Tag: Black Hat

The latest dump of NSA tools means – get up-to-date with Microsoft Patches, folks!

Leave a comment

❝ UPDATE: Microsoft has patched the majority of the exploits released by The Shadow Brokers. More details can be found here, and the company recommends updating to a supported version of Windows and downloading security fixes.

The original story follows below:

❝ On Friday, the group known as The Shadow Brokers dropped the hacking equivalent of a bomb, or perhaps several bombs, giving hackers all over the world the tools to easily break into millions of Windows computers

This is bad news not just for the NSA, but for the internet as a whole, according to security researchers who are poring through the dump. As someone called it, this is “cyber chaos.”

❝ Perhaps the worst tool released by the hackers is called “FUZZBUNCH.” This is a hacking suite or toolkit that contains several plug-and-play exploits to attack several versions of Windows operating system. Some researchers described it as something akin to Metasploit, a popular open source hacking framework…

In fact, the latest Shadow Brokers dump contains several working Windows zero-days in executable (.exe) binaries with “step-by-step logs laying out how they’re used and the commands to run”…

That means that pretty much anyone, from low-level cybercriminals to so-called “script kiddies” — hackers who are only good at reusing other hackers’ tools — could repurpose them to attack Windows computers…

❝ In the meantime, you can either shut down your Windows machine or block incoming connections to port 445 and 139 with the firewall to prevent some of the attacks, according to security researchers.

❝ The leaked tools are dated around 2013, so they don’t affect modern Windows operating systems such as Windows 10. But according to Hacker Fantastic, the FUZZBUNCH framework supports all kinds of Windows systems: server versions from NT, 2000, 2003, 2008 and up to 2012, as well as the consumer versions XP, Vista, 7 and Windows 8.

I worked within the Microsoft/IBM framework for 22 years before moving to Apple’s OSX [and following mobile OS’] over a decade ago. Yeah, anything can be hacked; but, ain’t much need to make it easy.

Are you now or have you ever been…a dissident geek?

Leave a comment


Who gets to decide what’s an emergency?

With the stroke of a pen…President Barack Obama christened his country’s latest national emergency, issuing an Executive Order he said was necessary to address “an unusual and extraordinary threat” from malicious hackers abroad…

The action has been termed unprecedented. The Department of the Treasury is directed to impose sanctions on anyone judged to be involved in these cyber attacks, but the criteria for who or what could be subject to those sanctions is incredibly broad. The order states the government can target nations or individuals involved — directly or indirectly — in “cyber-enabled activities” that are “reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.” That includes, but is not limited to, anyone “causing a significant disruption to the availability of a computer” that supports critical infrastructure; “causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain”; or even simply using, receiving or otherwise benefiting from “trade secrets misappropriated through cyber-enabled means.”

Apart from dams and nuclear power plants, a 2013 administration order designated “commercial facilities” — including movie studios, casinos, hotels and shopping malls — as one of those “critical infrastructure” sectors recognized by the Department of Homeland Security.

That’s a big set of crosshairs. One can imagine a whole host of scenarios where cyber sanctions seem almost destined to be misused…

The order comes at a time of heightened cyber hysteria in Washington, with controversial bills in the Senate and House proposing “cybersecurity” measures that would give corporations a green light to share data about online threats (and consequently, U.S. citizens) with the government. Privacy advocates have heavily criticized the proposals, calling them a ploy to enable more surveillance, and security experts overwhelmingly agree that information sharing won’t significantly reduce security breaches…

Perhaps the most unsettling aspect of the order is that it’s dressed as a “national emergency,” much like the one that paved the way for the Authorization for the Use of Military Force and other anti-terrorism measures shortly after 9/11 (emergency laws which, you may recall, are still on the books more than a decade later).

With the U.S. routinely launching its own cyber attacks and economic espionage against foreign allies, that “emergency” might be here to stay.

Emergency responses can last a very long time. Sometimes they involve detention camps for citizens who are the wrong color. Congress has one of the worst track records in the world for having enough backbone and foresight to stand up to any president whose klaxon shouts “Warning, warning, Will Robinson!”

It’s not unheard of for constitutional scholars to accomodate their patriotic loyalty to scumbag agencies in our nation’s history. That’s how some of them become “role models for democracy”.

Meanwhile, you will never hear a White House spokesman mention the NSA in the same paragraph or statement itemizing malicious hackers or data thieves. Aren’t they supposed to be the Gold Standard?

Hacker figures out how to kill diabetics – takes a bow!

Leave a comment

A security researcher who is diabetic has identified flaws that could allow an attacker to remotely control insulin pumps and alter the readouts of blood-sugar monitors. As a result, diabetics could get too much or too little insulin, a hormone they need for proper metabolism.

Jay Radcliffe, a diabetic who experimented on his own equipment, shared his findings with The Associated Press before releasing them Thursday at the Black Hat computer security conference in Las Vegas.

“My initial reaction was that this was really cool from a technical perspective,” Radcliffe said. “The second reaction was one of maybe sheer terror, to know that there’s no security around the devices which are a very active part of keeping me alive.”

Increasingly, medical devices such as pacemakers, operating room monitors and surgical instruments including deep-brain stimulators are being made with the ability to transmit vital health information from a patient’s body to doctors and other professionals. Some devices can be remotely controlled by medical professionals.

Although there’s no evidence that anyone has used Radcliffe’s techniques, his findings raise fears about the safety of medical devices as they’re brought into the Internet age. Serious attacks have already been demonstrated against pacemakers and defibrillators.

I hear their next competition will be to see who can use a wifi nursery monitor to electrocute an infant.

AT&T website leaks iPad 3G email addresses

Leave a comment

Black hat hackers have exploited a security flaw on AT&T’s web servers which enabled them to obtain email addresses from the SIM card addresses of iPad 3G users.

The breach, profiled in a report by Gawker, described the event as “another embarrassment” for Apple and outlined a variety of high profile individuals whose email addresses were obtained by automated script attacks on AT&T’s web server based on their iPad 3G SIM addresses (ICC ID).

Why is this an embarrassment for Apple? Is Gawker fueled entirely by sophistry?

The publication claimed that the identifying information meant that thousands of iPad 3G users “could be vulnerable to spam marketing and malicious hacking,” while also pointing out that many users have actually already published their iPad ICC ID numbers in Flickr photos. Presumably, many of them also have public email addresses and therefore already receive spam like the rest of us.

The attack on AT&T’s web servers resulted in at least 114,000 iPad 3G users’ emails being leaked to the hackers, who were coy about wether or not they were planning to enable others to access the data. The security leak, which returned a user’s email address when their ICC-ID was entered via a specially formatted HTTP request, has since been patched.

No other information was discovered

RTFA.

Aside from predictable whines – and an icy dagger pointed straight at the heart of of dimwits at AT&T who apparently skipped the class about online security – it really does appear that the threat to iPad owners tethered to AT&T contains nothing more than an incremental increase in spam.

Flaw opens ATMs to hackers – but, no demo at Black Hat

Leave a comment

An ATM vendor has succeeded in getting a security talk pulled from the upcoming Black Hat conference after a researcher announced he would demonstrate a vulnerability in the system.

Barnaby Jack, a researcher with Juniper Networks, was to present a demonstration showing how he could “jackpot” a popular ATM brand by exploiting a vulnerability in its software.

Jack was scheduled to present his talk at the upcoming Black Hat security conference being held in Las Vegas at the end of July. But on Monday evening, his employer released a statement saying it was canceling the talk due to the vendor’s intervention.

“Juniper believes that Jack’s research is important to be presented in a public forum in order to advance the state of security,” the statement read. “However, the affected ATM vendor has expressed to us concern about publicly disclosing the research findings before its constituents were fully protected. Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack’s presentation until all affected vendors have sufficiently addressed the issues found in his research.”

In the description of his talk on the conference web site, Jack wrote that, “The most prevalent attacks on Automated Teller Machines typically involve the use of card skimmers, or the physical theft of the machines themselves. Rarely do we see any targeted attacks on the underlying software. This presentation will retrace the steps I took to interface with, analyze, and find a vulnerability in a line of popular new model ATM’s. The presentation will explore both local and remote attack vectors, and finish with a live demonstration of an attack on an unmodified, stock ATM…”

He can present it later. Missing the thrill of dazzling his peers ain’t as important as satisfying the goal of communicating security flaws to all concerned parties. Especially since Juniper participated in that decision.

‘Dark Tangent’ goes to work for Homeland Security

Leave a comment

The real sign that the White House might be finally taking cyber security seriously came in an announcement that Jeff Moss, aka “Dark Tangent” and the former hacker behind the annual DefCon hacker confab in Las Vegas, has been appointed to the Department of Homeland Security’s Advisory Council (HSAC).

He was among 16 people sworn in to the council by Homeland Security Secretary Janet Napolitano. Former CIA Director WIlliam Webster and former FBI Director Louis Freeh are also on the council, which provides advice and recommendations to the secretary. Webster is the council chair.

Moss, who lives in Seattle, says he was really surprised when he got a call about three weeks ago inviting him to join.

“I always figured that because of my associations in the past that I would be kind of out of the running for anything like this,” he told Threat Level. “DefCon started as a hacking conference . . . and I just figured that that past, in a nontraditional beginning, people wouldn’t know how to relate to that. To me it shows that they’re really looking for fresh perspectives…”

Moss says he didn’t have a clue what the Advisory Council was when he got the call to join. But he was told that DHS was looking for outside perspectives to rejuvenate the council, which had been neglected under former Secretary Michael Chertoff. The position is voluntary and runs for a term of three years.

Good for you, dude. Glad you’re not saddled with the kind of counter-culture hangups that inhibit performing a useful service for something larger than your clan.