Categories
security

Phineas Fisher’s account of how he took down HackingTeam

This is an amazingly detailed account of the actions taken to take down HT. One of the key moments in the article was how he went after the people with keys to the kingdom – the sysadmins.

One of my favourite passtimes is stalk the sysadmins. By spying on Christian Pozzi (Hacking Team’s sysadmin), I gained access to the Nagios server, which gave me access to the ‘rete sviluppo’ (the development network with the RCS source code). With a simple combination of PowerSploit’s Get-Keystrokes and Get-TimedScreenshot [13], nishang’s Do-Exfiltration, and GPO, I could spy on any employee I wanted, or even the entire domain.

                                 ,-._,-._             
                              _,-\  o O_/;            
                             / ,  `     `|            
                             | \-.,___,  /   `        
                              \ `-.__/  /    ,.\      
                             / `-.__.-\`   ./   \'
                            / /|    ___\ ,/      `\
                           ( ( |.-"`   '/\         \  `
                            \ \/      ,,  |          \ _
                             \|     o/o   /           \.
                              \        , /             /
                              ( __`;-;'__`)            \\
                              `//'`   `||`              `\
                             _//       ||           __   _   _ _____   __
                     .-"-._,(__)     .(__).-""-.      | | | | |_   _| |
                    /          \    /           \     | | |_| | | |   |
                    \          /    \           /     | |  _  | | |   |
                     `'-------`      `--------'`    __| |_| |_| |_|   |__
                               #antisec

Via Ghostbin

Categories
security

Panama Papers: Email Hackable via WordPress, Docs Hackable via Drupal – Wordfence

The Panama papers leak has been affecting a lot of high-profile individuals. How did it actually happen? Here’s one plausible theory.

The Mossack Fonseca (MF) data breach, aka Panama Papers, is the largest data breach to journalists in history and includes over 4.8 million emails. Yesterday we broke the story that MF was running WordPress with a vulnerable version of Revolution Slider and the WordPress server was on the same network as their email servers when […]

Source: Panama Papers: Email Hackable via WordPress, Docs Hackable via Drupal – Wordfence

Categories
Uncategorized

He Always Had a Dark Side

Incredible story about the purported author of the popular encryption software Truecrypt – made famous by Edward Snowden – and the back story behind its creation. Truly amazing.

Like the Silicon Valley entrepreneur who sells a company for $100 million, only to start another one in hopes that it will sell for a billion, Le Roux made the pursuit of more money, and more power, an end in and of itself. But the kid who had once locked himself in his bedroom, losing himself in code, had gone as far as his technical skills could take him. He wanted to be a different kind of businessman, a lord of the real underworld, not just the virtual one. “He made money on the pharmacies, and then he decided that he wanted to make more money, fast,” the Israeli associate told me. Le Roux wanted to diversify, to be bigger, he said. “The only way to do that was illegal. He was living inside a movie, you could almost say. He always had a dark side, it just developed more with money.”

Source: He Always Had a Dark Side

Categories
Uncategorized

Ubuntu on Windows

Run Linux in Windows?? Yes please!

This is quite insane – yes even though we know Microsoft is changing and becoming more open under new leadership. From HN comments, it does seem to be a welcome move by developers. I may finally “upgrade” to Windows 10 just because of this.

Source: From the Canyon Edge: Ubuntu on Windows — The Ubuntu Userspace for Windows Developers

Categories
security

How White Hat Hackers Stole Crypto Keys from an Offline Laptop in Another Room | Motherboard

The so-called side-channel attacks – in which attackers steal information from a machine they don’t have direct access to – are getting more popular these days. This is another innovative example of a side-channel attack. The target laptop was not connected to any network (either through LAN or Wifi) and yet the attackers managed to obtain the encryption keys from it.

“The attacks are completely non-intrusive: we did not modify the targets or open their chassis.”

Source: How White Hat Hackers Stole Crypto Keys from an Offline Laptop in Another Room | Motherboard

Categories
security

Barcode attack technique (Badbarcode)

Barcode scanners can be hacked via a specially crafted barcode sequence. They can be instructed to execute arbitrary commands including downloading external scripts via FTP.

via Barcode attack technique (Badbarcode)

Categories
Uncategorized

Firefox OS/Connected Devices Announcement – Firefox OS Participation – Mozilla Discourse

Goodbye Firefox OS. We’re back to the duopoly of Android/iOS.

We will end development on Firefox OS for smartphones after the version 2.6 release

Source: Firefox OS/Connected Devices Announcement – Firefox OS Participation – Mozilla Discourse

Categories
sysadmin

No POST after rm -rf / / Kernel & Hardware / Arch Linux Forums

This is pretty serious. Someone just bricked his laptop by executing a rm -rf / command as root in Linux. As in destroyed. None of your usual BIOS/UEFI prompts appear and no hotkeys can help to restore the firmware.

The root (pardon the pun) of the problem appears to be traced to the mounting of /sys/firmware/efi/efivars as rw by systemd. systemd maintainer (Poettering) refuses to fix the issue.

100_05201

Source: No POST after rm -rf / / Kernel & Hardware / Arch Linux Forums

Categories
programming

Oracle deprecates the Java browser plugin, prepares for its demise

It’s been a long time coming. Goodbye Java (plugin). That reminds me of those Java applets that I wrote in a different era. Now if I could only find and convert (rewrite) them to HTML5…

It will be removed some time after the release of Java 9.

Source: Oracle deprecates the Java browser plugin, prepares for its demise

Categories
privacy security

TrendMicro software allows arbitrary command execution

Also mentioned here, the reported anti-virus software is so full of holes that it should strike fear in any company using TrendMicro Antivirus right now. Not only does it allow privileged command execution, it also exposes passwords that you store using the Password Manager.

The way I see it, it’s a combination of incompetence and lack of proper supervisory oversight. It’s exactly the kind of thing that will result if you ask a developer to just meet the specs, where the specs doesn’t talk about hygiene factors such as security etc.

Source: Issue 693 – google-security-research – TrendMicro node.js HTTP server listening on localhost can execute commands – Google Security Research – Google Project Hosting