×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

End of Windows XP Support Era Signals Beginning of Security Nightmare

Trailrunner7 Chord?? (646 comments)

"cuts the chord"? Are they dissecting sheet music now? Cripes.

about 2 years ago
top

US Inadvertently Enabled Chinese Google Hackers

Trailrunner7 Olllddd (103 comments)

This is a month old, and Schneier has since backed off this assertion.

more than 4 years ago
top

Microsoft's Risky Tablet Announcement

Trailrunner7 Re:I don't understand... (338 comments)

How exactly can Microsoft be responding to an event that hasn't taken place yet (the Apple tablet announcement)? Is that "pre-sponding"?

more than 4 years ago
top

Spafford: Cybersecurity Czar Job is Useless

Trailrunner7 part of the story (2 comments)

It's also worth having a look at the blog posts that Spafford has written on this topic in the last few months. There's more background and context in there and some excellent reasoning on why this position is built to fail. http://www.cerias.purdue.edu/site/blog/

more than 4 years ago
top

Spammer Lance Atkinson Fined $16 Million

Trailrunner7 Re:Damn moronic 'anti-spam' laws. (100 comments)

According to the original documentation, 'In early 2008, a security company identified one botnet -- which it dubbed "Mega-D" -- that sent sparn promoting Affking's VPXL and King Replica products as the worst botnet in the world, accounting for 32% of all spam.'

The Mega-D botnet consisted at least 264,784 computers.

That's 264,784 UNAUTHORIZED COMPUTER ACCESS FELONIES.

Why the FUCK are we 'fining' someone who committed at least 264,784 felonies? We invade goddamn countries and charge people with war crimes for that level of criminality!

Anti-spam laws are nonsense. Forget the damn anti-spam laws. Lock them up for the felonies they're committing. Extradition would be a lot easier, too. (Of course, we could just find a few hundred IPs this guy hijacked in Australia, turn them over, and have him locked up there his entire life, instead.)

The laws are completely useless and always have been. They were passed to make consumers think that government is doing something. But the extradition and prosecution is a lot harder than it sounds, even when the criminal is in a friendly country like Australia. It takes forever and costs a lot of money, so the law enforcement agencies pass.

more than 4 years ago
top

The Root of the Botnet Epidemic

Trailrunner7 Bad isn't the word for it (2 comments)

I think people sort of lose focus on how bad this threat is. The scope of it is ridiculous. There are tens of millions of bot-infected machines out there, and I'd bet that 99% of the owners have no idea they're infected and wouldn't know what to do about it if they did. The bad guys are way ahead of the good guys on this and it's not clear when or how it will get better.

more than 4 years ago
top

TCP DoS Flaw Finally Patched by Microsoft, Cisco

Trailrunner7 Re:Closed source in a nutshell (3 comments)

I'm sure they do possess that knowledge, but that's got nothing to do with this. Microsoft, Cisco and all of the other vendors have the same, or higher, level of skill on their staffs but they other priorities, too. It's not a simple fix and didn't involve just one version of one product.

more than 4 years ago
top

Hackers send malware-infected CDs to credit unions

Trailrunner7 Re:If they really wanted it to work... (2 comments)

Excellent point. And that wouldn't be difficult to accomplish either, with a little money slipped to someone at the NCUA or something.

more than 4 years ago
top

Many sites use silent Flash cookies to track users

Trailrunner7 not Adobe's problem (2 comments)

I see this as the sites' failing, not a problem for Adobe to fix. It's their fault for not telling users what they're doing and how.

more than 4 years ago
top

New Linux kernel flaw allows null pointer exploits

Trailrunner7 Re:Other versions? (6 comments)

Right now it looks like just that version, but it won't be long I'd bet before others are testing it against older releases.

more than 4 years ago
top

Facebook Violates Canadian Privacy Law

Trailrunner7 Re:Draconian Laws (179 comments)

wait wait wait. They have computers in Canada?

more than 4 years ago
top

New Mac OS X rootkit to be revealed at Black Hat

Trailrunner7 Re:Oh noes! Macs can be attacked? (7 comments)

May not be many Macs in enterprises, but there are millions of them in homes, and they're just as valuable as bots as any windows box. And owning any box gets you access to banking passwords, whatever else.

more than 4 years ago
top

Hackers Find Remote iPhone Crack

Trailrunner7 Re:Misleading Title/Summary (114 comments)

Exactly. And this was on 2.0, and 3.0 is out already. Nothing to see here.

more than 4 years ago
top

US Plans To Bulldoze 50 Shrinking Cities

Trailrunner7 Re:Suggestion: (806 comments)

Are nominations still open? DC, B'more and Orlando should be at the top of the list. Maybe Dallas too.

more than 4 years ago
top

New attack exploits virtually all intranets, VPNs

Trailrunner7 Thanks IETF!! (1 comments)

I think this is similar to a problem that networking people have been dealing with for like 15 years. The main problem is in the RFC, which was written before there were hundreds of millions of machines on the interwebs.

more than 4 years ago
top

Schneier Says We Don't Need a Cybersecurity Czar

Trailrunner7 Re:Makes sense (173 comments)

That's exactly it. The czar concept in general is flawed, even in departments or industries that have a clear mission and control of that mission. Neither is true in cyber security. We don't need another figurehead creating the illusion of action.

more than 4 years ago
top

Snow Leopard security not good enough

Trailrunner7 Apple doesn't care security (2 comments)

Apple has clearly shown it's not interested in security. If it were, it wouldn't wait and release 49 patches at once or only include portions of ASLR in OS X.

more than 4 years ago
top

Schneier: We don't need a cybersecurity czar

Trailrunner7 Re:Cybersecurity czar != better security (3 comments)

None of these czars has gotten us anywhere in any other industry either. Consumer, car, health care, Russia...

more than 4 years ago

Submissions

top

Windows XP End of Life Not Breeding Zombie Malware Apocalypse

Trailrunner7 Trailrunner7 writes  |  about two weeks ago

Trailrunner7 (1100399) writes "For those of you anticipating the start of a Walking Dead-style malware apocalypse next Tuesday, calm yourselves. The official end of security support for Windows XP is upon us, but it’s important to check some anxiety at the door and keep some perspective.

“All the administration stuff in place around these systems falls down. Attackers leverage that because they want the path of least resistance,” said Christopher Pogue, director at Trustwave. “You have to presume that before they get their exploit on an unpatched XP machine, they have to breach the environment, bypass firewalls get to the system, pivot to the unpatched system and hope it has critical data on it so they can run exploit code. There are a whole lot of items that have to line up for that to happen.”

The hype and hyperbole around April 8, the latest in a long line of security Doomsdays, is rooted in theories that because a good number of XP systems remain in use storing data and processing transactions, that any previously unreported XP vulnerabilities will be perpetual zero-days. The theory continues that attackers have been building and hoarding XP exploits, anxiously wringing their hands waiting for April 8, 2014 to come and go.

Now to dismiss all of that as FUD is foolhardy; some attackers who do have XP exploits that will be zero days in a matter of five days are going to wait. Others are less patient (see the recent XP Rich Text Format zero day that will be patched on Tuesday). And for those smaller organizations with fewer IT resources that may still be running XP machines that still hum along carrying out their mission day after day, their risk posture will be slouching a little more come Tuesday."
top

Former NSA Director: Not a Single Incident of Cyberterror

Trailrunner7 Trailrunner7 writes  |  about two weeks ago

Trailrunner7 (1100399) writes "The list of threats on the Internet is long and getting longer each day. Cybercrime, nation-state attackers, cyber espionage and hacktivists all threaten the security and stability of the network and its users in one way or another. But the one threat that some experts have warned about for years and has never emerged is cyber terrorism, a former top U.S. intelligence official said.

In the years after 9/11, as the Internet became an integral part of daily life in much of the world, some in the national security community warned that the network also would become a key conduit for terrorist attacks against a variety of targets. Utilities, critical infrastructure, banks and other vital pieces of the global economy would be choice targets for groups seeking to wreak havoc via electronic attacks. However, those attacks have not materialized.

“I don’t have a single example of cyber terrorism. Not one incident,” Michael Hayden, the former director of the CIA and NSA, said during a keynote speech at the Systems Engineering DC conference here Thursday."
top

Researcher Identifies Security Issues With Tesla S

Trailrunner7 Trailrunner7 writes  |  about two weeks ago

Trailrunner7 (1100399) writes "The current move by auto makers to stuff their vehicles full of networked devices, Bluetooth radios and WiFi connectivity has not gone unnoticed by security researchers. Charlie Miller and Chris Valasek spent months taking apart–literally and figuratively–a Toyota Prius to see what vulnerabilities might lie inside; and they found plenty. Now, another researcher has identified a number of issues with the security of the Tesla S, including its dependence upon a weak one-factor authentication system linked to a mobile app that can unlock the car remotely.

The Tesla S is a high-end, all-electric vehicle that includes a number of interesting features, including a center console touchscreen that controls much of the car’s systems. There also is an iPhone app that allows users to control a number of the car’s functions, including the door locks, the suspension and braking system and sunroof. Nitesh Dhanjani found that when new owners sign up for an account on the Tesla site, they must create a six-character password. That password is then used to login to the iPhone app.

Dhanjani discovered that the Tesla site doesn’t seem to have a function to limit the number of login attempts on a user account, so an attacker potentially could try to brute force a user’s password. An attacker also could phish a user to get her password and then, if he had access to the user’s iPhone, log in to the Tesla app and control the vehicle’s systems. The attacker also could use the Tesla API to check the location of the user’s vehicle, even without the iPhone app."
top

Regulation of Surveillance Tech Exports On the Table

Trailrunner7 Trailrunner7 writes  |  about three weeks ago

Trailrunner7 (1100399) writes "The long shadow cast by the use of surveillance technology and so-called lawful intercept tools has spread across much of the globe and has sparked a renewed push in some quarters for restrictions on the export of these systems. Politicians and policy analysts, discussing the issue in a panel Monday, said that there is room for sensible regulation without repeating the mistakes of the Crypto Wars of the 1990s.

“There’s virtually no accountability or transparency, while he technologies are getting faster, smaller and cheaper,” Marietje Schaake, a Dutch member of the European Parliament, said during a panel discussion put on by the New America Foundation. “We’re often accused of over-regulating everything, so it’s ironic that there’s no regulation here. And the reason is that the member states [of the EU] are major players in this. The incentives to regulate are hampered by the incentives to purchase.

“There has been a lot of skepticism about how to regulate and it’s very difficult to get it right. There are traumas from the Crypto Wars. Many of these companies are modern-day arms dealers. The status quo is unacceptable and criticizing every proposed regulation isn’t moving us forward.”"
top

Gmail Goes HTTPS Only For All Connections

Trailrunner7 Trailrunner7 writes  |  about a month ago

Trailrunner7 (1100399) writes "Perhaps no company has been as vocal with its feelings about the revelations about the NSA’s collection methods as Google has, and the company has been making a series of changes to its infrastructure in recent months to make it more difficult for adversaries to snoop on users’ sessions. The biggest of those changes landed Thursday when the company switched its Gmail service to HTTPS only, enforcing SSL encryption on all Gmail connections.

The change is a significant one, especially given the fact that Google also has encrypted all of the links between its data centers. Those two modifications mean that Gmail messages are encrypted from the time they leave a user’s machine to the time they leave Google’s infrastructure. This makes life much more difficult for anyone–including the NSA–who is trying to snoop on those Gmail sessions."
top

Church Committee Members Say New Group Needed to Watch NSA

Trailrunner7 Trailrunner7 writes  |  about a month ago

Trailrunner7 (1100399) writes "In a letter sent to President Obama and members of Congress, former members and staff of the Church Committee on intelligence said that the revelations of the NSA activities have caused “a crisis of public confidence” and encouraged the formation of a new committee to undertake “significant and public reexamination of intelligence community practices”.

In the letter sent Monday to Obama and Congress, several former advisers to and members of the Church committee, including the former chief counsel, said that the current situation involving the NSA bears striking resemblances to the one in 1975 and that the scope of what the NSA is doing today is orders of magnitude larger than what was happening nearly 40 years ago.

“The need for another thorough, independent, and public congressional investigation of intelligence activity practices that affect the rights of Americans is apparent. There is a crisis of public confidence. Misleading statements by agency officials to Congress, the courts, and the public have undermined public trust in the intelligence community and in the capacity for the branches of government to provide meaningful oversight,” the letter says."
top

Weak Apple RNG Threatens iOS Exploit Mitigations

Trailrunner7 Trailrunner7 writes  |  about a month ago

Trailrunner7 (1100399) writes "A revamped early random number generator in iOS 7 is weaker than its vulnerable predecessor and generates predictable outcomes. A researcher today at CanSecWest said an attacker could brute force the Early Random PRNG used by Apple in its mobile operating system to bypass a number of kernel exploit mitigations native to iOS.

“The Early Random PRNG in iOS 7 is surprisingly weak,” said Tarjei Mandt senior security researcher at Azimuth Security. “The one in iOS 6 is better because this one is deterministic and trivial to brute force.”

The Early Random PRNG is important to securing the mitigations used by the iOS kernel.

“All the mitigations deployed by the iOS kernel essentially depend on the robustness of the Early Random PRNG,” Mandt said. “It must provide sufficient entropy and non-predictable output.”"
top

Snowden, The NSA and the Future of the Offensive Internet

Trailrunner7 Trailrunner7 writes  |  about a month ago

Trailrunner7 (1100399) writes "Despite everything that has transpired in the last year, Edward Snowden sounded calm, reflective and in some ways wistful yesterday discussing the fallout and consequences of the multitude of NSA programs and methods he’s revealed. Snowden bemoaned the fact that the NSA specifically and the intelligence community in general have shifted its focus to offensive operations, implying that defense should be focus. But now that those agencies have the tremendous offensive powers they’ve accumulated in the last decade, they’re never giving them back.

Whatever your feelings are about Snowden, listening to him speak about why he did what he did, what he hoped to accomplish and how he feels about the public reaction is informative. He spoke Monday for about an hour from an undisclosed location in Moscow and, while he touched on many subjects, Snowden returned several times to the idea that the NSA and other government agencies have hijacked the Internet for their own purposes, all in the name of protecting us fromsomething.

Given those abilities, and more importantly, the legal authority to use them, the NSA is, of course, going to do so. If you have a Ferrari, you don’t leave it sitting in the garage, you drive the hell out of it. Technology advances, regardless of our desire for it to slow down sometimes, and, as Bruce Schneier often says, attacks only get better, not worse. And the NSA is the apex predator of this environment. The agency hasn’t abandoned its defensive mission, not by a long shot, but offense is sexy and provides tangible results to show the higher-ups.

Offense is the present and it’s also the future. And, to borrow a phrase, the future will retire undefeated."
top

iOS 7.1 Fixes More Than 20 Code Execution Flaws in iPhone

Trailrunner7 Trailrunner7 writes  |  about a month ago

Trailrunner7 (1100399) writes "Apple has fixed a slew of vulnerabilities that could lead to code execution on the iPhone, along with a number of other security vulnerabilities in the latest version of its mobile operating system, iOS 7.1. The new release comes just a little more than two weeks after Apple released iOS 7.06 to fix the SSL certificate validation error.

Unlike that release, which fixed just the one vulnerability, significant though it was, iOS 7.1 is a major security release containing patches for a large number of vulnerabilities in a bunch of different components. Webkit, the framework underlying Safari, got a major security upgrade in iOS 7.1, with Apple fixing 19 separate memory corruption issues. Nearly half of those vulnerabilities were discovered by the Google Chrome security team, and many of the 19 bugs were identified last year."
top

Automatic Updates May Be Next Surveillance Frontier

Trailrunner7 Trailrunner7 writes  |  about a month and a half ago

Trailrunner7 (1100399) writes "As more Web-based services are encrypted, privacy advocates are concerned the next wave of aggressive surveillance activity could target automated update services that essentially provide Internet companies root access to machines.

Chris Soghoian, principal technologist with the American Civil Liberties Union, said today at TrustyCon that current malware delivery mechanisms such as phishing schemes and watering hole attacks could soon be insufficient for intelligence agencies and law enforcement such as the NSA and FBI.

“The FBI is in the hacking business. The FBI is in the malware business,” Soghoian said. “The FBI may need more than these two tools to deliver malware. They may need something else and this is where my concern is. This is where we are going and why I’m so worried about trust.”"
top

Apple SSL Bug Also Affects OSX

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "The certificate-validation vulnerability that Apple patched in iOS yesterday also affects Mac OS X up to 10.9.1, the current version. Several security researchers analyzed the patch and looked at the code in question in OS X and found that the same error exists there as in iOS.

Researcher Adam Langley did an analysis of the vulnerable code in OS X and said that the issue lies in the way that the code handles a pair of failures in a row. The bug affects the signature verification process in such a way that a server could send a valid certificate chain to the client and not have to sign the handshake at all, Langley found.

Some users are reporting that Apple is rolling out a patch for his vulnerability in OS X, but it has not shown up for all users as yet. Langley has published a test site that will show OS X users whether their machines are vulnerable."
top

Apple Fixes Critical Certificate Validation Bug in iOS 7.06

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "Apple on Friday quietly pushed out a security update to iOS that restores some certificate-validation checks that had apparently been missing from the operating system for an unspecified amount of time.

“Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps,” the Apple advisory says.

The wording of the description is interesting, as it suggests that the proper certificate-validation checks were in place at some point in iOS but were later removed somehow. The effect of an exploit against this vulnerability would be for an attacker with a man-in-the-middle position on the victim’s network would be able to read supposedly secure communications. It’s not clear when the vulnerability was introduced, but the CVE entry for the bug was reserved on Jan. 8."
top

WhatsApp Suffers From Several SSL Security Problems

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "The Facebook acquisition of mobile messaging service WhatsApp has captivated the tech world this week. Much of that has to do with the massive $19 billion price tag and, to a lesser extent, the incredibly fast rise of the company. But while analysts and customers have been examining the deal, some security researchers decided to look at the security of WhatsApp itself.

WhatsApp is a text and multimedia messaging service that uses the Internet, rather than a cellular data network, as its base. The app grew slowly at first but exploded in the last couple of years and today claims 450 million active users. Security researchers at Praetorian, who have been running a project known as Project Neptune to assess the security of mobile apps, did a limited assessment of the iOS and Android versions of WhatsApp and discovered a number of issues around the way the app uses SSL.

The most serious problem they found was that WhatsApp does not enforce certificate pinning. The use of certificate pinning allows apps to specify a specific certificate that they trust for a given server. This helps defeat a number of attacks, specifically man-in-the-middle attacks that rely on spoofing the certificate for a trusted site. Many of the major Web browsers support certificate pinning now, but its adoption in the mobile world has been somewhat slower. Praetorian found that WhatsApp doesn’t enforce SSL pinning, potentially opening users up to MITM attacks."
top

Government Sent 2,000+ National Security Letters to AT&T in 2013

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "AT&T, in its first transparency report, said that it received at least 2,000 National Security Letters and nearly 38,000 requests for location data on its subscribers in 2013.

The new report from AT&T is the latest in a growing list of publications from telecom companies, Web providers and cell phone carriers who have been under pressure from privacy advocates and security experts in the wake of the Edward Snowden NSA surveillance revelations. Telecoms had been resistant to providing such information in the past and it’s really only in the last month or so, since the Department of Justice loosened its restrictions on the way that companies can report NSL and Foreign Intelligence Surveillance Act requests that more companies have come around on the issue.

AT&T’s report shows a higher number of NSLs and subpoenas in 2013 than its most relevant competitor, Verizon. In January, Verizon’s first transparency report showed that the company received between 1,000 and 1,999 NSLs in 2013 and 164,000 subpoenas. AT&T said it got 2,000-2,999 NSLs and 248,343 subpoenas last year. AT&T also received nearly 37,000 court orders and more than 16,000 search warrants."
top

Cost of Being an APT Attacker is Dropping

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "The term APT often is used as a generic descriptor for any group–typically presumed to be government-backed and heavily financed–that is seen attacking high-value targets such as government agencies, critical infrastructure and financial systems. But the range of targets APT groups are going after is widening, as are the levels of talent and financing these groups possess.

“The cost of entry for APT is decreasing,” said Costin Raiu, head of the Global Research and Analysis Team at Kaspersky Lab, in a talk on the threat landscape at the company’s Industry Analyst Summit Thursday. “We’re going to see more surgical strikes and critical infrastructure attacks.”

One example of this phenomenon is the Icefog group. Discovered last fall, the Icefog attackers targeted a variety of organizations and government agencies in Japan and South Korea and researchers believe the group comprised a small number of highly skilled operators who went after select targets very quickly. Raiu estimated that the Icefog campaign probably required an investment of no more than $10,000. By comparison, he said that the NetTraveler campaign likely cost about $500,000, while Stuxnet was in the range of $100 million."
top

Edward Snowden and the Death of Nuance

Trailrunner7 Trailrunner7 writes  |  about 3 months ago

Trailrunner7 (1100399) writes "As the noise and drama surrounding the NSA surveillance leaks and its central character, Edward Snowden, have continued to grow in the last few months, many people and organizations involved in the story have taken great pains to line up on either side of the traitor/hero line regarding Snowden’s actions. While the story has continued to evolve and become increasingly complex, the opinions and rhetoric on either side has only grown more strident and inflexible, leaving no room for nuanced opinions or the possibility that Snowden perhaps is neither a traitor nor a hero but something else entirely.

In some ways, the people pushing the Snowden-as-traitor narrative have a decided advantage here. This group comprises politicians, intelligence officials, lawmakers and others whose opinions carry the implicit power and weight of their offices. Whatever one thinks of Obama, Director of National Intelligence James Clapper and Alexander, they are among the more powerful men on earth and their public pronouncements by definition are important. If one of them declares Snowden to be a traitor or says that he should spend the rest of his life in prison for his actions, there is a sizable portion of the population who accepts that as fact.

That is not necessarily the case on the other side of the argument. However, many members of both the hero and traitor crowds formed their opinions reflexively, aligning themselves with the voices they support and then standing pat, regardless of the revelation of any new facts or evidence. They take the bits and pieces of Snowden’s story arc that fit with their own philosophy, use them to bolster their arguments and ignore the things that don’t help. This, of course, is in no way unique to the Snowden melodrama. It is a fact of life in today’s hyper-fragmented and hype-driven media environment, a climate in which strident opinions that fit on the CNN ticker or in a tweet have all but destroyed the possibility of nuanced discourse."
top

Congressmen Say Clapper Lied to Congress, Ask Obama to Remove Him

Trailrunner7 Trailrunner7 writes  |  about 3 months ago

Trailrunner7 (1100399) writes "A group of six Congressmen have asked President Barack Obama to remove James Clapper as director of national intelligence as a result of his misstatements to Congress about the NSA’s dragnet data-collection programs. The group, led by Rep. Darrell Issa (R-Calif.), said that Clapper’s role as DNI “is incompatible with the goal of restoring trust in our security programs”.

Clapper is the former head of the National Geospatial Intelligence Agency and has been DNI since 2010. In their letter to Obama, the group of Congressmen calling for his ouster said that he lied to Congress and should no longer be in office.

“The continued role of James Clapper as Director of National Intelligence is incompatible with the goal of restoring trust in our security programs and ensuring the highest level of transparency. Director Clapper continues to hold his position despite lying to Congress, under oath, about the existence of bulk data collection programs in March 2013. Asking Director Clapper, and other federal intelligence officials who misrepresented programs to Congress and the courts, to report to you on needed reforms and the future role of government surveillance is not a credible solution,” the letter from Issa, Ted Poe, Paul Broun, Doug Collins, Walter Jones and Alan Grayson says."
top

Google Offers $2.7M in Pwnium Hacking Contest

Trailrunner7 Trailrunner7 writes  |  about 3 months ago

Trailrunner7 (1100399) writes "Building on the success of the last couple of years, Google plans to offer more than $2.7 million in potential rewards in the next iteration of its Pwnium hacking competition at this year’s CanSecWest conference in Vancouver. The company has run the contest in parallel with the older Pwn2Own competition at the conference, with somewhat different rules, and this year plans to allow researchers to go after Chrome OS running on both ARM- and Intel-based Chromebooks,

Pwnium began as Google’s answer to Pwn2Own, the well-known hacking contest that has attracted some of the top researchers in the industry over the course of the last few years, including Dino Dai Zovi, Charlie Miller, Chaouki Bekrar and the Vupen team and many others. Pwn2Own has traditionally not required contestants to submit complete exploit information, but rather the details of the vulnerability and the crash data. Pwnium requires researchers to submit full exploits, something that has kept some of the potential contestants away, notably the Vupen team.

But the money that Google is putting up for new compromises of Chrome OS is far beyond what’s available at Pwn2Own or any of the other major contests and has attracted a small, but elite, group of contestants in past years. The company is promising rewards of as much as $150,000 plus some bonuses, paid at Google’s discretion, for especially innovative or serious exploits."
top

Chrome, Safari Vulnerable to XSS Bypass Flaw

Trailrunner7 Trailrunner7 writes  |  about 3 months ago

Trailrunner7 (1100399) writes "There is a bug in the anti-cross site scripting filter in Chrome and Safari that enables an attacker to bypass the filter in some cases and use an XSS flaw on a given site to compromise visitors’s machines. The vulnerability is fairly simple to exploit and a researcher has posted proof-of-concept code.

The vulnerability lies in the way that anti-XSS filters handle a specific attribute in IFRAME tags. These filters are designed to prevent attackers from being able to use XSS flaws on vulnerable Web sites in order to run malicious injected code in users’ browsers. Exploiting this flaw allows the attacker to bypass the filter and run his injected code.

The researcher who discovered the flaw he informed Google of the vulnerability in Chrome back in October and the company developed a fix a couple of days later. The patch landed in the stable Chrome channel in the recent release of version 32. He said that the vulnerability still exists in Safari on Mac and iPhone, however. Eleven Paths contacted Apple about the flaw, but the company said it is still working on the issue."
top

Target Attackers Took 11 GB of Data

Trailrunner7 Trailrunner7 writes  |  about 3 months ago

Trailrunner7 (1100399) writes "The attackers who infiltrated Target’s network several weeks ago and made off with 40 million credit and debit card numbers used a multi-stage attack, funneling their stolen data through an FTP server and then a VPS server in Russia. It took more than two weeks, but the attackers eventually exfiltrated about 11 GB of data, researchers say.

The Target breach has quickly made its way onto the short list of the largest data breaches in history, and details are continuing to emerge. Last week the company admitted that, in addition to the 40 million stolen card numbers, personal information belonging to an additional 70 million people also had been stolen. And earlier this week it was reported that the attackers accomplished their feat by installing malware on the point-of-sale systems at hundreds of Target stores. The malware appears to be a derivative of a previously seen PoS malware strain known as BlackPOS.

Researchers at Seculert in Israel have analyzed a sample of the malware used in the Target attack and found that the malware was on the network for nearly a week before it began sending stolen data off to an FTP server sitting on a compromised Web site. They transmitted the information from another compromised machine on the Target network, the researchers said.

“The attackers were using several components. One of the components has similar behaviors to BlackPOS, a memory parser PoS malware,” Aviv Raff, CTO of Seculert, said via email."

Journals

Trailrunner7 has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...