Tag Archives: Blackhat

Whitehat Finds Blackhat on Facebook – Daily Security Byte EP. 252

Bug Bounty programs are great ways for companies to get security researchers to help find and fix vulnerabilities in their products or infrastructure, but no one expected them to also reveal hackers in your network. Watch today’s video to hear how one pen-tester found more than he bargained for when researching Facebook’s network.

(Episode Runtime: 3:38)

Direct YouTube Link: https://www.youtube.com/watch?v=8WruUtxLHko


— Corey Nachreiner, CISSP (@SecAdept)

Facebook Hacked- WSWiR Episode 74

App Store Hole, LoL Breach, and Zuckerberg Hacked

I’m back with our regular infosec news video summary, where I highlight the biggest or most interesting security stories from the week and share a few tips along the way.

Today’s episode covers a handful of software updates, the breach of a popular multiplayer arena battle game, some drama around a new Facebook vulnerability, and new research describing how to bypass Apple’s App Store protections. Watch the video to learn more, and check out the reference section below for some other stories as well.

(Episode Runtime: 9:43)

Direct YouTube Link: http://www.youtube.com/watch?v=V0Qhxbx1y7g

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Android Bitcoin Wallets Broken – WSWiR in Words

Hacked Baby Monitors, Broken Bitcoins, and Apache Exploit Kits

By the time you see this on Friday, I’ll be hiking and camping in the Olympic National Forest. I’m taking a day off this week for an extended camping weekend. Unfortunately, that also means I did not have time to produce a full InfoSec summary video… but fear not.

In lieu of this week’s video, I’m leaving you with a written summary of the interesting security stories I would have covered this week. Check out the quick summaries below, and don’t forget to take a peek at the Extra Stories section for links to other interesting news:

  1. Exploit Kit Released for Apache Struts FrameworkStruts is an open source framework for creating Java web applications, created by the Apache Software Foundation. A month ago, Apache released a patch for Struts to fix a number of highly critical vulnerabilities. This week, researchers at Trend Micro discovered that Chinese attackers have created and are sharing an automated toolkit designed to make it very easy to exploit these Struts flaw. Ultimately, the toolkit give attackers enough control that they can inject a malicious backdoor onto vulnerable Struts servers. I you are a web administrator who uses Struts, and you haven’t upgraded yet, you should do so immediately.
  2. Miscreants Troll a Toddler Via a Hacked Baby Monitor – This week, a story came out about parents who heard some hoodlums yelling and cursing at their two year old daughter via a Foscam brand baby monitor, which had allegedly been hacked.

    This isn’t too surprising. Over the years, researchers have discovered and shared many vulnerabilities in IP-based webcams like these Foscam cameras. The Foscam cameras in particular have suffered from directory traversal and cross-site scripting vulnerabilities, both of which could help attackers gain unauthenticated access to the administrative credentials for the cameras. Researchers have even released tools like getmecamtool, which attackers could use to inject malicious firmwares onto these cameras, allowing them to do all sorts of mischief. Finally, tools like Shodan make it dead simple for attackers to find thousands of potential victims easily.

    The good news is Foscam has patched many of these flaws. The bad news is average consumers don’t realize they need to update firmware for hardware devices. If you use any sort of IP-based webcam, I recommend you update its firmware regularly. By the way, there was a semi-happy ending to this baby trolling story. The toddler in question is  deaf, so all the yelling in the world didn’t bother her in the least.

  3. Flaw in Android Bitcoin Wallets results in Bitcoin Pickpocketing – If you use an Android-based Bitcoin wallet, it’s time to move your Bitcoin. According to an advisory this week, Android Bitcoin wallets are unsafe.

    Let me explain. Bitcoin relies on public/private cryptography to protect its virtual currency and transactions. This means that devices that support Bitcoin have to regularly generate public and private keys. The algorithms used to create these keys rely on an element of randomness. If you don’t add enough randomness to the equation, your keys become weaker and easier to predict. Computing devices rely on Randon Number Generators (RNG) to try and create random elements. Unfortunately, creating, random numbers on computer is a fairly difficult problem, since they are very ordered and systematic systems. Usually, computers can only generate psuedorandom numbers.Anyway, it turns out that most Android Bitcoin wallets rely on a particular Java class to create the random numbers necessary to generate private keys. More to the point, this Java class is not good at randomness. This means the private key it generates are much easier to crack than they should be… and this isn’t a theoretical flaw either. Attacker have already exploited it to steal at least 55 Bitcoin, which are worth over $5000 US dollars.

    So what can you do? If you use an Android Bitcoin wallet, you should at least temporarily setup a wallet on another device (preferably a traditional computer) and transfer all your Bitcoin to that wallet. Over the next few weeks and months, Android Bitcoin apps should update to fix this problem. Once they do, you can transfer your Bitcoin back to your Android device. As an Aside, there have also been a number of stories this week about governments and banks starting to look into Bitcoin regulation, and closing Bitcoin accounts. If you’re a Bitcoin user, you may want to consider that governments may try to start and regulate the currency.

Direct YouTube Link: http://www.youtube.com/watch?v=KVxUHCdVM9c (Runtime: 00:30)

Extra Stories:

— Corey Nachreiner, CISSP (@SecAdept)

TorSploit – WSWiR Episode 73

BREACH, TorSploit, and Fort Disco

Sorry for the late posting, but your weekly taste of “what’s up” in the InfoSec world is here for your viewing pleasure. As always, I summarize some of this week’s biggest network and information security news, in case you didn’t have time to follow it yourself.

This week was packed with security stories, but I only had time to focus on four. The episode includes information on a botnet that brute forces CMS systems, an alleged flaw in Chrome’s password security, a serious new SSL encryption weakness, and suspicions that the FBI tried to backdoor Tor sites. Press play below for the full scoop, and check out the Reference section if you’d like to read about all the other stories I didn’t have time to talk about.

(Episode Runtime: 12:15)

Direct YouTube Link: https://www.youtube.com/watch?v=y4jVozwHdWc

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Blackhat 2013 – WSWiR Episode 72

Details on Femtocell hacking, Mactans, and SCADA Honeypots

This is the week of the Blackhat and Defcon security conferences; two of the biggest security research conferences of the year. So rather than quickly summarize InfoSec newslike I do most weeksI’ll share details about three of my favorite talks from this year’s Blackhat show (Defcon is going on now).

Two of my favorite presentations fill in details about stories from past episodes. Both the researchers that hacked a Verizon femtocell, and the ones that created a malicious iOS charger, shared the technical details around these attacks. Want to learn how it’s done? Watch below.

The third interesting talk centers around using honeypots to learn who are attacking our SCADA systems. While the attacker profile data shared in the presentation was interesting, I was more concerned with how the researcher profiled his attackers. Essentially, he hacked them back. His hack back technique was at best legally grey area, and at worst totally illegal. And this researcher’s actions were not the exception. I attended a few talks this year where researchers used hacking techniques to out their attacks. Perhaps the industry is adopting “strike back” after all.

In any case, if you’d like a quick glimpse of some of my favorite presentations from the show, be sure to click play below. I will also post some written summaries about the talks I attended in the next few days. Finally, though I didn’t have time to cover the regular Infosec news this week, be sure to check the Reference section for links to a few fairly important industry stories.

(Episode Runtime: 15:15)

Direct YouTube Link: https://www.youtube.com/watch?v=-xBHxQUVJnU

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Car Hacking Exposed – WSWiR Episode 71

Tor Botnets, SIM Hacking, and Pwned Prius

Blackhat and Defcon are only a few days away, so this week’s InfoSec news summary covers previews of some of the research experts plan on disclosing during next week’s security bonanza.

During this week’s episode, learn about the latest Tor-based botnets, hear how hackers can force malware through your phone’s SIM card, and see a couple researchers totally take over a Prius car with a laptop. Watch below, and check the Reference section for other interested security stories.

Show Notes: I had unexpected microphone cable problems during my recording, which I didn’t learn about until after my shoot. It caused some hum and clicks in this week’s video. I apologize for the bad audio, and will be sure to check it next week.

Also, I will be attending Blackhat next week. I still plan to post at least one video, but it may not appear at its regular time.

(Episode Runtime: 10:09)

Direct YouTube Link: https://www.youtube.com/watch?v=Pa3QsIS-TK8

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Rogue Femtocell Sniffs Cellular Data – WSWiR Episode 70

Google Glass Hijack, Steganography Backdoor, and Femtocell Hack

After a week missing-in-action due to vacation, I’m back with another news-packed InfoSec summary video for the week. If you’d like to quickly hear the highlights about the latest updates, breaches, and malware, give our weekly video a go.

In this week’s episode I cover some interesting new Mac malware, a Google Glass hijacking vulnerability, how to hide web backdoors in images, and a rogue femtocell. For all that and more, click play below; and don’t forget to check the Reference section for extras.

Have a great weekend, and stay safe online!

(Episode Runtime: 15:18)

Direct YouTube Link: https://www.youtube.com/watch?v=pjWEkd2htzQ

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Major Android Flaw Means More Trojans – WSWiR Episode 69

Snowden’s Hacker CV, Uplay Breach, and Serious Android Vulnerability

Last Thursday, US citizens celebrated our 4th of July, Independence Day holiday, which traditionally means that few workers came into the office on Friday. For that reason, I decided to hold onto last week’s InfoSec summary video until today. What better way to start the week than learning about the latest security news with a hot cup of joe.

In last week’s episode, I cover news of Snowden’s hacking credentials, the latest OS X update, a Ubisoft network breach, and a critical security vulnerability that affects 99% of Android users. For the details on those stories and more, watch our video below.

As an aside, I am taking a bit of time off at the end of the week, so I will either skip this Friday’s video, or post a short one on Monday.

(Episode Runtime: 7:21)

Direct YouTube Link: https://www.youtube.com/watch?v=DTjkmKKy-Gg

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 65 – NetTraveler

iOS Charger Hack, Mac Virus, and NetTraveler

After a week hiatus due to WatchGuard’s Worldwide Partner conference, I’m back with another video summary of this week’s biggest security news.

Join me this episode, where I highlight an upcoming Blackhat talk about an iOS charger vulnerability, warn of a proof-of-concept (PoC) OS X virus, and share news about a new APT threat that seems to be stealing important intellectual property. I even throw in the latest software updates as a bonus. For the latest InfoSec news, click the play button below.

(Episode Runtime: 10:28)

Direct YouTube Link: http://www.youtube.com/watch?v=MpesEWzRuyA

Episode References:


— Corey Nachreiner, CISSP (@SecAdept)

Radio Free Security: October 2012 Episode

The Dirty Little Secret of Security Breaches

Every week it seems like there is another major data breach… so what’s the deal? Are attackers getting more sophisticated; Is malware more sneaky; Or are people just not protecting themselves? That answer is probably simpler than you think. In this month’s episode, we uncover the secret of data breaches, share the latest top security news, and even highlight a new WatchGuard XTM appliances feature. If you’re passionate about security, you’ll feel right at home, so listen in.

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you. So grab a seat, relax, and enjoy the show.

October’s episode includes:

  • The Security Spotlight [4:08 – 44:18] – The Dirty Little Secret of Security Breaches. 2011 was the year of breaches, and attackers haven’t let up this year. With so many network and data breaches we have to ask ourselves, “what are we doing wrong?” During this month’s Security Spotlight segment, Ben Brobak and I propose a basic answer to that question, and more importantly, share six firewall policy best practices that will make your organization more resilient against network attacks. If you want to get the most out of your firewall or UTM appliance, this segment’s for you.
  • WatchGuard Wire [45:05 – 52:44] – Introducing RapidDeploy. Does your organization have remote offices or mobile users? Would you even call yourself a Distributed Enterprise? Or, are you a Managed Security Service Provider (MSSP) who handles hundreds of customer firewalls? If so, WatchGuard’s new RapidDeploy feature will save you money and make your life a whole lot easier. In this segment I interview Product Manager, Johnni Aguirre, about an upcoming XTM appliance capability that should excite anyone with remote devices.
  • Security Story of the Month (SSotM) [53:35 – 1:46:00] – During September’s SSotM segment, Richard Gilmour, Chris Shaiman, and Corey Nachreiner highlight the most concerning security stories and incidents from the month. Topics from the segment include accusations of cyber espionage, a new nation-state sponsored APT threat, and a couple old-school attacks that still can have serious ramifications. During the talk, we decide which issue will have the greatest affect on the industry, and what you can do about all of them. For a recap of October’s top security news, and some defense tips, listen in.

You can always find the latest episode of Radio Free Security at:

Or just listen to October’s episode using the player below [runtime: 1:49:05].

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: