Monthly Archives: April 2017

This Hacker Is My New Hero

Internet vigilante to the rescue? Someone – or some group of people – decided the best way to save the Internet from the scourge of insecure IoT devices is to disable them permanently. I like how he/she/they describes his/her/their project.

I consider my project a form of “Internet Chemotherapy” I sometimes jokingly think of myself as The Doctor. Chemotherapy is a harsh treatment that nobody in their right mind would administer to a healthy patient, but the Internet was becoming seriously ill in Q3 and Q4/2016 and the moderate remedies were ineffective. The side effects of the treatment were harmful but the alternative (DDoS botnet sizes numbering in the millions) would have been worse. I can only hope hope that when the IoT relapse comes we’ll have better ways to deal with it. Besides getting the number of IoT DDoS bots to a manageable level my other key goal has been to raise awareness. The IoT problem is much worse than most people think, and I have some alarming stories to tell.

Source: This Hacker Is My New Hero

That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say – Cyberscoop

NSA develops cyberweapons. Cyberweapons gets leaked. Everyone who’s unprotected gets compromised.

Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]

Source: That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say – Cyberscoop

Information Security Certifications are Worthless and Causing More Harm than Good

Agree to some extent. In some places getting a certificate is just a means to get through the door. But yes it has very little to do with actual skills.

Here’s an excerpt from a 2016 Ars Technica article: Recruiter Thomas Ptacek, whose Chicago-based agency Starfighter specializes in recruiting security folk, describes the CISSP as “a joke,” and claims that in his experience a job description requiring a CISSP was a warning flag to industry elite not to apply. “I don’t think there are that many high-level practitioners outside of management who put much stock in the CISSP,” he says. Dan Tentler, founder of the attack simulation consultancy Phobos Group, compares hiring infosec workers based on passing an exam to hiring other professionals on the same basis: “Would you feel comfortable letting a doctor be your primary care physician if all it took was to pass a written multiple choice exam?” He believes that “ISC2 is making money hand over fist,” and that the organization is “diluting the market with

Source: Information Security Certifications are Worthless and Causing More Harm than Good

Cowlar

Internet-connected cows. Lovely.

Reduce labor, make good decisions & relax while we watch over your cows!

Source: Cowlar

IoT garage door opener maker bricks customer’s product after bad review | Ars Technica

Ouch. Talk about poor customer service. A particularly irate customer who bought an IoT garage door-opener posts a nasty review and his device was denied server access, effectively making it useless or “bricking” it. Imagine posting a bad review about your Smart TV and it stops working. Hmmm.

Startup tells customer “Your unit will be denied server connection.”

Source: IoT garage door opener maker bricks customer’s product after bad review | Ars Technica

Project Zero: Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1)

A new vulnerability discovered by Project Zero affects tons of smart phones (iPhone, Nexus, Samsung S*). The attack proceeds silently over WiFi – you wouldn’t see any indication you have been hacked. For iPhone users, iOS 10.3.1 fixes this. Android users? Good luck.

In this two-part blog series, we’ll explore the exposed attack surface introduced by Broadcom’s Wi-Fi SoC on mobile devices. … The first blog post will focus on exploring the Wi-Fi SoC itself; we’ll discover and exploit vulnerabilities which will allow us to remotely gain code execution on the chip. In the second blog post, we’ll further elevate our privileges from the SoC into the the operating system’s kernel. Chaining the two together, we’ll demonstrate full device takeover by Wi-Fi proximity alone, requiring no user interaction.

Source: Project Zero: Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1)