Hack Your Ways

Silent Circle's Blackphone:- The World's Most Secure Solution in Mobile Privacy.

noreply@blogger.com (Hack Your Ways) — Tue, 25 Feb 2014 18:03:00 +0000

The Blackphone, a privacy and security focused encrypted Smartphone from Silent Circle and Spanish Smartphone maker Geeksphone was announced today at the Mobile World Congress expo in Barcelona.
The Blackphone handset, which is being unveiled at the event, goes on sale in June for $629.

It works on a fully security-hardened version of of Android called PrivatOS and is pre-installed with lots of privacy-enabled applications such as secure calling and text messaging, encrypted file transfer and video chat.
The communications functions will be based on technology from Silent Circle, a U.S. provider of secure messaging co-founded by a respected Cryptographer Phil Zimmermann, best known as the creator of Pretty Good Privacy (PGP), which is a widely used email encryption software.
It has a 4.7-inch HD IPS display, a 2GHz quad-core processor, 16GB of storage, an 8-megapixel camera, LTE connectivity.

There is also a Wi-Fi connection manager for greater security on public networks, and a software that makes it possible to securely remote-wipe your device, and facilitate its recovery.Plus bundled in your cost of device are two years of Silent Circle, two years of Disconnect (secure/non-trackable search), two years of SpiderOak (secure cloud storage), unlimited use of Kismet (Wi-Fi analyzer product), and some gift subscriptions to Silent Circle so that your friends and family won’t have to sign up separately to talk with you.
Mike Janke, co-founder and CEO of Silent Circle told Mashable, "If you are on the terrorist wanted list or a criminal, intelligence services will get into your device. There's no such thing as 100% secure phone as Blackphone cannot mask metadata entirely from NSA.

Banking Malware Distributed via YouTube Ads.

noreply@blogger.com (Hack Your Ways) — Tue, 25 Feb 2014 15:40:00 +0000

Malvertising attacks are becoming more and more common and it appears that not even YouTube users are safe.
Security researchers from Bromium Labs recently found that YouTube advertising network has been used by cyber criminals to distribute malware. According to experts, cyber criminals compromised an ad network and were redirecting users to malicious websites, hosting the 'Styx Exploit Kit' and infect users computer with Caphaw Banking Trojan..
This particular exploit kit is designed to exploit java vulnerability (CVE-2013-2460) in outdated versions, once in the targets computer system the malware detects the Java version installed on the operating system and based upon it loads suitable exploit compatible with the installed java version.
The command and control server (C&C) used by the cyber criminals appears to be hosted in Europe and it relies on a domain generation algorithm (DGA). Researcher has notified Google of the attack, but so far, they still do not know how the cyber criminals have pulled it off to evade Google’s internal advertisement security checks.And how many users had become victim of this attack is yet a question.
Google has confirmed that a rogue advertiser was behind this malvertisment and also said it has taken this campaign off and is beefing up internal procedures to prevent such events from occurring again.

EC Council hacked again,website defaced.

noreply@blogger.com (Hack Your Ways) — Mon, 24 Feb 2014 19:32:00 +0000

EC-Council, an organization that offers Certified Ethical Hacker(CEH) has been hacked by a hacker named Eugene Belford (A character from the 1995's movie "Hackers").
Passport and photo ID details of more than 60,000 security professionals who have obtained or applied for the EC-Council's Certified Ethical Hacker certification are at risk after the breach, many of whom work in sensitive political and military positions. They include members of the US military, FBI, United Nations, and National Security Agency.
The hacker left the EC-Council website with the Passport of Edward Snowden and documents proving that Snowden attended the CEH classes in India.

The self-described "certified unethical software security professional" responsible for the attack reportedly used a DNS redirect to access those details, which were stored in an inadequately protected location.
When we take a look at the source code, we can see that the hacker has uploaded two pictures directly on to the EC-Council web server.

As of still it seems as though EC-Council has not gained control of their website. An update was posted on the EC-Council site stating:
“owned by certified unethical software security professional
Obligatory link: http://attrition.org/errata/charlatan/ec-council/ -Eugene Belford

P.S It seems like lots of you are missing the point here, I’m sitting on thousands of passports belonging to LE (and .mil) officials”.

'The Mask', A Sophisticated cyber spying operation that has been under the mask for about 7 years.

noreply@blogger.com (Hack Your Ways) — Thu, 13 Feb 2014 18:38:00 +0000

Kaspersky Lab’s security research team have uncovered "The Mask" (aka Careto) a highly sophisticated cyber spying operation that has been alive since at least 2007 infecting more than 380 high-profile targets in 31 countries after investigating and monitoring data found on a set of command-and-control (C&C) servers used by the attackers. The main targets of the operation are government institutions; embassies and other diplomatic missions; energy, oil and gas companies; research institutions; private equity firms and activists.

Researchers dubbed the whole operation “The Mask,” the English translation for the Spanish word Careto, which is what the attackers called their main backdoor program. Based on other text strings found in the malware, the researchers believe its authors are probably proficient in Spanish.
Kaspersky's researchers believe this could be a nation-state sponsored operation as the level of operational security is not normal for cyber-criminal groups and might be new players on the global nation-state cyber-espionage stage.
When active in a victim system, The Mask can intercept network traffic, keystrokes, Skype conversations, PGP keys, analyze WiFi traffic, screen captures and monitor all file operations, collecting a large list of documents from the infected system, including encryption keys, VPN configurations, SSH keys and RDP (remote desktop protocol) files.They also found several extensions which have not been able to identify and could be related to custom military/government-level encryption tools.

Infections have been observed in: Algeria, Argentina, Belgium, Bolivia, Brazil, China, Colombia, Costa Rica, Cuba, Egypt, France, Germany, Gibraltar, Guatemala, Iran, Iraq, Libya, Malaysia, Mexico, Morocco, Norway, Pakistan, Poland, South Africa, Spain, Switzerland, Tunisia, Turkey, United Kingdom, United States and Venezuela.

Victims were targeted using spear-phishing emails with links leading to websites that hosted exploits for Java and Adobe Flash Player, as well as malicious extensions for Mozilla Firefox and Google Chrome.These malicious links seemed to point to news websites, most of them Spanish dailies like El Mundo and El Pais. But they also included fake links to The Guardian, The Washington Post and Time.

The Mask Malware was designed to infect the 32- and 64-bit Windows versions, Mac OS X and Linux versions, but researchers believe that possibly there may be more versions for Android and iPhones (Apple iOS) platforms.

Researchers said,"This is not very common in APT [Advanced Persistent Threat] operations, putting the Mask into the ‘elite’ APT[Advanced Persistent Threat] groups section"because they observed a very high degree of professionalism in the operational procedures of the group behind this attack, including monitoring of their infrastructure, shutdown of the operation, avoiding curious eyes through access rules, using wiping instead of deletion for log files, etc.

This is why they call it Careto, or "The Mask."

It includes the most sophisticated backdoor SGH, which is designed to perform a large surveillance function and another backdoor called SBD (Shadowinteger's Backdoor) which uses open source tools like netcat is included in the malware.

The careto module used two layers of encryption both RSA and AES for its communication with the attackers’ command-and-control servers, preventing anyone who got physical access to the servers from reading the communication.

Kaspersky discovered the operation last year when the attackers attempted to exploit a five-year-old vulnerability in a previous generation of Kaspersky’s security software that had long-ago been patched and on investigation of this malware, CC servers were found down, which shows that attacker group was monitoring all aspects related to the malware activity. Since there are no identified patterns in these attacks and who is behind these activities is yet a matter of investigation for the researchers.

Snapchat vulnerability allows hackers to launch DDoS attack and remotely crash your smartphone.

noreply@blogger.com (Hack Your Ways) — Mon, 10 Feb 2014 18:56:00 +0000

A new security bug has been reportedly discovered in photo sharing app, Snapchat,which could launch a DDoS attack on users smartphones and cause them to crash.

Jamie Sanchez, a Security researcher first reported the vulnerability which can enable an hacker to launch a massive spam and denial-of-service attacks.The bug could allow hackers to overload user's inbox with messages, and crash the iPhone, requiring the user to reset their device, and make Android devices noticeably slower.

Jamie Sanchez demonstrated the vulnerability to LA Times reporter,With consent, he sent 1,000 messages in 5 seconds to reporter account, which crashed his iPhone. Android phones apparently won’t crash with the attack, but they will significantly slow down, and the app itself becomes crippled.
He declined to contact Snapchat with his findings as he believes the company has no respect for the cyber security research community which was proved recently when the company did not pay much heed to researchers' warning about a vulnerability that could expose user data and ultimately published phone numbers of about 4.6 million users to prove their point.
Snapchat issued statement ,"We are working to resolve the issue and will be reaching out to the security researcher who publicized the attack to learn more".

the bug could allow hackers to overload an inbox with messages, and crash the iPhone, requiring the user to reset their device, and make Android devices noticeably slower. - See more at: https://www.authintmail.com/article/technology/snapchat-vulnerability-can-crash-your-smartphone#sthash.mpgzAVPJ.dpuf

QR Codes: Quick Response or a Quick Virus code?

noreply@blogger.com (Hack Your Ways) — Sun, 09 Feb 2014 13:09:00 +0000

Before scanning that QR code you just saw give it a second thought, Is it a clean code that will redirect you to an authentic site for the information you seek or a malicious code to breach your mobile security?

It seems like everywhere you look these days in business cards, ads, posters, websites, magazines, buses, almost on any object about which you might want to know more, you see a QR code which have proved to be the cheapest and easiest way to link the real world with the virtual.
QR code short for ‘Quick Response' code is a small two dimensional barcode that somewhat look like a scrambled checkerboards, invented by the Japanese corporation Denso Wave in 1994. Although these codes have been around for almost two decades, they were mainly used for industrial purposes until the last few years.

Why are QR codes so popular?
A Quick Response code is a type of matrix barcode that can store alphanumeric characters, in the form of URL's or text encoded in both vertical and horizontal direction, thus increasing its capacity of holding data than the traditional single dimensional barcodes i.e. 7,089 numeric characters or 4,296 alphanumeric characters and can store up to 2KB of data.
All you have to do is take a picture of a QR code with your smartphone camera and a QR reader application to scan it, the link within will direct you to websites, online videos or launch apps. The problem is there is no way to tell what's behind that QR code until scanned by QR code reader app. The biggest risk is if someone sees a random QR code that's not connected to anything just a sticker on the wall people cannot deny their own curiosity, they will scan it because they want to know what it is, and attackers depend on this curiosity and craft their attacks.

Mobile Malwares:-
According to McAfee Labs Mobile malwares have doubled in last year.

Scams involving QR codes are gaining popularity. There are many cases of malicious QR codes being neatly placed over legitimate ones known as QRishing similar to phishing attacks.

IOS Device:-
On IOS devices for example, hackers are using jail-break exploits to send users to websites that will jailbreak the device. When a user scans a QR code he is redirected to an unknown website. These are drive by download attack, where these website hosts modified jailbreak exploits. Once visited the user phone will be jail broken and additional malware would be installed such as GPS trackers and key loggers.

Android Based System:-
As Android is an open platform, cyber attackers can examine its source code easily and exploit its weaknesses. This makes it more susceptible to QR code attacks because android allows applications to run in the background and offers more app freedom. On an Android based system, the chances of getting infected are often much higher since applications are allowed to do actions such as sending SMS, taking pictures, making calls etc.

For example, a popular attack via QR code took place in Russia, and involved a Trojan disguised as a mobile app called Jimm. This malicious application required the following user permission.

User permission for Jimm.

Once installed, "Jimm” started to send a series of expensive SMS’s to premium numbers ($6 each).

Phishing Attack:-
Attackers are using QR codes to redirect users to fake websites for phishing. A malicious QR code will redirect users to a fake bank website that will look exactly like original bank website. Since most smartphone screens are small, a normal user may not see the difference and will type in his or her information and hand it to the attackers.The frequency of these attacks is not yet high, but it is definitely worth keeping an eye out.

How to protect yourself from malicious QR code?

Use a QR code reader app that has built-in security features.Just like getting an anti-virus program for your computers and laptops, there are many proactive software to help you protect your mobile device from such malicious QR code.

Norton Snap a QR code reader available for both Iphone and android scans a QR code and check the link, its content is shown to user before the link is visited so that the user can decide whether to continue loading the link or not.

Inspect the QR code and make sure it's not a sticker.While many QR code are found on website, the majority of the code you will encounter will be in the real world. You might have seen codes on stores displays, coffee shops or on any posters, before you scan it feel it and make sure it's not a sticker that has been placed over the real code.

Be Suspicious.If the QR code destination website asks for your personal information, don’t give it unless you have some trustworthy way of verifying that the website is legitimate. Still if you feel suspicious use your Common Sense, don’t fill it out.

Conclusions

The success behind QR code usage is largely pinned on its sheer simplicity. Marketing specialists love this technology so do cyber criminals. Therefore, be very careful when pointing your smartphone’s camera at a QR code.

Only use QR code reader software that allows the user to confirm the action to be taken i.e. visit a website or if you do not know and trust the link, cancel the action.

Android Security Tool 'Conceal' by Facebook to encrypt data on disk.

noreply@blogger.com (Hack Your Ways) — Sat, 08 Feb 2014 19:33:00 +0000

When you install an app on your phone, you don’t always install it on the phone itself. You often store new apps and data on the external SD Card, letting you add more storage space as needed.

Typically, an app that has permission to read and write data from an SD card has the permission to read all data on that card, including information written by other apps. This means that if you install a malicious application by mistake, it can easily steal any sensitive data from your phone's SD Card.
Engineers at Facebook have developed a way of protecting its popular Android apps when they’re stored on SD cards, and they’re now sharing this security tool called 'Conceal', that will allow app developers to encrypt data on disk in the most resource efficient way, with an easy-to-use programming interface.
Conceal, is a programming code library for safely encrypting and decrypting data stored on SD cards. The company is already using the tool with the primary Facebook app that runs on Android.According to Facebook software engineers the company started building the tool about six months ago, but it only recently decided to open source it.
This tool is based on algorithms from OpenSSL, a common open source encryption system for the web, but it’s designed specifically for mobile phones running Android — including low-end phones. The whole library takes up only about 85KB of space. Conceal is smaller and faster than existing Java crypto libraries, uses AES-GCM, an authenticated encryption algorithm that helps to detect any potential tampering with data.The library also provides resources for storing and managing keys to protect against known weaknesses in the Android's random number generator. Conceal officially supports Android 2.3 and higher (Gingerbread). It will run on 2.2 (Froyo) phones as well.

Information Security Conferences 2014.

noreply@blogger.com (Hack Your Ways) — Sat, 08 Feb 2014 13:15:00 +0000

Date: February 9 – 13, 2014.
Conference Title:- Kaspersky’s SAS 2014.
Where: Punta Cana, Dominican Republic.
Link to the event

Date: February 12 – 14, 2014.
Conference Title:- nullcon Security Conference 2014.
Where: Goa, India.
Link to the event

Date: February 15, 2014.
Conference Title:- BSides Tampa, Florida.
Where: Tampa, Florida, United States.
Link to the event

Date: February 17 – 18, 2014.
Conference Title:- Code Blue.
Where: Tokyo, Japan.
Link to the event

Date: February 17 – 20, 2014.
Conference Title:- 12th USENIX Conference on File and Storage Technologies .
Where: Santa Clara, CA, United States.
Link to the event

Date: February 23 – 26, 2014.
Conference Title:- NDSS Symposium 2014.
Where: San Diego, California, United States.
Link to the event

Date: February 23 – 26, 2014.
Conference Title:- 2014 Network and Distributed System Security Symposium.
Where: San Diego, CA, United States.
Link to the event

Date: February 24 – 28, 2014.
Conference Title:- RSA Conference USA 2014.
Where: Moscone Center, San Francisco, United States.
Link to the event

Date: February 28, 2014.
Conference Title:- International Symposium on Engineering Secure Software and Systems .
Where: Munich, Germany.
Link to the event

Date: March 1 – 2, 2014.
Conference Title:- The 10th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments.
Where: Salt Lake City, UT, United States.
Link to the event

Date: March 3 – 5, 2014.
Conference Title:- 21st International Workshop on Fast Software Encryption (FSE 2014).
Where: London, United Kingdom.
Link to the event

Date: March 3 – 7, 2014.
Conference Title:- Financial Cryptography and Data Security 2014 .
Where: Accra Beach Hotel, Barbados.
Link to the event

Date: March 6 – 8, 2014.
Conference Title:- Rooted CON.
Where: Hotel Auditorium de Madrid, Madrid, Spain.
Link to the event

Date: March 8, 2014.
Conference Title:- DEFCON Kerala (India).
Where: Kerala, India.
Link to the event

Date: March 12 – 14, 2014.
Conference Title:- CanSecWest 2014.
Where: Sheraton Wall Centre Hotel, Vancouver, Canada.
Link to the event

Date: March 14, 2014.
Conference Title:- Cyber Intelligence Asia 2014.
Where: Singapore.
Link to the event

Date: March 17 – 21, 2014.
Conference Title:- TROOPERS14.
Where: Heidelberg Germany.
Link to the event

Date: March 18, 2014.
Conference Title:- The International Conference on Computer Security and Digital Investigation (ComSec2014).
Where: Kuala Lumpur, Malaysia.
Link to the event

Date: March 20, 2014.
Conference Title:- Suits and Spooks.
Where: Singapore.
Link to the event

Date: March 20 – 21, 2014.
Conference Title:- Security B-Sides Austin.
Where: WinGate Williamson Conference Center Round Rock, Austin, Texas, USA.
Link to the event

Date: March 24 – 25, 2014.
Conference Title:- 9th International Conference on Cyber Warfare and Security ICCWS-2014.
Where: Purdue University, West Lafayette, Indiana, USA.
Link to the event

Date: March 26 – 28, 2014.
Conference Title:- IACR International Conference on Practice and Theory of Public-Key Cryptography (PKC).
Where: Buenos Aires, Argentina.
Link to the event

Date: March 25 – 28, 2014.
Conference Title:- Black Hat | Asia.
Where: Singapore.
Link to the event

Date: March 31 – April 2, 2014.
Conference Title:- Ignite 2014.
Where: The Cosmopolitan, Las Vegas, USA.
Link to the event

Date: March 31 – April 4, 2014.
Conference Title:- The Symposium on Security for Asia Network (SyScan).
Where: Swissotel, Merchant Court, Singapore.
Link to the event

Date: April 1 – 3, 2014.
Conference Title:- 13th European Security Conference & Exhibition .
Where: The Hague, Netherlands.
Link to the event

Date: April 2 – 4, 2014.
Conference Title:- 11th USENIX Symposium on Networked Systems Design and Implementation.
Where: Seattle, WA, United States.
Link to the event

Date: April 5 – 6, 2014.
Conference Title:- BSides Orlando, Florida.
Where: Orlando, Florida, United States.
Link to the event

Date: April 5 – 6, 2014.
Conference Title:- BSides Puerto Rico.
Where: Puerto Rico.
Link to the event

Date: April 7 – 9, 2014.
Conference Title:- InfoSec World.
Where: Disney Contemporary Resort, Orlando, Florida, United States.
Link to the event

Date: April 8 – 10, 2014.
Conference Title:- SOURCE Boston.
Where: Marriott Tremont, Boston, United States.
Link to the event

Date: April 10 – 13, 2014.
Conference Title:- notacon.
Where: Cleveland, Ohio, United States.
Link to the event

Date: April 11 – 12, 2014.
Conference Title:- 1st National Women in Cybersecurity Conference.
Where: Nashville, TN, United States.
Link to the event

Date: April 14 – 17, 2014.
Conference Title:- International Conference on Cyber-Physical Systems.
Where: Berlin, Germany.
Link to the event

Date: April 15 – 18, 2014.
Conference Title:- 2014 World Conference on Information Systems and Technologies (WorldCIST 14).
Where: Madeira, Portugal.
Link to the event

Date: April 17, 2014.
Conference Title:- Suits and Spooks.
Where: San Francisco, USA.
Link to the event

Date: April 25, 2014.
Conference Title:- THOTCON 0×5.
Where: Chicago, United States.
Link to the event

Date: April 27 – May 2, 2014.
Conference Title:- The United States Cyber Crime Conference.
Where: National Conference Center, DC Metro Area, USA.
Link to the event

Date: April 28 – 30, 2014.
Conference Title:- 2014 National Cyber Crime Conference.
Where: Four Points Sheraton, Norwood, United States.
Link to the event

Date: April 29- – May 1, 2014.
Conference Title:- The Third International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec2014).
Where: Faculty of Engineering – Lebanese University, Campus of Hadath, Beirut – Lebanon.
Link to the event

Date: April 30, 2014.
Conference Title:- Houston CISO Executive Summit.
Where: The Westin Houston, Memorial City, Houston, USA.
Link to the event

Date: May 6, 2014.
Conference Title:- Western Canada Information Security Conference.
Where: Winnipeg, Manitoba, Canada.
Link to the event

Date: May 9 – 10, 2014.
Conference Title:- BSides Boston, MA.
Where: Boston, MA, United States.
Link to the event

Date: May 11 – 15, 2014.
Conference Title:- Eurocrypt.
Where: Copenhagen, Denmark.
Link to the event

Date: May 12 – 14, 2014.
Conference Title:- Information Security Practice & Experience Conference.
Where: Fuzhou, China.
Link to the event

Date: May 12 – 16, 2014.
Conference Title:- AusCERT2014 (13th annual AusCERT Information Security Conference).
Where: Royal Pines Resort, Queensland Gold Coast, Australia.
Link to the event

Date: May 14, 2014.
Conference Title:- 35th IEEE Symposium on Security and Privacy.
Where: San Jose, CA, United States.
Link to the event

Date: May 14 – 17, 2014.
Conference Title:- 2014 Honeynet Project Workshop.
Where: Warsaw, Poland.
Link to the event

Date: May 15 – 16, 2014.
Conference Title:- Infiltrate 2014.
Where: Miami, United States.
Link to the event

Date: May 16 – 18, 2014.
Conference Title:- CarolinaCon 10.
Where: North Carolina, United States.
Link to the event

Date: May 17, 2014.
Conference Title:- BSides Nashville.
Where: Nashville, TN, USA.
Link to the event

Date: May 19, 2014.
Conference Title:- National Homeland Security Conference.
Where: Philadelphia, USA.
Link to the event

Date: May 27 – 30, 2014.
Conference Title:- Hack in the Box (HITB) Security Conference.
Where: Amsterdam, Netherlands.
Link to the event

Date: June, 2014.
Conference Title:- Shakacon Security Conference 2014.
Where: Honolulu, Hawaii.
Link to the event

Date: June 1 – 4, 2014.
Conference Title:- Sixteenth Annual International Techno Security Conference.
Where: Myrtle Beach Marriott Resort, South Carolina, USA.
Link to the event

Date: June 2 – 3, 2014.
Conference Title:- Area41 Security Conference.
Where: Zurich, Switzerland.
Link to the event

Date: June 4 – 7, 2014.
Conference Title:- IEEE Cyber 2014.
Where: Hong Kong, China.
Link to the event

Date: June 13 – 15, 2014.
Conference Title:- CircleCityCon.
Where: Hyatt Regency Indianapolis, USA.
Link to the event

Date: June 17 – 18, 2014.
Conference Title:- SC Congress Toronto.
Where: Metro Convention Center, Toronto, Canada.
Link to the event

Date: June 23 – 26, 2014.
Conference Title:- Security & Risk Management Summit.
Where: National Harbor, MD (Washington, D.C. area).
Link to the event

Date: June 23 – 26, 2014.
Conference Title:- OWASP AppSec Europe.
Where: Cambridge, United Kingdom.
Link to the event

Date: July 3 – 4, 2014.
Conference Title:- 13th European Conference on Cyber Warfare and Security ECCWS-2014.
Where: Piraeus, Greece.
Link to the event

Date: July 12 – 24, 2014.
Conference Title:- PST2014 International Conference on Privacy, Security and Trust (PST).
Where: Toronto, Canada.
Link to the event

Date: July 22 – 23, 2014.
Conference Title:- RSA Conference Asia Pacific & Japan.
Where: Marina Bay Sands, Singapore.
Link to the event

Date: July 18 – 20, 2014.
Conference Title:- Hope X.
Where: Hotel Pennsylvania, New York City, United States.
Link to the event

Date: August 2 – 7, 2014.
Conference Title:- Black Hat | USA.
Where: Las Vegas, Nevada, United States.
Link to the event

Date: August 5 – 6, 2014.
Conference Title:- BSides Las Vegas, United States.
Where: Las Vegas, Nevada, United States.
Link to the event

Date: August 7 – 10, 2014.
Conference Title:- DEF CON 22.
Where: Rio Hotel and Casino, Las Vegas, United States.
Link to the event

Date: August 17 – 21, 2014.
Conference Title:- CRYPTO 2014 (34rd International Cryptology Conference).
Where: University of California, Santa Barbara (UCSB), CA, United States.
Link to the event

Date: August 20 – 22, 2014.
Conference Title:- 23rd USENIX Security Symposium.
Where: San Diego, CA, United States.
Link to the event

Date: September 3 – 5, 2014.
Conference Title:- 9th Conference on Security and Cryptography for Networks.
Where: Amalfi, Italy.
Link to the event

Date: September 17 – 19, 2014.
Conference Title:- (LATINCRYPT) Third International Conference on Cryptology and Information Security in Latin America.
Where: Resort Costao do Santinho, Brazil.
Link to the event

Date: September 23 – 26, 2014.
Conference Title:- CHES 2014 (Cryptographic Hardware and Embedded Systems).
Where: Busan, Korea.
Link to the event

Date: September 23 – 27, 2014.
Conference Title:- BruCON Training and Conference 2014.
Where: Gent, Beligium.
Link to the event

Date: September 24 – 26, 2014.
Conference Title:- 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.
Where: Beijing, China.
Link to the event

Date: September 24 – 26, 2014.
Conference Title:- VB2014 – 24th Virus Bulletin International Conference.
Where: Seattle, WA, USA.
Link to the event

Date: October 2014.
Conference Title:- Toorcon 2014.
Where: San Diego, CA, United States.
Link to the event

Date: October 14 – 17, 2014.
Conference Title:- Black Hat Europe.
Where: Amsterdam, Netherlands.
Link to the event

Date: October 20 – 22, 2014.
Conference Title:- SecTor (Security Training and Conference).
Where: Toronto, ON, Canada.
Link to the event

Date: October 21 – 24, 2014.
Conference Title:- LASCON 2014.
Where: Austin, TX.
Link to the event

Date: November 9 – 14, 2014.
Conference Title:- 28th Large Installation System Administration Conference.
Where: Seattle, WA, United States.
Link to the event

Date: November 19 – 21, 2014.
Conference Title:-ISACA North America ISRM Conference.
Where: Las Vegas, NV, USA.
Link to the event

Date: December 27 – 30, 2014.
Conference Title:- Chaos Communication Congress.
Where: Hamburg, Germany.
Link to the event

Your laptop Camera could spy on you without lighting up the warning light.

noreply@blogger.com (Hack Your Ways) — Wed, 01 Jan 2014 18:19:00 +0000

If you own a MacBook or any other laptop, you should cover up it's webcam, because there’s a possibility someone could be watching you.
Most of the webcam have a tiny light lets you know that the webcam is active, but it's possible for malware to disable this important privacy feature.
Two Students from Johns Hopkins University Matthew Brocker and Stephen Checkoway created a proof of concept app called “iSeeYou” that confirmed that MacBook iSight webcams can spy on their users without the warning light being activated.
A young man recently pleaded guilty in court to extortion after he performed a remote hack on Miss Teen USA’s webcam to secretly collect nude photos. It was revealed through court papers that the FBI has the ability to do the same thing with a variety of current laptops including Apple products.
Your laptop camera could Spy on You without lighting up
the warning light and The software used to remotely control it is a Remote Administration Tool (RAT),which is used by IT departments and educational institutions to administer large numbers of computers. This type of hack doesn't require the hacker to have physical possession of the laptop nor does it require administrator privileges.
Are you sure that your laptop’s camera is not turned on.?
So the next time you sit in front of your laptop do think on it.

Rogue Gaming app that steals WhatsApp conversations.

noreply@blogger.com (Hack Your Ways) — Wed, 01 Jan 2014 16:55:00 +0000

Many of my friends ask me if it is possible to steal WhatsApp chat messages and how, of course a malware are an excellent answer to it.
Spreading the malware through an official channel the attacker could improve the efficiency of the attack,and it is exactly what is happening,an Android game that was published on the official Google Play store to stealthy steal users WhatsApp conversation databases and resell the collection of messages,images,video etc on an internet website.The game “Balloon Pop 2” has been identified and removed from Google Play store,it was able to spy on conversations made via WhatsApp and upload them to the WhatsAppCopy
website.On the website the Android game BalloonPop 2 is advertised as a way of backing up any device’s WhatsApp conversation.
The website managers sustain that their app is a legitimate game that could be used to back up
WhatsApp messages and they aren't responsible for its abuse for spying purposes.
The attacker paying a fee could view the stolen WhatsApp conversations from the website but it is necessary to provide the phone number
of the targeted Android device to read the messages exchanged by the victims.
Despite of being immediately removed from the Google Play
store there is risk that people with ill-intention will continue to distribute it through unofficial channels.
The risk is on a higher side as people are less concerned about the security of their smartphones than their computing devices.And lack of defense mechanisms on almost every device make them a privileged target,the number of malicious code designed for Android and iOS will literally explode in coming days.
There are many unidentified rogue app on play store still to be discovered and the fact that an app published on official store isn't sufficient to consider it reliable and secure,
same consideration is valid for other mobile platforms.

Google tests NSA proof encryption to protect its users data on Google Drive.

noreply@blogger.com (Hack Your Ways) — Sat, 20 Jul 2013 12:19:00 +0000

Google is exploring ways to encrypt files stored in Google Drive to prevent the the U.S. government and
other authorities from demanding access to user data, according to a CNET report.
Encryption has been a popular word since former NSA contractor Edward Snowden leaked documents revealing an NSA program called PRISM that collects user data from major Internet companies, including Google.

Many companies use SSL and HTTPS to securely transmit data from a users computer to the destination servers.This protects the data from anyone listening in on the transmission, a procedure called a man-in-the-middle attack.Currently, when you upload or download something from Google Drive the transmission is in encrypted form,but Google is storing that data in an unencrypted manner.

According to CNET's report, Google is experimenting with
ways to encrypt the files while they are stored, as well.
"Mechanisms like this could give people more confidence and allow them to start backing up potentially their whole device," Seth Schoen, senior staff technologist at the Electronic Frontier Foundation in San Francisco, told CNET.

If Google encrypts this data and doesn’t provide the NSA with the key, then the information the NSA collects would be useless.

World's largest collaborative phone directory compromised.

noreply@blogger.com (Hack Your Ways) — Sat, 20 Jul 2013 09:38:00 +0000

True Caller,a popular app built by a Swedish company and world's largest collaborative phone directory compromised by Syrian Electronic Army.The hacker group claimed on its Twitter accounts and its website,that it has managed to get access into the databases containing a hundred of millions of phone numbers and its owners in addition of millions of Facebook/Twitter/Linkedin/Gmail accounts.

Syrian Electronic Army have also posted screenshots of the website's WordPress dashboard and database.

According to the hackers about 560 GB of data was downloaded from Truecaller servers.

In another tweet they have also leaked the login credentials for the site's database.

TrueCaller confirmed the security breach in their official blog. However, they denied the hacker's claim that they had access to the social network's access codes.

PayPal denies to pay Bug Bounty reward to teenager.

noreply@blogger.com (Hack Your Ways) — Thu, 30 May 2013 19:24:00 +0000

A 17-year-old German student contends PayPal has denied him a reward for finding a vulnerability in its website.Robert Kugler said he notified PayPal of the vulnerability on May 19. He said he was informed by email that because he is under 18 years old, he did not qualify for its Bug Bounty Program.

Many companies such as Google and Facebook have reward programs. The programs are intended to create an incentive for website users to report problems and create fixes before hackers can take advantage.
Google pays from $100 up to $20,000 depending on the severity of the issue and Facebook pays a minimum of $500 for qualifying bugs. Neither company has age restrictions listed on their websites.

Robert Kugler is a German student who has found bugs for companies like Microsoft and Mozilla in the past. His work on uncovering problems in Mozilla’s Firefox browser has earned him about $4,500 over the past two years.On PayPal’s website, the company lists the terms for rewarding people who find bugs, but mentions nothing about the age of the discoverer. One of the stipulations for PayPal’s program is that the finder have a PayPal account that money can be transferred in to.

Australia's top spy agency headquarters blueprints stolen by Chinese hackers.

noreply@blogger.com (Hack Your Ways) — Thu, 30 May 2013 18:17:00 +0000

Australian Broadcasting Corp. television reported that the plans for the 630 million Australian dollar ($608 million) Australian Security Intelligence Organization building in Canberra had been stolen through a cyberattack on a building contractor.
Australian officials refused to confirm or deny whether Chinese hackers had stolen the blueprints of a new spy agency headquarters as a news report claims.
According to ABC's Four corners the blueprints setting out the building's cable layouts and security systems had been illegally accessed by a server in China.
Under this hacking operations the Prime Minster's Office, the Defence Ministry and the Department of Foreign Affairs had been breached.

iPhone has most vulnerabilities, so why is Android the most attacked?

noreply@blogger.com (Hack Your Ways) — Fri, 24 May 2013 10:49:00 +0000

The biggest story in malware right now is mobile malware. The shift from traditional mobile phones that simply made phone calls to smartphones containing gigabytes of data has made the
pocket-sized computers a prime target for attackers.
There was a 32 percent increase in the number of documented vulnerabilities for mobile operating systems and, not surprisingly, a 58 percent increase in mobile malware and
Android smartphones and tablets are the hottest targets.
Virtually all mobile malware samples detected are intended for Android, ranging from malware that sends out SMS messages, or fraudulent SMS payments, mobile botnets, spyware, and Trojans that can capture or destroy data from Android devices.
There has been biggest spike in malware samples detected in four years, and the growing threat faced by mobile devices—particularly Android mobile devices.

Malicious websites are a popular method for getting malware out there. An average of 2.7 million malicious URLs were detected each month, pointing to approximately 300,000 bad domains.
That works out to about 10,000 new malicious domains being created every day with the express purpose of hosting malware and hijacking unprotected PCs or mobile devices.
As many people lack adequate protection on their mobile devices and the fact that many companies are embracing BYOD (bring your own device) and allowing employees to use their own personal
mobile devices to connect to network resources and company data raises the stakes and makes mobile devices an even greater risk in many cases.
Apple’s iOS is more locked down by nature, and the apps have to be approved by Apple to get into the app store. With Android, though, the platform is more open by design, and users are free to
get apps from a wide variety of sources outside of the official Google Play store. Android apps are typically not reviewed or vetted in any way, making it easier for attackers to plant apps
containing malware.

Nmap ("Network Mapper")

noreply@blogger.com (Hack Your Ways) — Fri, 24 May 2013 08:48:00 +0000

Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Features

Host discovery - Identify hosts on a network.
Port scanning - Enumerate the open ports on one or more target hosts.
Version detection - Interrogate network services listening on remote devices to determine the application name and version number.
OS detection - Remotely determine the operating system and some hardware characteristics of network devices.
Scriptable interaction with the target - Using Nmap Scripting Engine and the Lua language, customized queries can be made.
Reverse DNS lookup.
Find device type information.
Retrieve MAC addresses and many more.

Download:-Nmap download

Topera- The IPv6 port scanner invisible to Snort IDS.

noreply@blogger.com (Hack Your Ways) — Fri, 24 May 2013 06:59:00 +0000

Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort. Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools (Juniper or Checkpoint ones) use it as detection engine also. Mocking snort detection capabilities could suppose a high risk in some cases.
Fixed some bugs: - Get local IPv6 address - Get local ethernet interface - sniffer packet counter - Some minor fixes.
You can see an example of execution of Topera in link below demo video.
Download Topera IPv6 port scanner.

Android app SwiftKey Keyboard turned into a Keylogger app.

noreply@blogger.com (Hack Your Ways) — Wed, 10 Apr 2013 13:17:00 +0000

One of the best 3rd party Android Mobile Keyboard called 'SwiftKey' turned into a Keylogger Trojan by an Android developer to show the possible security threat of downloading pirated cracked apps from non-official App Stores and websites , "anyone pirating Swiftkey is taking a serious risk" developer said.

He demonstrated how to inject a Keylogger snippets of code into a legitimate Android Keyboard application that infected a mobile device with Trojan, connected with a remote server and transmitted data from the device inducing your all key logs.

Android apps are coded in Java and compiled to byte code that is run on the Dalvik VM and this byte code is not that hard to edit and insert back into an APK." he explained.

He developed a keylogger from SwiftKey(APK Download), a malicious Java program designed to collect and send all key logs to a remote server (Check Keylogs) Along with the host IP address. He explained the complete code also on his blog.

Android malware is growing at a far more rapid pace than for other mobile platforms. For a Cyber Criminals, it is not important to develop their own malware program from scratch, Reversing ready-mate apps and inserting malware code can easily make their job more easy.

Be careful from where you are downloading apps and think about the permissions and consider what the app is asking to do, and

Skype Malware that turns computers into Bitcoin miners.

noreply@blogger.com (Hack Your Ways) — Wed, 10 Apr 2013 11:48:00 +0000

Increasingly desperate to cash in on the sky-rocketing price of Bitcoin these days, gangs of cybercriminals have designed a new malware that’s infecting computers via Skype in an attempt to build a botnet massive enough to start mining the virtual currency.

Researchers from Kaspersky Lab have discovered a new spam message campaign being transmitted via Skype contains malware capable of using an infected computer to mine for Bitcoins. The malware, identified as Trojan.Win32.Jorik.IRCbot.xkt.
According to Kaspersky Lab, the average click rate for the rogue URL is high, at over 2,000 clicks per hour, and the creators of this malware had used it to seize control of hundreds of computers in Russia, Germany, Ukraine, Poland, Spain and other countries.

The malware spreads itself by infecting the Skype VoIP program, using the age old
trick of sending messages to an infected user’s contacts, such as “Hey, this is my favorite picture of you”, alongside a link to a malicious download. If the unwitting victim click on that link, the malware downloads itself onto their PC, turning the machine into a Bitcoin mining slave alongside the rest of its botnet.
Bitcoin mining malware is just the latest tactic we have seen from cyber criminals.Previous tactics have included malware designed to target people’s Bitcoin wallets,

AirDroid security flaw allows hackers to perform Dos attack from your Android device.

noreply@blogger.com (Hack Your Ways) — Wed, 10 Apr 2013 10:41:00 +0000

AirDroid, a free app which provides wireless management of your Android phone or tablet from any browser on the same Wi-Fi network, has a dangerous cross-site scripting (XSS) vulnerability which allow hackers to perform Dos attack from your Android device.

Cross Site scripting or XSS vulnerability in the browser version of AirDroid allows an attacker to send a malicious text message to the browser associated with the account when attacker is able to get access to a phone with AirDroid installed.

According to the Department of Homeland Security’s Vulnerability Notes Database ,
"When this message is viewed on the AirDroid web interface an attacker
can initiate a cross-site scripting attack, which may result in information leakage, privilege escalation, and denial of service on the host computer.

There is no patch at this time for this vulnerability. As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS, CSRF, or SQLi attacks since the attack comes as an HTTP request from a legitimate user’s host. But Restricting access would prevent an attacker from accessing the AirDroid web interface using stolen credentials from a blocked network location.”

Evernote account used as Command-and-Control Server by Hackers.

noreply@blogger.com (Hack Your Ways) — Tue, 09 Apr 2013 07:49:00 +0000

Cyber criminals are using popular note-taking app Evernote as Command-and-Control Server to give commands to the malware installed on infected PCs using botnets.

TrendMicro uncovered a malware detected as “BKDR_VERNOT.A” tried to communicate with Command-and-Control Server using Evernote.

Malware delivered via an executable file that installs the malware as a dynamic-link library. The installer then ties the DLL into a legitimate running process, hiding it from casual detection. Once installed, BKDR_VERNOT.A can perform several backdoor commands such as downloading, executing, and renaming files. It then gathers information from the infected system, including details about its OS, timezone, user name, computer name, registered owner and organization.

Researchers also pointed out that the backdoor may have also used Evernote as a location to upload stolen data. "Unfortunately, during our testing, it was not able to login using the credentials embedded in the malware. This is possibly a security measure imposed by Evernote following its recent hacking issue."

NinjaWPass - Protect WordPress against keyloggers and stolen passwords

noreply@blogger.com (Hack Your Ways) — Tue, 09 Apr 2013 07:08:00 +0000

NinjaWPass is a free WordPress plugin written to protect your blog administration console. It makes it basically impossible for a hacker who stole your password to log in to your console.

The way it works is simple but very efficient :
All you need to do is to define a second password (AKA the NinjaWPass password) from 10 to 30 characters.
At the WordPress login prompt, besides your current password, you will be asked to enter 3 randomly chosen characters from your NinjaWPass password. Whether your computer is infected by a keylogger or someone is spying over your shoulder, this protection will keep them away.

Additionally, the plugin offers the possibility to receive an alert by email whenever someone logs into your WordPress admin interface.

Download NinjaWPass

Server Shield v1.1.5 - Protect your Linux machine in 1 minute

noreply@blogger.com (Hack Your Ways) — Tue, 09 Apr 2013 06:27:00 +0000

Server Shield is a lightweight method of protecting and hardening your Linux server. It is easy to install, hard to mess up, and makes your server instantly and effortlessly resistant to many basic and advanced attacks.

All IP addresses will be automatically detected and used for the firewall configuration. Automatic security updates are enabled by default.

No maintenance required— just set it and forget it!

Features

Firewall Hardening
TCP Hardening
Data Leakage Protection
ICMP/Ping Flood Protection
Rootkit Protection
DoS Protection
Spoof Protection
Bogus TCP Protection
SYN Flood Protection
FTP/SSH Bruteforce Protection
Automatic Security Updates
DNS Amplification Protection

Requires:-

Server Shield depends on several pieces of open source software to function properly.

iptables ("yum install iptables")

If yum is available, the following packages will be silently installed and kept up to date:

yum-security
iptables
net-tools
sed
gawk
git

Installation:-

git clone https://github.com/bluedragonz/server-shield

cd server-shield;chmod +x sshield;mv sshield /etc/init.d

/etc/init.d/sshield start

Download Server Shield v1.0.2

ExploitShield Browser Edition - Forget about browser vulnerabilities.

noreply@blogger.com (Hack Your Ways) — Mon, 08 Apr 2013 17:56:00 +0000

ExploitShield Browser Edition protects against all known and unknown 0-day day vulnerability exploits, protecting users where traditional antivirus and security products fail. It consists of an innovative patent-pending vulnerability-agnostic application shielding technology that prevents malicious vulnerability exploits from compromising your computers.

Includes "shields" for all major browsers (IE, Firefox, Chrome, Opera) and browser all components such as Java, Adobe Reader, Flash, Shockwave. Blocks all exploit kits such as Blackhole, Sakura, Phoenix, Incognito without requiring any signature updates.

No need to train or configure, ExploitShield is 100% install-and-forget anti-exploit solution. Read more: ExploitShield Browser Edition. The ZeroVulnerabilityLabs website maintains a real time list of detected threats.

You can download it from here Download

Hacking Google users with Google's GooPass phishing attack

noreply@blogger.com (Hack Your Ways) — Mon, 08 Apr 2013 15:55:00 +0000

Google Drive is the new home for Google Docs, that users can access everywhere for Storing files safely. In a recent demonstration hacker successfully performed an attack on Google Docs to trick users to grab their Facebook, Gmail, Yahoo credentials with Credit Card Information.

Security researcher Christy Philip Mathew came up with combination of Clickjacking and CSRF vulnerabilities in Google's Docs that can allow a hacker to create a document in victim's Drive for further phishing attack.

For those who are not aware about Clickjacking, It is a technique where an attacker tricks a user into performing certain actions on a website by hiding clickable elements inside an invisible iframe.

He explain how this technique can be executed to pwn a Google user to steal victim's all type of credentials with a phishing attack. Here attacker need to send a Malicious URL to the victim, where victim needs to interact with some buttons only.

Vulnerability allow hacker to trick Google user to create an document in victim's drive, which is actually owned by attacker and the victim. To perform a successful phishing attack, an attacker can carefully craft that document maliciously.

I have prepared an example after analyzing the possible threats of this vulnerability,where attacker can rename the document to something "Google GooPass" (imaginary service for storing passwords and important information secretly in Google drive) and crafted a simple design that can phish users to enter their Credit card information, Google, Facebook username password etc, as shown in above:

Victim can be led to believe that it's a Google default file or Service to save all type of personal information secretly at one location. Because attacker and victim, both are the owner of this new file, where attacker can make the document public for further access after removing himself from ownership of that document.

At the end, victim is only owner of the document (which is now public) and if phishing attempt works, hacker will be able to see all updates remotely, anytime - anywhere!

Note :

Vulnerability is not fixed yet, we request Google to fix this as soon as possible to assure maximum security to Google users.
There is no Google service called 'Google GooPass', the term is just used to trick victim for phishing purpose.