[Source: This article was Published in wired.com BY ANDY GREENBERG - Uploaded by the Association Member: Joshua Simon]

DESPITE ALL THE cybersecurity industry’s talk of preventing “breaches,” a computer network in some ways is less like a fortress and more like a human body. And skillful hackers are like germs: They tend to get in via some orifice or another. Once inside, it’s whether they can thrive and multiply their infections—and what vital organs they can reach—that determines whether the outcome is a sneeze or a full-on catastrophic takeover.

In many modern hacking operations, the difference comes down to a technique known as “credential dumping.” The term refers to any means of extracting, or “dumping,” user authentication credentials like usernames and passwords from a victim computer so that they can be used to reenter that computer at will and reach other computers on the network. Often credential dumping pulls multiple passwords from a single machine, each of which can offer the hacker access to other computers on the network, which in turn contain their own passwords ready to be extracted, turning a single foothold into a branching series of connected intrusions. And that’s made the technique at least as crucial to hackers’ work—and as dangerous for sensitive networks—as whatever phishing email or infected attachment let hackers find entry into the network in the first place.

Credential dumping is largely possible because operating systems have long tried to spare users the inconvenience of repeatedly entering their password. Instead, after a user is prompted to enter it once, their password is stored in memory, where it can be called up by the operating system to seamlessly prove the user’s identity to other services on the network.

But the result is that once a hacker has gained the ability to run code on a victim machine, he or she can often dig up the user’s password from the computer’s memory, along with any other users' passwords that might linger there. In other cases, the hacker can steal a file from the computer's disk called the Security Account Manager, or SAM, which contains a list of the network's hashed passwords. If the passwords are too simple or if the hashing is weak, they can then often be cracked one by one.

Amit Serper, a researcher for security firm Cybereason and a former Israeli intelligence hacker, compares credential dumping to a thief who sneaks through an open window, but once inside finds a spare key to the victim’s house he or she can copy—along with keys to the victim’s car and office. “You got in that one time, but if you want to come back you have to have keys to the house,” Serper says. "Once you have those keys, you can do whatever you want.”

ANDY GREENBERG IS A WIRED SECURITY WRITER AND AUTHOR OF THE FORTHCOMING BOOK, SANDWORM: A NEW ERA OF CYBERWAR AND THE HUNT FOR THE KREMLIN'S MOST DANGEROUS HACKERS.

In some cases, Serper says, he's seen hackers mess with settings on a computer to frustrate the user until he or she calls tech support, which results in an administrator logging into their machine. The hacker can then steal that administrator's much more valuable credentials from memory and use them to wreak havoc elsewhere on the network.

Credential dumping is so crucial to modern hacking operations, Serper says, that he finds in analyses of victim networks that it often precedes even the other basic moves hackers make after gaining access to a single computer, such as installing persistent malware that will survive if the user reboots the machine. “In every large breach you look at today, credentials are being dumped,” Serper says. “It’s the first thing that happens. They just get in, then they dump the passwords.”

By far the most common tool for credential dumping was created in 2012 by a French security researcher named Benjamin Delpy and is known as Mimikatz. Delpy, who worked for a French government agency, wrote it to improve his C++ coding skills and also as a demonstration of what he saw as a security oversight in Windows that he wanted to prove to Microsoft.

Since then, Mimikatz has become the go-to credential dumping tool for any hacker who hopes to expand access across a network. Dmitri Alperovitch, the chief technology officer of security firm Crowdstrike, calls it the “AK-47 of cybersecurity." Some sophisticated hackers also build their own credential dumping tools. More often they modify or customize Mimikatz, which is what happened with the likely Chinese hackers revealed last month to have targeted at least 10 global phone carriers in an espionage campaign.

THE WIRED GUIDE TO DATA BREACHES

Aside from that sort of espionage, credential dumping has become a key tool for hackers who seek to spread their infection to an entire network with the aim of destroying or holding ransom as many computers as possible. Mimikatz, for instance, served as an ingredient in a range of paralyzing incidents, from the LockerGoga ransomware attack on aluminum firm Norsk Hydro to the NotPetya worm, a piece of destructive malware released by Russian state hackers that became the most costly cyberattack in history. "Any time we hear in the news that ransomware has taken out an entire organization, this is what happened," says Rob Graham, the founder of Errata Security. "This is how it spread through the entire domain: It gets credentials and uses this mechanism to spread from one computer to the next."

The danger of credential dumping, Graham warns, is that it can turn even one forgotten computer with unpatched vulnerabilities into that sort of network-wide disaster. "It’s not the systems that everyone knows about that you need to worry about, those are patched. It's the systems you don't know about," he says. "A foothold on these unimportant systems can spread to the rest of your network."

While keeping hackers from ever gaining that foothold is an impossible task, Graham says that system administrators should carefully limit the number of users with administrative privileges to prevent powerful credentials from being accessed by hackers. Administrators should be wary of logging into computers that they suspect might be compromised by hackers. And Cybereason's Amit Serper points out that two-factor authentication can help, limiting the use of stolen passwords since anyone trying to use them would need a second authentication factor, too, like a one-time code or a Yubikey.

"Having that second factor is the best way to battle credential dumping," Serper says. "How else can you protect yourself if someone has the master key to your house?"

Categorized in Internet Privacy

[This article is originally published in hothardware.com written by Rod Scher - Uploaded by AIRS Member: Jasper Solander] 

We have all heard of the dark web: a lawless digital world, uncharted and unstructured, full of data -- much of it illegally acquired and illegally for sale -- that cannot be viewed without special tools: proxy servers, TOR browsers, and the like. It's a murky and mysterious place, a place where much information resides but is difficult to unearth for the uninitiated.

Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.

Karl1 Karl Swannie is the CEO of Echosec, the company behind Beacon.

"Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec CTO Michael Raypold. "We’ve designed Beacon to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the dark web as easy as using a surface web search engine."

The idea behind Beacon is that it can be used by a company to potentially head off -- or at the very least mitigate -- a potential disaster. Since the bulk of the data on the dark web is essentially unstructured, the Echosec team crawled the dark web, indexed its content and then build a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the dark web.

beacongrabWith Beacon, dark web data can be searched by a variety of criteria. Specific types of data (credit cards, emails, etc.) can be searched for explicitly.

Keep in mind, of course, that not everything on the dark web is illegal.

Says Raypold, "The dark web is a place where you can source illegal or illicit materials because the inherent privacy and anonymity baked into platforms like the TOR network makes buying and selling these goods easier to achieve without repercussions. However, that isn’t to say everything on the dark web is illegal. News organization like the NYTimes and Pro Publica maintain Onion sites for their more privacy-conscious users and to help disseminate news that might otherwise be censored." Still, much of the dark web's content was acquired illegally and can be misused to spread misinformation, victimize vulnerable populations, execute social engineering exploits, or engage in various forms of identity theft.

We all know that information in the wrong hands can be dangerous. Raypold cites the story of Coca-Cola's attempt, some years back, to acquire a Chinese soft drink company. Unbeknownst to high-level Coca-Cola executives, the company's secret plans and negotiation tactics were in fact not secret at all, because Coca-Cola had been previously hacked, thanks to a phishing email opened by a Coca-Cola exec.

Beacon did not exist at that time (2009), but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web; if so, Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. (In the end, the acquisition fell through, most likely because Coca-Cola -- having lost control of its confidential information -- had also lost any leverage it might have had in the negotiations.)

The goal of Beacon, says Raypold, is to allow companies to easily examine data on the dark web as a way of locating the potentially harmful information that’s stored there: this could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. After all, if your data has been compromised, it's always better to know than not to know.
MikeMike Raypold is the CTO of Echosec, LTD.

"Beacon allows teams to more quickly identify and respond to information that can materially damage a company’s brand and consumer trust," says Raypold. "Being able to quickly identify a sensitive problem also means that you can start putting a solution in place and notify your customers before they find out through other means."



Of course, a security tool is but another weapon in the wrong hands, and weapons can be misused; it's one thing for a pen-tester or white-hat hacker to be in possession of systems that can locate or uncover data, but what about someone finding a way to misuse Beacon? While Raypold notes that it is possible to misuse Beacon, since the tool makes it easier for users to locate data they might otherwise have difficulty finding, he says that the company has taken steps to mitigate that danger.

"First, every Echosec customer must go through a use-case approval process to determine how the customer is using the application and to make sure they are in compliance with the vendors from whom the data Is sourced," says Raypold. "If a potential customer cannot pass the use-case approval process, they do not get access to the system."

Beacon Black

Second, the company has built automated tools and manual processes into its platform and into the company workflows to notify the Echosec team if users attempt to run searches that are in violation of their approved use case.

"The checks built into the platform will outright prevent some searches from being run so that users never receive data that we perceive could be used with malicious intent. Furthermore, some of the vendors from whom we source data have asked us to prevent certain queries from being run, regardless of a customer's use case," says Raypold. (Naturally, the company publishes an "acceptable use" policy, which can be found here.)

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets, and other sensitive data. White-hat hackers -- such as pen-testers -- could conceivably be a market as well, but the company feels that would be fairly uncommon. And if it did occur, it would simply be viewed as an example of contracted security experts acting on behalf of the ultimate corporate customer.

However, (and by whomever) Beacon is used, it looks as if the murky landscape of the dark web is no longer quite as dark as it once was.

Categorized in Deep Web

What would you do if your most private information was suddenly available online, for anyone to see? Just imagine: picturesvideos, financial information, emails...all accessible without your knowledge or consent to anyone who cares to look for it.  We've probably all seen news items come out about various celebrities and political figures who have been less careful than they should be with information that was not meant for public consumption.

Without proper oversight of this sensitive information, it can become available to anyone with an Internet connection.

Keeping information safe and protected online is a growing concern for many people, not just political figures and celebrities. It's smart to consider what privacy precautions you might have in place for your own personal information: financial, legal, and personal. In this article, we're going to go over five practical ways you can start protecting your privacy while online to guard yourself against any potential leaks, avoid embarrassment, and keep your information safe and secure.

Create Unique Passwords and Usernames for Each Online Service

Many people use the same usernames and passwords across all their online services. After all, there are so many, and it can be difficult to keep track of a different login and password for all of them. If you're looking for a way to generate and keep track of multiple secure passwords, KeePass is a good option, plus it's free: "KeePass is a free open source password manager, which helps you to manage your passwords in a secure way.

You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish)."

Don't Assume Services are Safeguarding Your Information

Online storage sites such as DropBox do a pretty good job of keeping your information safe and secure. However, if you're concerned that what you're uploading is especially sensitive, you should encrypt it - services like BoxCryptor will do that for you for free (tiered pricing levels do apply).

Be Careful Sharing Information Online

We're asked to fill out forms or log into a new service all the time on the Web. What is all this information used for? Companies make a lot of money analyzing and using the data that we are freely giving them. If you'd like to stay a little bit more private, you can use BugMeNot to avoid filling out unnecessary forms that ask for too much personal information and keep it for other uses.

Never Give Out Private Information

We should all know by now that giving out personal information (name, address, phone number, etc.) is a big no-no online. However, many people don't realize that the information that they are posting on forums and message boards and social media platforms can be put together piece by piece to create a complete picture. This practice is called "doxxing", and is becoming more of a problem, especially since many people use the same username across all of their online services.

In order to avoid this happening, be extremely cautious in how much information you're giving out, and make sure you don't use the same username across services (see the first paragraph in this article for a quick review!).

Log Out of Sites Often

Here's a scenario that happens all too often: John decides to take a break at work, and during that time, he decides to check his bank balance. He gets distracted and leaves the bank balance page up on his computer, leaving secure information out for anyone to see and use. This kind of thing happens all the time: financial information, social media logins, email, etc.

can all be compromised extremely easily. The best practice is to make sure you're on a secure computer (not public or work) when you're looking at personal information, and to log out of any site you might be using on a public computer so that other people who have access to that computer will not be able to access your information. 

Prioritize Online Privacy

Let's face it: while we'd like to think that everyone we come in contact with has our best interests at heart, this is sadly not always the case — and especially applies when we're online. Use the tips in this article to protect yourself from unwanted leaks of your personal information on the web. 

Source: This article was published lifewire.com By Jerri Collins

Categorized in Internet Privacy

FILE - CIA Director Mike Pompeo testifies before a Senate Intelligence hearing during his nomination process, in Washington, Jan. 12, 2017.

WASHINGTON — If this week’s WikiLeaks document dump is genuine, it includes a CIA list of the many and varied ways the electronic device in your hand, in your car, and in your home can be used to hack your life.

It’s simply more proof that, “it’s not a matter of if you’ll get hacked, but when you’ll get hacked.” That may be every security expert’s favorite quote, and unfortunately, they say it’s true. The WikiLeaks releases include confidential documents the group says exposes “the entire hacking capacity of the CIA.”

The CIA has refused to confirm the authenticity of the documents, which allege the agency has the tools to hack into smartphones and some televisions, allowing it to remotely spy on people through microphones on the devices.

Watch: New Generation of Hackable Internet Devices May Always Be Listening

Screenshot 1

WikiLeaks also claimed the CIA managed to compromise both Apple and Android smartphones, allowing their officers to bypass the encryption on popular services such as Signal, WhatsApp and Telegram.

For some of the regular tech users, news of the leaks and the hacking techniques just confirms what they already knew. When we’re wired 24-7, we are vulnerable.

“The expectation for privacy has been reduced, I think,” Chris Coletta said, “... in society, with things like WikiLeaks, the Snowden revelations ... I don’t know, maybe I’m cynical and just consider it to be inevitable, but that’s really the direction things are going.”

The internet of things

The problem is becoming even more dangerous as new, wired gadgets find their way into our homes, equipped with microphones and cameras that may always be listening and watching.

One of the WikiLeaks documents suggests the microphones in Samsung smart TV’s can be hacked and used to listen in on conversations, even when the TV is turned off.

Security experts say it is important to understand that in many cases, the growing number of wired devices in your home may be listening to all the time.

“We have sensors in our phones, in our televisions, in Amazon Echo devices, in our vehicles,” said Clifford Neuman, the director of the Center for Computer Systems Security, at the University of Southern California. “And really almost all of these attacks are things that are modifying the software that has access to those sensors so that the information is directed to other locations. Security practitioners have known that this is a problem for a long time.”

Neuman says hackers are using the things that make our tech so convenient against us.

“Certain pieces of software and certain pieces of hardware have been criticized because, for example, microphones might be always on,” he said. “But it is the kind of thing that we’re demanding as consumers, and we just need to be more aware that the information that is collected for one purpose can very easily be redirected for others.”

Tools of the espionage trade

The WikiLeaks release is especially damaging because it may have laid bare a number of U.S. surveillance techniques. The New York Times says the documents it examined layout programs called “Wrecking Crew” for instance, which “explains how to crash a targeted computer, and another tells how to steal passwords using the autocomplete function on Internet Explorer.”

Steve Grobman, chief of the Intel Security Group, says that’s bad not only because it can be done, but also because so-called “bad actors” now know it can be done. Soon enough, he warns, we could find our own espionage tools being used against us.

“We also do need to recognize the precedents we set, so, as offensive cyber capabilities are used ... they do give the blueprint for how that attack took place. And bad actors can then learn from that,” he said.

So how can tech-savvy consumers remain safe? Security experts say they can’t, and to remember the “it’s not if, but when” rule of hacking.

The best bet is to always be aware that if you’re online, you’re vulnerable.

Source: This article was published voanews.com By Kevin Enochs

Categorized in Online Research

Hospitals across the world were forced to pay out $121m (£94m) in 2016 as hackers have started targeting healthcare institutions in ransom attacks.

The figure, revealed by computer security specialist McAfee in a report, shows how cybercriminals are viewing hospitals as one of the most lucrative avenues for generating an income in today's technological environment.

Hackers reportedly view hospitals as a "soft target" because their reluctance to update IT infrastructure makes them vulnerable to attack, while the necessity of saving patients' lives makes them more likely to pay.

Commenting on the £94m figure, Roland Moore-Colyer of IT publication Silicon said: "More organisations like hospitals are being targeted as they are seen by hackers to have legacy IT systems that cannot effectively defend against ransomware attacks.

"As these organisations have not historically been targets of ransomware, they have not had the impetus to have robust cyber security, which now means they are 'soft targets' for hackers and cyber criminals.

"With the need for rapid access to information, hospitals in particular are more likely to pay the hackers to release them from the ransomware, making healthcare organisations a lucrative target."

It comes as the NHS became the biggest victim of a global ransomware attack in which as many as 45 hospitals across England and Scotland were compromised.

Hospital staff were frozen out of their computers and could only regain access if they paid a ransom of $300 worth of Bitcoin. According to images of affected computers, staff have been told that the payment amount will rise on Monday (15 May) and, if payment is not received, all data will be lost by Friday (19 May).

gigi

Prime Minister Theresa May has stressed that the NHS was not directly targeted in this attack, but has instead been swept up in an international effort.

However, it has been revealed that the NHS was more likely to fall prey to such an attempt as up to 90% of hospitals still use Windows XP – an obsolete 16-year-old operating system that is no longer supported by Microsoft.

Labour leader Jeremy Corbyn has questioned why NHS IT systems were not replaced in 2014, when Microsoft officially ended support for XP.

Source: This article was published ibtimes.co.uk By Tareq Haddad

Categorized in News & Politics

It’s amazing what you can learn by analyzing the strategies that are working for your competitors. Best of all, you can incorporate what you learn and put your own spin on it when creating your own campaigns. What are some ways you can find and leverage this valuable information? Read on!

Knowledge is power and you can find it in unexpected places. It’s nearly impossible to develop an effective digital marketing strategy without having adequate information about your competitors. It’s amazing what you can learn by analyzing the strategies that are working for your competitors. Best of all, you can incorporate what you learn and put your own spin on it when creating your own campaigns. What are some ways you can find and leverage this valuable information? Read on!

Keywords your competitors are using

Researching your competitor’s keywords is one of the best ways to enhance your search engine optimization strategy. When you have details of your competitor’s keywords, it guides you in shaping your own SEO strategy, giving you a competitive advantage when it comes to those sought after search engine rankings.

Competitors' keywords in this context include those keywords which your competitors are using to rank higher on search engines and also those they targeted, but didn’t rank well. Knowing these two categories of keywords will enable you to make informed decisions about your SEO strategy.

So, how do you hack your competitor’s keywords?

Competitor keyword research involves more than just generating any keywords associated with your competitors. It requires doing a bit of manual research to get an authentic list of your competitor’s keywords. Though there is no one tool that will generate your competitor’s keywords in one click, there are several tools which can help speed up the process.

SEMRush

This is a unique keyword research tool that requires you to enter a URL, then lists the top 10 keywords that the website ranks well for organically. It will also provide information about the website, including each keyword’s position in search, traffic percentage and more.

Google Keyword Planner Tool

The Google keyword planner is a free tool from Google, provided to advertisers in order to research keywords for Adwords campaigns.  The tool can also be used by those who do not intend to use Adwords but are looking for other information. All you need is a free Google account, then set up your Adwords account and you can use the tool.

The tool provides an estimate of your competitor’s keywords and how each one is performing. Simply log in to your Adwords account and select keyword planner, then click on "find new keywords." Then input your competitor’s URL into the “your landing page” field and click on “get ideas."

Google scans your competitor’s website and generates a list of all the keywords related to it. Then just click on “keyword ideas” to see the analysis.

Alexa

Alexa is generally known for giving traffic scores to websites. However, it also enables you to analyze the specific keywords bringing a high percentage of a website’s traffic. To do this, navigate to the site “info” tab and input your competitor’s URL, then go to the “analytics” tab to see the top keywords driving traffic to the website.

Top trends your competitors are following

In order to leverage customer’s behavior to your advantage, you need to understand the market and continuously monitor the entire niche. If you aren’t doing this, you need to be! You can easily do this by reading industry blogs and other publications, but you should also pay close attention to what your competitors are doing and saying when it comes to these trends.

You can take advantage of some great tools available to help properly analyze the top trends that your competitor are following. Here are just a few:

Google Trends

This tool sends reports whenever your competitor is mentioned online, which helps you monitor their activities.

Simply Measured

This tool gives you a bit of everything. It monitors your competitions’ trends, traffic sources, conversion rates, social media activities and more.

Google Alerts

Google Alerts sends you relevant updates of the latest Google results from specified queries. You can set up alerts for your competitors, allowing you to monitor any developments from them. It’s also helpful to set this up for yourself to monitor your own mentions!

Effective content formats

Developing content is a daunting task, whether it’s coming up with topics or adding new types of content. However, you can easily get ideas on how to craft your content by taking a peek at your competition. A look at how they create their content can give you valuable insight on how to create yours.

Look at the type of content that’s popular with their customers. Look at the word count and writing style. Is it casual? Formal? Quirky? Look at other structures like the length of paragraphs, headings and bullets. You’ll want to analyze the topics they write about and the format of the content. Is it predominantly written content or video? How many images do they use? Are they repurposing through Slideshare or infographics? What are they NOT doing?

Observe how many of each of these formats are published, how and whether they publish a single topic in different formats. All of these insights will enhance your own content game.

Backlinking possibilities

Despite the claims that Google’s algorithm focuses on content, backlinks are still part of the criteria that contributes to Google ranking. High-quality backlinks do wonders for SEO!

It’s important to have relevant backlinks for your website and one way of finding these opportunities is to analyze the backlinks of your competitors. There are several tools available to help you do this.

Monitor Backlinks

This website analyzes backlinks and then sends them directly to your inbox. It provides a detailed description of each link, specifying the highest and lowest rank, as well as indicating whether they are do follow or no follow. You can then compare the results to know which links might be good fit for your website.

Open Site Explorer

This tool reveals your competitor’s link building efforts and discloses those linking back to them. It also allows you compare data from various sites.

Ahrefs

This is a popular backlink tool that helps you research competitor backlinks. It will disclose the top pages and the IP address of those websites linked to your competitors.

You can learn a lot from your competitors and generate ideas for your own campaigns using these hacks. Have you used any of these tools or strategies? Which ones worked best for your business?

Source: This article was published business.com By Michael Georgiou

Categorized in Internet Privacy

THE NSA, IT seems, isn’t the only American spy agency hacking the world. Judging by a new, nearly 9,000-page trove of secrets from WikiLeaks, the CIA has developed its own surprisingly wide array of intrusion tools, too.

On Tuesday morning, WikiLeaks released what it’s calling Vault 7, an unprecedented collection of internal CIA files—what appear to be a kind of web-based Wiki—that catalog the agency’s apparent hacking techniques. And while the hoards of security researchers poring through the documents have yet to find any actual code among its spilled secrets, it details surprising capabilities, from dozens of exploits targeting Android and iOS to advanced PC-compromise techniques and detailed attempts to hack Samsung smart TVs, turning them into silent listening devices.

“It certainly seems that in the CIA toolkit there were more zero-day exploits than we’d estimated,” says Jason Healey, a director at the Atlantic Council think tank, who has focused on tracking how many of those “zero-days”—undisclosed, unpatched hacking techniques—the US government has stockpiled. Healey says that he had previously estimated American government agencies might have held onto less than a hundred of those secret exploits. “It looks like CIA might have that number just by itself.”

Mobile Targets

The leak hints at hacking capabilities that range from routers and desktop operating systems to internet-of-things devices, including one passing reference to research on hacking cars. But it seems to most thoroughly detail the CIA’s work to penetrate smartphones: One chart describes more than 25 Android hacking techniques, while another shows 14 iOS attacks.

Given the CIA’s counterterrorism work—and the ability of a phone exploit to keep tabs on a target’s location—that focus on mobile makes sense, Healey says. “If you’re going to be trying to figure where Bin Laden is, mobile phones are going to be more important.”

The smartphone exploits listed, it’s important to note, are largely old. Researchers date the leak to sometime between late 2015 and early 2016, suggesting that many of the hacking techniques that may have once been zero days are now likely patched. The leak makes no mention of iOS 10, for instance. Google and Apple have yet to weigh in on the leak and whether it points to vulnerabilities that still persist in their mobile operating systems. Android security researcher John Sawyer says he has combed the Android attacks for new vulnerabilities and found “nothing that’s scary.”

He also notes, though, that the leak still hints at CIA hacking tools that have no doubt continued to evolve in the years since. “I’m quite sure they have far newer capabilities than what’s listed,” Sawyer says.

Targeting Android, for instance, the leak references eight remote-access exploits—meaning they require no physical contact with the device—including two that target Samsung Galaxy and Nexus phones and Samsung Tab tablets. Those attacks would offer hackers an initial foothold on target devices: In three cases, the exploit descriptions reference browsers like Chrome, Opera, and Samsung’s own mobile browser, suggesting that they could be launched from maliciously crafted or infected web pages. Another 15 tools are marked “priv,” suggesting they’re “privilege escalation” attacks that expand a hacker’s access from that initial foothold to gain deeper access, in many cases the “root” privileges that suggest total control of the device. That means access to any onboard files but also the microphone, camera, and more.

The iOS vulnerabilities offer more piecemeal components of a hacker tool. While one exploit offers a remote compromise of a target iPhone, the WikiLeaks documents describe the others as techniques to defeat individual layers of the iPhone’s defense. That includes the sandbox that limits applications’ access to the operating system and the security feature that randomizes where a program runs in memory to make it harder to corrupt adjacent software.

“Definitely with these exploits chained together [the CIA] could take full control of an iPhone,” says Marcello Salvati, a researcher and penetration tester at security firm Coalfire. “This is the first public evidence that’s the case.”

The leak sheds some limited light on the CIA’s sources of those exploits, too. While some of the attacks are attributed to public releases by iOS researchers, and the Chinese hacker Pangu, who has developed techniques to jailbreak the iPhone to allow the installation of unauthorized apps, others are attributed to partner agencies or contractors under codenames. The remote iOS exploit is listed as “Purchased by NSA” and “Shared with CIA.” The CIA apparently purchased two other iOS tools from a contractor listed as “Baitshop,” while the Android tools are attributed to sellers codenamed Fangtooth and Anglerfish.

In a tweet, NSA leaker Edward Snowden pointed to those references as “the first public evidence [the US government] is paying to keep US software unsafe.”

Internet of Spies

While the leak doesn’t detail the CIA’s attack techniques for desktop software like Windows and MacOS as explicitly, it does reference a “framework” for Windows attacks that seems to act as a kind of easy interface for hacking desktop machines, with “libraries” of vulnerabilities that attackers can swap in and out. It lists attacks that bypass and even exploit a long list of antivirus software to gain access to target desktop machines. And for MacOS, the document references an attack on computers’ BIOS, the software that boots before the rest of the operating system. Compromising that can lead to a particularly dangerous and deep-rooted malware infection.

“This is something we already know that can be done, but we haven’t seen it in the wild,” says Alfredo Ortega, a researcher for security firm Avast. “And by a government, no less.”

The most surprising and detailed hack described in the CIA leak, however, targets neither smartphones nor PCs, but televisions. A program called Weeping Angel details work in 2014 to turn Samsung’s smart TVs into stealthy listening devices. The research notes include references to a “Fake Off” mode that disables the television’s LEDs to make it look convincingly powered down while still capturing audio. Under a “to-do” list of potential future work, it lists capturing video, too, as well as using the television’s Wi-Fi capability in that Fake Off mode, potentially to transmit captured eavesdropping files to a remote hacker.

A tool called TinyShell appears to allow the CIA hackers full remote control of an infected television, including the ability to run code and offload files, says Matt Suiche, a security researcher and founder of the UAE-based security firm Comae Technologies. “I would assume that, by now, they would definitely have exploits for Samsung TVs,” Suiche says. “This shows that they’re interested. If you’re doing the research, you’re going to find vulnerabilities.” Samsung did not respond to WIRED’s request for comment.

The fact that the CIA mixes this sort of digital espionage with its more traditional human intelligence shouldn’t come as a surprise, says the Atlantic Council’s Healey. But he says the sheer volume of the CIA’s hacking capabilities described in the WikiLeaks release took him aback nonetheless. And that volume calls into question supposed limitations on the US government’s use of zero-day exploits, like the so-called Vulnerabilities Equities Process—a White House initiative created under President Obama to ensure that security vulnerabilities found by US agencies were disclosed and patched, where possible.

If Vault 7 is any indication, that initiative has taken a back seat to assembling a formidable array of hacking tools. “If the CIA has this many,” Healey says, “we would expect the NSA to have several times more.”

This article was  published in wired.com by ANDY GREENBERG

Categorized in Internet Privacy

Leak suggests CIA malware systems have targeted iPhones, Android systems, Microsoft software and Samsung smart TVs.

The CIA can turn your TV into a listening device, bypass popular encryption apps, and possibly control your car, according to thousands of documents published by WikiLeaks, an anti-surveillance group.

The group posted nearly 9,000 documents on Tuesday it said were leaked from the Central Intelligence Agency, in what it described as the largest-ever publication of secret intelligence materials.

It said the trove of documents "appears to have been circulated among former US government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive".

Jonathan Liu, a spokesman for the CIA, said: "We do not comment on the authenticity or content of purported intelligence documents."

Experts who have started to sift through the material said that it appeared legitimate.

The leak, named "Vault 7" by WikiLeaks, claims the CIA developed a malware to infect mobile phones to allow easier surveillance - but lost control of the technology. If the CIA really lost control of the technology, hackers worldwide could use the tools to steal data.

Edward McAndrew, a lawyer with a speciality in cyber security, said the security breach is a major concern for the CIA because its technology could already be in the wrong hands

"What we're hearing from WikiLeaks and others is that pieces of the toolkit are now outside of Langley [the CIA's Virginia headquarters]," he told Al Jazeera.

"If that's true, once these tools are introduced into the wild of the internet, they cannot be reclaimed. We'll then see a race between those who would use these tools to exploit others and those trying to close all these vulnerabilities that have now come to light." 

The actual hacking tools were not part of the WikiLeaks trove.

WikiLeaks said it planned to avoid distributing tools "until a consensus emerges" on the political nature of the CIA's programme and how such software could be analysed, disarmed and published.

Malware systems

WikiLeaks said the documents show the CIA has produced more than 1,000 malware systems - viruses, trojans, and other software that can infiltrate and take control of target electronics.

These hacking tools have targeted iPhones, Android systems such as the kind of personal phone reportedly still used by President Donald Trump, popular Microsoft software and Samsung smart TVs, which can be transformed into covert microphones, according to WikiLeaks.

The agency has also examined hacking into the electronic control systems on cars and trucks, potentially enabling it to control them.

By infecting smartphones, WikiLeaks said, the CIA can get around the encryption technologies of popular apps such as WhatsApp, Signal, Telegram, Weibo, and Confide by collecting communications before they are encrypted.

Matthew Green, professor of computer science, told Al Jazeera that "ordinary people" should not have to worry about the revelations.

"What I would perhaps worry about is that some of this might get into the hands of very sophisticated criminal organisations or foreign governments and be used in a very targeted way against activists or human rights workers," he said.

Source : aljazeera.com

 

Categorized in News & Politics

Scientists have found a new vulnerability in a common tech component, uncovering a security flaw that could expose potentially millions of smartphones, fitness wearables, and even cars to hacking.

By using sound waves, researchers have figured out how to trick accelerometers – the tiny sensors in gadgets that detect movement – into registering a fake motion signal, which hackers could exploit to take control of our devices.

"It's like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words," computer scientist Kevin Fu from the University of Michigan told The New York Times.

"You can think of it as a musical virus."

The sensors that Fu's team investigated are called capacitive MEMS accelerometers, which register the rate of change in an object's speed in three dimensions.

It's these sensors that can tell which way you're holding or tilting your smartphone or tablet, and count the steps you take using an activity tracker.

But they're not just used in consumer gadgets – they're also embedded in the circuits of things like medical devices, vehicles, and even satellites – and we're becoming more reliant on them all the time.

"Thousands of everyday devices already contain tiny MEMS accelerometers," Fu explains in a press release.

"Tomorrow's devices will aggressively rely on sensors to make automated decisions with kinetic consequences."

But accelerometers have an Achilles heel: sound. By precisely tuning acoustic tones to the right frequency, Fu's team was able to deceive 15 out of 20 different models of accelerometers from five different manufacturers, and control output from the devices in 65 percent of cases.

Accelerometers may enable some high-tech functionalities, but the principle is fundamentally simple – using a mass suspended on springs to detect changes in speed or direction. But those measurements can effectively be forged if you use the right sonic frequency to fool the tech.

"The fundamental physics of the hardware allowed us to trick sensors into delivering a false reality to the microprocessor," Fu explains.

Once they figured out what the frequencies were to manipulate the sensors, they were able to trick a Fitbit into counting thousands of steps that were never taken; pilot a toy car by taking control of a smartphone app; and even use a music file to make a Samsung Galaxy S5 crudely write out a word ("Walnut") in a graph of its accelerometer readings.

The tech used to hijack these devices wasn't high-end audio gear either. In one case, the researchers used a US$5 external speaker; in another, a smartphone played a sound file on its own internal speaker and effectively hacked itself.

While all these proofs-of-concept were fairly harmless demonstrations of the technique, the researchers warn that it could easily be used for malicious and potentially very dangerous purposes.

"If a phone app used the accelerometer to start your car when you physically shake your phone, then you could intentionally spoof the accelerometer's output data to make the phone app think the phone is being shaken," one of the team, Timothy Trippel, told Gizmodo.

"The phone app would then send the car a signal to start."

The research is due to be presented at the IEEE European Symposium on Security and Privacy in Paris in April, and while the study hasn't yet been peer-reviewed, the findings are being treated seriously.

As John Markoff at The New York Times reports, the US Department of Homeland Security is expected to issue a security alert in relation to the specific sensors documented in the paper.

The manufacturers involved were separately forewarned of the vulnerability before the researchers went public with their findings this week.

Now that we know about the security flaw, hopefully researchers and technology companies will be able to work together and find a means of patching up the weak spot.

As technological devices get ever more powerful and independent, it's crucial that they can't be puppeteered by something as rudimentary as sound waves overriding their fundamental components.

"Humans have sensors, like eyes, ears, and a nose," says Trippel.

"We trust our senses and we use them to make decisions. If autonomous systems can't trust their senses, then the security and reliability of those systems will fail."

Source : sciencealert.com

Categorized in Internet Privacy

Most people would be truly alarmed if they understood how easily criminals can hack into their cell phones and retrieve personal and potentially damaging information. Criminals today have devices that allow them to hack into your cell phone by just dialing the number. In fact, with this technology, they can also listen to your calls, read your emails, text messages, access your photos and any other information you store on your phone. They can even retrieve your  password to your online bank account. For this very reason it is important to learn about security for mobile phones.

What makes this situation more frightening is the fact that phone hacking instructions can be found on the internet for any dishonest person to access. Therefore, it is crucial for people to to set up security for mobile phones. In this past year alone, more than a billion cell phones have been hacked due to the fact that they were unprotected, according to experts. Most cell phone owners weren’t even aware they could install security for mobile phones.

Today, cell phones have become so smart – they are more like computers than phones. This has left them wide open to hackers who now have good reason to want to hack unprotected cell phones. Before a person is even aware their phone has been hacked, the criminal has access to all their private information. This is why security for cell phones is so important for users.

Another common hacking method, also known as “the man in the middle,” allows a criminal to hack into a mobile phone’s operating system and then reroutes all the data to a third party who is just sitting there waiting to utilize stolen information.

Some cell phone hackers can even have a device perform this when a mobile phone is turned off, which makes all mobile phones vulnerable for attack.

Securing your phone from hackers requires multiple steps including creating secure passwords, avoiding public Wi-Fi and diligence in checking links in emails and messages to ensure authenticity before clicking on them.

As part of your overall security plan, we recommend securing phone calls and messages, with end-to-end encryption, ensuring no one other than you and the intended recipient can access the call or message. For information on securing phone calls and messaging, Contact KoolSpan.

Author : Glenn Schoonover

Source : https://koolspan.com/hack-a-cell-phone/

Categorized in Internet Privacy
Page 1 of 4

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now