Tag Archives: apple

Printer Doom Hack – WSWiR Episode 122

Apple Patches, Kindle XSS, and Doom Printer Hack

If you want to stay current with the Internet “threatscape,” our weekly video can help. It summarizes each week’s top information and network security news in one convenient place. Subscribe today!

Today’s episode covers, Apple and Adobe security updates, a cross-site scripting flaw that affects Kindle users, and an interesting printer hack that allowed an attacker to run doom on a printer. Watch the video for details and see the Reference section below for more info.

Enjoy your weekend!

(Episode Runtime: 5:39

Direct YouTube Link: https://www.youtube.com/watch?v=aZ7-LdlMYHc

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Hardware Malware – WSWiR Episode 112

Tons of Patches, Facebook Botnets, and Infected Hand Scanners

After a couple weeks of hiatus, we’re finally back with our weekly security news summary video. If you want to learn about all the week’s important security news from one convenience resource, this is the place to get it.

This episode covers the latest popular software security updates from the last two weeks, and interesting Litecoin mining botnet that Facebook helped eradicate, and an advanced attack campaign that leverages pre-infected hardware products. Watch the video for the details, and check out the Reference’s for more information, and links to many other interesting InfoSec stories.

Enjoy your summer weekend, and stay safe!

(Episode Runtime: 7:37)

Direct YouTube Link: https://www.youtube.com/watch?v=oAHYUW1KkM0

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

This Month’s Apple Updates Fix Mavericks and iTunes Security Flaws

As much as Apple would like you to think otherwise, their products are not immune to security vulnerabilities. If you use OS X Mavericks or iTunes, you’d best update.

This week, Apple released two security updates to fix vulnerabilities in OS X Mavericks and iTunes. The updates fix a wide range of vulnerabilities, including memory corruption flaws attackers could use to execute code. If you use OS X Mavericks or iTunes, you should download and install Apple’s updates immediately, or let their automatic Software Updater do it for your.

See the links below for more information about each update:

If you’d like to keep up with Apple’s latest security updates, be sure to bookmark their Security page, and you can find links to all their patches on the Download page.— Corey Nachreiner, CISSP (@SecAdept)

Apple Releases Critical OS X, iOS, and Apple TV Patches

Hey Apple users; it’s time to patch.

This week, Apple released three security updates to fix vulnerabilities in OS X, iOS, and Apple TV. The updates fix a wide range of vulnerabilities, including memory corruption flaws attackers could use to execute code, and something called a “triple handshake attack,” which attackers could leverage in man-in-the-middle (MitM) attacks against your SSL sessions. If you use OS X, iOS, or Apple TV, you should download and install Apple’s updates immediately, or let their automatic Software Updater do it for your.

See the links below for more information about each update:

If you’d like to keep up with Apple’s latest security updates, be sure to bookmark their Security page, and you can find links to all their patches on the Download page.

In a related note, Kristin Paget, an ex-Apple security researcher, published a blog post criticizing Apple’s patching process. Apparently, Apple had already released updates to OS X previously that fix the same Webkit vulnerabilities that iOS 7.1.1. fixes this month. Paget argues that Apple needs to release all the like fixes at the same, otherwise attackers could reverse the patches from OS X to exploit against iOS, or vice versa. This is good advice, which I hope Apple adopts in the future — Corey Nachreiner, CISSP (@SecAdept)

Broken Apple SSL – WSWiR Text Edition

RSA 2014, EMET Bypass, and Broken SSL

This week I attended the 2014 RSA Security Conference, one of the biggest information security (and cryptography) conferences of the year. This was the busiest RSA Conference in the show’s history, which suggests that more and more businesses, governments, and organizations are becoming increasingly concerned about cyber security. As a side effect, the show also kept me too busy to produce my normal infosec news video. Instead, I offer a written summary of this week’s major security news and RSA stories below.

  • Apple fixes serious SSL vulnerability in their OSs – This week, Apple released security updates for iOS 6.x and 7.x, OS X, Quicktime, Safari, and Apple TV. Though these updates fix a wide swath of vulnerabilities in those forenamed products, the most astonishing fix corrects a very serious SSL/TLS vulnerability that affects the iOS and OS X operating systems (OS). SSL/TLS is designed to protect and encrypt your network communications, but this flaw allows anyone on the same network as you to intercept and read your communications in a Man-in-the-Middle attack. In short, if you use Apple products, you SSL communications have been open to interception for the last few months, making it especially scary if you joined any open Wifi networks. Apple’s updates fix the issue, and many more, so be sure to go get them. See Apple’s security update summary page for more details.
  • EMET suffers from a bypass vulnerability – EMET—short for Enhanced Mitigation Experience Toolkit—is a free Microsoft tool designed to make it harder for cyber attackers to actually exploit memory corruption type vulnerabilities. I doesn’t prevent a product from having a memory corruption flaw, rather it adds various memory protection mechanisms (like stronger Address Space Layout Randomization or ASLR) to make it harder for attackers to injection their malicious shell code into certain memory locations. It’s a tool I often recommend users install to help mitigate the risk of many vulnerabilities. Well this week, researchers at Bromium Labs proved that EMET is not bulletproof. They released a paper [PDF] showing how attackers could bypass some of EMET’s protections. Microsoft has acknowledged the flaws, and also has a new version in beta (EMET v5.0) that plugs some of the holes.
  • Academic researchers disclose the first AP virus – Researchers from a number of universities in Europe released a paper describing the first ever wireless access point (WAP) virus, which they dub Chameleon. Chameleon first tries to find unsecured wireless APs (for instance, ones using weak WEP encryption, or no encryption). Once it can access the victim AP’s wireless network, it then leverages flaws in the AP firmware to try and infect the AP with its virus. Then it continues scanning for new victim APs. As a research project, this attack was only done in a lab environment, and has never been seen in the wild. However, now that it’s out I suspect criminal hackers might copy this technique in the real world one day.
  • RSA Security Conference Summary – Here are a few of the big themes and news from this year’s RSA Conference.
    • Government and the NSA have broken our trust – In general, the buzz on the show floor was how governments around the world, especially the U.S. and the NSA, have broken our trust with their spying campaigns. While many agree that some sort of international spy agency should exist, most think the NSA has crossed the line with the amount of data they are collecting; which includes data from normal private citizens. The lack of transparency in these government cyber espionage operations has poisoned the industry’s confidence in all online security and communications, making it difficult to know what to trust. Many speakers at the conference criticized these government operations, especially when the governments in question designed malware which they released into the wild.
    • Destructive attacks get more real – In one session, researchers from CrowdStrike demonstrated a vulnerability in Apple computers that they could exploit to actually cause your device to overheat, potentially catching on fire. One of my predictions this year was to expect more destructive malware, and this example may unfortunately help that prediction come true. As an aside, other researchers at the show also demonstrated an attack against Apple iOS devices that allows malicious programs to log touch input—kind of like a keylogger for finger swipes.
    • Lots of vulnerabilities in RSA mobile app – A few weeks before the show, researchers at IOActive checked out the RSA mobile app for the 2014 conference. Turns out it suffered from six vulnerabilities that attackers could leverage to do many things, including disclose the personal information of some of the attendees, or to inject additional code into the app to phish credentials, and other bad things. Check out IOActive’s blog for more details, but it’s ironic that a security conference’s app suffers from the flaws the conference is supposed to educate against.

Well that’s all I have time for this week. However, if you’d like links to other security stories from the week, check out the extra below. I’ll return with my normal video updates next Friday.

Extras Stories:

— Corey Nachreiner, CISSP (@SecAdept)

Hackers Lose Rights – WSWiR Episode 82

PHP.Net Hijack, Rooted ReadyNAS, and Harassed “Hacker”

This week you get two Infosec videos for the price of one! Of course, free plus free is still… well, free.

Last week, I had a busy travel schedule in the Middle East and Holland, and I did not find the time to produce my weekly security news summary on Friday. And yet, there was still plenty of security news to cover, so I didn’t want to leave you hanging. Hopefully, you can still learning something interesting, even if it comes a few days late.

Last week’s much belated episode includes, news of Cheney’s cardiac defibrillator hacking scare, a PHP.net watering hole attack, yet another rooted consumer router, and a story about how just calling yourself a hacker may cost you some Constitutional rights. Watch the video below, and check the Reference section for more details.

Thanks for watching and I’ll see you again in two days, when I post this week’s video!

(Episode Runtime: 7:07)

Direct YouTube Link: http://www.youtube.com/watch?v=rqD01VqkYmI

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

IceFog APT – WSWiR Episode 79

Fake Fingerprints, IOS DoS Flaws, and IceFog APT

Are you Ready for the latest InfoSec news?

This week, I’m traveling in the windy city of Chicago, speaking at ISC²’s Security Congress Conference. As a result, I did not have time to create a full length video; but fear not. My short video quickly summarizes the five big security stories, and I’ll share a few more written details and links below:

(Episode Runtime: 2:25)

Direct YouTube Link: http://www.youtube.com/watch?v=wYkOtYFci38

  • iPhone 5s’s TouchID hacked in a few days [video] – Shortly before the iPhone 5s’ release, hackers around the world were discussing how easy it would be to hack the device’s new TouchID fingerprint scanner. In fact, some even setup a fund to reward the first to do it. Well they did not disappoint. Just a day or two after its release, researchers from the Computer Chaos Club (CCC) in Germany were successful, using old, well-known technique they have demonstrated before. Check out the video to see how easy it is.
  • Cisco releases many IOS updates, mostly to fix DoS vulnerabilities – On Wednesday, Cisco posted eight security advisories, describing many vulnerabilities in the IOS firmware used on their routing devices. Most of the vulnerabilities are denial of service (DoS) flaws. If you manage Cisco IOS devices, you should install these updates as soon as you can.
  • 200% increase in nasty extortion ransomware – ESET, an anti-virus company, reported seeing a 200% increase in a particular ransomware variant called FileCoder (or CryptoLocker by other AV companies). This nasty malware find many types of documents and images on your computer, and encrypts them using fairly strong public/private key crypto. It then asks you to pay around $300 to get your files back. So far the good guys haven’t cracked it’s encryption, and they are unlikely to do so without actually obtaining the attacker’s private key. If you do pay the ransom, the malware does seem to stick to its word, and decrypt your files. However, I don’t recommend capitulating with criminals. The malware mostly spreads via phishing emails. So if you warn your user about this, you may be able to avoid it. As an aside, a twitter follower anecdotally shared that he’s seen a Cryptolocker infection at his client’s site, which seems to confirm the potential increase in this malware campaign.
  • Kaspersky uncovers IceFog APT campaign [video] – During the week, one of our partners, Kaspersky, released details about a new APT campaign that’s targeting organizations in South Korea and Japan. The attackers seem to be a small group of very skilled hackers, who are targeting government institutes, military contractors, and telecom or satellite operators. Like most APTs of late, the attack starts with a spear-phishing email containing a documents. For more interesting details about this advanced attack campaign, see Kaspersky’s report or watch their video.
  • Criminals steal data from data brokers, and resell on the underground - A well-known security journalist, Brian Krebs, posted an in-depth story about an attack campaign against various data broker organizations. Essentially, attackers gained access to the networks of data brokers like LexisNexus and Dun & Bradstreet, and then leverage this access to loot the personal customer information these brokers collect. The criminals then resell this information on their malicious identity theft service sites. Be sure to read Krebs’ article for the full scoop.

Extra References:

— Corey Nachreiner, CISSP (@SecAdept)

Hidden Lynx – WSWiR Episode 78

NASDAQ Vulnerabilities, NASA Defacement, and Hidden Lynx

It’s that time again; when I summarize the biggest information security (Infosec) news into a short video. If you’d like to get a quick take of what’s going on in the computer security industry, this is the show for you.

This week’s episode includes a quick note on the latest software updates, a story about NASDAQ’s delayed reaction to vulnerabilities on their site, news about Brazilian hackers potentially mistaking NASA for the NSA, and the uncovering of an advanced cyber criminal gang responsible for some of the most concerning attacks over the last few years. Check out the video for the full skinny, and don’t forget to take a peek at the Reference section for links to other stories.

Have a fun weekend and a fantastic day.

(Episode Runtime: 8:37)

Direct YouTube Link: http://www.youtube.com/watch?v=V23GxAovB-w

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Blackhat 2013 – WSWiR Episode 72

Details on Femtocell hacking, Mactans, and SCADA Honeypots

This is the week of the Blackhat and Defcon security conferences; two of the biggest security research conferences of the year. So rather than quickly summarize InfoSec newslike I do most weeksI’ll share details about three of my favorite talks from this year’s Blackhat show (Defcon is going on now).

Two of my favorite presentations fill in details about stories from past episodes. Both the researchers that hacked a Verizon femtocell, and the ones that created a malicious iOS charger, shared the technical details around these attacks. Want to learn how it’s done? Watch below.

The third interesting talk centers around using honeypots to learn who are attacking our SCADA systems. While the attacker profile data shared in the presentation was interesting, I was more concerned with how the researcher profiled his attackers. Essentially, he hacked them back. His hack back technique was at best legally grey area, and at worst totally illegal. And this researcher’s actions were not the exception. I attended a few talks this year where researchers used hacking techniques to out their attacks. Perhaps the industry is adopting “strike back” after all.

In any case, if you’d like a quick glimpse of some of my favorite presentations from the show, be sure to click play below. I will also post some written summaries about the talks I attended in the next few days. Finally, though I didn’t have time to cover the regular Infosec news this week, be sure to check the Reference section for links to a few fairly important industry stories.

(Episode Runtime: 15:15)

Direct YouTube Link: https://www.youtube.com/watch?v=-xBHxQUVJnU

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Car Hacking Exposed – WSWiR Episode 71

Tor Botnets, SIM Hacking, and Pwned Prius

Blackhat and Defcon are only a few days away, so this week’s InfoSec news summary covers previews of some of the research experts plan on disclosing during next week’s security bonanza.

During this week’s episode, learn about the latest Tor-based botnets, hear how hackers can force malware through your phone’s SIM card, and see a couple researchers totally take over a Prius car with a laptop. Watch below, and check the Reference section for other interested security stories.

Show Notes: I had unexpected microphone cable problems during my recording, which I didn’t learn about until after my shoot. It caused some hum and clicks in this week’s video. I apologize for the bad audio, and will be sure to check it next week.

Also, I will be attending Blackhat next week. I still plan to post at least one video, but it may not appear at its regular time.

(Episode Runtime: 10:09)

Direct YouTube Link: https://www.youtube.com/watch?v=Pa3QsIS-TK8

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,582 other followers

%d bloggers like this: