Flaws allow 3G devices to be tracked

Posted on October 9, 2012 by mea

Two attacks were conducted using off-the-shelf kit and a rooted — or modified — femtocell unit which broadcasted a 3G signal. The attacks were made by intercepting, altering and injecting 3G Layer-3 messages into communication between the base station and mobile phones in both directions.

via Flaws allow 3G devices to be tracked – Networks – SC Magazine Australia – Secure Business Intelligence.

The researchers wrote that the attacks could be used to track staff movements within a building.

“[The employer] would first use the femtocell to sniff a valid authentication request. This could happen in a different area than the monitored one. Then the employer would position the device near the entrance of the building. Movements inside the building could be tracked as well by placing additional devices to cover different areas of the building,” they wrote.

Sandia builds self-contained, Android-based network to study cyber disruptions and help secure hand-held devices

Posted on October 3, 2012 by mea

Sandia cyber researchers linked together 300,000 virtual hand-held computing devices running the Android operating system so they can study large networks of smartphones and find ways to make them more reliable and secure. Android dominates the smartphone industry and runs on a range of computing gadgets.

via Sandia National Laboratories: News Releases : Sandia builds self-contained, Android-based network to study cyber disruptions and help secure hand-held devices.

New Android Malware Is A Burglar’s Best Friend

Posted on September 30, 2012 by mea

Newly released malware PlaceRaider sounds like science fiction: It’s Android malware designed to build 3-D models of users’ apartments for burglars and assassins. But PlaceRaider–developed by a team at Indiana University–is very real. The new malware was built as an academic exercise, and it exposes security flaws that government agencies would love to use. More importantly, it also exposes unintended mobile functionality that large companies like Google could easily monetize.

via New Android Malware Is A Burglar’s Best Friend | Fast Company.

Note again that this is a proof of concept and not actual malware in the wild. It does inspire me to cover any phone or tablet camera with some kind of opaque tape.

3 years later, hackers who hit Google continue string of potent attacks

Posted on September 11, 2012 by mea

The hackers who breached the defenses of Google and at least 34 other big companies three years ago have unleashed a barrage of new attacks since then, many that exploit previously undocumented vulnerabilities in software from Microsoft and Adobe, a new report has found.

via 3 years later, hackers who hit Google continue string of potent attacks | Ars Technica.

Researchers have dubbed this approach “watering hole” attacks, and say they’re “similar to a predator waiting at a watering hole in a desert. The predator knows that victims will eventually have to come to the watering hole, so rather than go hunting, he waits for his victims to come to him.”

On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces

Posted on September 6, 2012 by mea

The security risks involved in using consumer-grade BCI devices have never been studied and the impact of malicious software with access to the device is unexplored. We take a first step in studying the security implications of such devices and demonstrate that this upcoming technology could be turned against users to reveal their private and secret information. We use inexpensive electroencephalography (EEG) based BCI devices to test the feasibility of simple, yet effective, attacks. The captured EEG signal could reveal the user’s private informa- tion about, e.g., bank cards, PIN numbers, area of living, the knowledge of the known persons. This is the first attempt to study the security implications of consumer-grade BCI devices. We show that the entropy of the private information is decreased on the average by approximately 15 % – 40 % compared to random guessing attacks.

via On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces | USENIX.

Researchers Identify Four BlackBerry Zitmo Variants

Posted on August 8, 2012 by mea

Zitmo refers to a version of the Zeus malware that specifically targets mobile devices. Previous Zitmos variants masqueraded as banking security applications or security add-ons to circumvent out-of-band authentication systems used by some financial institutions by intercepting one-time passwords sent via text message and forwarding it to a another cell number that acted as a command-and-control device.

via Researchers Identify Four BlackBerry Zitmo Variants | SecurityWeek.Com.

Collaborating on research is important because the vulnerability doesn’t have to be within BlackBerry’s code to compromise the platform, Stone noted. For example, researchers exploited issues in the open source browser engine Webkit to hack a BlackBerry last year’s CanSecWest Pwn2Own contest. It’s about “protecting the ecosystem,” as one vulnerability identified in one platform can easily exist in another platform, Stone said.

Poison Attacks Against Machine Learning

Posted on July 22, 2012 by mea

With AI systems becoming more common, we have to start worrying about security. A network intrusion may be all the more serious if it is a neural net that is affected. New results indicate that it may be easier than we thought to provide data to a learning program that causes it to learn the wrong things.

via Poison Attacks Against Machine Learning.

Malware author taunts security researchers with built-in chat

Posted on June 27, 2012 by mea

Security researchers from AVG were decompiling a trojan — it had been originally posted to a Diablo III forum, masquerading as a how-to video — when the malware’s author popped up in a window on their screen. It turned out that the trojan had a built-in chat, as well as a screen-capture facility. The hacker who wrote the malware saw them working on defeating her or his virus and decided to tell them off for their audacity. Franklin Zhao and Jason Zhou, the AVG researchers, wrote up their experience:

via Malware author taunts security researchers with built-in chat – Boing Boing.

Engineers ponder easier fix to dangerous Internet problem

Posted on April 27, 2012 by mea

But the routers do not verify that the route “announcements,” as they are called, are correct. Mistakes in entering the information — or worse yet, a malicious attack — can cause a network to become unavailable.

It can also cause, for example, a company’s Internet traffic to be circuitously routed through another network it does not need to go through, opening the possibility the traffic could be intercepted. The attack is known as “route hijacking,” and can’t be stopped by any security product.

via Engineers ponder easier fix to dangerous Internet problem | ITworld.

In March 2011, a researcher noticed that traffic destined for Facebook on AT&T’s network strangely went through China for a while. While the requests would normally go directly to Facebook’s network provider, the traffic first went through China Telecom and then to SK Broadband in South Korea before routing to Facebook. Although the incident was characterized as a mistake, it would have been possible for unencrypted Facebook traffic to have been spied on.

Researchers create stealth virtual machine that can run alongside insecure VMs

Posted on October 7, 2011 by mea

A team of researchers have devised a way to create an isolated and trusted environment on virtualized servers. Called the “Strongly Isolated Computing Environment” (SICE), the approach makes it possible to run sensitive computing processes alongside less secure workloads on the same physical hardware.

via Researchers create stealth virtual machine that can run alongside insecure VMs.

Bucktown Bell

Cut to the chase.

Tag Archives: security research