Follow by Email

Monday, February 6, 2017

Hacker tries swindle off tools from a reputed forensic company

In January we heard that a hacker broke into Cellebrite's network and stole 900GB of data. Now the hacker has dumped important tools of Cellebrite's phone-forensic tools on the Internet.
In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene­a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.
Jonathan Zdziarski, a forensic scientist, agreed that some of the iOS files were nearly identical to tools created and used by the jailbreaking community, including patched versions of Apple's firmware designed to break security mechanisms on older iPhones. A number of the configuration files also reference "limera1n," the name of a piece of jailbreaking software created by infamous iPhone hacker Geohot. He said he wouldn't call the released files "exploits" however.
Zdziarski also said that other parts of the code were similar to a jailbreaking project called QuickPwn, but that the code had seemingly been adapted for forensic purposes. For example, some of the code in the dump was designed to brute force PIN numbers, which may be unusual for a normal jailbreaking piece of software.
"If, and it's a big if, they used this in UFED or other products, it would indicate they ripped off software verbatim from the jailbreak community and used forensically unsound and experimental software in their supposedly scientific and forensically validated products," Zdziarski continued.
If you remember, Cellebrite was the company that supposedly helped the FBI break into the San Bernadino terrorist iPhone.  We do know that they provide this sort of forensic assistance to countries like Russia, Turkey, and the UAE -- as well as to many US jurisdictions.
As Cory Doctorow points out:
...suppressing disclosure of security vulnerabilities in commonly used tools does not prevent those vulnerabilities from being independently discovered and weaponized -- it just means that users, white-hat hackers and customers are kept in the dark about lurking vulnerabilities, even as they are exploited in the wild, which only end up coming to light when they are revealed by extraordinary incidents like this week's dump.
We are all safer when vulnerabilities are reported and fixed, not when they are hoarded and used in secret.

Sunday, October 23, 2016

Yes Privacy really improves productivity

This is an interesting research.

Massive attack against Dyn



Last week’s  DDoS attacks against Dyn are being reported everywhere.
If I had to guess, though, I don't think it's China. I think it's more likely related to the DDoS attacks against a person than the probing attacks against the Internet infrastructure, despite how prescient that attack seems right now. And, I’m sure China is not going to launch a preemptive attack on the Internet.

Friday, October 7, 2016

MIM Attact Is That Possible WhatsApp ?

Forbes is reporting that the Israeli cyberweapons arms manufacturer Wintego has a man-in-the-middle exploit against WhatsApp.
It's a weird story. I'm not sure how they do it, but something doesn't sound right.
Another possibility is that CatchApp is malware thrust onto a device over Wi-Fi that specifically targets WhatsApp. But it's almost certain the product cannot crack the latest standard of WhatsApp cryptography, said Matthew Green, a cryptography expert and assistant professor at the Johns Hopkins Information Security Institute. Green, who has been impressed by the quality of the Signal code, added: "They would have to defeat both the encryption to and from the server and the end-to-end Signal encryption. That does not seem feasible at all, even with a Wi-Fi access point.
"I would bet mundanely the password stuff is just plain phishing. You go to some site, it asks for your Google account, you type it in without looking closely at the address bar.
"But the WhatsApp stuff manifestly should not be vulnerable like that. Interesting."
Neither WhatsApp nor the crypto whizz behind Signal, Moxie Marlinspike, were happy to comment unless more specific details were revealed about the tool's capability. Either Wintego is embellishing what its real capability is, or it has a set of exploits that the rest of the world doesn't yet know about.

Saturday, July 23, 2016

Who was behind the arrest of the well known torrent site kickass ?

Artem Vaulin, the alleged owner of the torrent directory service KickassTorrents, was arrested in Poland earlier this week, charged with copyright infringement and money laundering. As we dig deeper as to what exactly happened, it turns out Apple and Facebook were among the companies that handed over data to the U.S. in its investigation. Department of Homeland Security investigators traced IP addresses associated with KickassTorrents domains to a Canadian ISP, which turned over server data, including emails. At some point, investigators noticed that Vaulin had an Apple email account that was used to make iTunes purchases from two IP addresses -- both of which also accessed a Facebook account promoting KickassTorrents.if you're wondering where exactly iTunes came into play, here's a further explanation. It all started in November 2015, when an undercover IRS Special Agent reached out to a KickassTorrents representative about hosting an advertisement on the site. An agreement was made and the ad, which purportedly advertised a program to study in the United States, was to be placed on individual torrent listings for $300 per day. When it finally went live on March 14th 2016, a link appeared underneath the torrent download buttons for five days. Sure it was a short campaign, but it was enough to link KAT to a Latvian bank account, one that received $31 million in deposits -- mainly from advertising payments -- between August 2015 and March 2016. Upon further investigation of the email accounts, and corresponding reverse lookups, it was found that the account holder had made a purchase on iTunes.

A Safe Bet Verizon-Yahoo



Yahoo is set to be bought by Verizon
Why the telecom company is interested to invest in a Internet poortal ? Here is why
Why Yahoo Was Up For Sale?

Founded in 1995, Yahoo! was once the brightest star of the Web. But when its rivals including Google, Facebook and even few-years-old companies like Snapchat and WhatsApp have won over users, Yahoo! has not been able to maintain that glory.