Thursday, December 14, 2017
Home Tags Hacking

Tag: Hacking

In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. While including those who endeavor to strengthen such mechanisms, it is more often used by the mass media and popular culture to refer to those who seek access despite these security measures. That is, the media portrays the ‘hacker’ as a villain. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. White hat is the name given to ethical computer hackers, who utilize hacking in a helpful way. White hats are becoming a necessary part of the information security field. They operate under a code, which acknowledges that breaking into other people’s computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context.

Wickr's flavor of secure text messaging, protected in part by the encryption technique called Perfect Forward Secrecy, lands on Android in a new beta. September 16, 2013 7:00 AM PDT Like other secure messaging apps, Wickr offers a self-destruct ...
Belgacom, a Belgian Internet Service Provider  (ISP) has revealed that it has been the victim of a hacking attack that might have come from a government intelligence agency. The firm has not named any suspects itself, but according to a report the US National Security Agency (NSA) might have been involved. "We had found traces of intrusion in the internal computer...
A mobile-focused version of the hacking challenge will see security researchers compete to be the first to demonstrate new vulnerabilities on mobile devices. Hewlett-Packard is set to host its second annual Mobile Pw2own competition this November at the PacSec Applied Security Conference in Tokyo.

The competition will reward security researchers from a total prize pool of $300,000 for new, previously undisclosed vulnerabilities in mobile technologies. The mobile event will be the second Pwn2own event in 2013, following the desktop browser-focused event that was held in March. It's also the second time HP has hosted a mobile-focused Pwn2own event.

At the 2012 mobile Pwn2own event, near-field communication (NFC) technology was a key target, and both Android and iOS were hacked. Brian Gorenc, manager of the Zero Day Initiative (ZDI) at Hewlett-Packet Security Research, told eWEEK that his group has introduced several changes to Mobile Pwn2Own this year. In this year's event, the attack surface has been widened to include Bluetooth, WiFi, and USB-based attacks. "HP's Zero Day Initiative, with support from its sponsors, has also increased the amount of prize money available to $300,000, compared with $240,000 last year," Gorenc said. A key component of every Pwn2own event is browser-based attacks, and the 2013 Mobile Pwn2own event will be no different. Gorenc noted that the usual suspects of mobile browsers, including Chrome and Safari, will be available to contestants at Mobile Pwn2Own 2013. "All targets will be installed in the default configurations giving all contestants an even playing field," Gorenc said. In terms of awards, HP will pay $50,000 to the first researcher that is able to successful demonstrate a previously unknown attack against Bluetooth, WiFi, USB or NFC use on a mobile device. An award of $70,000 will be paid to the researcher that can demonstrate an attack against the Short Message Service (SMS), Multimedia Messaging Service (MMS) or Commercial Mobile Alert System (CMAS). Mobile browser exploits will yield a $40,000 bounty. Google is also participating in the event, kicking in an additional $10,000, on top of HP's $40,000, to the researcher who is able to successfully exploit its Chrome browser running on a Google Nexus 4 or Samsung Galaxy S4. "There will be one winner per category, with the exception of the Mobile Browser category, which may have additional winners, sponsored by Google, if the contestant is specifically targeting Chrome or Android on the Google Nexus 4 or Samsung Galaxy S 4," Gorenc said. The HP ZDI group buys security vulnerabilities from researchers all year-round.

As such, he has some insight into the types of vulnerabilities that are on the market, but it's difficult to forecast what will emerge at a Pwn2Own event. "One of the great things about Pwn2Own is that you never know what type of innovative research and attack techniques will show up," Gorenc said. ZDI is particularly interested in seeing exploits in the messaging services category, he added. "These types of attacks are particularly dangerous since you don't need to be in range of the target or get them to click on a link—all you need is a phone number," Gorenc said. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.  
Twelve people have been arrested over an alleged plot to steal millions from high street bank Santander. The men, aged between 23 and 50, were arrested after police found a device called a KVM (keyboard video mouse) fitted to a PC in the Surrey Quays ...
Personal details of more than two million customers of Vodafone Germany have been stolen by a hacker.
A man said to be affiliated with the hacking collective Anonymous gets prison time for breaking into police and municipal Web sites in Utah, New York, Missouri, and California. September 12, 2013 5:44 PM PDT After pleading guilty to computer fr...

NSA and GCHQ mimic Google

US intelligence has been mimicking the search engine Google to conduct "man in the middle" surveillance of suspects. Buried in among all the NSA leaks, which have shown direct economic and private espionage, was the news about an operation code-named Flying Pig. According to Techdirt, Flying Pig has not been mentioned before, although there were rumours that the NSA and others had been using "man in the middle attacks". The NSA was reportedly running the attacks against the likes of Google, Yahoo and Microsoft. The system is good as far as GCHQ and the NSA are concerned because they do not need to approach Google directly. An NSA presentation that also contains some GCHQ slides describes how the attack was used to snoop on SSL traffic. It illustrates with a diagram how one of the agencies appears to have hacked into a target's internet router and covertly redirected targeted Google traffic using a fake security certificate. This allowed it to intercept the unencrypted information. The British GCHQ network exploitation team developed Flying Pig because there was a rise in SSL encryption by email providers like Yahoo, Google, and Hotmail. The Flying Pig system appears to allow it to identify information related to use of the anonymity browser Tor and also allows spies to collect information about specific SSL encryption certificates. It is starting to show how far the NSA and GCHQ are going in their hacking antics and how the tech companies aren't always "willing participants" in the NSA's efforts. No one knows how the agencies are getting their hands on the security certificates and the question about how much the British GCHQ is doing the US government's dirty work is also not being looked at. 
The US is to take steps to restore faith in a widely used encryption standard after documents released by whistleblower Edward Snowden indicated it contains a backdoor. According to reports by the Guardian, the New York Times (NYT) and ProPublica, the US National Security Agency (NSA) can bypass encryption that protects much of the data on the web. The report said the NSA inserted a back door into a 2006 release of the encryption standard adopted by the US National Institute of Standards and Technology (Nist). The standard was later adopted by the International Organisation for Standardisation (ISO), which has 163 member countries. Following the revelation, Nist has announced it will re-open the public vetting process for the encryption standard, according to the New York Times. “We want to assure the IT cyber security community that the transparent, public process used to rigorously vet our standards is still in place,” Nist said in a statement. The US federal agency said it would not deliberately weaken a cryptographic standard. Adding further detail to initial reports, the NYT has revealed exactly how the NSA was able to compromise the encryption standard. Internal memos leaked by Snowden suggest the NSA was responsible for one of the random number generators used in the 2006 Dual EC DRBG Nist standard. As author of the random number generator, the NSA was able to predict the scrambling protocols, enabling it to access encrypted data. The leaked memos also indicate that NSA worked behind the scenes to push the same standard into the ISO and to become the sole editor of the standard. The NYT said cryptographers have long had mixed feelings about Nist’s close relationship with the NSA, but many said last week’s revelations had confirmed their worst fears and eroded their confidence in Nist standards. Nist said that because of cryptographers’ concerns, it would reopen the public comment period for three standards that use the random number generator in question. “If vulnerabilities are found in these or any other Nist standard, we will work with the cryptographic community to address them as quickly as possible,” the agency said. Read more about Prism Security Think Tank: Prism fallout could be worse than security risks Security Think Tank: Prism is dangerous for everyone Security Think Tank: Prism – Sitting duck or elaborate honeypot? NSA surveillance whistleblower reveals identity US repeatedly hacked China, claims NSA whistleblower FBI spies on internet users UK links to US internet surveillance remain unclear Technology companies call for more transparency over data requests Compliance: The Edward Snowden, NSA program controversy continues Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com
The paper points a finger definitively at the long-suspected Dual_EC_DRBG algorithm.    
In recent years, nearly every time I've seen the National Security Agency at a security event (they're usually out in a recruiting capacity), they bring an Enigma machine.

The Enigma is a code generating machine built by the German military that was cracked by the U.S military, and it played an important role in helping the Allies win World War II. That's what the NSA does—it cracks codes—and that has always been its mission. Last week, reports emerged that the NSA is in fact still pursuing its mission of cracking codes; this time, however, it's not German code machines, but rather the core cryptographic tools that secure the Internet. While there has been a lot of reaction to the disclosure, in my opinion it's important for enterprises to remember and understand a few key facts. Edward Snowden Never Had Access to Bullrun Though Mr. Snowden (the man who has been disclosing information about the NSA's programs) clearly has information on what the NSA is (or was) doing, he didn't have full access.

The full operational details and complete capabilities of the program, code-named "Bullrun," that the NSA has for cracking/influencing Internet cryptography are still shrouded in lots of secrecy. Over the weekend, Nicole Perloth, one of the New York Times reporters who helped write the Snowden Bullrun story, tweeted that her publication didn't publish full details because it didn't have them. Perloth tweeted, "... Snowden was not cleared for Bullrun." The NSA Isn't Interested in You The goal of the NSA is national security to help prevent another 9/11-type attack. With the anniversary of that terrible day coming up this week, it's critical to remember that fact.

If a known terrorist organization sends an encrypted message that could have operational details about an act of violence, shouldn't we all want the "good guys" to know about it, so they can stop it? The 9/11 Commission said that there was a failure in the U.S. intelligence community because they failed "to connect the dots" about the attack. Being able to defeat crypto is a necessary tool.

Now don't get me wrong, in a free and democratic society we need privacy and individual freedom.

The government should not be allowed to invade individual privacy. But it is a balancing act here.

If the NSA stays true to its intended national security purpose, the only people's privacy they should be invading is of those who would do us harm. Your SSL Is Probably Misconfigured The other truth that enterprises need to consider is how they are using cryptography today. One of the big items in the Snowden Bullrun disclosure is the allegation that Secure Sockets Layer (SSL) has been breached by the government. SSL is used by all of us everyday to secure our Web transactions and is a foundational element of Internet security. The truth is that the NSA doesn't really need any crazy tools to actually hack SSL, since in the majority of cases today, SSL is not properly deployed anyway. According to the latest stats from SSL Pulse, just under 25 percent of SSL sites are actually secure. That's right—most enterprises and Websites are not properly using SSL security to begin with. So my suggestion is a simple one. Yes, as people who want to live in a free society and not a police state, we should always be wary of "Big Brother" snooping on us. But we should also tie our own shoes too and learn to walk before we run. Properly configuring SSL is only one (small) piece of the Internet cryptography puzzle, but it's an important one.

The reality that I see everyday is that hackers target the low-hanging fruit and system misconfigurations more so than the exotic zero-day flaws. So fix what you can and configure your own SSL and crypto properly, and then you'll be more secure, regardless of what NSA Bullrun might be able to do. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist. ${QSComments.incrementNestedCommentsCounter()} {{if QSComments.checkCommentsDepth()}} {{if _childComments}}
After a professor pens a blog post about the NSA's alleged clandestine program to break digital encryptions, the university asks him to take it down...

Then changes its mind. September 9, 2013 6:43 PM PDT (Credit: CNET) Johns Hopkins University ...
The young hacker, who's real name is Jake Davis, opens up about his time in the cyberattack collective. September 9, 2013 11:04 AM PDT The LulzSec logo.

The top hat and monocle image was chosen at random, according to former member Jake Davis. (Cr...