« Archives in June, 2011

LulzSec announces an end to cyber attacks

Lulz Security made its announcement through its Twitter account, giving no reason for its decision.

A statement published on a file-sharing website said that its “planned 50-day cruise has expired”.

As a parting shot, the group released a selection of documents apparently including confidential material taken from the Arizona police department and US telecoms giant AT&T.

Read more…


I am a huge proponent of Didier Steven’s PDF tools but I have to say this new tool rocks! Lenny Zelter did a nice write-up of the this tools capabilities to analyze malicious PDFs. Matter of fact, Lenny is so impressed with the tool he plans to include it in the next release of his REMnux distro.

peepdf is a Python tool to analyze PDF files. The aim of Jose Miguel Esparza, the author of peepdf, is to provide all the necessary components that a security researcher would need in a PDF analysis without using 3 or 4 tools to perform all the tasks.

Project website can be found here.

High-Profile Hacks Prompt High-Powered Hires

A recent flurry of high-profile security executive hires and an increased demand for more skilled security talent during the past few months reflect how organizations are rethinking the role of security executives and the skills they need in their security teams to better protect intellectual property and other sensitive data.

It’s always surprising how it takes companies to have a major security breach before they take security seriously. Typically, it’s about production and the bottom line until something bad happens. In fact, I’ve been contacted recently by a few companies about positions in an attempt to “beef-up” their security program.

Most surprising about this article is that a company such as Mandiant is just now hiring a CSO. I’m definitely not saying that having a CSO is the end-all be-all to an effective security program but it does imply or not imply senior management support of the program. If it’s not important enough to have a senior level executive over a security program then it might appear that security is a hindrance to production rather than a necessity to secure production.

Read more…

‘John the “Faster” Ripper’

One of the industry’s first open-source password-cracking tools just got a big boost in power and performance with sponsorship from Rapid7, which also plans to more tightly integrate the so-called John the Ripper tool with Metasploit.

Alexander Peslyak, founder and CTO of Openwall, which created John the Ripper, says the password security-auditing tool is now nearly 20 percent faster at cracking Data Encryption Standard (DES)-based password hashes — a major improvement to the hacking tool.

Read more…

AppFence: Protecting User Data from Android Applications

A promising new technology called AppFence is currently being developed to mitigate the risks of misappropriation of the user’s data by today’s Android applications by a team of researchers at the University of Washington. AppFence implements two privacy controls that convertly substitue shadow data in place of data that the user wants to keep private and blocks network transmissions that contain data the user made available to the application for on-device use only. The source code is not available at this time but I’m looking forward to the product of their research.

Of course, if you’re running CyanogenMod7, this capability is available now. In the nightly builds of CyanogenMod7, the CyanogenMod team introduced the ability to revoke app permissions. With the ability to revoke permissions, an application can be installed and it’s access to features such as your contact list revoked, allowing you to use the app without worry about that component of security being exposed. However, revoking their access is likely to cause a force close unless the app is well-coded to handle this scenario.

To accommodate these apps the new feature also supports transparent “spoofing” of access for certain permission such as phone state and phone ID. This allows the system to return false data rather than deny access, which circumvents the force close issue in many cases.

Anyways, take a look at AppFence and the associated research data.

Apple Releases Security Updates to Address Multiple Vulnerabilities

Mac users, it’s time to patch up!

Apple has released Mac OS X 10.6.8 and Security Update 2011-004 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, disclose sensitive information, or cause a denial-of-service condition.

LulzSec claims attack on the Arizona Department of Public Safety

More LulzSec news.

The hacking collective LulzSec says it has hacked into the website and database of the Arizona Department of Public Safety (DPS) and released details of staff, emails and correspondence on public file-sharing sites.

The collective said on its website that it was releasing “hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement.”

Read more…

Dropbox Admits it Suffered Serious Password Failure

Cloud file synchronization company Dropbox has admitted that it suffered a serious security lapse that allowed an unknown number of users to log into any account using any password.

Read more…

StartSSL suffers security breach

Yet another web authentication authority has been attacked by hackers intent on minting counterfeit certificates that would allow them to spoof the authenticated pages of high-profile sites.

Israel-based StartCom, which operates StartSSL suffered a security breach that occurred last Wednesday, the company said in a tersely worded advisory. The certificate authority, which is trusted by the Microsoft Internet Explorer, Google Chrome, and Mozilla Firefox browsers to vouch for the authenticity of sensitive websites, has suspended issuance of digital certificates and related services until further notice.

Surprisingly, StartSSL is not handing out new certificates at this time.

Read more…

CIA, Senate hackers gleefully promise more

They’ve breached or busted the websites of the CIA, PBS and the U.S. Senate, and launched at least part of an extended attack on Sony, whose PlayStation Network was brought to a grinding halt for the better part of a month.
And, to hear them tell it, it’s all for a laugh.
Meet Lulz Security, or LulzSec, the gleeful and secretive band of hackers who appear to be responsible for a string of high-profile and sometimes embarrassing Internet attacks.

Yea, but it’s always fun until someone loses an eye.

Read more…