The release of the new custom firmware – and the LV0 decryption keys in particular – poses serious issues. While Sony will almost certainly change the PSN passphrase once again in the upcoming 4.30 update, the reveal of the LV0 key basically means that any system update released by Sony going forward can be decrypted with little or no effort whatsoever. Options Sony has in battling this leak are limited – every PS3 out there needs to be able to decrypt any firmware download package in order for the console to be updated (a 2006 launch PS3 can still update directly to the latest software). The release of the LV0 key allows for that to be achieved on PC, with the CoreOS and XMB files then re-encrypted using the existing 3.55 keys in order to be run on hacked consoles.
Category Archives: Technical
The Honeynet Project
The HoneyMap shows a real-time visualization of attacks against the Honeynet Project’s sensors deployed around the world. It leverages the internal data sharing protocol hpfeeds as its data source. Read this post to learn about the technical details and frequently asked questions. Before going into explanations, take a look at the map itself: map.honeynet.org!
Next-Generation Malware: Changing The Game In Security’s Operations Center
In a nutshell, the process of malware analysis and defense has evolved from a “set it and forget it” task into a skills-intensive, do-it-yourself research project. And that shift is having a profound effect on the staffing and day-to-day activities of the enterprise security department.
via Next-Generation Malware: Changing The Game In Security’s Operations Center – Dark Reading.
In the meantime, however, the best strategy for stopping next-generation malware is not to rely too heavily on any one technology, Manky advises. A combination of signature-based tools, behavior-based tools, traditional perimeter defenses, and next-generation application defenses can create such a muddle of problems for attackers that can discourage them — and send them looking for easier pickings elsewhere, he says.
Dodging 5 Dangerous Database Default Settings
Because database configurations can make all the difference between safeguarding data stores and leaving them dangerously vulnerable to big data breaches, security experts recommend taking a look at all of your database’s default settings for weakness. But, in particular, the following defaults pose the biggest risks.
via Dodging 5 Dangerous Database Default Settings – Dark Reading.
- Default Passwords And Accounts
- Allowing Direct Table Access
- Keeping Default Stored Procedures
- Encryption Keys Stored With Database
- Unnecessary Services and Applications
Popular RATs Found Riddled With Bugs, Weak Crypto
The researchers, in conjunction with their research paper (PDF), released tools for decrypting RAT traffic and proof-of-concept exploits for the bugs they found. They found that the tools include weak, or no, encryption: Bandook, for example, uses obfuscation, not encryption, to protect its traffic between the victim’s machine and the C&C server.
via Popular RATs Found Riddled With Bugs, Weak Crypto – Dark Reading.
“A good understanding of their protocols is critical to network and system administrators deploying tools that can notice the presence of a RAT,” they said.
RAT = Remote Administrative Tool which is a tool used by the bad guys to snoop on a victim. To the victim this is more commonly referred to as a trojan.
Facing Espionage, US Rejects Changes to Global Telecom
Countries would also be able to charge fees for international Internet traffic and establish new engineering and technical guidelines that would affect how the Internet works.
via Facing Espionage, US Rejects Changes to Global Telecom | International | World | Epoch Times.
He also said the ITU’s regulations are “not an appropriate or useful venue to address cybersecurity,” and added, “We are very sensitive about any one organization taking on the sole role of solving cyberthreats.”
Alcatel-Lucent Enhances VDSL2 Vectoring
Vectoring, the market term for the ITU’s G.993.5 standard (also known as G.Vector), is a noise cancellation technology that reduces the interference between bundled copper lines and boosts the speed and reach of VDSL2 broadband connections. It is also known as DSM (Dynamic Spectrum Management) Level 3.
If AlcaLu can deliver effective vectoring capabilities using installed CPE, then that’s only going to expand the market potential for its system, especially as more operators look for ways to extend the useful life of their copper plant before taking the plunge into fiber-to-the-home (FTTH).
Intel wants to micromanage tablet makers in the name of battery life
Intel even wants to dictate the components in displays—it wants manufacturers to begin putting small amounts of RAM into their display panels to make them capable of storing static images. That way, if a user is reading a document or webpage but not interacting with anything on the screen, the computer could display a static image of the screen rather than continuously refreshing it for no reason.
via Intel wants to micromanage tablet makers in the name of battery life | Ars Technica.
New Android Malware Is A Burglar’s Best Friend
Newly released malware PlaceRaider sounds like science fiction: It’s Android malware designed to build 3-D models of users’ apartments for burglars and assassins. But PlaceRaider–developed by a team at Indiana University–is very real. The new malware was built as an academic exercise, and it exposes security flaws that government agencies would love to use. More importantly, it also exposes unintended mobile functionality that large companies like Google could easily monetize.
via New Android Malware Is A Burglar’s Best Friend | Fast Company.
Note again that this is a proof of concept and not actual malware in the wild. It does inspire me to cover any phone or tablet camera with some kind of opaque tape.
FFmpeg Reaches Version 1.0
The initial release of this open-source multi-media library came in December of 2000, but only now twelve years later has it hit the over-emphasized 1.0 milestone. Michael Niedermayer, the official FFmpeg maintainer since 2004, mentioned on the developers list that he uploaded the 1.0 release. However, he’s not updating the FFmpeg main page until after he’s got “a bit of sleep”, so the official announcement is likely still a couple of hours out.