anti-sec – Jupiter Broadcasting

Donated Privacy | TechSNAP 74

chris — Thu, 06 Sep 2012 15:53:20 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Anti-sec posts 1 million Apple UDIDs they claim to have stolen from the FBI, but what was the FBI doing with them in the first place?

More infrastructure switches vulnerabilities, and a great batch of audience questions and our answers!

All that and a lot more on this week’s TechSNAP!

Thanks to:

GoDaddy.com

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

SPECIAL OFFER! Save 20% off your order!
Code: go20off5

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

Direct Download:

RSS Feeds:

Support the Show:

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!
Grab our Chrome Extension and auto-tag your shopping session for us!

Fill out my Wufoo form!

Show Notes:

Java flaws not entirely fixed by emergency patch

The Polish security firm that initially discovered the 29 Java vulnerabilities back in April, two of which were the target of the emergency out-of-band patch issued by Oracle last week, has discovered that the flaws are still exploitable
Oracle’s patch removed the getField and getMethod methods from the implementation of the sun.awt.SunToolkit, this disabled all of the Proof of Concept exploits from the security researchers, and the exploits actively being used in the wild
Oracle basically removed the exploitation vector, without fixing the underlying vulnerabilities
The Polish firm discovered another exploitation vector, that when combined with the unpatched vulnerabilities, allowed them to update their Proof of Concept code and continue to posses a large number of working exploits again Java
Adam Gowdiak, CEO of Security Explorations (the Polish firm that discovered the vulnerabilities) also commented that Java 6 seemed much more secure, in all the time they spend researching it, they only ever managed to escape the sandbox once, using an Apple Quicktime exploit
Researchers find critical vulnerability in Java 7 patch hours after release

More infrastructure switches vulnerable

Some GarrettCom switches come with a hard coded password for a default account that cannot be changed or disabled
A researcher at Cylance discovered the hidden account in April and warned the vendor and ICS-CERT
The issue is present in GarrettCom Magnum MNS–6K Management Software version 4.1.14 and 14.1.14 SECURE, the vendor released an update that addresses the issue in May, but the issue was not disclosed until this week
The attack is mitigated somewhat by the fact that the attacker would need access to an account on the switch, in order to exploit the vulnerability and escalate the privileges of the regular user account
“A ‘factory’ account intended to only be allowed to log in over a local serial console port exists in certain versions of GarrettCom’s MNS–6K and MNS–6K-SECURE software. Cylance has identified an unforseen method whereby a user authenticated as ‘guest’ or ‘operator’ can escalate privileges to the ‘factory’ account”
GarretCom switches are marketed as “Hardened” and used in traffic control systems, railroad communications systems, power plants, electrical substations, and even US military sites. Beyond simple L2 and L3 networking these devices are also used for serial-to-ip conversion in SCADA systems
Original Advisory
ICS-CERT Advistory

Hackers claim to have stolen Mitt Romney’s tax returns from financial firm

A group claims to have broken into the offices of Price Waterhouse Cooper in Tennessee, accessed the network file servers and copied the Romney’s tax returns for the years before 2010
Later years were apparently not digitized yet and so were not able to be copied
It doesn’t seem correct to refer to the individuals as hackers because the data was physically stolen from unsecured file servers, rather than accessed remotely
The attackers seem to have thought ahead, going so far as to include secret statements in the copies of the documents sent to PWC and using those to authenticate themselves as the real attackers
The attackers claim to have send encrypted copies of the documents to the media, as well as both political parties
The attackers provide two bitcoin addresses, if the first receives 1 million USD worth of bitcoins before September 28th, then the encryption keys will be destroyed. If this does not happen, or if 1 million USD is sent to the second bitcoin address, the keys will be released publically
In Canada the Personal Information Protection and Electronic Documents Act (PIPEDA) mandates specific security measures be taken to safeguard such personal information, it seems that the security practices at PWC were extremely lax
The US Secret Service is investigating
Pastebin Post #1
Pastebin Post #2
Additional Coverage

Anti-sec releases 1 million iOS unique device ID, apparently stolen from FBI laptop

Anti-sec claims the original file they stole contains more than 12 million records
The file apparently includes detailed data, including the UDIDs, push notification tokens, device names, usernames, phone numbers, addresses and device types
Antisec claims to have remotely accessed Supervisor Special Agent Christopher K. Stangl’s Dell Vostro notebook in March 2012 using the AtomicReferenceArray Java vulnerability
"During the shell session some files were downloaded from his Desktop folder one of them with the name of ‘NCFTA_iOS_devices_intel.csv’
NCFTA is the: National Cyber Forensics and Training Alliance, a private group set up by a former FBI agent to facilitate information sharing between private companies and the FBI. Companies can share information with the 501(c)6 non-profit that they would be wary of (or prohibited from) sharing directly with the FBI
SSA Stangl is a member of the FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team
The FBI denies the claim . “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data”
A website has been setup to attempt to identify which apps or companies are sharing data with the FBI
Original Pastebin
Additional Coverage

Feedback:

Have some fun:

What will be in the news the week in October when Allan is at Euro BSD Con? Let make a prediction on the head lines or just make up funny stuff to read

What I wish the new hires “knew”

Round-Up:

The post Donated Privacy | TechSNAP 74 first appeared on Jupiter Broadcasting.

Cyber Warfare | TechSNAP 13

chris — Thu, 07 Jul 2011 22:21:42 +0000

Since the start of this show, one constant theme keeps coming to light, a new age of Cyber warfare has begun.

In this week’s episode we cover what critical targets hackers and foreign governments might target to wage Cyber Warfare

Plus what major attacks have already taken place? Some of which we are just now learning the ramifications of…

All that and more, on this week’s TechSNAP!

Direct Download Links:

Subscribe via RSS and iTunes:

[ad#shownotes]

Show Notes:

Thanks to the TechSNAP Redditors!

No Q&A this week, but we’re doing a double dose next week, send in your feedback and questions!

Attacks on Government:

Topic: Anonymous hacks 100 Turkish Government Sites

As part of Operation Anti-Sec, Anonymous has compromised the Turkish governments network of sites, and locked the administrators out.
A number of the sites appear to be for Hospitals and other medical facilities
The group released a 20MB archive on ThePirateBay, a complete dump of the content of each of the compromised sites.
Many of the sites were defaced
In a Cyber Warfare type situation, these types of actions could disable critical government functions, everything from weather forecasts to tax filing.

Submitted by: Acidpunk

Topic: Florida Elections Database Hacked

The database contained the names, usernames and plaintext passwords of election workers and polling stations
Username was first initial, last name, and password was first initial, last initial and 4 numbers. These passwords are too predictable and horribly insecure.

Submitted by: Deathwalk

Topic: Attacks on RoK Gov might have been Drills by DPRK

Attacks that crippled South Korean (Republic of Korea) government websites in July 2009 and again in March 2011 might have been cyber warfare drills conducted by North Korea (Democratic People’s Republic of Korea)
Attacks were likely reconnaissance to start building a detailed plan of attack in the event of war.
Much of the attack came from within South Korea, it is speculated that the virus was left on a number of South Korean file sharing sites, and then the resulting botnet of infected computers was used to take down the government websites.

Attacks on Media:

Topic: Washington Post hacked, 1.27m email addresses leaked

The Washington Post’s Jobs site was compromised on June 27th and 28th
1.27 Million Usernames and email addresses were leaked
The Washington Post claims that no passwords or other personal information were stolen (were the passwords just hashed, and therefore ‘not disclosed’, or did the attackers not gain access to the passwords?)

Topic: Fox News Twitter hacked, False Obama Death Notice

The @foxnewspolitics twitter account was hijacked and false news of US President Obama’s assassination was posted.
As with all incidents of this nature, it is being investigated by the Secret Service
BBC Coverage

Submitted by: beyere5398 and LeifAndersen

The Future:

Topic: The Pentagon Establishes Cyber Warfare Retaliation Policy

The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war
Foreign directed hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military
If a cyber attack causes significant disruption (for example, to the power grid), or death, then the attackers will be met with conventional armed force.
New York Times coverage

Topic: More is happening than we actually know

By reverse engineering a crashed EP-3E Aries II reconnaissance plane, the Chinese were able to begin intercepting encrypted US Navy communications
A few weeks after President Obama’s election, the Chinese flooded communications links they knew were monitored by the NSA with unencrypted copies of intercepted communications, proving they had compromised American communications links.

Topic: Cyber Warfare will be constant and often subtle

The attacks on RSA earlier this year were not conclusively linked to Cyber Warfare, they could have been the work of a lone hacker, a small group, or an organized government
The RSA hack later led to the compromise of secure systems at Lockheed Martin and other US arms manufacturers.
Earlier this year we also saw the compromise of a large number of email accounts belonging to government and military officials. This type of reconnaissance can be used to gather information that would allow attackers to break in to more secured systems over time.
Many attacks go unnoticed, as the perpetrators keep the systems just to be used to launch future attacks from. As we saw in the RSA hack, the attackers used an offsite webserver they had compromised earlier to send the data to, to avoid connecting directly to RSA and possibly leaving a trail. They then destroyed the webserver, breaking the link back to them
In the past was have discussed the similar tactic of Island hopping, compromising an outward facing system such as a web, mail or monitoring server, or the desktop of a secretary or other lower level employee, and then slowly gathering more and more information in order to compromise the true targets of the attack.

Submitted by: Raventiger

Roundup:
South Korea army, University to start Cyber Defense major – Submitted by: refuse2speak
Anonymous hacks apple server, leaks usernames and hashed passwords
The Fog of Cyber Warfare – A battle without borders? – Submitted by: Raventiger
Chicago Mercantile Exchange Secrets and Source Code Leaked To China