Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Ransomware Wreaks Havoc in the Cloud (

rye writes: Today, researchers at LMG Security released a video of the "Jigsaw" ransomware spreading across the "HackMe, Inc." corporate network in their "Play Lab," starting with the very first click on a phishing email, all the way to the encryption of HackMe, Inc's cloud repository. Watch as the ransomware spreads to the company's networked file share and OneDrive cloud repository. A perfectly creepy "Billy the Puppet" head pops up as the ransom note is printed in green letters across the desktop.

Want your colleagues or management to understand the true potential damage of ransomware? Just show them this video. Then, unplug your network cable, crawl under your desk and hide.

"What does it actually LOOK like when ransomware encrypts all the files on an employee workstation and then moves on to encrypt your company’s file share, and even cloud-based documents?"

Submission + - Is Montana the Next Big Data Hub? (

rye writes: Montana is positioning itself as the next hub for big data and cyber security. With companies like Symantec and IBM investing heavily in high-tech development, the opening of University of Montana's new Cyber Innovation Laboratory, and statewide competitions such as this weekend's Montana Cyber Triathlon (which had the coolest trophy ever), the momentum is strong. Cheap labor, cheap space and the Northern Tier backbone (with stretches over 600 miles across the width of Montana) are all contributing to the new tech growth. Even Congress is jumping on the bandwagon: Montana Rep. Steve Daines, a member of the House Subcommittee on Cybersecurity, Infrastructure Protection and Security, recently said "Technology has removed geography as a constant." Is the Last Best Place poised for a tech boom?

Submission + - Cellular Traffic Inspection Source Code Released (

rye writes: Researchers at LMG Security have released the source code, parts list and instructions for building a "do-it-yourself cellular IDS" capable of inspecting CDMA cellular traffic-- for just $285. They hacked a
Verizon femtocell, modified the GPL software and redirected smartphone traffic to Snort (and oh yes, also figured out how to remotely control the Android.Stels bot in the process).

DIY Cellular IDS may revolutionize security for smartphones in BYOD environments. Privacy issues are a big concern, though. Sherri Davidoff writes, "Good guys need to be able to inspect their own cellular network traffic to effectively detect malware and other attacks [on smartphones]. Personal communications have already moved to the Internet... there is no reason to treat cellular traffic differently than Ethernet or 802.11 traffic."

Submission + - Do-It-Yourself Cellular IDS (

rye writes: For $285, researchers at LMG Security have created a proof-of-concept cellular intrusion detection system by modifying a Verizon Samsung femtocell and redirecting traffic to Snort. They've released instructions and a parts list, as well as the source code, so you can build one, too.

Researcher Sherri Davidoff writes: "Infected smartphones can record surrounding audio, intercept text messages, capture location and usage data, and send all that stolen data back to an attacker... LMG’s project demonstrates that low-cost cellular intrusion detection systems (CIDSs) are not only possible, they are an inexpensive and effective way to combat mobile malware."

Submission + - Under the Hood: Banking Malware (

rye writes: What is your computer actually DOING when you click on a link in a phishing email? Sherri Davidoff of LMG Security released these charts of an infected computer's behavior after clicking on a link in a Blackhole Exploit Kit phishing email. You can see the malware "phone home" to the attacker every 20 minutes on the dot, and download updates to evade antivirus. She then went on to capture screenshots and videos of the hacker executing a man-in-the-browser attack against Bank of America's web site. Quoting:

"My favorite part is when the attacker tried to steal my debit card number, expiration date, security code, Social Security Number, date of birth, driver’s license number, and mother’s maiden name– all at the same time. Nice try, dude!!"

Submission + - 3M uses quantum dots to make cell phones more colorful (

Gunnery Sgt. Hartman writes: "3M announced today it is in the final stages of scale-up for its new 3M Quantum Dot Enhancement Film (QDEF). The new film allows up to 50 percent more color than current levels in liquid crystal display (LCD) devices. 3M has teamed with Nanosys, Inc., to produce the 3M QDEF solution specifically to deliver more color, and to make devices such as smart phones, tablets and televisions, lighter, brighter and more energy efficient."

Submission + - Blackhole Man-in-the-Browser Attack Caught in the Act (

rye writes: Check out these screenshots and videos of a Blackhole phishing attack in action-- complete with charts of the network traffic, where you can see the infected desktop "phone home" to the attacker every 20 minutes on the dot. After 48 hours, the malware executed a man-in-the-browser attack against Bank of America's web site, which you can also see.

Great technical writeup from Sherri Davidoff of LMG Security. Watch hackers execute the man-in-the-browser attack and steal 'Linda's' debit card number, expiration date, security code, Social Security Number, date of birth, driver's license number, and mother's maiden name (yes, all at the same time). Lots of nice screenshots that are great to show your friends so they know how not to get pwned!

Quoting: "Unbeknownst to Mrs. Miller, her infected computer silently initiated a wire transfer from the company’s account for $49,500... Curious, I extracted copies of the phishing emails and malware from each infected workstation. What did it LOOK like when these companies were infected? What were their computers actually doing under the hood? Most of all, I wanted to actually SEE the Man-In-the-Browser attack in action!"

Submission + - Video of Blackhole Attack on Bank of America Customers (

rye writes: After two of her corporate clients got hacked, Sherri Davidoff of LMG Security spent three days in her malware lab capturing videos of a real Blackhole Exploit Kit phishing attack and subsequent Man-In-the-Browser attack targeting Bank of America customers.

Quoting: "Unbeknownst to Mrs. Miller, her infected computer silently initiated a wire transfer from the company’s account for $49,500... Curious, I extracted copies of the phishing emails and malware from each infected workstation. What did it LOOK like when these companies were infected? What were their computers actually doing under the hood? Most of all, I wanted to actually SEE the Man-In-the-Browser attack in action!

"The two videos below show a real Man-In-the-Browser attack against Bank of America’s web site. Note that this is NOT a flaw in Bank of America’s web site! This attack works because YOUR DESKTOP is infected. Show these videos to your friends and co-workers so they know what to watch out for."

Submission + - Dissecting RSA's "Watering Hole" Traffic Snippet (

rye writes: Even the tiniest snippets of network traffic reveal a lot-- not just about viruses and botnets, but also about the malware research lab setup inside corporations like RSA. Watch as Sherri Davidoff of LMG Security tears apart a teeny tiny snippet of gh0st RAT traffic released by RSA during their investigation of the VOHO "watering hole" attack.

Submission + - Network Forensics: Tracking Hackers through Cyberspace (

rye writes: "'With a title like Network Forensics: Tracking Hackers through Cyberspace, the book at first sounds like a cheesy novel,' writes Ben Rothke of RSA. 'But by page 25, you will quickly see this is the real thing. By the time you hit the last page, you will have read the collective wisdom of two of the smartest minds in the space. ...In 12 densely written chapters at just over 500 pages, the book covers nearly every aspect within network and digital forensics.'"

Submission + - Forensic Contest #10 is Live, Winner Gets a Black Hat BLACK CARD (

rye writes: "Forensics Contest #10 is Live. Winner of the contest gets a BlackHat BLACK CARD which is two free years of entrance to Black Hat (plus, there's the coolness factor). The most elegant solution wins the Black Hat BLACK CARD. There are also prizes for the first correct solution, as well as 2nd and 3rd place. Deadline is July 23, 2012. Solutions will be announced at the Network Forensics Black Hat class on July 24.

Here's the case: It’s been three weeks since the PaulDotCom crew went missing. Through extensive research and cyberstalking, millions of PDC fans gathered information relating to their disappearance and hired you to find them. You are the forensic investigator. You're given a hollow spy coin and a packet capture. Can you solve the puzzle and find out what happened to PaulDotCom?

Enter the challenge and get more info at ForensicsContest.Com."


Submission + - The L33t Pill (

rye writes: The Network Forensics Puzzle Contest has opened their DEFCON 2011 contest for public competition, and it's AWESOME. Six rounds, five packet captures, one Truecrypt volume, and a prize for the Most Elegant Solution. Check it out:

"The lead chemist of a high-profile pharmaceutical company was involved in a serious accident, leaving him in a coma days before the release of the company’s highly publicized '133t pill.' The chemist was the only person in possession of the list of ingredients required to produce the wonder drug, and it is not known if he will ever recover. All chemical evidence of the drug has been destroyed, but the company believes that the missing ingredients may have been stored electronically. You have been hired as a forensic investigator, to recover the final ingredient of their 133t pill. Can you find the missing ingredient?"

Submission + - Flyer Arrested(?) After Declining to Show ID (

Sherri Davidoff writes: "Today a traveler going through the Albuquerque airport was detained and is reportedly in the process of arrest after politely refusing to show his ID. Phil Mocek, a Seattle area native, was traveling with his friend Jesse Gallagos when he politely declined to show ID to TSA agents."

Submission + - What Does DHS Know About You? (

Sherri Davidoff writes: "Here's a real copy of an American citizen's DHS Travel Record retrieved from the U.S. Customs and Border Patrol's Automated Targeting System (ATS). This was obtained through a FOIA/Privacy Act request... The document reveals that the DHS is storing the reader's:
  • Credit card number and expiration
  • IP address used to make web travel reservations
  • Hotel information and itinerary
  • Full airline itinerary, including flight numbers and seat numbers
  • Phone numbers, incl. business, home & cell
  • Every frequent flyer and hotel number associated with the subject, even ones not used for the specific reservation

Comment Re:Please don't think of the children. (Score 1) 1092

First it was tracking consumers. Look at the location histories that public transit agencies store (EZ-Pass, Metro Card, etc), not to mention credit card and cell companies that track and analyze consumer location info for the company's benefit. Money is the greatest motivator.

After these systems are set up, police realize that they can gain access and use them to track suspects or "terrorists." Once the capabilities are well-publicized, parents get interested and companies spew out spinoff consumer-friendly tracking tools... such as Verizon's Chaperone, which more average people buy... which LE will subsequently take advantage of...

Every new advance in location tracking technology is an exploitative cycle between the market forces, Big Brother and normal human attachments.

Slashdot Top Deals

Waste not, get your budget cut next year.