CFP for CactusCon – March 22, 2013 in Tempe, AZ

http://www.cactuscon.com/cfp Presentations Presentations can be 20 or 50 minutes. We are looking for presentations on breaking, building, defending, and other relevant security topics. Vendor pitches will not be accepted. Workshops Workshops offer hands-on training on a specific topic. Last year’s workshops included Metasploit for Pentesters, Arduino Ethernet, and a lockpick village. Important Dates Jan 4, 2012: Submission deadline Jan 11, 2013: First round picks Jan 18, 2013: Second round picks Submit Email submissions to cfp (at) cactuscon.com. Please include the following: Name Contact Info Bio Format: 20 min presentation | 50 min presentation | workshop Title Abstract ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

Intruders hack industrial heating system using backdoor posted online

http://arstechnica.com/security/2012/12/intruders-hack-industrial-control-system-using-backdoor-exploit/ By Dan Goodin Ars Technica Dec 13 2012 Hackers illegally accessed the Internet-connected controls of a New Jersey-based company’s internal heating and air-conditioning system by exploiting a backdoor in a widely used piece of software, according to a recently published memo issued by the FBI. The backdoor was contained in older versions of the Niagara AX Framework, which is used to remotely control boiler, heating, fire detection, and surveillance systems for the Pentagon, the FBI, the US Attorney’s Office, and the Internal Revenue Service, among many others. The exploit gave hackers using multiple unauthorized US and international IP addresses access to a “Graphical User Interface (GUI), which provided a floor plan layout of the office, with control fields and feedback for each office and shop area,” according to the memo, which was issued in July. “All areas of the office were clearly labeled with employee names or area names.” An IT contractor for the unnamed business told FBI agents the “Niagara control box was directly connected to the Internet with no interposing firewall,” according to the memo, which was published Saturday by Public Intelligence. The website has an established track record of posting authentic government documents. Barbara Woodruff, a spokeswoman in the Newark, New Jersey division of the FBI, where the memo originated, said the document appeared to be authentic. The unauthorized access began in February, a few weeks after someone using the Twitter handle @ntisec posted comments indicating hackers were targeting SCADA — or supervisory control and data acquisition — systems. One tweet included a list of Internet addresses, including one that was assigned to the heating system belonging to the New Jersey business. The hack came five months before security researchers Billy Rios and Terry McCorkle blew the whistle on serious vulnerabilities in the Niagara system, which is marketed by Tridium, a company with US offices located in Richmond, Virginia. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Pentagon Spooks Want New Tools for Mobile ‘Exploitation’

http://www.wired.com/dangerroom/2012/12/dia-devices/ By Spencer Ackerman Danger Room Wired.com 12.13.12 The Pentagon wants to upgrade its spy corps. And one of its first jobs will be finding out what’s on your iPhone. If the Defense Intelligence Agency (DIA) gets its way, it’ll send an expanded cadre of spies around the world to scope out threats to the U.S. military. And it won’t just be a larger spy team, it’ll be a geekier one. The DIA wants “technical exploitation” tools that can efficiently access the data of people the military believes to be dangerous once their spies collect it. That’s according to a request for information the DIA sent to industry on Wednesday. The agency wants better gear for “triage and automation, advanced technical exploitation of digital media, advanced areas of mobile forensics, software reverse engineering, and hardware exploitation, reverse engineering, and mobile applications development & engineering.” If the DIA runs across digitized information, in other words, it wants to make rapid use of it. One of the emphasized cases here is “captured/seized media.” Think, for instance, of all the flash drives, hard drives and CDs that Navy SEALs seized during the raid that killed Osama bin Laden. Flynn wants to understand both the text they’d contain, through “automation support to enable rapid triage,” and their subtexts or metadata, using “steganography” tools to decipher coded messages and “deep analysis of malicious code/executables.” And that’s on top of “deep hardware exploitation of complex media with storage capacity” and reverse-engineering tools “to discover firmware artifacts.” […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Security Researcher Compromises Cisco VoIP Phones With Vulnerability

http://www.darkreading.com/threat-intelligence/167901121/security/attacks-breaches/240144378/security-researcher-compromises-cisco-voip-phones-with-vulnerability.html By Brian Prince Contributing Writer Dark Reading Dec 13, 2012 A researcher has demonstrated how Cisco Voice-over-IP (VoIP) phones can be hijacked and turned into listening devices. At the Amphion Forum this month, Columbia University grad student Ang Cui demonstrated how networked printers and phones can be abused by attackers. The forum, held in San Francisco, is produced by Mocana, which makes security software for non-PC devices that connect to the Internet. “The attack I demonstrated is caused by the multiple vulnerabilities within the syscall interface of the CNU [Cisco Native Unix] kernel,” Cui tells Dark Reading. “It is caused by the lack of input validation at the syscall interface, which allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP [Digital Signal Processor], buttons, and LEDs on the phone. The attack I demonstrated patches the existing kernel and DSP in order to carry out stealthy mic exfiltration.” As part of the demonstration, Cui inserted and removed a small external circuit board from the phone’s Ethernet port — a move he asserted could be accomplished by someone left alone inside a corporate office for a few seconds. He then used his own smartphone to capture every word spoken near the VoIP phone, even though it was still “on-hook.” […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

Defense Contractors Don’t Want to Say When They’ve Been Hacked

http://www.motherjones.com/politics/2012/12/defense-contractors-hacked By Dana Liebelson Mother Jones Dec. 13, 2012 In 2009, it came to light that hackers had successfully broken into the most expensive Pentagon weapons program of all time, the F-35 fighter jet, by gaining access to computers allegedly belonging to the defense contractor BAE Systems (the contractor part came out later). There had “never been anything like it,” one unnamed official told the Wall Street Journal. The intruders were later confirmed to be Chinese spies, and lo and behold, in 2012 China rolled out a stealth fighter that looked suspiciously like the F-35. Was it a coincidence? It took several years for all of the details of the F-35 breach to be unearthed. (The first hack took place in 2007, wasn’t publicly reported until 2009, and BAE Systems’ alleged role didn’t come out until 2012.) But a new amendment to the defense budget, introduced by Sen. Carl Levin (D-Mich.), would prevent contractors from not disclosing when they’ve been hacked. The amendment would require defense contractors to report to the Pentagon when spies and hackers successfully scale their firewalls. And the contractors don’t appear to be happy about it. Some of the contractors’ grievances were aired in Politico on Monday. Trey Hodgkins, a senior vice president at TechAmerica, a trade association, said that contractors are already participating in a voluntary information-sharing program, and they “are likely to fight the change.” Mother Jones contacted four major defense contractors: KBR, Lockheed Martin, BAE Systems, and L-3 Communications. Only Jennifer Allen, a spokesperson for Lockheed Martin, responded—with a non-comment comment. “We are reviewing the cybersecurity amendment in the recently passed Senate version of the defense authorization bill, and will watch it closely,” she said. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail