security

483 Articles

New WPA TKIP Attack

November 9, 2008 by 7 Comments

wifibox

[Martin Beck] and [Erik Tews] have just released a paper covering an improved attack against WEP and a brand new attack against WPA(PDF). For the WEP half, they offer a nice overview of attacks up to this point and the optimizations they made to reduce the number of packets needed to approximately 25K. The only serious threat to WPA so far has been the coWPAtty dictionary attack. This new attack lets you decrypt the last 12 bytes of a WPA packet’s plaintext and then generate arbitrary packets to send to the client. While it doesn’t recover the WPA key, the attacker is still able to send packets directly to the machine they’re attacking and could potentially read back the response via an outbound connection to the internet.

[photo: niallkennedy]

[via SANS]

Voting Roundup

October 29, 2008 by 31 Comments

[youtube=http://www.youtube.com/watch?v=0Q9NSVUu8nk]

With the election coming up in less than a week, voting machine security (or the lack thereof) is critical, especially with the popularity of early voting this year. While we’ve previously discussed voting machine insecurities, it looks like the problems haven’t been fixed, and in some cases, it’s escalated. Voters in states like West Virginia and Tennessee have complained about voting machines “flipping” their votes, even after they were recalibrated as in the video above. Voters have been advised to avoid voting straight Republican or Democratic tickets, to avoid the likelihood of their votes being flipped. What if you actually do want to vote a straight ticket? Video the Vote is an organization that advises documenting as much of your voting process as possible. Other ways you can protect your vote include voting absentee so that a paper trail is available, and refusing to accept provisional ballots, which are often thrown out. After seeing videos of ROM swapping and finding out that the locks can be opened with hotel minibar keys, we’re waiting to see what’s going to fail this year… and voting absentee.

Default Password Network Scanning

October 13, 2008 by 15 Comments

Midnight Research Labs has just published a new tool. Depant will scan your network and check to see if services are using default passwords. It starts by performing an Nmap scan to discover available services on the network. It organizes these services by speed of response. Using Hydra it does brute force password checking of these services with a default password list. The user can supply an alternate list for the first phase or an additional list to be used in a followup check. Depant has many different options for configuring your scan and will certainly help you find that rogue piece of hardware on your network that someone failed to set up securely.

Palin Hacking Roundup

October 9, 2008 by 49 Comments

[youtube=http://www.youtube.com/watch?v=Ps71T3EcyWs]

[David Kernell], the 20-year-old son of Democratic politician [Mike Kernell], turned himself in for hacking into Vice Presidential nominee Governor [Sarah Palin]’s Yahoo! email account. He was indicted on one felony count of violating the 1986 Computer Fraud and Abuse Act. Although the charge would normally be a misdemeanor, the indictment invokes another statute, the Stored Communications Act to beef up its claim. Some lawyers are of the opinion that the U.S. Department of Justice overreached in charging [Kernell] with a felony. They claim that the government’s justification is flawed and relies on “circuitous logic”. [Kernell] has been released without bond, and instructed not to have any contact with [Governor Palin], her family, or any witnesses to the case. If convicted fully, he faces a maximum sentence of five years in prison and a fine of up to $250,000. We also discovered that this isn’t [Kernell]’s first time in trouble. In high school, he received detention for guessing the password of the school server and obtaining access to some lesson plans.

ATM Skimmers With SMS

October 7, 2008 by 40 Comments

You may want to be more careful where you put that ATM card. There are now ATM skimmers with SMS notification. ATM skimmers are placed over real ATM slots and the information off the cards as they’re inserted. The new models will send the skimmed information via SMS notifications to a phone that’s attached to a computer. This solves the problem of scammers needing to retrieve their skimmers without attracting the attention of police. ATM skimmer manufacturers have so far been really successful because of their commitment to security, from the paint they use to cover their skimmers to their exclusive clientele. The manufacturer of this particular model claims that none of their clients who’ve used this new ATM skimmer has been arrested, and they only accept business from “recommended” clients. We think it’s interesting and ironic how these criminals have adapted their security procedures to deal with institutions we wish were more secure.

Yahoo! Employee Accused Of Involvement With Terrorists

October 7, 2008 by 15 Comments

[Mohammed Mansoor Asghar Peerbhoy], a software engineer at Yahoo!’s Indian facility, has been accused of involvement with one of India’s most-wanted terrorist organizations, the Islamic Mujahideen. According to investigators, [Peerbhoy] wrote and sent emails just before and after terrorist attacks in Delhi, Ahmedabad in Gujarat, and Jaipur in Rajasthan. [Peerbhoy] makes an unlikely suspect; he visited the U.S. on several occasions for work without suspicion, but authorities claim that he was a “mastermind” who hacked into wireless internet sites to send hostile emails. The local community and his family have rallied around [Peerbhoy], calling the arrest an attempt to “defame the Muslim community”. There are also claims that his arrest, and other similar arrests, were made to soothe political pressures and not based on any factual evidence.

[photo: josemurilo]

Helix V2.0 Released

October 2, 2008 by 20 Comments

Helix 2.0 has been released.  Helix is a collection of various tools for electronic forensics.  Just like on TV, you can use this to find all kinds of information on a computer.  Some of the useful tools added were Winlockpwn a tool for breaking windows security, Volitility which processes data out of the raw memory, and several other tools that are beyond our comprehension.

You’ve undoubtedly noticed that the title says Helix V2.0, but the image and header of the Helix site say 3.  We have no idea why. Look at the download info to see that it says V2.0.

[Via Midnight Research labs]