Categories
security

New Web Order > Nik Cubrilovic – – » Notes on the Celebrity Data Theft

We are likely to see more and more of such high profile hacks, as devices become more transparent/integrated and IoT takes off. Be very afraid when your next Smart TV comes with a built-in webcam.

With more information than ever being stored and shared online and on connected devices hacking stories are frequent and are mainstream news. This was the case yesterday as dozens of celebrities fell victim to hackers who leaked hundreds of private photographs and videos stolen from web based storage services.

New Web Order > Nik Cubrilovic – – » Notes on the Celebrity Data Theft.

Categories
security

Researchers find it’s terrifyingly easy to hack traffic lights | Ars Technica

This is the kind of thing which crosses into the movie realm. Yes, it is possible to hack traffic lights.

Taking over a city’s intersections and making all the lights green to cause chaos is a pretty bog-standard Evil Techno Bad Guy tactic on TV and in movies, but according to a research team at the University of Michigan, doing it in real life is within the realm of anyone with a laptop and the right kind of radio.

via Researchers find it’s terrifyingly easy to hack traffic lights | Ars Technica.

Categories
diy

Low-cost 3D printers and crowdfunding suicide – 3D Prototypes and Models

3D printing, IoT, big data. These are buzzwords of the day. 3D printing projects, especially, is extremely popular on crowdfunding sites such as KickStarter. The following article talks about the surge of non-viable 3D printing projects on crowdfunding sites, and the problems they face and poses to legitimate projects. I like the systematic way the author analyzes about the problem and how he presents it.

Line of Viability

Low-cost 3D printers and crowdfunding suicide – 3D Prototypes and Models.

Read this if you are planning to fund a 3D printing project.

Categories
security

IPViking map – real-time visualization of cyber attacks

This is a cool real-time visualization of cyber attacks that is happening right. Ok it’s not exactly monitoring the entire Internet. The attacks shown are based on honeypots set up by the company Norse. They claimed to “emulate over 5m users, severs, infrastructures on the Internet” in various countries and the visualization is only based on a small subset of the live flows. I guess this can be taken to mean the real number of attacks is much larger and probably won’t run as smoothly on a web-powered application in real-time. It is still quite impressive and can be strangely mesmerizing to watch.

Incidentally, the application is powered by D3 and it runs best on Chrome.

IPViking map: Cybercrime hunting just got real-time – Real Business:

Unsurprisingly, IPViking has been likened with 1983 movie WarGames starring Matthew Broderick and Introversion’s classic game called Defcon. It’s true, the map is simply astonishing to behold – and slightly unnerving – when activity starts happening.

Categories
security

Remote code execution on Android devices | Bromium Labs

Remote code execution on Android devices | Bromium Labs.

This is surely something of concern for Android users. My advice is don’t use public Wifi. Yes it can be difficult sometimes, especially if you are overseas, but would you rather pay the risk of having your phone rooted and its contents stolen?

Categories
security

Why the Security of USB Is Fundamentally Broken | Threat Level | WIRED

Why the Security of USB Is Fundamentally Broken | Threat Level | WIRED.

On some levels this is one of the scariest vulnerability of recent times. Just think of how many things are at risk if exploitation becomes prevalent. Your usual anti-virus is useless against this type of attacks. It’ll be interesting to know if Stuxnet is using this delivery mechanism.

More detailed info can be found here.

Categories
sysadmin

M1 routers misbehaving

Was doing a routine scan when I spotted an unfamiliar address on the network: 192.168.200.1. Strangely arp doesn’t reveal its MAC address, which seems odd given that this is a private IP address used internally.

Traceroute reveals the truth:

> tracert 192.168.200.1

Tracing route to 192.168.200.1 over a maximum of 30 hops

1 3 ms 4 ms 3 ms 10.0.0.2
2 * * * Request timed out.
3 213 ms 5 ms 5 ms 158.210-193-4.unknown.qala.com.sg [210.193.4.158]
4 3 ms 3 ms 3 ms 157.210-193-4.unknown.qala.com.sg [210.193.4.157]
5 104 ms 4 ms 5 ms 217.203-211-158.unknown.qala.com.sg [203.211.158.217]
6 88 ms 5 ms 22 ms 214.203-211-158.unknown.qala.com.sg [203.211.158.214]
7 25 ms 5 ms 14 ms 192.168.200.1

Trace complete.

It seems someone has a misconfigured or misbehaving router that’s exposing private IP addresses. Let’s hope it is not storing something incredibly important.

Categories
security

Microsoft takes on global cybercrime epidemic in tenth malware disruption – The Official Microsoft Blog – Site Home – TechNet Blogs

Microsoft targets noip.com.

Microsoft takes on global cybercrime epidemic in tenth malware disruption – The Official Microsoft Blog – Site Home – TechNet Blogs.

Categories
sysadmin

Announcing IPv6 Support in Singapore | DigitalOcean

Great that DigitalOcean now has IPv6 support. Another reason for moving from Amazon. Not to mention that it’s cheaper in most usage.

Announcing IPv6 Support in Singapore | DigitalOcean.

Categories
diy sysadmin

systemcall dot org » Trashing Chromebooks

An article on repurposing Chromebooks as build agents. The more interesting parts of the article are on hardware related issues such as overheating, comparison of hobby-grade hardware vs product hardware etc.

Server rack of Chromebooks

systemcall dot org » Trashing Chromebooks.