Did A Hacker OD?

Top hacker Barnaby Jack died from mixing too many drugs in one session, a coroner’s report shows. Kiwi-born Jack was supposed to give a talk at a security conference when he was found dead in his bed.

Conspiracy nuts raised an eyebrow or two when it was revealed that Jack’s death occurred shortly before he was due to demonstrate how heart implants could be hacked at the Black Hat security conference in Las Vegas. He did not have a mark on him and showed no signs of trauma. However, now a coroner’s report has shown that Jack had a mix of heroin, cocaine and prescription drugs in his system. And he died of “acute mixed drug intoxication.”

Jack rose to fame after a 2010 demonstration, in which he hacked a cash machine, making it give out money. Jack’s girlfriend had found him lying in bed unresponsive, with “multiple bottles of beer and champagne” in the rubbish bin, so it must have been a hell of a night.

Source

Some ATMs Still On XP

Cyber-criminals have been cutting holes into European cash machines in order to infect them with malware.

The holes were cut so that the hackers could plug in USB drives that installed their code onto the ATMs. Details of the attacks on an unnamed European bank’s cash dispensers were presented at the hacker-themed Chaos Computing Congress in Hamburg, Germany.

The thefts came to light in July after the lender involved noticed several its ATMs were being emptied. The bank discovered the criminals were vandalising the machines to use the infected USB sticks. Once the malware had been transferred, they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered.

The attackers could take the highest value banknotes in order to minimise the amount of time they were exposed. Interestingly the software required the thief to enter a second code in response to numbers shown on the ATM’s screen before they could release the money and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed. This stopped the criminals going alone.

Source

Adobe Data Found Online

A computer security firm has discovered data it says belongs to some 152 million Adobe Systems Inc user accounts, suggesting that a breach reported a month ago is much larger than Adobe has so far disclosed and is one of the largest on record.

LastPass, a password security firm, said that it has found email addresses, encrypted passwords and password hints stored in clear text from Adobe user accounts on an underground website frequented by cyber criminals.

Adobe said last week that attackers had stolen data on more than 38 million customer accounts, on top of the theft of information on nearly 3 million accounts that it disclosed nearly a month earlier.

The maker of Photoshop and Acrobat software confirmed that LastPass had found records stolen from its data center, but downplayed the significance of the security firm’s findings.

While the new findings from LastPass indicate that the Adobe breach is far bigger than previously known, company spokeswoman Heather Edell said it was not accurate to say 152 million customer accounts had been compromised because the database attacked was a backup system about to be decommissioned.

She said the records include some 25 million records containing invalid email addresses, 18 million with invalid passwords. She added that “a large percentage” of the accounts were fictitious, having been set up for one-time use so that their creators could get free software or other perks.

She also said that the company is continuing to work with law enforcement and outside investigators to determine the cost and scope of the breach, which resulted in the theft of customer data as well as source code to several software titles.

The company has notified some 38 million active Adobe ID users and is now contacting holders of inactive accounts, she said.

Paul Stephens, director of policy and advocacy for the non-profit Privacy Rights Clearinghouse, said information in an inactive database is often useful to criminals.

He said they might use it to engage in “phishing” scams or attempt to figure out passwords using the hints provided for some of the accounts in the database. In some cases, people whose data was exposed might not be aware of it because they have not accessed the out-of-date accounts, he said.

“Potentially it’s the website you’ve forgotten about that poses the greater risk,” he said. “What if somebody set up an account with Adobe ten years ago and forgot about it and they use the same password there that they use on other sites?”

Source

ATM Malware Found In Mexico

A malicious software program identified in ATMs in Mexico has been improved and translated into English, which suggests it may be used elsewhere, according to security vendor Symantec.

Two versions of the malware, called Ploutus, have been discovered, both of which are engineered to empty a certain type of ATM, which Symantec has not identified.

In contrast to most malware, Ploutus is installed the old-fashioned way — by inserting a CD boot disk into the innards of an ATM machine running Microsoft Windows. The installation method suggests that cybercriminals are targeting standalone ATMs where access is easier.

The first version of Ploutus displays a graphical user interface after the thief enters a numerical sequence on an ATM’s keypad, although the malware can be controlled by a keyboard, wrote Daniel Regalado, a Symantec malware analyst, on Oct. 11.

Ploutus is programmed for a specific ATM model since it assumes there is a maximum of four cassettes per dispenser in the ATM. It then calculates the amount of money that should be dispensed based on the number of bills. If any of the cassettes have less than the maximum number of 40 bills, it releases whatever is left, repeating that process until the ATM is empty.

Kevin Haley, director of Symantec Security Response, said in an interview earlier this month that the attackers have deep knowledge of the software and hardware of the particular ATM model.

“They clearly know how this machine worked,” he said.

The source code of Ploutus “contains Spanish function names and poor English grammar that suggests the malware may have been coded by Spanish-speaking developers,” Regalado wrote.

In a new blog post, Regalado wrote that the attackers made Ploutus more robust and translated it into English, indicating the same ATM software can be exploited in countries other than Mexico.

The “B” variant of Ploutus has some differences. It only accepts commands through the keypad but will display a window showing the money available in the machine along with a transaction log as it dispenses cash. An attacker cannot enter a specific number of bills, so Ploutus withdraws money from the cassette with the most available bills, Regalado wrote.

Symantec advised those with ATMs to change the BIOS boot order to only boot from the hard disk and not CDs, DVDs or USB sticks. The BIOS should also be password protected so the boot options can’t be changed, Regalado wrote.

Source

MediaTek’s Octa-Core Processor Tested

MediaTek raised quite a few eyebrows earlier this year when it announced it would build the world’s first proper ARM octa-core, not a big.LITTLE design. The MT6592 has now popped up on a Chinese site, with the first Antutu results.

It scored 25,496, which places it behind the 1.7GHz Snapdragon in the HTC One, but it’s still a lot faster than the Nexus 4’s Qualcomm APQ8064, although throttling may have something to do with that. The score seems too high, but not long after the results emerged, a number of mobile sites started talking about disappointing results, claiming that MediaTek’s octa-core was somehow supposed to end up on a par with Samsung’s latest Exynos 5 big.LITTLE chip and the Qualcomm 800.

This of course is utter rubbish and FUD of the highest order.

The 28nm MT6592 is indeed an octa-core, but it has eight A7 cores, not a combo of A15 and A7 cores. The A7 is about one fifth of the die area of an A15 and according to ARM it consumes one quarter to one fifth of the power, making such comparisons asinine. In other words, MediaTek’s octa-core should end up a lot smaller and cheaper than a quad A15, maybe even a quad A12. That is why we find the 25,496 result hard to believe – it should be less, not more. For example, the Tegra 4 on Shield hits about 36,000, yet it’s a much bigger chip, on a device with more RAM.

The benchmarked chip ran at 1.7GHz, but MediaTek said the MT6592 should have no trouble hitting 2GHz, which could make it faster than a Snapdragon 600. What’s more, the tested device featured 1GB of RAM, 720p display and a Mali-450 GPU, so it is clearly not high-end.

However, the big problem for MediaTek’s curious new SoC is the sheer number of cores. Most apps simply can’t put them to good use and unless MediaTek has a clever trick up its sleeve, the chip might not be nearly as fast in real world applications. It does look promising in benchmarks, though.

Source

Google Snubs Privacy

Search giant Google has told the British government it is immune to prosecution on privacy issues and it can do what it like. The US Company is accused of illegally snooping on its British customers by bypassing privacy settings on Apple devices, such as iPads, to track their browsing history.

A group of British people took Google to court but the search engine is trying to get the case thrown out. Its argument is that it is not subject to British privacy law because it is based in California. This is the second time that Google has tried to avoid British law by pretending to operate in another country. It has come under fire for failing to pay tax in the UK

Nick Pickles, director of Big Brother Watch, said: ‘It is deeply worrying for a company with millions of British users to be brazenly saying they do not regard themselves bound by UK law. Solicitor Dan Tench, of law firm Olswang, said this was another instance of Google being here when it suits them and not being here when it doesn’t. Ironically when the US ordered Google to stop what it was doing, it forced the search engine to pay a $22.5million to regulators.

There are some indications that Google may not get its way. In July the Information Commissioner’s Office told Google its privacy rules breached UK law so it will be very hard for it to stand up in court and say it didn’t.

Source

Hackers Dupe Apple

Apple’s security was once again made a laughing stock as a team of researchers demonstrated how it is possible to sneak apps past Apple’s test regime. A group of researchers presenting at Usenix were able to spreading malicious chunks of code through an apparently-innocuous app for activation later.

According to their paper the Georgia Tech team wanted to create code that could be rearranged after it had passed AppStore’s tests. The code would look innocuous running in the test environment, be approved and signed, and would later be turned into a malicious app.

They created an app that operated as a Georgia Tech “news” feed but had malicious code was distributed throughout the app as “code gadgets” that were idle until the app received the instruction to rearrange them. After the app passes the App Review and lands on the end user device, the attacker can remotely exploit the planted vulnerabilities and assemble the malicious logic at runtime by chaining the code gadgets together.

The instructions for reassembly of the app arrive through a phone-home after the app is installed.

The app will run inside the iOS sandbox, but can successfully perform many malicious tasks, such as stealthily posting tweets, taking photos, stealing device identity information, sending email and SMS, attacking other apps, and even exploiting kernel vulnerabilities.

Source

SanDisk Debuts Wireless Flash Drive

SanDisk on Monday announced a line of wireless flash drives that can hold up to 64GB of data.

The new drives include the Connect Wireless Flash Drive — a thumb drive — and the Connect Wireless Media Drive, a larger, but still pocket-sized storage device. The Connect Wireless Flash Drive comes in 16GB and 32GB capacities; the Connect Wireless Media Drive comes in 32GB and 64GB capacities.

The Connect Wireless Flash drive is 3.07-in. x 1.04-in. x 0.54-in. The Connect Wireless Media Drive is 2.6-in. x 2.6-in. x 0.52-in.

The Connect Wireless drive family allows users to not only store but share and stream files across multiple mobile devices. They offer up to eight simultaneous device connections and three media streams, and support separate streams of 720p video content at 2MB/sec to three or five devices concurrently (for the Flash Drive and Media Drive, respectively).

According to a SanDisk spokesman, video streaming performance isn’t affected by multiple streams because device limits are set at a point that supports the streams without degradation. Devices can connect to the drives up to 150 feet away.

The Connect Wireless drives work with all iOS and Android devices, and Kindle Fire tablets, as well as PC and Mac computers. The drives are compatible with Windows 8, Windows 7, Windows Vista, Windows XP and Mac OS 10.6 or higher

Movies, music, photos and documents can be loaded onto the wireless drives by simply dragging and dropping the files, which can then be accessed via the SanDisk Connect apps. Those apps are available for download from the App Store, Google Play Store and the Amazon Appstore for Android.

The drives contain an internal router, so no external router or Internet connection is needed to stream media. In order to use the drives, mobile device users simply download SanDisk’s Connect App.

The drives run on lithium-ion batteries. A single charge provides up to four hours of wireless streaming, with streaming data protected by Wi-Fi Password Protection (WPA2).

“With the new SanDisk Connect product line, we’re raising the bar on what consumers can expect from personal storage,” said Dinesh Bahal, vice president for product marketing for SanDisk.

The SanDisk Connect Wireless Flash Drive is available in 16GB or 32GB capacities for $49.99 and $59.99, respectively. In the U.S., it is available for preorder on Amazon.com, Newegg.com and Micro Center, with availability at Best Buy starting in August. It will also be available for preorder on Amazon.com in Germany and UK.

The SanDisk Connect Wireless Media Drive has a retail price of $79.99 for 32GB or $99.99 for 64GB storage capacity. It is available for preorder in the U.S. on Amazon.com, with availability in Germany and UK in the fourth quarter of 2013.

Source

Phishing Attacks Increasing

Security researchers at Kaspersky Lab have reported significant growth in phishing attacks over the last year.

In a study entitled “The Evolution of Phishing Attacks”, Kaspersky said it found 37.3 million out of its 50 million customers running its security products that were at risk of being phished from 2012 to the present, an 87 percent increase over the same period between 2011 and 2012.

“The nature of phishing attacks is such that the simplest types can be launched without any major infrastructure investments or in-depth technological research,” Kaspersky said in the report.

“This situation has led to its own form of ‘commercialization’ of these types of attacks, and phishing is now being almost industrialized, both by cybercriminals with professional technological skills and IT dilettantes.”

The security firm explained that overall, the effectiveness of phishing, combined with its profitability for criminals and how simple the process is to undertake has led to a steadily rising number of these types of incidents.

Kaspersky noted that most of the victims in 2012-2013 were located in just ten countries, that is, Russia, the US, India, Germany, Vietnam, the UK, France, Italy, China and Ukraine. These 10 countries were home to 64 percent of all phishing attack victims during this time.

In addition to a rise in the number of users attacked, the number of servers involved in phishing attacks also increased, Kaspersky said, without giving any exact numbers. Though the firm did reveal that internet giants like Yahoo, Google, Facebook and Amazon are the top targets of malicious users.

“Online game services, online payment systems, and the websites of banks and other credit and financial organizations are also common targets,” the firm added, warning users to stay vigilant when entering personal data.

Source

Google Fights NSL Over Data Privacy

Google is fighting a National Security Letter (NSL) issued by the US government, with the Electronic Frontier Foundation (EFF) acknowledging it is one of the first firms to do so.

Google took the unusual step last month of revealing, albeit in vague terms, the number of NSLs it received from the US government. At the time the company said it was working with the authorities to improve transparency around the subject, but according to court filings it is also fighting against handing over users’ data.

In March, Google filed a petition to set aside a legal process. Kevan Fornasero, a lawyer for Google said in the filing that petitions “filed under Section 3511 of Title 18 to set aside legal process issued under Section 2709 of Title 18 must be filed under seal because Section 2709 prohibits disclosure of the legal process”.

Fornasero’s reference to Section 2709 refers to the ability of the FBI to issue NSLs and force the handover of user data. According to the EFF, Google is one of the first communications companies to fight an NSL, but because Section 2709 doesn’t allow firms to disclose the legal process, few people can be certain that others haven’t tried to stand up to the US government.

Matt Zimmerman, a lawyer for the EFF said, “The people who are in the best position to challenge the practice are people like Google. So far no one has really stood up for their users’ among large Internet service providers.”

Google has tried in recent years to provide users with some information on how it deals with government agencies’ requests for user data. If the firm can succeed in its fight against NSLs then it could open the floodgates for others to stand up against a law that some see to be nothing more than a snooper’s charter.

Source

« Previous Page — Next Page »