Archive for the ‘Uncategorized’ Category

« Older Entries
Newer Entries »

Operation Avenge Assange

Friday, January 7th, 2011

The last few days wikileaks has been one of the hottest topics of the Internet world.

After WikiLeaks released a secret cable listing sites worldwide, that the U.S. considers critical to its national security,  it was targeted by DDoS attacks.
A few days later Julian Assagne was accused for the rape of two Swedish women. Many people think that both the DDoS attacks and the rape accusation are coordinated by the U.S.  In addition U.S. government persuaded Paypal to stop taking payments from wikileaks. While visa and MasterCard also stopped accepting payments from wikileaks.

All the above facts made many people suspicious and worried about the freedom of speech in the World Wide Web. As a result the Operation Payback group is targeting principals it considers responsible for the wikileaks hunt and Assagne’s (fake!?) rape case.

Since today the following websites has been attacked:

PostFinance postfinance.ch 2010-12-06
Swedish Prosecution Authority aklagare.se 2010-12-07
EveryDNS everydns.com 2010-12-07
Joseph Lieberman lieberman.senate.gov 2010-12-08
MasterCard mastercard.com 2010-12-08 10:30 UTC
Borgstrom and Bostrom advbyra.se 2010-12-08
BILD (not confirmed) bild.de 2010-12-08 19:30 UTC
Visa visa.com 2010-12-08 21:00 UTC
Sarah Palin sarahpac.com 2010-12-08
Paypal paypal.com 2010-12-09 02:50 UTC
Amazon amazon.com 2010-12-09 23:00 UTC

Those attacks are made using a “voluntary” bot-net. Users can join the bot-net with their PC using a modified version of the Low Orbit Ion Cannon (LOIC). Actually running this modified LOIC makes your PC a bot of the bot-net and (rumors say) 10 hacktivists (probably the coordinators) set the bot-net to target a site.  The site to be targeted is chosen after conversations in irc://irc.anonops.net at channel #OperationPayback. Any user disagreeing with an attack can log out from the bot-net at any time.


Tags: , , , , , , ,
Posted in Uncategorized | No Comments »

The man behind Mega-D botnet arrested

Tuesday, December 7th, 2010

Last week FBI has arrested the man that is believed to be behind the Mega-D botnet, one of the most renowned botnets, that was supposed to cause one third of total worldwide spam on the internet at a time. The name of the man is Oleg Nikolaenko, a Russian who was arrested at his last visit in the United States of America.

The first clue that Nikolaenko was behind Mega-D was given since a fake Rolex dealer, Jody Smith, was arrested. After Jody Smith, FBI arrested Lance Atkinson, an Australian fake medicine dealer who admitted he paid nearly half a million dollars to a third party known only as “Docent” for spam advertising. It is claimed that Oleg Nikolaenko took millions of dollars from companies looking to advertise fake products like fake Rolexes. After investigation agents found email accounts involved in the payment chain belong to Nikolaenko. In one of these Nikolaenko had the necessary command and control files for the Mega-D botnet.

Nikolaenko is supposed to run Mega-D since 2007. Mega-D spam has been reduced over the last months, and its servers are found non-responsive, but this has happened due to large interest of researchers and authorities.

Finally FBI arrested Nikolaenko at the Speciality Equipment Market Association (SEMA) car exhibition in Las Vegas for offences under the CAN-SPAM Act.

Tags: , ,
Posted in Uncategorized | No Comments »

HDCP Cracked !(?)

Sunday, November 28th, 2010

HDCP is a content protection scheme designed to eliminate the possibility of intercepting encrypted high definition digital data midstream between the source and the display, developed by Intel Corp. It prevents copying of digital audio and video content as it travels across the DisplayPort, DVI, HDMI, GVIF or UDI etc. connections. HDCP uses a three-stage protection process:

  • Device Authentication and Key Exchange
  • Encryption of Content
  • Key-revocation procedures

In 2001, before the HDCP deployed in any commercial product, a paper revealing cryptanalysis flaws published. According to this paper the linear key exchange is a fundamental weakness and the key swap can break with conspiracy attack (obtaining keys of 39 devices and reconstructing the secret master matrix).

On September 14th 2010, hackers posted in pastebin a HDCP Master Key! The key that protects million of devices and media contents, such as Blu-ray, against redistribution. After 2 days, Intel confirms the authenticity of the key and a few days later a programming group releases an open-source C implementation of the HDCP encryption/decryption algorithm, not very efficient as HDCP designed for hardware, which works and verifies that the leaked key is correct.

But,is this the end of HDCP ?

What we can really do with this master key is to derive keys for devices that do work with the keys produced by Intel’s security technology. Also, theoretically, a nefarious user can capture,decrypt and reproduce media travelling across HDMI cables from one device to another. But the most realistic scenario is to build ‘fake’ devices without Intel’s fees and standards. For example a China’s manufactory can produce Blu-Ray players or repeaters-recorders, capable of connecting in genuine HD-TVs , using the leaked master key, without any aprovement from Intel. Intel on the other hand, declares that need a lot of experience and money to accomplish that and in combination with legal threats against possible frauds HDCP remains and effective component for protecting digital entertainment.

Tags: , , ,
Posted in security news, Uncategorized | No Comments »

3rd Summer School on Network and Information Security (NIS’10)

Friday, August 6th, 2010

13-17 September 2010, Heraklion, Crete, Greece

Call for Participation

The European Network and Information Security Agency (ENISA) and the Institute of Computer Science (ICS) of the Foundation for Research and Technology – Hellas (FORTH) invite you to the jointly organised 3rd ENISA-FORTH Summer School on Network and Information Security (NIS’10).

The “Future Internet” promises an exciting new world of services and capabilities: Devices that will  automatically exchange information to facilitate users, services that transparently and seamlessly combine information from different and multiple sources, protocols and systems that are able to handle complex interactions. At the same time, however, concerns about privacy and security increase for individuals, organizations, and the society in general. This gives rise to a number of question such as where should responsibility be placed and how should solutions be enforced and verified in a world of complex infrastructures and services?

Following the success of NIS’08 and NIS’09, the 3rd edition of the Summer School on Network and Information Security (NIS’10) will cover topics that address legal, technical, and policy issues in this emerging world. The Summer School aims to provide a forum for experts in Information Security, policy makers from EU Member States and EU Institutions, decision makers from the industry, as well as members of the research and academic community, for interacting on cuttingedge and interesting topics in NIS.

Keynote Speakers

  • Dr. Jorgo Chatzimarkakis, Member of the European Parliament, EU
  • Dr. Silvia Adriana Ticau, Member of the European Parliament, EU
  • Mr. Mario Campolargo, Director of the Emerging Technologies and Infrastructures, DG INFSO, European Commission, EU
  • Mr. Bruce Schneier, Chief Security Technology Officer of BT, UK
  • Mr. Mikko Hypponen, Chief Research Officer, F-Secure, FI
  • Mr. Peter Hustinx, Supervisor, European Data Protection Supervisor, EU

Steering Committee

  • Dr. Udo Helmbrecht, Executive Director of ENISA, EU
  • Prof. Constantine Stephanidis, Director of FORTH-ICS, GR, Member of ENISA Management Board

Venue

NIS’10 will take place in Hersonissos, Crete, Greece. Hersonissos is a small town approximately 30km from Heraklion and its airport. For instructions of how to get to the conference venue, please visit the travel information section on the NIS web page. The venue of the Summer School is Aldemar Knossos Royal Village. Aldemar Knossos Royal Village hotel is a magnificent resort located on the north coast of the island of Crete in Hersonissos.

Online resources

Posted in Uncategorized | No Comments »

Adobe Reader uses sandbox tech to block attacks

Wednesday, July 21st, 2010

News link:Click me

Adobe’s popular PDF viewer, Adobe Reader, always attracts large amount of hackers who try to exploit its vulnerabilities. Some reports found that Adobe Reader is at the top list for having the most exploits for web-based attacks. Now, the company wants to “turning to sandboxing technology designed to isolate code from other parts of the computer.” A “protected mode” will be added to the Adobe Reader for Windows which will be enabled by default and release later this year. Because of minor attack against Macintosh system, there is no plan to implement this feature to Mac OS yet.

Several changes will be made due to sandbox mechanism. The PDF processing will be confined, such as executing JavaScript, parsing JPEG image etc. Application running in the Adobe Reader will not be able to communicate with the operating system any more. “This is an additional layer of defense that will help protect users in case they encounter a malicious or corrupted PDF.” said Brad Arkin, the director of product security and privacy of Adobe. The new feature could limit the number of exploits, but not all of them. Some attacks like phishing and weak cryptography still exist.

Some experts believe that Sandbox can not prevent code execution vulnerability, but it makes attacks much hard to success. With Sandbox, the attackers need to find vulnerability in both programs, Reader and Sandbox.

Posted in Uncategorized | No Comments »

Spy on BitTorrent users in real-time

Friday, May 21st, 2010

In a paper presented at the Usenix Workshop on Large-Scale Exploits and Emergent Threats researchers devised a way to monitor BitTorrent users. By monitoring the users they accomplished to create a list of ip-addresses of individuals and track the content they are sending and receiving.

In that paper the researchers demonstrated the technique to continuously spy on BitTorrent users for 103 days. They collected 148 million IP addresses and identified 2 billion copies of downloads, many of them copyrighted.

From this research most important is that identified the IP addresses where much of the content originated. This means that the individuals that creating the torrent files are few. Therefore, the question is why the anti-piracy groups try to stop millions of downloaders instead of a few content providers.

Posted in Uncategorized | No Comments »

Social networks give users’ data to advertisers

Friday, May 21st, 2010

Across the web, its common for advertisers like Google Inc.’s DoubleClick and Yahoo Inc.’s Right Media, to receive the address of the page from which a user clicked on an advertisement. They receive nothing more than an incomprehensible string of letters and numbers that can’t be used to retrieve users’ information.

However, with social networking sites, those addresses include data which advertisers can use to look up individual profiles and discover users’ personal information and interests, contrary to their privacy policy and their promises they don’t share such information without consent.

After Wall Street Journal’s questions, Facebook and MySpace moved to make changes to stop the handover.

“If you are looking at your profile page and you click on an advertisement, you are telling that advertiser who you are”, an assistant professor at Harvard Business School said.

See the graphic about Internet sites that share information that could be tied to individual profiles.

Source: The Wall Street Journal

Tags: , ,
Posted in Uncategorized | No Comments »

Google Street View cars stealed information from WiFi Networks

Monday, May 17th, 2010

Google announced 3 days ago it had accidentally picked up on Wi-Fi data while taking photos for Google Maps’ Street View feature.

It used the cars to capture videos through the panoramic cameras and on the move it caught the SSIDs and MAC addresses that identified networks and devices. It didn’t know that as it was taking pictures, the camera system collected ‘useful’ data from Local WiFi Networks. This information which are collected are used to improve the location based services.

(more…)

Posted in Uncategorized | No Comments »

McAfee Faulty Update

Monday, April 26th, 2010

A recent security update for McAfee Antivirus made systems reboot abnormally or loose network access for extended periods of time, causing a lot of damage to hospitals, companies and schools that used this particular anti-virus. The bugged update only affected computers running Windows XP Service Pack 3 and caused them running in a reboot loop or loosing network access. The problem was caused by a virus definition file, which misinterpreted a vital system file (svchost.exe) as a virus and quarantined it, causing the system not to work properly and eventually rebooting. McAfee immediately removed the faulty update file from their servers preventing any further impact.

(more…)

Posted in Uncategorized | No Comments »

iPad Jailbreak accomplished

Saturday, April 17th, 2010

After 24 hours of the iPad’s official release, the “usual suspects” already gained root access to iPad.  Jailbreak is a method of hacking an iPhone, iPod, iPad to install non-Apple-approved programs and run system hacks.

(more…)

Posted in Uncategorized | No Comments »

« Older Entries
Newer Entries »