Category: privacy

Recovering contents directly from physical RAM of devices has been known for quite some time – it involves esoteric measures such as freezing the device using liquid nitrogen or by putting it in the freezer. It is interesting to see this technique being used to attack Android phones to recover disk encryption keys. Potentially this might defeat on-disk encryption for Android devices, though there are quite some caveats in the technique discussed on the website.

To this end we perform cold boot attacks against Android smartphones and retrieve disk encryption keys from RAM. We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung.

FROST: Forensic Recovery Of Scrambled Telephones

This is bad. Juniper is a major network equipment provider and a backdoor like this could lead to huge security compromise.

During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections. Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS.

Source: Important Announcement about ScreenOS® – J-Net Community

Update (2015-12-20): It could be a state-sponsored attack.

Well, can we say schadenfreude? The hunter becomes the hunted.

Source: Who Hacked Ashley Madison? — Krebs on Security

Singapore’s connection to the Hacking Team – it’s well known that HT has a Singapore presence. The local market appears to be quite receptive of them. In one of the leaks, it was revealed that they also tried to recruit local researchers to develop 0-day for them.

In April of 2014, Hacking Team attended the SyScan conference in Singapore with the intention of recruiting new exploit developers.
…
They succeeded in making contact with several researchers interested in working with them, including Eugene Ching.
…
Interestingly, Eugene’s responsibility with the Singaporean Army, presumably for his mandatory service, is to test and fix 0day exploits that they purchase.

Read more details here.

The leakage of OPM data has been well-reported but this article provides more details about how it happened. In the worse case, “personal details from nearly everyone who works for the government in some capacity may now be in the hands of a foreign government”.

“EPIC” fail—how OPM hackers tapped the mother lode of espionage data | Ars Technica.

Good grief! Has no one learned from Sony’s rootkit incident yet? If you are a Lenovo owner, you may want to check if there’s a Superfish certificate in your certificate chain by running certmgr.msc. Other than injecting unwanted ads in your browser, in theory the adware could sniff on your banking transactions ‘cos it’s performing a MiTM on your HTTPS.

Lenovo Caught Installing Adware On New Computers.