Welcome to my blog

18,000 HMSA members’ information hacked

At least 18,000 Hawaii Medical Services Association members may have had their personal information accessed in a cyber attack on the Anthem Inc. A post on the HMSA website says users who received services from Anthem over the last 10 years could have had their information accessed. The number of affected members could be as high as 20,000 as the organization processes 2,000 unknown names. The information that may have been compromised includes names, dates of birth, cities of residence, and part of the membership number. HMSA will be sending letters to affected members over the next few...

BadUSB attack and the Industrial control systems

Industrial control systems are in danger of being hacked by using a modified version of the BadUSB attack says Michael Toecker in his presentation at the Security Analyst Summit 2015 in Cancun. Not that long ago, BadUSB swept across the cybersecurity community as one of the hottest hacks of the year. BadUSB featured the ability to modify the firmware of USB controller chips of many USB devices, with focus mainly on USB flash drives. Of course, a plethora of other devices, including webcams, USB keyboards, touchpads, etc., can potentially be compromised in much the same way. Once the device is infected with the malicious code, there is practically no way to find out or to remove it – making it a perfect tool for APT groups. Now, a new threat has emerged – consider it to be a BadUSB attack for industrial control systems (ICS). Michael Toecker of Context Industrial Security proposed just that at the Security Analyst Summit 2015. In his talk, Toecker proposed how such an attack might be carried out. At this point, the attack is only theoretical, but there is no valid reason to believe it cannot be executed. He proposed that the USB-to-serial converters that are being used to connect to the older critical hardware can have their firmware reprogrammed and can be abused to manipulate the ICS gear. “Engineers trust these [serial] connections more than Ethernet in ICS; if they have a choice, they pick serial vs Ethernet, because they trust that,” says Toecker. “What engineers don’t see is that bump in the wire that could be programmed maliciously, Telnet over two wires. That’s what I thought of when I heard about BadUSB.” Toecker tested his theory on 20 different USB-to-serial converters that he purchased online. He disassembled each one to examine what chips they use and whether these are reprogrammable. To his surprise, 15 of the 20 chips were not reprogrammable. These include chips from ATMEGA, FTDI, WCH, Prolific, and SiLabs. The remaining chips carried the risk of being reprogrammed, including a chip TUSB 3410 from Texas Instruments. This particular chip has two modes of operation, one where the firmware from a chip on the board is used and the other where the firmware is downloaded from the host machine. “Drivers installed on the host will provide firmware to the device and then run that firmware and do what it’s supposed to do after that. That’s the badness of BadUSB,” informs Toecker. “If you were to plug that USB-to-serial converter into anything else,...

Shodan Founder finds 250,000 routers sharing same SSH keys

The Founder of Shodan John Matherly was revamping the SSH banner when discovered a large number of devices that share same SSH keys. The Founder of Shodan, John Matherly, has conducted in December 2014 a personal research discovering that more than 250,000 routers used in Spain and deployed by Telefonica de Espana, and thousands more used in other countries worldwide are using the same SSH keys Matherly was revamping the SSH banner and collecting the fingerprint, when he observed that a few SSH keys were used by several devices. For example, the following SSH fingerprint is used by 250,000 routers. dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0 1 dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0   Matherly explained that the routers appear to be sold by Telefónica de España, the devices come pre-configured with the same operating system image. The expert highlighted that a small percentage of routers configured to allow a remote access may be vulnerable to cyber attack because share the same SSH private key. “It looks like all devices with the fingerprint are Dropbear SSH instances that have been deployed by Telefónica de España,” Matherly wrote in a blog post. “It appears that some of their networking equipment comes setup with SSH by default, and the manufacturer decided to re-use the same operating system image across all devices.” Matherly discovered other similar cases, separate batches of 200,000 and 150,000 devices were using the same SSH keys. “The next duplicated fingerprint on the list comes in at around 200,000 devices, followed by another one used by 150,000 devices. By analyzing the facets it’s easy to get a picture of systemic issues that plague both hardware manufacturers as well as ISPs/ hosting providers.” continues the post. Matherly has published on GitHub the list of unique fingerprints discovered in his analysis with Python script that he used to discover the duplicate SSL serial numbers. https://gist.github.com/achillean/07f7f1e6b0e6e113a33c The Reddit user cybergibbons run a similar analysis in UK discovering a block of shared fingerprints. “11,5061, 7,875, and 2,224 instances of duplicates they said were linked to telcos Sky Broadband, TalkTalk and BT Plusnet“ 7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf --> 11561 1 7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf --> 11561 a8:99:c2:92:08:fb:5e:de:4b:96:14:de:61:df:ad:6d --> 7875 1 a8:99:c2:92:08:fb:5e:de:4b:96:14:de:61:df:ad:6d --> 7875 03:56:e6:52:ee:d2:da:f0:73:b5:df:3d:09:08:54:b7 --> 2224 1 03:56:e6:52:ee:d2:da:f0:73:b5:df:3d:09:08:54:b7 --> 2224 b4:af:64:0c:9a:ed:ed:4d:b1:c0:12:5d:c9:e4:c8:f0 --> 1210 1 b4:af:64:0c:9a:ed:ed:4d:b1:c0:12:5d:c9:e4:c8:f0 --> 1210 eb:65:52:6e:40:28:af:a6:36:5b:b3:b4:0c:5d:32:3d --> 1082 1 eb:65:52:6e:40:28:af:a6:36:5b:b3:b4:0c:5d:32:3d --> 1082 39:aa:e4:e9:a2:e7:c1:04:9d:00:9f:b6:99:d5:9c:bd --> 879 1 39:aa:e4:e9:a2:e7:c1:04:9d:00:9f:b6:99:d5:9c:bd --> 879 57:94:42:63:a1:91:0b:58:a6:33:cb:db:fe:b5:83:38 --> 777 1 57:94:42:63:a1:91:0b:58:a6:33:cb:db:fe:b5:83:38 --> 777 f9:76:13:e7:86:11:8b:64:0f:e0:39:ea:e9:14:a7:18 --> 742 1 f9:76:13:e7:86:11:8b:64:0f:e0:39:ea:e9:14:a7:18 --> 742 14:96:82:72:6f:bc:a5:14:53:1c:72:71:0d:8b:cb:c2 --> 740 1 14:96:82:72:6f:bc:a5:14:53:1c:72:71:0d:8b:cb:c2 --> 740 34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6 --> 726 1 34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6 -->...

Is Bio hacking a security risk? The future is now!

Bio hacking – technology and humans have never been so close, they complement each other. But what are the security and privacy risks? IS BIOHACKING A SECURITY RISK? Imagine a world where our day to day activities like door locking, supermarket purchases, credit card swipes and smartphone usage are replaced by just one chip embedded under your skin. We are upgrading the human bodies to meet the technological needs. The future is expected to be completely technology dependent with very little human interruptions. Humans have been implanting technologies in their bodies for medical reasons like the adoption of implantable aids such as pacemakers, insulin pumps, deep brain stimulation system, the world is already filling with humans who could be considered part machines. BioHacking A practice of engaging biology with the hacker ethics. It is a wide spectrum of practices and movements ranging from designing and installing Do-It-Yourself body-enhancements such as chip implants. The term applies to any advanced technique that uses science and technology to improve human output and performance. To many, biohacking is a highly radical, unregulated science. Early Experiments in BioHacking: Kevin Warwick, Deputy Vice-Chancellor University(Research) at Coventry University, UK, conducted multiple experiments on himself. In 1998, he implanted a chip into his forearm to communicate with a computer programmed to respond to his actions. By tracking his movement through the halls and offices where he conducted research, the computer could turn on lights or opens doors for him. To explain how a machine could interpret what the body wants to do, Warwick likened the nerve signals to a telephone line. An implanted chip wouldn’t hinder any nerve impulses from the brain to a body part’s muscles and tendons; it would just tap into the signals being sent and received. In 2002, Warwick went much further. He implanted an electrode that transmitted nerve signals to robot arms. By moving his hand in New York, he could use an Internet connection to watch a robot replicate his movements in the UK. Warwick also installed a matching implant into his wife’s nervous system. By connecting neurally to his wife, the couple accurately identified each other’s nerve signals about 98 percent of the time. For example, if his wife moved her hand, Warwick could feel a sensation down his left index finger. “It didn’t feel like pain or heat or seeing. It was like an entirely new sense. And that was part of the experiment: to see if the brain can adapt and take on new types of input and learn...

SplashData published the list of Worst passwords of 2014

SplashData has published its annual report on the used of passwords that includes the list of the Worst passwords of 2014. Here we are to analyze the annual study published by SplashData, titled “123456” Maintains the Top Spot on SplashData’s Annual “Worst Passwords” List“, on the use of the passwords. Which are the most common passwords used by the users? Despite numerous suggestions, do users use strong passwords? SplashData has analyzed more than 3.3 million passwords leaked in 2014 which were publicly released, the researchers revealed the top 25 most common passwords. “The 2014 list of worst passwords demonstrates the importance of keeping names, simple numeric patterns, sports and swear words out of your passwords.” states the report. The top 25 most common passwords represent 2.2% (72600 passwords) of the overall leaked passwords analyzed by the study. Comparing the data with results of previous reports issued by SplashData, it is possible to note that only 2.2 percent of passwords now come from that list, this represent a significant decline in the use of weak passwords. “The bad news from my research is that this year’s most commonly used passwords are pretty consistent with prior years,” said Mark Burnett, author of “Perfect Passwords” (http://www.xato.net). “The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2% of passwords exposed. While still frightening, that’s the lowest percentage of people using the most common passwords I have seen in recent studies.” People are becoming more aware of the need for strong passwords to protect their digital identity, but it is important to highlight that single factor authentication are not enough to protect us. “As always, we hope that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different passwords for different websites.” said Morgan Slain, CEO of SplashData. The number of data breaches in still increasing, such as their overall cost, as confirmed by the study published by the Ponemon Institute. Let’s go deep in the report by starting from the results of the previous year: and let’s compare it with data emerged from the study of this year: That’s incredible! The situation hasn’t changed for the top two passwords that remain the same as 2013, ‘123456’ and ‘password’ are still the most used passwords. The new entries in the “Worst Passwords” list are the world ‘baseball’, ‘dragon’ and ‘football’, extending the analysis to...

« Previous Entries

Designed by İbrahim AKŞİT © 2019 | Powered by WordPress