Tag Archives: site

[ISN] Australian politicians are reportedly using top-secret messaging app Wickr


http://mashable.com/2015/03/01/australia-politicians-wickr/ By Jenni Ryall mashable.com March 1, 2015 Australian politicians are reportedly using the secret messenging app Wickr to communicate with each other on the sly. According to The Australian, Communications Minister Malcolm Turnbull and Minister for Social Services Scott ­Morrison have been using the service to communicate about their dissatisfaction with Prime Minister Tony Abbott and the ongoing leadership crisis. It follows months of speculation regarding instability within the Liberal-National Coalition Government, which culminated in a vote on whether to declare Abbott’s position vacant. That motion was defeated, but it has not quelled the rumours that members of his government are secretly pushing for a change of leadership. Wickr has a secure file-shredding feature that destroys all communication on your device and claims it has “military-grade encryption.” On the app’s website, the company claims that no conversations can be tracked or monitored using the app, which may mean that The Australian received a tip regarding the top-secret communications between the two politicians. […]

Tags: , , , , , , ,

[ISN] Attackers protesting Superfish debacle hijack Lenovo e-mail, spoof website

http://arstechnica.com/security/2015/02/attackers-take-control-of-lenovo-com-hijacking-e-mail-and-web-servers/ By Dan Goodin Ars Technica Feb 25, 2015 Almost a week after revelations surfaced that Lenovo preinstalled dangerous ad-injecting software on consumer laptops, attackers took complete control of the company’s valuable Lenovo.com domain name, a coup that allowed them to intercept the PC maker’s e-mail and impersonate its Web pages. The hijacking was the result of someone compromising a Lenovo account at domain registrar Web Commerce Communications, and changing the IP address that gets called when people typed Lenovo.com into their Web browsers or e-mail applications. As a result, the legitimate Lenovo servers were bypassed and replaced with one that was controlled by the attackers. Marc Rogers, a principal security researcher at content delivery network CloudFlare, told Ars the new IP address pointed to a site hosted behind his company’s name servers. CloudFlare has seized the customer’s account, and at the time this post was being prepared, company engineers were working to help Lenovo restore normal e-mail and website operations. “We took control as soon as we found out (minutes after it happened) and are now working with Lenovo to restore service,” Rogers said. “All we saw was the domain come in to us, at which point we took immediate action to protect them and their service.” Rogers went on to say the unknown attackers posted MX mail server records that allowed them to read e-mail sent to Lenovo employees. The fraudulent records have since been removed. Rogers’ account is consistent with an image posted by the LizardCircle Twitter account. The image showed an e-mail sent by an outside PR person to several people inside Lenovo’s PR department. […]

Tags: , , , , , , , , , , , ,

[ISN] Hackers target Birmingham City Council website in sustained attack

http://www.birminghammail.co.uk/news/midlands-news/hackers-made-24000-attempts-attack-8705246 By Neil Elkes Birmingham Mail 24 February 2015 Hackers launched a major attack on Birmingham City Council’s computer system . The authority’s website was hit by a ‘significant attack’ receiving 24,000 hits per minute on Friday in an attempt to breach its security leading to major action to protect the data. Service Birmingham Chief Executive Tony Lubman revealed the attack while appearing before the council’s contracts and partnership committee. He told the panel how fending off attacks takes considerable resources. “Birmingham is by far the largest local authority in Europe. You represent the Government and you are therefore a target,” he said. […]

Tags: , , , , , , , , , , ,

[ISN] Hacker Claims Feds Hit Him With 44 Felonies When He Refused to Be an FBI Spy

http://www.wired.com/2015/02/hacker-claims-feds-hit-44-felonies-refused-fbi-spy/ By Andy Greenberg Threat Level Wired.com 02.18.15 A year ago, the Department of Justice threatened to put Fidel Salinas in prison for the rest of his life for hacking crimes. But before the federal government brought those charges against him, Salinas now says, it tried a different tactic: recruiting him. A Southern District of Texas judge sentenced Salinas earlier this month to six months in prison and a $10,600 fine after he pleaded guilty to a misdemeanor count of computer fraud and abuse. The charge stemmed from his repeatedly scanning the local Hidalgo County website for vulnerabilities in early 2012. But just months before he took that plea, the 28-year-old with ties to the hacktivist group Anonymous instead faced 44 felony hacking and cyberstalking charges, all of which were later dismissed. And now that his case is over, Salinas is willing to say why he believes he faced that overwhelming list of empty charges. As he tells it, two FBI agents asked him to hack targets on the bureau’s behalf, and he refused. Over the course of a six-hour FBI interrogation in May, 2013, months after his arrest, Salinas says two agents from the FBI’s Southern District of Texas office asked him to use his skills to gather information on Mexican drug cartels and local government figures accepting bribes from drug traffickers. “They asked me to gather information on elected officials, cartel members, anyone I could get data from that would help them out,” Salinas told WIRED in a phone interview before his sentencing. “I told them no.” “Fundamentally this represents the FBI trying to recruit by indictment,” says Salinas’ lawyer Tor Ekeland, who took the case pro bono last year. “The message was clear: If he had agreed to help them, they would have dropped the charges in a second.” […]

Tags: , , , , , , , , , , , , , ,

[ISN] Lenovo installs adware on customer laptops and compromises ALL SSL.

http://marcrogers.org/2015/02/19/lenovo-installs-adware-on-customer-laptops-and-compromises-all-ssl/ By Marc Rogers FEBRUARY 19, 2015 A pretty shocking thing came to light this evening – Lenovo is installing adware that uses a “man-in-the-middle” attack to break secure connections on affected laptops in order to access sensitive data and inject advertising. As if that wasn’t bad enough they installed a weak certificate into the system in a way that means affected users cannot trust any secure connections they make – TO ANY SITE. We trust our hardware manufacturers to build products that are secure. In this current climate of rising cybercrime, if you cant trust your hardware manufacturer you are in a very difficult position. That manufacturer has a huge role to play in keeping you safe – from releasing patches to update software when vulnerabilities are found to behaving in a responsible manor with the data the collect and the privileged access they have to your hardware. When bad guys are able to get into the supply chain and install malware it is devastating. Often users find themselves with equipment that is compromised and are unable to do anything about it. When malware is installed with the access a manufacturer has it buries itself deep inside the system often with a level of access that often takes it beyond the reach of antivirus or other countermeasures. This is why it is all the more disappointing – and shocking – to find a manufacturer doing this to its customers voluntarily. Lenovo has partnered with a company called Superfish to install advertising software on it’s customer’s laptops. Under normal circumstances this would not be cause for concern. However Superfish’s software has quite a reputation. It is a notorious piece of “adware”, malicious advertising software. A quick search on Google reveals numerous links for pages containing everything from software to remove Superfish to consumers complaining about the presence of this malicious advertising tool. […]

Tags: , , , , , , , , , , , , ,

[ISN] The World’s Email Encryption Software Relies on One Guy, Who is Going Broke

http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke By Julia Angwin ProPublica Feb. 5, 2015 Update, Feb. 5, 2015, 8:10 p.m.: After this article appeared, Werner Koch informed us that last week he was awarded a one-time grant of $60,000 from Linux Foundation’s Core Infrastructure Initiative. Werner told us he only received permission to disclose it after our article published. Meanwhile, since our story was posted, donations flooded Werner’s website donation page and he reached his funding goal of $137,000. In addition, Facebook and the online payment processor Stripe each pledged to donate $50,000 a year to Koch’s project. The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive. Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded. “I’m too idealistic,” he told me in an interview at a hacker convention in Germany in December. “In early 2013 I was really about to give it all up and take a straight job.” But then the Snowden news broke, and “I realized this was not the time to cancel.” […]

Tags: , , , , , , , , , ,

[ISN] Some hackers are unknowingly gathering intel for the NSA

http://www.pcworld.idg.com.au/article/565624/some-hackers-unknowingly-gathering-intel-nsa/ By Lucian Constantin IDG News Service 05 February, 2015 The U.S. National Security Agency and its intelligence partners are reportedly sifting through data stolen by state-sponsored and freelance hackers on a regular basis in search of valuable information. Despite constantly warning about the threat of hackers and pushing for their prosecution, the intelligence agencies of the U.S., Canada and the U.K. are happy to ride their coattails when it serves their interests, news website The Intercept reported Wednesday. “Hackers are stealing the emails of some of our targets… by collecting the hackers’ ‘take’ we 1) get access to the emails ourselves and 2) get insights into who’s being hacked,” a page from an internal wiki used by the agencies reads. The page, last modified in 2012, was among the files leaked by former NSA contractor Edward Snowden to journalists and was published by The Intercept. One such cache of stolen data is known internally to the Five Eyes alliance

Tags: , , , , , , , , , ,

[ISN] PSA: Your crypto apps are useless unless you check them for backdoors

http://arstechnica.com/security/2015/02/psa-your-crypto-apps-are-useless-unless-you-check-them-for-backdoors/ By Dan Goodin Ars Technica Feb 4, 2015 At the beginning of the year, I did something I’ve never done before: I made a new year’s resolution. From here on out, I pledged, I would install only digitally signed software I could verify hadn’t been tampered with by someone sitting between me and the website that made it available for download. It seemed like a modest undertaking, but in practice, it has already cost me a few hours of lost time. With practice, it’s no longer the productivity killer it was. Still, the experience left me smarting. In some cases, the extra time I spent verifying signatures did little or nothing to make me more secure. And too many times, the sites that took the time to provide digital signatures gave little guidance on how to use them. Even worse, in one case, subpar security practices of some software providers undercut the protection that’s supposed to be provided with digitally signed code. And in one extreme case, I installed the Adium instant messaging program with no assurance at all, effectively crossing my fingers that it hadn’t been maliciously modified by state-sponsored spies or criminally motivated hackers. More about those deficiencies later—let’s begin first with an explanation of why digital signatures are necessary and how to go about verifying them. By now, most people are familiar with man-in-the-middle attacks. They’re waged by someone with the ability to monitor traffic passing between an end user and a website—for instance, a hacker sniffing an unsecured Wi-Fi connection or the National Security Agency sniffing the Internet backbone. When the data isn’t encrypted, the attacker can not only read private communications but also replace legitimate software normally available for download with maliciously modified software. If the attack is done correctly, the end user will have no idea what’s happening. Even when Web connections are encrypted with the HTTPS standard, highly skilled hackers still may be able to seed a website with malicious counterfeit downloads. That’s where digital signatures come in. A prime candidate for such an attack is the OTR plugin for the Pidgin instant messenger. It provides the means to encrypt messages so (1) they can’t be read by anyone monitoring the traffic sent between two parties and (2) each party can know for sure that the person on the other end is, in fact, who she claims to be. Fortunately, the OTR installer is provided through an encrypted HTTPS connection, which goes a long way to thwarting would-be man-in-the-middle attackers. But strict security practices require more, especially for software as sensitive as OTR. That’s why the developers included a GPG signature users can check to verify that the executable file hasn’t been altered in any way. […]

Tags: , , , , , , , , , , , , , , , , , , , , , ,