Forgot your password?
typodupeerror

+ - Is Montana the Next Big Data Hub?->

Submitted by rye
rye (208438) writes "Montana is positioning itself as the next hub for big data and cyber security. With companies like Symantec and IBM investing heavily in high-tech development, the opening of University of Montana's new Cyber Innovation Laboratory, and statewide competitions such as this weekend's Montana Cyber Triathlon (which had the coolest trophy ever), the momentum is strong. Cheap labor, cheap space and the Northern Tier backbone (with stretches over 600 miles across the width of Montana) are all contributing to the new tech growth. Even Congress is jumping on the bandwagon: Montana Rep. Steve Daines, a member of the House Subcommittee on Cybersecurity, Infrastructure Protection and Security, recently said "Technology has removed geography as a constant." Is the Last Best Place poised for a tech boom?"
Link to Original Source

+ - Cellular Traffic Inspection Source Code Released->

Submitted by rye
rye (208438) writes "Researchers at LMG Security have released the source code, parts list and instructions for building a "do-it-yourself cellular IDS" capable of inspecting CDMA cellular traffic-- for just $285. They hacked a
Verizon femtocell, modified the GPL software and redirected smartphone traffic to Snort (and oh yes, also figured out how to remotely control the Android.Stels bot in the process).

DIY Cellular IDS may revolutionize security for smartphones in BYOD environments. Privacy issues are a big concern, though. Sherri Davidoff writes, "Good guys need to be able to inspect their own cellular network traffic to effectively detect malware and other attacks [on smartphones]. Personal communications have already moved to the Internet... there is no reason to treat cellular traffic differently than Ethernet or 802.11 traffic.""

Link to Original Source

+ - Do-It-Yourself Cellular IDS->

Submitted by rye
rye (208438) writes "For $285, researchers at LMG Security have created a proof-of-concept cellular intrusion detection system by modifying a Verizon Samsung femtocell and redirecting traffic to Snort. They've released instructions and a parts list, as well as the source code, so you can build one, too.

Researcher Sherri Davidoff writes: "Infected smartphones can record surrounding audio, intercept text messages, capture location and usage data, and send all that stolen data back to an attacker... LMG’s project demonstrates that low-cost cellular intrusion detection systems (CIDSs) are not only possible, they are an inexpensive and effective way to combat mobile malware.""

Link to Original Source

+ - Under the Hood: Banking Malware->

Submitted by rye
rye (208438) writes "What is your computer actually DOING when you click on a link in a phishing email? Sherri Davidoff of LMG Security released these charts of an infected computer's behavior after clicking on a link in a Blackhole Exploit Kit phishing email. You can see the malware "phone home" to the attacker every 20 minutes on the dot, and download updates to evade antivirus. She then went on to capture screenshots and videos of the hacker executing a man-in-the-browser attack against Bank of America's web site. Quoting:

"My favorite part is when the attacker tried to steal my debit card number, expiration date, security code, Social Security Number, date of birth, driver’s license number, and mother’s maiden name– all at the same time. Nice try, dude!!""

Link to Original Source

+ - 3M uses quantum dots to make cell phones more colorful->

Submitted by Gunnery Sgt. Hartman
Gunnery Sgt. Hartman (221748) writes ""3M announced today it is in the final stages of scale-up for its new 3M Quantum Dot Enhancement Film (QDEF). The new film allows up to 50 percent more color than current levels in liquid crystal display (LCD) devices. 3M has teamed with Nanosys, Inc., to produce the 3M QDEF solution specifically to deliver more color, and to make devices such as smart phones, tablets and televisions, lighter, brighter and more energy efficient.""
Link to Original Source

+ - Blackhole Man-in-the-Browser Attack Caught in the Act->

Submitted by rye
rye (208438) writes "Check out these screenshots and videos of a Blackhole phishing attack in action-- complete with charts of the network traffic, where you can see the infected desktop "phone home" to the attacker every 20 minutes on the dot. After 48 hours, the malware executed a man-in-the-browser attack against Bank of America's web site, which you can also see.

Great technical writeup from Sherri Davidoff of LMG Security. Watch hackers execute the man-in-the-browser attack and steal 'Linda's' debit card number, expiration date, security code, Social Security Number, date of birth, driver's license number, and mother's maiden name (yes, all at the same time). Lots of nice screenshots that are great to show your friends so they know how not to get pwned!

Quoting: "Unbeknownst to Mrs. Miller, her infected computer silently initiated a wire transfer from the company’s account for $49,500... Curious, I extracted copies of the phishing emails and malware from each infected workstation. What did it LOOK like when these companies were infected? What were their computers actually doing under the hood? Most of all, I wanted to actually SEE the Man-In-the-Browser attack in action!""

Link to Original Source

+ - Video of Blackhole Attack on Bank of America Customers->

Submitted by rye
rye (208438) writes "After two of her corporate clients got hacked, Sherri Davidoff of LMG Security spent three days in her malware lab capturing videos of a real Blackhole Exploit Kit phishing attack and subsequent Man-In-the-Browser attack targeting Bank of America customers.

Quoting: "Unbeknownst to Mrs. Miller, her infected computer silently initiated a wire transfer from the company’s account for $49,500... Curious, I extracted copies of the phishing emails and malware from each infected workstation. What did it LOOK like when these companies were infected? What were their computers actually doing under the hood? Most of all, I wanted to actually SEE the Man-In-the-Browser attack in action!

"The two videos below show a real Man-In-the-Browser attack against Bank of America’s web site. Note that this is NOT a flaw in Bank of America’s web site! This attack works because YOUR DESKTOP is infected. Show these videos to your friends and co-workers so they know what to watch out for.""

Link to Original Source

+ - Dissecting RSA's "Watering Hole" Traffic Snippet->

Submitted by rye
rye (208438) writes "Even the tiniest snippets of network traffic reveal a lot-- not just about viruses and botnets, but also about the malware research lab setup inside corporations like RSA. Watch as Sherri Davidoff of LMG Security tears apart a teeny tiny snippet of gh0st RAT traffic released by RSA during their investigation of the VOHO "watering hole" attack."
Link to Original Source
Books

+ - Network Forensics: Tracking Hackers through Cyberspace->

Submitted by
rye
rye writes "'With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel,' writes Ben Rothke of RSA. 'But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space. ...In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.'"
Link to Original Source

+ - Forensic Contest #10 is Live, Winner Gets a Black Hat BLACK CARD->

Submitted by
rye
rye writes "Forensics Contest #10 is Live. Winner of the contest gets a BlackHat BLACK CARD which is two free years of entrance to Black Hat (plus, there's the coolness factor). The most elegant solution wins the Black Hat BLACK CARD. There are also prizes for the first correct solution, as well as 2nd and 3rd place. Deadline is July 23, 2012. Solutions will be announced at the Network Forensics Black Hat class on July 24.

Here's the case: It’s been three weeks since the PaulDotCom crew went missing. Through extensive research and cyberstalking, millions of PDC fans gathered information relating to their disappearance and hired you to find them. You are the forensic investigator. You're given a hollow spy coin and a packet capture. Can you solve the puzzle and find out what happened to PaulDotCom?

Enter the challenge and get more info at ForensicsContest.Com."

Link to Original Source
Security

+ - The L33t Pill->

Submitted by rye
rye (208438) writes "The Network Forensics Puzzle Contest has opened their DEFCON 2011 contest for public competition, and it's AWESOME. Six rounds, five packet captures, one Truecrypt volume, and a prize for the Most Elegant Solution. Check it out:

"The lead chemist of a high-profile pharmaceutical company was involved in a serious accident, leaving him in a coma days before the release of the company’s highly publicized '133t pill.' The chemist was the only person in possession of the list of ingredients required to produce the wonder drug, and it is not known if he will ever recover. All chemical evidence of the drug has been destroyed, but the company believes that the missing ingredients may have been stored electronically. You have been hired as a forensic investigator, to recover the final ingredient of their 133t pill. Can you find the missing ingredient?""

Link to Original Source

+ - Flyer Arrested(?) After Declining to Show ID->

Submitted by
Sherri Davidoff
Sherri Davidoff writes "Today a traveler going through the Albuquerque airport was detained and is reportedly in the process of arrest after politely refusing to show his ID. Phil Mocek, a Seattle area native, was traveling with his friend Jesse Gallagos when he politely declined to show ID to TSA agents."
Link to Original Source
Privacy

+ - What Does DHS Know About You?->

Submitted by
Sherri Davidoff
Sherri Davidoff writes "Here's a real copy of an American citizen's DHS Travel Record retrieved from the U.S. Customs and Border Patrol's Automated Targeting System (ATS). This was obtained through a FOIA/Privacy Act request... The document reveals that the DHS is storing the reader's:
  • Credit card number and expiration
  • IP address used to make web travel reservations
  • Hotel information and itinerary
  • Full airline itinerary, including flight numbers and seat numbers
  • Phone numbers, incl. business, home & cell
  • Every frequent flyer and hotel number associated with the subject, even ones not used for the specific reservation
"

Link to Original Source

Comment: Re:Please don't think of the children. (Score 1) 1092

by rye (#28177977) Attached to: Making a Child Locating System

First it was tracking consumers. Look at the location histories that public transit agencies store (EZ-Pass, Metro Card, etc), not to mention credit card and cell companies that track and analyze consumer location info for the company's benefit. Money is the greatest motivator.

After these systems are set up, police realize that they can gain access and use them to track suspects or "terrorists." Once the capabilities are well-publicized, parents get interested and companies spew out spinoff consumer-friendly tracking tools... such as Verizon's Chaperone, which more average people buy... which LE will subsequently take advantage of...

Every new advance in location tracking technology is an exploitative cycle between the market forces, Big Brother and normal human attachments.

Medicine

+ - Doctors Scan Photo ID for Treatment->

Submitted by
Sherri Davidoff
Sherri Davidoff writes "Spurred by the FTC's "Red Flags Rule," more health care clinics are requiring photo identification and storing high-resolution copies in their computer systems. Ironically, this probably puts patients at greater risk of identity theft, not less. From the article: "Walking into the doctor's office, I was surprised to see a new sign which read: 'Red Flag Identity Theft Rule: We are now required by law to ask for a Photo ID at the time of each visit. Please have your Photo ID ready for the receptionist to scan.' As an avid bicyclist, I wasn't carrying a driver's license. 'I'm sorry, we'll have to reschedule you,' said the receptionist.

"Everyone should have access to medical care- not just people who have registered with the government and obtained a photo ID. Furthermore, patients should have the right to health care without being forced to give up control of our personal information. As a patient, I don't really want a copy of my Photo ID stored on a crappy unpatched Windows box at my doctor's office. Today's patients do not even have the right to know how well doctor's offices and hospitals are secured, even in the face of constant reports of medical data breaches. That's sick.""

Link to Original Source

From Sharp minds come... pointed heads. -- Bryan Sparrowhawk

Working...