Your headphones are leaking… personal data

April 21, 2017 under all posts

Your headphones are leaking... personal dataLeading US audio equipment company Bose has been taken to court for allegedly using its smartphone application to collect personally identifiable information on users. Having harvested the listener’s personal details through its Bose Connect app, it is apparently selling on the data to third parties.

Most people won’t be too concerned about having their taste in music – however dubious – broadcast to all and sundry, though they may object to the general principle of personal data being sold on unbeknownst to them. However, the complainant makes the valid point that someone listening to Islamic prayers through their Bose headphones could be, correctly or incorrectly, identified as Muslim – which might have an impact on their right to privacy within the current political climate.

Ironically for a company that makes its living from audio, Bose is keeping stumm on this.

Read more at http://www.ibtimes.co.uk/your-premium-bose-headphones-may-be-spying-you-1617747

Share
comments: Closed tags: , , , , ,

Fake URLs hide in plain sight

April 21, 2017 under all posts

Fake URLs hide in plain sightA security researcher has brought new attention to an old way for scammers to lure unsuspecting internet users onto bogus sites. The secret lies in the use of the Unicode computer text handling system.

While Unicode offers the benefit of standardising text across most of the world’s writing systems, it also has the potential to allow malicious actors to create fake URLs by using characters in other alphabets that look similar to Latin ones. The problem stems from the fact that the global network’s addressing system was built entirely on English – and the Latin script that goes with it. Through some rather hasty work-arounds engineers created codes which were used in place of letters, to allow for a wider variety of symbols in addresses – Unicode was born.

The reaction from the leading web browsers to the researcher’s proof-of-concept domain has been varied. Apple’s Safari and Microsoft’s Edge both succeeded in detecting the spoof domain, whereas Google’s Chrome and Mozilla’s Firefox failed to pick up on the phoney URL. The Chrome team is taking steps to fix it, but Mozilla has dismissed it as an Apple problem.

To insure against this problem, also known as ‘homograph attacks’, it has been suggested to use a password manager and keep on the lookout for potential phishing attacks before clicking on any links. If in doubt, the recommendation is to type in URLs manually or navigate to the site via a search engine.

Read more at https://www.theguardian.com/technology/2017/apr/19/phishing-url-trick-hackers

Share

InterContinental hack worse than first thought

April 21, 2017 under all posts

Intercontinental hack worse than first thoughtUK-based hotel group InterContinental (IHG), the world’s second largest hospitality business, has discovered that the malware attack it suffered in autumn 2016 has affected more than a fifth of its 5000 plus properties – rather than the mere dozen or so it initially announced in February. The attack infected cash registers with malicious malware designed to steal customer debit and credit card data.

IHG was quick to claim that rapid implementation of its Secure Payment Solution (SPS) has limited the damage and that the malware has been eradicated across its estate – which includes Holiday Inn, Crowne Plaza, Kimpton and Staybridge Suites. However, according to cybersleuth Brian Krebs, some of InterContinental’s franchises have so far declined the offer of a forensic health check, meaning the true number could be much higher. Customers have been advised to check their payment card statements for any rogue activity.

These types of hacks are by no means rare, in recent years many hotel chains have been the targets of malware designed to filch sensitive credit card information from guests. Interestingly, Trump Hotels is one of several other high-profile hospitality chains to attract unwelcome attention from hackers in recent times. We wonder why.

Read more at http://www.ibtimes.co.uk/over-1200-intercontinental-hotels-infected-payment-card-stealing-malware-1617851

Share

Brickerbot malware damages IoT devices

April 18, 2017 under all posts

Brickerbot malware damages IoT devicesAn unpleasant new strain of malware capable of destroying unprotected devices linked to the Internet of Things is now in circulation.

Cyber security firm Radware has identified that the malware, known as BrickerBot.1 and BrickerBot.2, forces its way into IoT systems through configuration errors in the firmware, meaning a simple change of password won’t afford much protection. It then performs a series of Linux commands aimed at corrupting the device’s flash storage and disrupts settings in the kernel at the heart of the operating system – damaging the device’s internet connectivity and wiping all files. Due to its destructive nature, Radware views this as a Permanent Denial of Service (PDoS) attack.

Unlike most hacks, it appears that this is pure vandalism; as the attacker gains no material or strategic benefit from the attack. It does, however, once again highlight the inherent fragility of IoT devices – and its destructive and arbitrary nature could herald far worse things to come.

Read more at http://www.ibtimes.co.uk/brickerbot-new-malware-permanently-damages-internet-things-devices-1616026

Share
comments: Closed tags: , , , , ,

New Samsung operating system fails security tests

April 18, 2017 under all posts

New Samsung operating system fails security testsSouth Korean multinational conglomerate Samsung has had its fair share of problems recently. Apart from its phones catching fire and its boss winding up in jail, it seems that the vulnerabilities in its smart TVs, phones and watches are getting worse rather than improving.

Israeli researcher Amihai Neiderman has identified as many as forty zero-day vulnerabilities in its Tizen operating system, which runs on millions of Samsung products – including its soon-to-be-launched smart fridges and washing machines. Neiderman claims that the code is badly written and easy to hack – going as far as likening it to the work of a graduate intern rather than a doyen of Samsung’s product development team (which one would expect to be involved in this size of project).

Samsung states that has been in touch with Neiderman and is keen to work with security experts around the world to improve any flaws in its systems.

Read more at https://motherboard.vice.com/en_us/article/samsung-tizen-operating-system-bugs-vulnerabilities

Share

Leaked CIA hacking tools used around the world

April 18, 2017 under all posts

Leaked CIA hacking tools used around the worldCyber security firm Symantec has used the latest Vault 7 revelations from WikiLeaks, which reveal some of the CIA’s tools and modus operandi, to deduce that forty hacks in sixteen different countries are attributable to the US intelligence agency.

Symantec believes that a group they refer to as Longhorn is a covert CIA hacking team which has infiltrated targets in government, financial, telecoms, energy, aerospace, education, and natural resources sectors in countries across the Middle East, Europe, Asia and Africa. While the CIA is prohibited from any surveillance operations in the USA, it seems that one homeland computer was also briefly infected. Rather amusingly, the investigation has also uncovered Longhorn’s working patterns – which match the Monday to Friday office hours of any old company. You can just about imagine CIA hackers donning the obligatory black hoodie upon arriving at the office.

By linking real world attacks to the CIA tools, tactics and timelines revealed by WikiLeaks, Symantec has built up strong circumstantial evidence to support its claims – in answer to the question ‘who spies on the spies?’

Read more at https://motherboard.vice.com/en_us/article/cias-alleged-hacking-tools-now-linked-to-40-hacks-around-the-world

Share
comments: Closed tags: , , , , ,

The siren call of infrastructure hacking

April 18, 2017 under all posts

The siren call of infrastructure hackingAlarm bells are ringing in Dallas over a recent hack – literally. Infrastructure hacks are becoming more common in the US and can take many forms, but in this case hackers, whose identity and motivation remains unknown, set off all 156 Dallas emergency sirens late one recent night – a sound normally reserved for tornados and other emergencies.

The system uses radio communication rather than the Internet, so the attackers either managed to manipulate the radio communication or gain control privileges. To achieve this they would have needed radio frequencies, code formats and specific five to eight-digit codes.

While loss of sleep and jamming of the city’s emergency response lines were the only consequences of this attack, the incident does highlight a growing trend in infrastructure hacks – and the potential to compromise more serious targets such as water and sewage systems, power plants and motorway controls.

Read more at https://www.wired.com/2017/04/dallas-siren-hack-wasnt-novel-just-really-loud/

Share
comments: Closed tags: , , , ,

Hackers steal an entire bank

April 10, 2017 under all posts

Hackers steal an entire bankWhen it comes to robbing a bank, the days of stocking masks and sawn-off shotguns are long gone. Nowadays, it is possible to hijack a bank’s entire online operations from the comfort of your swivel chair.

On a Saturday afternoon in October 2016, a team of ingenious cyber bank robbers seized control of a major – but as yet unnamed – Brazilian bank. They achieved this by changing the Domain Name System (DNS) registrations of all the bank’s online properties and commandeered its desktop and mobile website domains to take users to phishing sites which were perfectly set up to match the official sites.

In other words, anyone visiting the bank’s website URLs were redirected to lookalike sites – which even had valid HTTPS certificates issued in the name of the bank. This allowed them to steal login credentials at sites hosted at the bank’s legitimate web addresses. It is possible that the account details of millions of bank customers have been harvested.

Half of the world’s leading banks don’t manage their own DNS, instead delegating them to hackable third parties. Installing a registry lock and two-factor authentication would go a long way towards preventing this kind of well-executed heist – but even that may not be enough to protect an institution from such a crack team of audacious hackers.

Read more at https://www.wired.com/2017/04/hackers-hijacked-banks-entire-online-operation/

Share

North Korean cyber army continues its march

April 10, 2017 under all posts

North Korean cyber army continues its marchIt looks increasingly likely that the massive attack on the Bangladesh Central Bank via the Swift payment transfer system just over a year ago was the work of state-sponsored North Korean hackers – or ‘information soldiers’ as they are known in Pyongyang.

While in this instance they ‘only’ managed to scoop $81m of their targeted £900m, North Korea’s cyber army is viewed as an increasingly sophisticated international threat – preying on banks, finance and trading companies, casinos and crypto-currency firms. And whilst not all operations are quite as successful as the Swift/Bangladesh Central Bank one, the group does continuously manage to steal millions of dollars across its numerous attacks.

The hackers, code-named Lazarus, have also been linked to previous attacks on Sony Pictures and Polish banks. In the UK, BAE Systems estimates that Lazarus has targeted at least seven British banks, alongside many more in the US, Poland and Mexico. Its toolkit is believed to be extensive and varied, giving it the potential to deliver malicious tools, exfiltrate data and launch destructive attacks. A crucial identifier of their operation is their ability to completely wipe disks, making their attacks all the more damaging – and the tracing of their activities more difficult.

Read more at http://www.ibtimes.co.uk/north-korean-worldwide-hacking-rampage-steals-millions-casinos-banks-1615271

Share
comments: Closed tags: , , , ,