CAT | Podcast
India recently announced that all ISPs in the country will be required to block a list of over 800 websites. They claim all of these were for pornography or child pornography, but it turns out that was not the case for all of them. In the face of a massive backlash, the telecom ministry first said this was no big deal because people could use VPN services to bypass the censorship. They later down entirely. (more…)
I spent the last week at the RSA security conference in fear of getting sick before my talk on Friday, the last day of the conference. During that time I was nearly obsessive about using hand sanitizer to protect me against any germs I might be getting from shaking hands, or touching surfaces.
Security researchers discovered a very sophisticated watering hole attack against Forbes.
There is a major trend towards increasingly targeted cyber attacks, from advanced persistent threats (APT), to spear phishing. Now we are seeing targeting applied to watering hole attacks. I think of this as the sniper at the watering hole. (more…)
Right after the Lizard Squad finished with a DDOS attack on the PSN and XBOX networks, they launched an attack against the Tor anonymity system. The attack was simple, set up enough Tor relays to be able to identify a significant fraction of Tor users and connect them with their activity. They got caught because they were bozos (perhaps intentionally). They did the attack hard and fast, which made it easy to identify the rogue relays, and they bragged about it (which told people to look for the attack). (more…)
The Chaos Computer Club recently announced that their website was being blocked by Vodefone as part of their participation in the “Great Firewall of Britain”. This is somewhat concerning as they don’t seem to match any of the criteria for blocking that have been announced. This also blocks access to information and tickets for their upcoming conference. Many people predicted (me, EFF, and many others) that this censorship system would inevitable overreach when it was first announced. (more…)
In two separate cases recently Uber has, or has talked about, abusing its information about their customer’s movements.
First a Buzzed reporter Johana Bhuiyan was told that she was tracked on the way to a meeting by Josh Mohrer, general manager of Uber New York.
Next Emil Michael, SVP of business for Uber, talked at a private dinner about the possibility of using the information Uber has about hostile reporters to gather dirt on them. (more…)
Engineers at Golden Frog recently discovered that Cricket wireless was automatically disabling their email encryption.
It is not at all clear why they were doing this, but we do know how. When an email client attempts to make a secure connection to a server, it sends a STARTTLS command. If the server never sees the STARTTLS, then it assumes you just wanted an insecure connection. (more…)
Kaspersky recently announced the discovery of a new Advanced Persistent Threat (APT) that they are calling DarkHotel. This is in the fine tradition of giving all newly discovered hackers or vulnerabilities clever and evil sounding names. In this case they have found something quite interesting.
For the last 7 years a group has been systematically targeting executives and government officials staying at high end hotels. They hack their computers and grab their files, sniff their keyboards, and install virus that can then spread within the victim’s organization. (more…)
Security researcher Emil Kvarnhammar of TrueSec announced the discovery of a new vulnerability in Mac OS X from 10.8.5 though the current 10.10.
The attack is against a unix utility called “sudo” which allows commands to run as the “root” user (which has absolute power on the system). Normally a user with admin privileges needs to type in their password and approve the running of these tasks, but this attack bypasses the user authentication step.
They have not released details on the vulnerability to give Apple time to issue a fix. In the mean time, it looks like you can protect yourself by making your your normal account is not an admin account. (more…)