“In that demonstration, the LEDs, touch sensors, microcontrollers, and the wireless communication are all powered by those ambient TV signals,” says Gollakota.
via Devices Connect with Borrowed TV Signals, and Need No Power Source | MIT Technology Review.
The RFID output that the Arduino gets is a 10-digit hexadecimal. With that in hand, Brown said it’s simple to replicate the remotely stolen information using a Proxmark device.
The unfortunate reality, according to Brown, is that with most of the building security badges that are running at 125KHz, there is no secure authentication mechanism.
Once the charger is plugged in and the user inputs their PIN code, the charger silently and invisibly removes the target app, in this case the official Facebook app. It then replaces it – in exactly the same position on your iPhone/iPad homescreen – with what looks like a perfect replacement.
In actual fact this is malware and once you launch it, your phone/tablet has been compromised. This malware could be used to capture passwords, take screenshots, access your contacts, messages and phone calls, or even make premium rate calls.
via iPhone Hacked in Under 60 Seconds Using Malicious Charger – IBTimes UK.
I recently wrote a popular article on the history of computer power supplies, which led to speculation on what’s inside those amazingly small one-inch cube USB chargers sold by Apple, Samsung, RIM, and other companies. In the interest of science, I bought a cheap no-name cube charger off eBay for $2.79, and took it apart. It’s amazing that manufacturers can build and sell a complex charger for just a few dollars. It looks a lot like a genuine Apple charger and cost a lot less. But looking inside, I found that important safety corners were cut, which could lead to a 340 volt surprise. In addition, the interference from a cheap charger like this can cause touchscreen malfunctions. Thus, I recommend spending a few dollars more to get a brand-name charger.
via Ken Shirriff’s blog: Tiny, cheap, and dangerous: Inside a (fake) iPhone charger.
Here are five true tales of bringing down the baddies. I can’t say I’m proud of all the things I did, but the stories speak for themselves. Got one of your own to pass along? Send it my way, or share it in the comments.
via True tales of mostly white-hat hacking | Security – InfoWorld.
Posing as a regular customer, we complained that we thought someone was attacking our cable box and asked if the technician could take a look at our device’s firewall log to confirm. A few minutes later up popped the technician’s shadow and passwd password files. When executed, our encoded malicious JavaScript packet would look for various password and configuration files and, if found, send them back to us. The technician had viewed the firewall log, the XSS had launched, and we ended up with the company’s enterprise-wide root password. All of this hacking occurred in about six hours. In less than a day we had fatally compromised the set-top box and pwned the whole company.
Designed to exploit the domain cookie trust model, CSRF attacks essentially take advantage of the trust the Web application has in its authenticated users, says Subu Ramanathan, principal consultant with Security Compass.
“In order to execute this attack, a user would have to navigate to a malicious website while logged into the victim Web application,” says Ramanathan. “The malicious website, being designed to attack users of the victim application, would make [requests] to complete sensitive transactions on the victim application on behalf of the user behind the scenes.”
Too hard. Let’s try some side channels. Let me show you how you can view all SSL encrypted data, via exploiting Amazon 1Button App installed on your victims’ browsers.
via Jealous of PRISM? Use “Amazon 1 Button” Chrome extension to sniff all HTTPS websites!.
tldr; uninstall NOW!
I’ve been a longtime friend to one cyber warrior. On condition of anonymity, he agreed to be interviewed about what he does for a living and allowed me to record our conversation on a device he controlled, from which I transcribed our conversation. I was able to ask clarifying questions the next day.
via In his own words: Confessions of a cyber warrior | Security – InfoWorld.
The brainchild of researchers at the University of Illinois at Chicago, Cloudsweeper’s account theft audit tool scans your inbox and presents a breakdown of how many accounts connected to that address an attacker could seize if he gained access to your Gmail. Cloudsweeper then tries to put an aggregate price tag on your inbox, a figure that’s computed by totaling the resale value of other account credentials that crooks can steal if they hijack your email.
As a result, developers have to design with the dangers in mind and weigh that against the type and sensitivity of data stored in the client. At the moment, many development shops are not training their staffs to do that, says David Eads, founder of Mobile Strategy Partners, a mobile development firm that specializes in financial and insurance applications. In fact, he recently ran into a bank that used example HTML5 code for training developers that put data in permanent storage on the client system as opposed to temporary storage.