Tag Archives: device

[ISN] Severe weaknesses in Android handsets could leak user fingerprints

http://arstechnica.com/security/2015/08/severe-weaknesses-in-android-handsets-could-leak-user-fingerprints/ By Dan Goodin Ars Technica Aug 10, 2015 HTC and Samsung have patched serious vulnerabilities in some of their Android phones that made it possible for malicious hackers to steal user fingerprints. The researchers who discovered the flaws said that many more phones from all manufacturers may be susceptible to other types of fingerprint-theft attacks. The most serious of the flaws was found on HTC’s One Max handset. According to researchers at security firm FireEye, the device saved user fingerprints as an unencrypted file. Almost as bad, the BMP image was readable by any other running application or process. As a result, any unprivileged process or app could obtain a user’s fingerprints by reading the file. Attackers could capitalize on the weakness by exploiting one of the many serious vulnerabilities that regularly crop up in Android or by tricking a target into installing a malicious app. HTC fixed the issue after FireEye privately reported it, according to this summary, which didn’t provide a date or other details of the update. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Encryption Hinders Investigations: FBI Chief

http://www.informationweek.com/mobile/mobile-devices/encryption-hinders-investigations-fbi-chief/d/d-id/1321231 By Thomas Claburn Informationweek.com July 8, 2015 FBI Director James Comey appeared before the Senate Judiciary Committee on Wednesday to argue for legal support to weaken strong encryption, which he claims obstructs criminal investigations. The title of the hearing, “Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy,” borrows Comey’s characterization of encryption as way to conceal evidence of criminal acts. “We are seeing more and more cases where we believe significant evidence resides on a phone, a tablet, or a laptop—evidence that may be the difference between an offender being convicted or acquitted,” said Comey and Sally Quillian Yates, US Deputy Attorney General, in joint prepared remarks. “If we cannot access this evidence, it will have ongoing, significant impacts on our ability to identify, stop, and prosecute these offenders.” The concerns of Comey and Yates were echoed by Cyrus Vance Jr., District Attorney for New York County, who complained about the device encryption deployed by Apple and Google last fall. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FS-ISAC: Remote-Access Attack Alert

http://www.bankinfosecurity.com/interviews/fs-isac-remote-access-attack-alert-i-2787 By Tracy Kitten Bank Info Security July 8, 2015 Remote-access attacks waged against smaller merchants are a growing threat, according to a cybersecurity alert published July 7. The alert was released by the Financial Services Information Sharing and Analysis Center, along with Visa, the U.S. Secret Service and The Retail Cyber Intelligence Sharing Center, which provides threat intelligence for retailers. While industry attention in late 2013 and early 2014 was focused on the large-scale RAM-scraping malware attacks that resulted in breaches at big-box retailers, including Target and Home Depot, more attention is now being paid to remote-access attacks against point-of-sale devices commonly used at smaller merchants, says Charles Bretz, director of payment risk at the FS-ISAC. The organization provides a conduit for information sharing among financial services institutions. “We are seeing a shift in the breaches of card data,” Bretz says in this interview with Information Security Media Group. Now that many of the larger retailers have implemented end-to-end encryption and tokenization, in conjunction with their rollouts of EMV-compliant POS terminals, hackers are turning their attention toward smaller retailers, he says. “Criminals continue to find success by targeting smaller retailers that use common IT and payments systems,” Bretz explains. “Merchants in industry verticals use managed service provider systems. There might be 100 merchants that use a managed service provider that provides IT and payment services for their business.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Attackers targeting medical devices to bypass hospital security

http://www.csoonline.com/article/2931474/data-breach/attackers-targeting-medical-devices-to-bypass-hospital-security.html By Steve Ragan Salted Hash CSO Online June 4, 2015 A preview copy of a report from TrapX Labs, which will be released later this month, highlights three successful attacks against healthcare organizations. The incidents prove that defending assets in a healthcare environment isn’t as easy as some would have you think. In fact, given the wide range of devices on a given network, it can be nearly impossible. Last year, Community Health Systems had an incident that resulted in the compromise of 4.5 million records. It served as a reminder that medical information was an important commodity to criminals. In March of this year, the Identity Theft Resource Center (ITRC) tagged healthcare as the source of 33-percent of all listed incidents nationwide, noting that nearly 100 million healthcare records were compromised in the U.S. alone in Q1 2015. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Evil Wi-Fi captive portal could spoof Apple Pay to get users’ credit card data

http://arstechnica.com/security/2015/06/evil-wifi-captive-portal-could-fool-users-into-giving-up-apple-pay-data/ By Sean Gallagher Ars Technica June 4, 2015 Researchers at Wandera, a mobile security company, have alerted Apple to a potential security vulnerability in iOS that could be used by attackers to fool users into giving up their credit card data and personal information. The vulnerability, based on the default behavior of iOS devices with Wi-Fi turned on, could be used to inject a fake “captive portal” page that imitates the Apple Pay interface. The attack leverages a well-known issue Ars has reported on in the past: iOS devices with Wi-Fi turned on will attempt by default to connect to any access point with a known SSID. Those SSIDs are broadcast by “probe” messages from the device whenever it’s not connected to a network. A rogue access point could use a probe request capture to masquerade as a known network, and then throw up a pop-up screen masquerading as any web page or app. The Wandera attack uses this behavior to get a mobile device to connect and then presents a pop-up portal page—the type usually used when connecting to a public WiFi service to present a Web-based login screen—that is designed to resemble an Apple Pay screen for entering credit card data. The attack could be launched by someone nearby a customer who has just completed or is conducting an Apple Pay transaction so that the user is fooled into believing Apple Pay itself is requesting that credit card data is reentered. An attacker could loiter near a point-of-sale system with an Apple Pay terminal and continuously launch the attack. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Skytalks 2015 CFP – NOW OPEN

Forwarded from: bluknight < bluknight@skytalks.info> == https://skytalks.info == Skytalks is a ‘sub-conference’ that gives a unique platform for researchers to share their research, for angry hackers to rant about the issues of their industry, and for curious souls to probe interesting issues, all without the watchful eye of the rest of the world. With a strict, well-enforced “no recording” policy, research that is underway or critical of a vendor can be aired to your peers. You are talking to other security people, sharing your working knowledge of a topic. That said, this isn’t a soapbox to say and trash whoever or whatever you want. Skytalks is old-school DEF CON. We encourage handles – we want your material to stand on its own, not what company’s logo is on your slide deck. We encourage the audience to ask questions and challenge what does not seem to be right. Speakers will be held accountable for their material by their peers… loudly. We’re looking for talks that are about cutting edge material, either in-progress, or ready to be disclosed… at the risk of offending a company. Talks that challenge the industry norms are great. Calling out those who plague our beloved industry, welcome! Talks that are outside the realm of a PG rating, can find (and have found) a home here (was re: Teledildonics). First time speakers are welcome. We have had the privilege and honor of hosting for the first time some great names in the community. You, too, can be among that group. What you must bring: A compelling topic, slides, and willingness to educate and/or face your peers. You should be: outgoing, willing to educate, wanting to learn (yes, as a presenter), and wanting to engage your peers. If you lack any of these skills, we can fix this. Please bring a spare liver. A good talk is about mutual learning; it is a conversation. We just provide a room of professionals that want to converse, over booze. Sometimes… a lot of booze. Your submission must include a brief abstract that explains your talk. It must include a detailed outline of the major talking points. Optionally, you can give us additional information or arguments about why we should accept your talk. What we provide: A place to present, with projectors (VGA video). While we may have adapters on-hand, please be prepared and bring your own. We’ll have a PA system with appropriate microphones, as well as audio input from a device if you need it. Please let us know if you have any special requirements, such as a fire extinguisher for when you plan to set the table on fire. Please note: all speakers must already be badged Defcon attendees. Skytalks cannot provide DEF CON badges for speakers, and Skytalks badges, while great keepsakes, do not provide access to DEF CON itself. Also, dongs. == https://skytalks.info ==


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Flawed Android factory reset leaves crypto and login keys ripe for picking

http://arstechnica.com/security/2015/05/flawed-android-factory-reset-leaves-crypto-and-login-keys-ripe-for-picking/ By Dan Goodin Ars Technica May 21, 2015 An estimated 500 million Android phones don’t completely wipe data when their factory reset option is run, a weakness that may allow the recovery of login credentials, text messages, e-mails, and contacts, computer scientists said Thursday. In the first comprehensive study of the effectiveness of the Android feature, Cambridge University researchers found that they were able to recover data on a wide range of devices that had run factory reset. The function, which is built into Google’s Android mobile operating system, is considered a crucial means for wiping confidential data off of devices before they’re sold, recycled, or otherwise retired. The study found that data could be recovered even when users turned on full-disk encryption. Based on the devices studied, the researchers estimated that 500 million devices may not fully wipe disk partitions where sensitive data is stored and 630 million phones may not wipe internal SD cards where pictures and video are often kept. The findings, published in a research paper titled Security Analysis of Android Factory Resets, are sure to be a wake-up call for individual users and large enterprises alike. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Feds Say That Banned Researcher Commandeered a Plane

http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/ By Kim Zetter Wired.com 05.15.15 A SECURITY RESEARCHER kicked off a United Airlines flight last month after tweeting about security vulnerabilities in its system had previously taken control of an airplane and caused it to briefly fly sideways, according to an application for a search warrant filed by an FBI agent. Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states. “He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI Special Agent Mark Hurley wrote in his warrant application (.pdf). “He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.” Hurley filed the search warrant application last month after Roberts was removed from a United Airlines flight from Chicago to Syracuse, New York, because he published a facetious tweet suggesting he might hack into the plane’s network. Upon landing in Syracuse, two FBI agents and two local police officers escorted him from the plane and interrogated him for several hours. They also seized two laptop computers and several hard drives and USB sticks. Although the agents did not have a warrant when they seized the devices, they told Roberts a warrant was pending. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail