Tag Archives: target

[ISN] Severe weaknesses in Android handsets could leak user fingerprints

http://arstechnica.com/security/2015/08/severe-weaknesses-in-android-handsets-could-leak-user-fingerprints/ By Dan Goodin Ars Technica Aug 10, 2015 HTC and Samsung have patched serious vulnerabilities in some of their Android phones that made it possible for malicious hackers to steal user fingerprints. The researchers who discovered the flaws said that many more phones from all manufacturers may be susceptible to other types of fingerprint-theft attacks. The most serious of the flaws was found on HTC’s One Max handset. According to researchers at security firm FireEye, the device saved user fingerprints as an unencrypted file. Almost as bad, the BMP image was readable by any other running application or process. As a result, any unprivileged process or app could obtain a user’s fingerprints by reading the file. Attackers could capitalize on the weakness by exploiting one of the many serious vulnerabilities that regularly crop up in Android or by tricking a target into installing a malicious app. HTC fixed the issue after FireEye privately reported it, according to this summary, which didn’t provide a date or other details of the update. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hackers Can Disable a Sniper Rifle — Or Change Its Target

http://www.wired.com/2015/07/hackers-can-disable-sniper-rifleor-change-target/ By Andy Greenberg Security Wired.com 07.29.15 PUT A COMPUTER on a sniper rifle, and it can turn the most amateur shooter into a world-class marksman. But add a wireless connection to that computer-aided weapon, and you may find that your smart gun suddenly seems to have a mind of its own—and a very different idea of the target. At the Black Hat hacker conference in two weeks, security researchers Runa Sandvik and Michael Auger plan to present the results of a year of work hacking a pair of $13,000 TrackingPoint self-aiming rifles. The married hacker couple have developed a set of techniques that could allow an attacker to compromise the rifle via its Wi-Fi connection and exploit vulnerabilities in its software. Their tricks can change variables in the scope’s calculations that make the rifle inexplicably miss its target, permanently disable the scope’s computer, or even prevent the gun from firing. In a demonstration for WIRED (shown in the video above), the researchers were able to dial in their changes to the scope’s targeting system so precisely that they could cause a bullet to hit a bullseye of the hacker’s choosing rather than the one chosen by the shooter. “You can make it lie constantly to the user so they’ll always miss their shot,” says Sandvik, a former developer for the anonymity software Tor. Or the attacker can just as easily lock out the user or erase the gun’s entire file system. “If the scope is bricked, you have a six to seven thousand dollar computer you can’t use on top of a rifle that you still have to aim yourself.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hacking Team orchestrated brazen BGP hack to hijack IPs it didn’t own

http://arstechnica.com/security/2015/07/hacking-team-orchestrated-brazen-bgp-hack-to-hijack-ips-it-didnt-own/ By Dan Goodin Ars Technica July 12, 2015 Spyware service provider Hacking Team orchestrated the hijacking of IP addresses it didn’t own to help Italian police regain control over several computers that were being monitored in an investigation, e-sent among company employees showed. Over a six day period in August 2013, Italian Web host Aruba S.p.A. fraudulently announced its ownership of 256 IP addresses into the global routing system known as border gateway protocol, the messages document. Aruba’s move came under the direction of Hacking Team and the Special Operations Group of the Italian National Military Police, which was using Hacking Team’s Remote Control System malware to monitor the computers of unidentified targets. The hijacking came after the IP addresses became unreachable under its rightful owner Santrex, the “bullet-proof” Web hosting provider that catered to criminals and went out of business in October 2013, according to KrebsOnSecurity. It’s not clear from the e-mails, but they appear to suggest Hacking Team and the Italian police were also relying on Santrex. The emails were included in some 400 gigabytes of proprietary data taken during last weekend’s breach of Hacking Team and then made public on the Internet. With the sudden loss of the block of IP addresses, Italy’s Special Operations Group was unable to communicate with several computers that were infected with the Hacking Team malware. The e-mails show Hacking Team support workers discussing how the law enforcement agency could regain control. Eventually, Italian police worked with Aruba to get the block—which was known as 46.166.163.0/24 in Internet routing parlance—announced in the BGP system as belonging to Aruba. It’s the first known case of an ISP fraudulently announcing another provider’s address space, said Doug Madory, director of Internet analysis at Dyn Research, which performs research on Internet performance. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Computer hack reveals identity of Syrians in contact with Israel

http://www.timesofisrael.com/computer-hack-reveals-identity-of-syrians-in-contact-with-israel/ By Elhanan Miller The Times of Israel July 12, 2015 Computer hackers likely working for the Syrian regime and Hezbollah have managed to penetrate the computers of Israeli and American activists working with the Syrian opposition, exposing sensitive contacts between the sides. Al-Akhbar, a newspaper serving as Hezbollah’s mouthpiece in Lebanon, published a series of articles over the weekend purporting to divulge correspondence between Mendi Safadi, a Druze Israeli and former political adviser to Deputy Regional Cooperation Minister Ayoub Kara, with members of the Syrian opposition around the world, taken from taken from Safadi’s computer. The article also contains screenshots of word documents and text message exchanges saved on Safadi’s computer. The article alleged that Safadi, working on behalf of the Israeli government, tried to recruit Israeli agents in Syria and Lebanon, smuggle weapons into the hands of Islamist rebel groups in Syria, and locate targets within Syria to be bombed by coalition forces. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Lizard Squad Hacker Who Shut Down PSN, Xbox Live, And An Airplane Will Face No Jail Time

http://www.forbes.com/sites/insertcoin/2015/07/09/lizard-squad-hacker-who-shut-down-psn-xbox-live-and-an-airplane-will-face-no-jail-time/ By Paul Tassi Contributor Forbes.com 7/09/2015 Last Christmas, a hacking collective known as the “Lizard Squad” managed to take down PSN and Xbox Live right as everyone was attempting to play their consoles during holiday, creating one of the worst outages in the history of either network. The attacks soon evolved into a more personal nature, targeting then-president of Sony Online Entertainment, John Smedley, which included posting his personal details and actually grounding an American Airlines flight he was on with a Twitter TWTR -1.15%-issued bomb threat. Since then, everyone has been wondering just who the members of Lizard Squad were and if they’d ever be brought to justice. Recently, one individual, 17 year-old Julius “zeekill” Kivimaki was identified, and after standing trial in his native Finland, has just been convinced of an incredible 50,700 charges of computer-related crimes. He will serve a two-year suspended sentence, and effectively face no jail time. If you imagine the general public might be upset about such a lax sentence, you’d be right, but no one is more angry than John Smedley himself, now leading Daybreak, the studio responsible for games like H1Z1 and Planetside 2. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] How To Break Into the CIA’s Cloud on Amazon

http://www.defenseone.com/technology/2015/07/how-break-cias-cloud-amazon/117175/ By Patrick Tucker defenseone.com July 7, 2015 Last year, Amazon Web Services surprised a lot of people in Washington by beating out IBM for a $600 million contract to provide cloud services and data storage to the CIA and the broader intelligence community. But more money can bring more problems. Amazon, in essence, has turned itself into the most valuable data target on the planet. The cloud is completely separate from the rest of the Internet and heavy duty encryption is keeping the spies’ secrets relatively safe from outsiders — but what about an attack from within? In 2010, Army PFC Bradley — now Chelsea — Manning explained how she stole millions of classified and unclassified government documents: “Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis.” She “listened and lip-synced to Lady Gaga’s ‘Telephone’ while exfiltrating possibly the largest data spillage in American history.” So if you wanted to pull off a similar feat at Amazon, how would you do it? First, get a job at Amazon’s Commercial Cloud Service or C2S, sometimes called the “spook cloud.” According to this help-wanted ad, applicants must pass a single-scope background investigation—in essence, the kind of detailed 10-year background check required for a Top Secret security clearance. Of course, to a savvy spy or informant, obtaining top-secret clearance is not the barrier it once was. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FS-ISAC: Remote-Access Attack Alert

http://www.bankinfosecurity.com/interviews/fs-isac-remote-access-attack-alert-i-2787 By Tracy Kitten Bank Info Security July 8, 2015 Remote-access attacks waged against smaller merchants are a growing threat, according to a cybersecurity alert published July 7. The alert was released by the Financial Services Information Sharing and Analysis Center, along with Visa, the U.S. Secret Service and The Retail Cyber Intelligence Sharing Center, which provides threat intelligence for retailers. While industry attention in late 2013 and early 2014 was focused on the large-scale RAM-scraping malware attacks that resulted in breaches at big-box retailers, including Target and Home Depot, more attention is now being paid to remote-access attacks against point-of-sale devices commonly used at smaller merchants, says Charles Bretz, director of payment risk at the FS-ISAC. The organization provides a conduit for information sharing among financial services institutions. “We are seeing a shift in the breaches of card data,” Bretz says in this interview with Information Security Media Group. Now that many of the larger retailers have implemented end-to-end encryption and tokenization, in conjunction with their rollouts of EMV-compliant POS terminals, hackers are turning their attention toward smaller retailers, he says. “Criminals continue to find success by targeting smaller retailers that use common IT and payments systems,” Bretz explains. “Merchants in industry verticals use managed service provider systems. There might be 100 merchants that use a managed service provider that provides IT and payment services for their business.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail