak their phones are more vulnerable to malicious apps, said Guido. According to the researchers, all third party app stores used by jail breakers are targeted. Attackers also prefer jail broken Android phones.
View full post on National Cyber Security » Computer Hacking
Android is still the most attractive smartphone operating system for malevolent hackers, so devices based on the platform will continue to get compromised, researchers said at Black Hat Europe last week.
Mobile devices are loaded up with private data, a very attractive target for hackers, though not all information on a phone is useful. “They won’t go after 200,000 Yelp credentials, that wouldn’t help them much,” said Dan Guido, a researcher at information security company Trail of Bits, in a combined keynote with Mike Arpaia, security consultant with Isec Partners.
The researchers compared the attractiveness of Google’s Android mobile OS and Apple’s iOS platform for malware makers. As it turns out, Android is still by far the most preferable smartphone OS to target, according to data the researchers presented at the Black Hat conference, held in Amsterdam.
For malware makers to get anything out of attacking a mobile phone, the cost of exploiting the system has to be lower than the revenue gained, the researchers explained. The attacks also have to be easy and the risk of being caught has to be low. The attackers are most likely to go after bank credentials.
Trying to load malicious apps on an iOS or Android phone is the most likely method used by attackers, and that is easier with Android devices. Because iOS is a closed system, app developers have to sign up for $99 and provide information including their real identity. If Apple were to discover a malicious app, the risk of the attacker being caught is high.
Apple employees review the code of all the apps that are submitted to the App Store. Even if an attacker managed to slip a malicious app through the initial review, Apple’s monitoring system is such that it would probably be pulled within a week. “Say what you will about police states, but they keep down the crime,” Guido joked.
This makes iOS unattractive. Android, on the other hand is cheaper and the risk of getting caught is lower. Google charges $25 for registration, a process that only consists of filling out an online form. “And nobody here has ever filled in false information in a web form,” Guido said jokingly to the audience. In addition, Android allows runtime modifications, which iOS does not.
“Android definitely has a bad future in front of them, they going to keep being exploited,” Guido emphasised.
Does this mean that iOS is entirely safe? “There is no evidence of abuse by malware authors at all,” Arpaia said, adding that “security researchers don’t count.” Security specialist Charlie Miller has proven malicious apps can be uploaded to the App Store. However, according to Arpaia, it is highly unlikely that any malware maker will ever try that for real.
iOS users that jailbreak their phones are more vulnerable to malicious apps, said Guido. According to the researchers, all third party app stores used by jail breakers are targeted. Attackers also prefer jail broken Android phones.
View full post on National Cyber Security » Computer Hacking