The QR code vulnerability is patched but Google Glass still has security problems

Subject: General Tech | July 19, 2013 - 02:00 PM |
Tagged: google glass, security, wifi

The originally reported vulnerability was based around a specially designed QR code causing Google Glass to connect to a WiFi network not of the owners choosing which would allow monitoring of data flowing to and from the effected Google Glass device.  While this issue was indeed patched there you still need to be aware that connecting to random WiFi can be a big security risk thanks to an unpatched spoofing bug effecting essentially all browsers.  As The Register reminds everyone, unless you are at least encrypting your traffic or using a VPN your data transmission should not be considered secure.

images.jpg

"AUGMENTED REALITY EYEWEAR Google Glass is still vulnerable to attacks via connected WiFi networks allowing hackers to capture user data sent from the device, security firm Symantec has said, despite Google having quietly patched the eyewear last month."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Secure your dongle with Addonics

Subject: General Tech | July 8, 2013 - 02:09 PM |
Tagged: security, encryption, addonics, CipherUSB

The interface is pretty ugly but the Addonics CipherUSB is incredibly easy to use and is effective at folder level and disk level encryption.  With the dongle on your machine you can encrypt internal and external disks which can then only be accessed when a similarly set up dongle and a password if you selected the option to require one.  It uses AES256 ECB or CBC encryption, the standard when it comes to encryption and setup and usage are incredibly easy though there are a few minor flaws on the CipherUSB.  Head over to Techgage for the review and a great overview of encryption in general.

TG_Addonics-CipherUSB.jpg

"As important as data encryption can be for the home user, it’s even more imperative in the enterprise. The problem? The most effective measures are usually cast aside in lieu of something a little easier to deal with. With the CipherUSB, Addonics hopes to bring “simple” and “most effective” together as one. Does it succeed?"

Here is some more Tech News from around the web:

Tech Talk

Source: Techgage

Tag teaming malware, just what everyone needs

Subject: General Tech | July 3, 2013 - 01:16 PM |
Tagged: Vobfus, Beebone, Malware, security

Vobfus has been around the block a few times, some Visual Basic code that first popped up in 2009 which tried to download and install code to attack machines that managed to get Vobfus on their systems.  Beebone, aka Win32/Beebone is newer, a fairly common Trojan infection which is similar to Vobfus in that it attempts to download other malware as opposed to attacking your machine directly.  According to this story on The Inquirer, they have developed a symbiotic relationship, where when one infects you it immediately tries to infect you with the other.  That way it can fool anti-malware programs into beleiving that they've sanitized your machine of all infections when in fact you only remove one of the two infections and the remaining one immediately downloads and installs a different variant of the one you just removed.

rkill.jpg

"SOFTWARE HOUSE Microsoft's security researchers have discovered a pair of malware programs that help one another to avoid being detected by antivirus software.

Known as Vobfus and Beebone, the collaborating malware prove difficult to remove from infected machines as they work together, foiling the removal by regularly downloading updated versions of their respective partners."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Beware the click-jacking Captcha of Evil!

Subject: General Tech | July 2, 2013 - 01:29 PM |
Tagged: Malware, IE10, chrome, security

Just in case you weren't already getting tired of captchas there is a new click-jacking technique which works on both IE9 and 10 in Windows 7 and also on Chrome for Windows 8 so for the time being you might want to avoid any captchas that begin with an 'R'.  The new Smartscreen features on Win8 as well as UAC should give you at least some defense and require you to allow the exectuable to run and infect your machine but you can be guaranteed that some less observant users will click straight through without reading the messages which appear.  While this type of attack is nothing new, the particular technique mentioned at The Register does have some new tricks.

CAPTCHA.jpg

"A security researcher has discovered a sneaky social engineering trick that might be used to disguise the go-ahead to run hostile code on Windows 8 machines.

The so-called keyjacking technique, uncovered by Italian security researcher Rosario Valotta, is similar to clickjacking. However, instead of fooling marks into generating fake Facebook likes, the keyjacking involves disguising a "run executable" dialogue box within a CAPTCHA challenge."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Beiber can be used for evil

Subject: General Tech | May 29, 2013 - 02:31 PM |
Tagged: cell phone, security, fud

If you are feeling safe and secure using your cellphone in public, some research out of the University of Alabama will shatter that confidence for you.  It seems that it is possible to use sound as a trigger to activate malware from a distance, even over low quality speakers.  You already know about Shazam and other apps you can use to identify songs simply by holding up your cellphone and have it successfully connect to a remote database to get the song data, even in a loud room.  This research shows that a previously infected phone could have dormant malware installed which can be remotely activated simply by music with a hidden message contained within it, inaudible to human ears.  Pair this with the known Autoconnect to Saved WiFi Profiles vulnerability and your phone could very easily start leaking information you would much rather keep private.   Follow the links from The Register to read the research paper and reactions to it.

shazam-iphone-android-app1-209x300.jpg

"Security researchers have discovered that specific music, lighting, vibrations or magnetic fields could all be used as infection channels to trigger the activation of mobile malware on a massive scale.

The paper, titled Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices, was presented in the eastern Chinese city of Hangzhou earlier this month by researchers at the University of Alabama at Birmingham (UAB)."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Careful connecting to those pub WiFis

Subject: General Tech | May 24, 2013 - 05:53 PM |
Tagged: cell phone, security, wifi, PNL

A security expert recently reminded people that the Preferred Networks List Bug which was identified in 2004 has only ever been addressed by Microsoft.  All other mobile OSes, from Apple to BlackBerry can accidentally expose their PNL to an eavesdropper who can then spoof it.  If you like setting up autoconnect on your devices you might want to double check the name of your active connections occasionally; if you are connected to your home WiFi while you are out you might have a problem.  Catch more at The Register.

war_standing.png

"Security expert Raul Siles has warned that years after it was first identified, the Preferred Networks List (PNL) Wi-Fi bug remains unaddressed on many an iPhone, Android phone, and Windows or BlackBerry handset."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

McAfee picks up Stonesoft, Intel continues to focus on network security

Subject: General Tech | May 7, 2013 - 03:16 PM |
Tagged: stonesoft, security, purchase, mcafee, Intel

A small security firm called Stonesoft was acquired by Intel, or rather McAfee, for just under $400m.  They provide not only software and services but actual network appliances which utilize their proprietary Stonesoft Security Engine to provide secure connectivity.  This makes a lot of sense when you think back on Intel's statements when purchasing McAfee, they are not interested in only providing security at the software level but are interested in moving to the hardware level.  You can find out a bit more at The Inquirer.

logo.png

"SECURITY VENDOR McAfee has bought software security firm Stonesoft to add to its range of network security products.

McAfee, which is owned by Intel, is one of the biggest security vendors but has so far been focused on end-point products such as anti-virus and firewall software that runs on consumer PCs. Now the firm has made a move to go deeper into the network, buying security software vendor Stonesoft for $389m in cash."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

Java Releases Patch Addressing Vulnerability Used By McRat Trojan

Subject: General Tech | March 5, 2013 - 06:26 AM |
Tagged: security, patch, mcrat trojan, Java, exploit

Java developer Oracle recently released a patch to its Java Platform Standard Edition client to address two exploits used by attackers to install the McRAT trojan onto users machines. Specifically, Oracle is issuing the patch for vulnerabilities CVE-2013-1493 and CVE-2013-0809.

Java Logo.jpg

 

The vulnerabilities were related to Java running in a web browser. When users visit a malicious web site with vulnerable versions of Java installed, attackers are able to remote execute the McRAT trojan. That trojan was subsequently used to download additional malware to further compromise the machines in question. According to Oracle, the vulnerability was first discovered on February 1st, 2013 but did not make it in time to be rolled into that month’s scheduled update. As a result, Oracle slated it for inclusion in the Java platform update on April 16, 2013, but reconsidered after seeing exploits using these vulnerabilities in the wild. While servers and standalone Java installations are not affected, consumers will need to apply the patch via Java SE’s automatic updater or by manually installing the patch from this page. Currently, all Java SE versions prior to this patch are affected, including JDK and JRE 7 Update 15, 6 Update 41, and 5.0 Update 40 (or earlier).

Oracle states that the patch is a critically important update, and users should update as soon as possible. If you have not already applied the update (or given up on Java and uninstalled it completely--heh), start up Java and check for updates to grab the patch.

Source: Oracle

McAfee always checks the sandbox for feline footprints

Subject: General Tech | February 26, 2013 - 01:45 PM |
Tagged: mcafee, security, RSA 2013, sandbox

McAfee has been showing off their stuff at RSA 2013 specifically the new heuristic malware detection capabilities which they will be using instead of their current malware signature database which has over 113 million core samples.  That signifies a huge change for the antivirus company as it moves to real time monitoring of all the processes on your machine for suspicious activity instead of matching patterns directly.  While this could lead to some interesting side effects for verification software such as you find in some games, McAfee claims 100% effectiveness against current rootkits on Intel hardware compatible with Deep Defender, though they did not give many specifics about that test to The Register.

That is not all they are up to, McAfee just purchased Validedge's sandboxing technology to allow them to watch malware as it arrives and infects a machine to allow them to study its patterns.  Strangely, The Inquirer mentions that they will be recording the signature so it is possible that it is an exaggeration that they are completely abandoning their signature database altogether and will be using a hybrid database and heuristic monitoring.  The first software using this new option will be available in the second half of this year.  Also briefly mentioned in the story is a suggestion that McAfee will be able to repair infected computers automatically via the ePO Agent.

sandbox.jpg

"Signature-based malware identification has been around since the dawn of the computer security industry, but McAfee has said it's dumping the system – or rather, adapting it – in an upgraded security suite which will (it claims) virtually eliminate susceptibility to botnets."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Want some Raspberry Pi with a side of hashes?

Subject: General Tech | February 15, 2013 - 01:27 PM |
Tagged: WPAD, security, Raspberry Pi, fud

On this weeks Podcast, Ryan wondered what he could do with his new Raspberry Pi and Hack a Day has an idea for him, though it is a wee bit nefarious.  It seems that Travis over at MADSEC is using a Raspberry Pi in penetration testing, using the NetBIOS Name Service to get responses from the Web Proxy Auto-Discovery Protocol (WPAD); responses which can include LM hashes from Windows machines.  With the use of Rainbow tables you can crack those hashes and take control of existing accounts on the PCs.  This type of attack is well know, but automating the attack on something as small and easily modifiable as a Raspberry Pi adds a new layer.  Whether you use it for good or evil, you can read more about it at Hack a Day.

evilPi.jpeg

"Plug in the power and Ethernet and this Raspberry Pi board will automatically collect Windows hashes from computers on the network. With a couple of RPi boards on hand [Travis] was searching for more hacks to try with them. This made a great little test to see how the board performs with the well established attack."

Here is some more Tech News from around the web:

Tech Talk

Source: Hack a Day