Category Archives: CyberSafety

  • -

Feds Say That Banned Researcher Commandeered a Plane

Category : CyberSafety , CyberSecurity

Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.

Article: Wired


  • -

Can Macs get viruses and malware?

Category : CyberSafety , CyberSecurity

“Mac OS X software has more high-risk vulnerabilities than all versions of Windows put together,” explains Bogdan, “Apple markets these products as virus-free. They say you don’t need an antivirus, because they know people hate antivirus software. These utilities often slow down your computer, so they don’t want to promote them.”

“We have discovered and registered more than 48 million new unique malware samples this year alone, but more than 98% have been written for the Windows platform,” says Andreas Marx, AV-Test CEO, “Less than 5,000 new viruses were written for Mac OS X, but these kinds of malicious software do exist.”

“It’s going to cost the hacker more to build Mac OS X malware than Windows-based malware,” says Bogdan.
The reputation Mac OS X has for security is also not entirely undeserved. Mac OS X does have safety mechanisms built-in. You don’t have root privileges over the machine, you have to enter your password to reconfigure the system, and there’s a gatekeeper sub-system that doesn’t allow you to install files unless they are digitally signed by Apple. Of course, none of that means you can’t write malware for Mac OS X.

Article: Digital Trends

Note from Innovice-IT B.V.

Santa is a binary whitelisting/blacklisting system for Mac OS X. It consists of a kernel extension that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and a command-line utility for managing the system and synchronizing the database with a server.

Santa is not yet a 1.0. We’re writing more tests, fixing bugs, working on TODOs and finishing up a security audit.

Santa is named because it keeps track of binaries that are naughty and nice.
Santa is a project of Google’s Macintosh Operations Team.

For more information about Santa, please contact us!


  • -

SHA-1 crypto hash retirement fraught with problems

Category : CyberSafety , CyberSecurity

Bumbling duffers using WinXP and old Android releases aren’t helping

The road towards phasing out the ageing SHA-1 crypto hash function is likely to be littered with potholes, security experts warn.

SHA-1 is a hashing (one-way) function) that converts information into a shortened “message digest”, from which it is impossible to recover the original information. This hashing technique is used in digital signatures, verifying that the contents of software downloads have not been tampered with, and many other cryptographic applications.

The ageing SHA-1 protocol – published in 1995 – is showing its age and is no longer safe from Collision Attacks, a situation where two different blocks of input data throw up the same output hash. This is terminal for a hashing protocol, because it paves the way for hackers to offer manipulated content that carries the same hash value as pukka packets of data.

Certificate bodies and others are beginning to move on from SHA-1 to its replacement, SHA-2. Microsoft announced its intent to deprecate SHA-1 in Nov 2013.

More recently, Google joined the push with a decision to make changes in he latest version of its browser, Chrome version 42, so that SHA-1 certificates are flagged up as potentially insecure.

housekeys_1

Article: The Register


  • -

FBI Warns of Potential for Cyber Attacks from Iranian Group

In a confidential report to US businesses, the FBI warned of techniques
that have been used by an Iranian group believed to be responsible for
attacks against computer networks at defense contractors, energy
companies, and colleges and universities around the world. The warning
follows a report from Cylance about Operation Cleaver, the name for the
group’s activity.

This might be the group responsible for worldwide attacking CA’s.

Article: The Register


  • -

Apple to Stop Using SSL 3.0 for Push Notifications

Apple plans to stop using the Secure Sockets Layer 3.0 (SSL 3.0)
encryption standard for its Apple Push Notification service following
the disclosure of a vulnerability. Developers have until October 29 to
update their apps.

Article: ZDNet


  • -

Google Now Offering USB Key Security

Category : CyberSafety , CyberSecurity

Google is now offering optional enhanced security for users of its many
services. The Security Key technology lets users of Google’s Chrome
browser insert a key into a USB port on the device and tap it when
prompted. It’s a more streamlined version of the 2-Step verification the
company already offers, which sends users a code as a text message or
email that users then enter. The new system requires that users purchase
the USB key.

Article: Krebsonsecurity


  • -

SSL 3.0 discovered to be insecure to a man-in-the-middle attack

SSL v3.0 has been found to be insecure to a
man-in-the-middle attack, allowing the plaintext of secure connections
to be calculated by a network attacker.

SSL 3.0 is nearly 18 years old, but support for it remains widespread. Most importantly, nearly all browsers support it and, in order to work around bugs in HTTPS servers, browsers will retry failed connections with older protocol versions, including SSL 3.0. Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue.

Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks.

Innovice-IT is partner of KeyTalk (http://keytalk.com). KeyTalk prevents man in the middle attacks at a very smart way with Device DNA and short living certificates. This prevents a load of key management for your helpdesk and keeps the login’s safe. We are able to facilitate a proof of concept for your company. Please contact us for more information.


  • -

Shellshock Flaw is Being Actively Exploited

There are reports that attackers have already begun exploiting this flaw
to infect vulnerable servers around the world.

Article: Wired


  • -

Innovice-IT starts cooperation with KeyTalk

Man-in-the-Middle intrusions, and highly sensitive data transmission requirements

KeyTalk has been designed to protect against Man-in-the-Middle intrusions without becoming a tough nut to crack in regard to client usage or management.

Man-in-the-Middle is considered one of the toughest intrusions to defend against. It is frequently used by technologically advanced malicious parties such as black-hat hackers and rogue states to obtain digitally transmitted sensitive information.

KeyTalk uses an innovative secure communication channel over any untrusted Internet connection, over which it provides your user with a short lived client side certificate in a fully automated secure manner. The corresponding key-pair strength ranges from 2048 up to 4096 bit RSA encryption and changes with each renewed certificate.
With the client certificate being totally transparent to the end-user, a secure Man-in-the-Middle intrusion proof connection can be established using standard server configurations.

Innovice-IT will cooperate with KeyTalk via Secure Managed Hosting in the Netherlands.

More about KeyTalk: Keytalk


  • -

iOS 8 Prevents Apple From Accessing Device Data

Apple says that the most recent version of its mobile operating system
removes the company’s ability to provide law enforcement with data from
devices running iOS 8. Encryption used in this iteration of iOS prevents
everyone expect the device’s owner from accessing data stored on the
device. Apple will still be able to turn over data stored elsewhere,
such as in iCloud. However, while Apple may not have the ability to
access those data, police could ostensibly retrieve the data from locked
devices.

Article: Washingtonpost


Search

Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20 percent from 1.5 million in 2015, accordin…

  2. Bas Eikelenboom

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @RidT: A few observations on today's "online escalation" New York Times story. I see lots of people making assumptions and jumping to co…

  4. Bas Eikelenboom
    Bas Eikelenboom: RT @bellingcat: Bellingcat's @Timmi_Allen put together the following video demonstrating how various images of the Kokuka Courageous match…

  5. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: AI and 5G will create an explosion in cybersecurity risks, says FBI agent and general counsel at $50 billion firm https…

Archive

Categories