Pwn2Own: All browsers fall!

 

This week Hewlett-Packard continued its annual Zero Cay Initiative (ZDI) Pwn2Own event. Pwn2own is hacking contest where HP awards security research team’s cash prizes for responsibly exposing security flaws in popular OS’s, Applications, and browsers. The Vendors then collaborate with each other to find solutions for the newly exposed threats.

This week on March 12^th the first day of the competition, Adobe Flash and Reader, IE 11 (Internet Explorer), and Firefox 27 had Security holes exposed. On March 13^th the second day of the competition all browsers had Security exploits exposed, including Google Chrome who had patched 7 security flaws a few days prior to the event.

When the dust had settled at the end of the Pwn2Own event all the major browsers had had security flaws exposed and the security teams had taken away $850,000 out of the $1,085,000 possible prize money. Team VUPEN won the highest gross of $400,000 in the competition having exposes 5 security flaws. In the end there remained only one prize that was left un-awarded which was for IE 11 w/EMET*.  So even though IE has a bad rap concerning security it is funny that it was the only unclaimed prize this year.

*EMET (Enhanced Mitigation Experience Toolkit) is a utility by Microsoft that helps prevent vulnerabilities in software from being exploited. EMET works by performing input validation against code in the program to prevent exploits of possible security holes. EMET can be downloaded directly from Microsoft and requires IE 10 or higher.

 

Reference

http://www.dedoimedo.com/computers/windows-emet.html

 

Villain attack our comiXs

As an avid comic book reader, which I’ve been my whole life ever since I can remember the Comixology breach has hit me close to home. You see I’ve recently adopted digital format comic books. I love collecting the physical comics, but I have begun using digital comics to complement the physical copies of my comics. I enjoy the freedom of digital format and being able to read my comics on the go so for that reason I am a member of Comixology.

Earlier this week I received an email from Comixology informing me that someone had broken into their system. The individual had gotten away with information like; email, usernames, and passwords. Comixology, in their letter assures that the passwords stolen where encrypted, but the truth is a hacker with enough skills and time could be able to decrypt them. They urge everyone to change their password as soon as possible. This breach makes me wonder if having multi-tier authentication could help alleviate these types of threats. Because even if a password did get compromised they would need to be able to bypass the next level of authentication in order to successfully log on to the users account.

Email from Comixology

Dear Comics Reader,

In the course of a recent review and upgrade of our security infrastructure, we determined that an unauthorized individual accessed a database of ours that contained usernames, email addresses, and cryptographically protected passwords.

Payment account information is not stored on our servers.

Even though we store our passwords in protected form, as a precautionary measure we are requiring all users to change their passwords on the comiXology platform and recommend that you promptly change your password on any other website where you use the same or a similar password. You can reset your comiXology.com password here.

We have taken additional steps to strengthen our security procedures and systems, and we will continue to implement improvements on an ongoing basis.

Please note that we will never ask you for personal or account information in an e-mail, so exercise caution if you receive emails that ask for personal information or direct you to a site where you are asked to provide personal information.

We apologize for the inconvenience. If you have any questions, please contact us by sending an email to support@comixology.com

Sincerely,

ComiXology

Wi-Fi Pandemic in our future?

British researchers from the University of Liverpool have created the first computer virus that spreads like the common cold meaning it spread like an airborne virus.

The new virus called “Chameleon” spreads by completing seven steps. First it identifies wireless access points with weak security. The virus then bypasses the encryption security on the access point. The virus then bypasses the administrative interface of the access point storing the settings and configuration, once the settings have been saved the virus will replace the AP’s firmware with the virus loaded firmware, reload the stored AP setting. Once these steps are completed the virus repeats the process by identifying more weak wireless access points.

The researchers said “It was assumed that it wasn’t possible to develop a virus to attack Wi-Fi networks” so they set out to prove that it could be done and that it could spread rather quickly in the public. With proper security configurations a user can protect themselves from infection through this type of attack, but I just have to ask WHY? Why help develop a new form of attack for hackers to exploit.

Yet again another reason for us to consider removing Flash from our systems.

 

For the second time in two weeks Adobe has issued an emergency quick fix for Flash. The latest threat to users of Flash is being called by Adobe as CVE-2014-0502. This is considered a zero-day vulnerability that affects Windows, Macintosh and Linux systems running Flash player. An exploit of zero-day vulnerability is an attack of a previously unknown hole in the software that the vendor is unaware. Adobe has categorized this vulnerability as a Priority level 1 warning that if Flash goes unpatched that it could potentially allows an attacker take control of your system.

Flash is primarily used today to stream video from sites as YouTube and Facebook. Flash is also used in a lot of websites so in order to view these sites Flash is necessary. Many modern mobile OS have gone as far as preventing Flash from being installed due to the security issues from having it installed. With the latest Flash vulnerability individuals and corporations will need to decide if having Flash installed outweigh the benefits.

Gamers beware? Flappy Bird malware!

 

Late comers to the Flappy Bird phenomenon are the latest target for hackers. When the creator Dong Nguyen unexpectedly pulled the massively popular game off of both the App Store and Android Marketplace there was a sudden rash of copycat versions of Flappy Bird flooding some third-party marketplaces.

Hackers are taking advantage of people’s curiosity by releasing fake Flappy Bird applications with malware. The fake game acts like a trial version that expires, and then prompts the user to send a text message to reactivate the game. The number that’s texted is a premium rate SMS number that cost money as well as posing a security risk by giving user information in the process. Users can minimize their exposure to malicious apps by avoiding the use of third-party marketplaces.

Hackers targeting Sochi Olympics enthusiast

Earlier this week a NBC news report by Richard Engel reported of privacy threats towards Olympic attendees through their mobile devices. The report went on to demonstrate how vulnerable mobile devices like smartphones and laptops are to hackers. Within one hour of being powered up they were being attacked, and in less than 24 hours both devices where hacked compromising fake profiles that were on the devices.

There have been several people speaking out towards the validity of the report. They say that the report is misleading because the computers were infected by visiting malicious Sochi Olympic websites, and not necessarily for being in Sochi. These sites can be visited from anywhere in the world so it is possible to have your devices compromised from here as easily as being in Sochi.

Regardless of the story the threat is still present and hackers are targeting people wanting to follow the Sochi Olympics. So users should practice safe web surfing when visiting Sochi Olympic sites.

11 students expelled for keylogging school computers.

 

11 students from Corona del Mar High School in Newport Beach, Southern California have been expelled for keylogging teacher’s computers.

The students allegedly worked with a private tutor Timothy Lai where they learned how to hack into the schools computers by using keylogger devices to spy on their teacher’s computers. The students later used the information gathered to gain access to the network and make changes to their grades.

In December a science teacher who had concerns that her computer had been tampered with raised an alarm. Investigation into this scandal is focusing on the past 12 month and over 52,000 grades being