Saturday, September 1, 2012

Suspected LulzSec member arrested by FBI for Sony Pictures hack.

A man suspected of hacking into computer systems belonging to Sony Pictures, and stealing the personal information and passwords of thousands of innocent internet users, has been arrested by the FBI.
20-year-old Raynaldo Rivera, of Tempe, Arizona, is said to have been involved in the Sony hack last year that exposed online the names, birth dates, addresses, emails, phone numbers and passwords of people who had entered Sony contests.

Sunday, January 8, 2012

Symantec's Norton AntiVirus source code exposed by hackers.


Symantec, the makers of Norton AntiVirus, has confirmed that a hacking group has gained access to some of the security product's source code.
An Indian hacking group, calling itself the Lords of Dharmaraja, has threatened to publicly disclose the source code on the internet.
So far, there have been two claims related to Symantec's source code.
First, a document claiming to be confidential information related to Norton AntiVirus's source code was posted on Pastebin. Symantec says it has investigated the claim, and that - rather than source code - it was documentation dated from April 1999 related to an API (application programming interface) used by the product.
And secondly, the hacking group shared source code related to what appears to have been the 2006 version of Symantec's Norton AntiVirus product with journalists from Infosec Island.
A hacker called "Yama Tough", who appears to be acting as a spokesperson for the gang, posted the content to PasteBin.
The content on PasteBin has since been removed, and Yama Tough's Google+ posts deleted. The hackers claim that it is working on creating mirror sites for its content, as it has felt pressured and censored by US and Indian government agencies.
It's important to underline that there is presently no reason to believe that Symantec's own servers have been breached.
Instead, it appears that the data leak may have occurred on Indian government servers - and the implication is that Symantec, and perhaps other software companies, may have been required to supply their source code to the Indian authorities.
Furthermore, it is not clear if the source code which was accessed is relevant to up-to-date installations of Symantec's anti-virus products and thus customers may not be at risk.
Even if it was up-to-date source code, it may be of limited use to hackers and be used more as a "trophy scalp" for a hacking group intending to generate publicity for its grievances with the Indian authorities.
It's hard not to feel sympathy for Symantec - who appear to have been caught in the crossfire between a hacking gang and the Indian authorities.
Although Symantec customers may not be at risk, it's easy to see how the software company will feel bruised by the publicity that the Lords of Dharmaraja have generated through their hack.



Thursday, January 5, 2012

Who Was the First Hacker?

New Scientist has recently revealed the name of the world's first hacker, who managed to discover a security hole in Marconi's wireless telegraph and managed to show the inventor up.
It turned out that a stage magician named Nevil Maskelyn wrecked a public demo of Marconi's wireless telegraph over a century ago, in 1903, – he sent insults in Morse code down the wire. The crowd was really amused when the physicist John Ambrose Fleming has been adjusting arcane apparatus while preparing to show the long-range wireless communication system created by his boss, the Italian radio pioneer Guglielmo Marconi, who was several hundreds miles away trying to send the message.

However, before the show could start, the apparatus in the lecture theater started to tap out a message – it appeared to be a poem accusing Marconi of "diddling the public". Fleming's assistant found out that beaming powerful wireless pulses into the theater were strong enough to be able to interfere with the electric arc discharge lamp of the projector. The apparatus began spelling "Rats" repeatedly and after this ripped into the poem.

That’s how Maskelyn proved that Marconi's item was insecure, and the others could easily eavesdrop on private messages as well. Meanwhile, Fleming fired off a missive to the Times, calling the hack “scientific hooliganism” and asking the readers to help him find the hacker. Nevertheless, Maskelyn, whose family earned money by making "spend-a-penny" locks in pay toilets, outed himself 4 days later. He tried to justify his actions by the security holes it discovered for the public good. He used Morse code in his mind-reading tricks and managed to send wireless messages between a ground station and a balloon located 10 miles away. Nevertherless, Maskelyn was stuffed up by the fact that Marconi had patents on his technology but failed to develop it.

It later appeared that he was hired as a spy for the Eastern Telegraph Company that was worried that Marconi could stuff up its business.

The first hacker built a 50-metre radio mast somewhere on the cliffs in order to find out if he could eavesdrop on messages beamed by Marconi Company to vessels. As a result, Maskelyn pointed out that Marconi’s security was a doddle to hack. Although Maskelyne's name had been forgotten, he is now again in the history books as the world's first hacker.

How to Combine Rescue Disks to Create the Ultimate Windows Repair Disk.

To create the rescue disk, you’re going to want a USB flash drive with a decent amount of space—for our purposes, 2 GB is the minimum size, but you’d be better off with something a little bigger if you want to put a lot of repair disks on it, especially the larger ones.


Once you’ve picked out your drive, the first thing you’ll need to do? Format your drive as FAT32. That’s right, the software we’re going to use requires the FAT32 file system, so right-click on the drive and select Format from the menu.


Choose FAT32 from the drop-down menu under File system, and then click Format.


To create the custom drive, we’ll use a small piece of software called SARDU, which combines a bunch of functionality into a single package—you can use it to download the ISO images, write everything to the USB drive, or create an ISO image that you could burn to an optical disc—though obviously you’re space-limited in that case.

Once you download and extract SARDU, you can simply start clicking on any of the buttons to trigger a download of that rescue disk.
There’s a whole bunch of utilities included, including really useful ones like Gparted and the System Rescue CD, Ophcrack, and others.
And you can use it to directly download Ubuntu as well.
Or you can download the ISO images separately and put them into the ISO folder (you’ll have to restart the application once you’re done).

All done? click the Make a USB button over on the right-hand side…
And everything will be created and copied to the drive.

Just plug the disk into an available port, and choose the option to boot from USB—you may have to take a trip into the BIOS settings to enable booting from removable drives, or you might have to hit a key during bootup to display the boot options menu, where you can choose the device to boot from.

Once you do successfully boot from the flash drive, you’ll see a menu like this:
Select any of the categories, and you’ll see all the rescue disks or other disks that you’ve put on your drive:

Just like that, you’re booting your rescue disk.
Enjoy your awesome rescue disk.

Sunday, January 1, 2012

Facebook hands out White Hat debit cards to hackers.

This is the Visa debit card Facebook is giving to some security researchers for reporting bugs.
A few companies pay money to bug hunters. But Facebook is giving out something more unique than just a check. Some security researchers are getting a customized "White Hat Bug Bounty Program" Visa debit card.
The researchers, who can make thousands of dollars for reporting just one security hole on the social-networking site, can use the card to make purchases, just like a credit card, or create a PIN and take money out of an ATM. As the researchers find more bugs, Facebook can add more money to the account.

Facebook wanted to do something special for the people who are helping the company shore up its software and keep hackers and malware out.
"Researchers who find bugs and security improvements are rare, and we value them and have to find ways to reward them," Ryan McGeehan, manager of Facebook's security response team, told CNET in a recent interview. "Having this exclusive black card is another way to recognize them. They can show up at a conference and show this card and say 'I did special work for Facebook.'"

Besides holding cash value, the White Hat card may proffer other advantages. "We might make it a pass to get into a party," for instance, McGeehan said. "We're trying to be creative."
Facebook launched its bug bounty program in July, following in the steps of Mozilla and Google. The minimum a researcher can make for reporting a bug that is eventually confirmed is $500, and there is no maximum. Researchers have to follow Facebook's Responsible Disclosure Policy and not go public with the vulnerability information until the hole has been fixed.


The most Facebook has paid out for one bug report is $5,000, and it has done that several times, according to McGeehan. Payments have been made to 81 researchers, he said.
Recently, "someone came to us with a bounty-worthy ticket and they said they didn't want the bounty," he said. Instead, the researcher wanted the money--$2,500--to go to a charity and for Facebook to match it. Facebook agreed, McGeehan said.

Brian Krebs, who first wrote about the White Hat Visa, reports that recipients have included Szymon Gruszecki of Poland and Neal Poole, a junior at Brown University who will be an intern at Facebook next summer. 

And Charlie Miller, a researcher at Accuvant better known for finding holes in iOS 5 and Safari than Facebook, also has received a White Hat card. "Facebook whitehat card not as prestigious as the SVC card, but very cool ;) Fun way to implement no more free bugs," he tweeted.
Facebook has plans to leverage the knowledge and skills of the researchers beyond just providing the bug 
 bounty incentive.

"Whenever possible we're going to try to load-in White Hat researchers into products early--as soon as (they are) in production," McGeehan said. Thus Facebook "will get an early warning on anything they find."

Saturday, December 31, 2011

Anonymous targets military-gear site in latest holiday hack.

On Christmas Day the target was security think tank Strategic Forecasting, or Stratfor. This time it was SpecialForces.com, a Web site that sells military gear. 

Specialforces.com
"Continuing the week long celebration of wreaking utter havoc on global financial systems, militaries, and governments, we are announcing our next target: the online piggie supply store SpecialForces.com," the group wrote in a Pastebin posting today. 

The hackers said they breached the SpecialForces.com site months ago, but only just got around to posting the customer data. Even though the site's data was encrypted, they claim to have 14,000 passwords and details for 8,000 credit cards belonging to Special Forces Gear customers. 

Special Forces Gear founder Dave Thomas confirmed that his company's Web servers were compromised by Anonymous in late August, resulting in a security breach that allowed the hackers to obtain customer usernames, passwords, and possibly encrypted credit card information in some cases. "We have no evidence of any further security breaches, and we believe that the recent Stratfor incident is being used to bring this old news back into the spotlight," he noted.


Thomas added that the compromised passwords were from a backup of a previous version of the Web site that is more than a year old. "Most of the credit card numbers are expired, and we don't have evidence of any credit card misuse at this time," he wrote. "The current Web site does not store customer passwords or credit card information."

After the security breach, "we completely rebuilt our Web site and hired third-party consultants to help us shore up Web site security," he said, adding that the vast majority of the sites' sales are custom t-shirts and related gifts, and that the company donates a portion of its profits to charity.


Identity Finder, a New York-based data loss and identity theft prevention service, determined that files posted to date by Anonymous and its AntiSec offshoot related to this breach include 7,277 unique credit card numbers; 68,830 e-mail addresses (of which 40,854 are unique); and 36,368 plain-text usernames and passwords, some of which might be duplicates.
In the statement issued today, the hackers also took another shot at Stratfor for its alleged confusion over whether its data had been encrypted or not.

How Mark Zuckerberg Hacked Into Rival ConnectU In 2004.

ConnectU Founder's
This is the story of how, in the summer of 2004, Mark Zuckerberg hacked into a Facebook rival called ConnectU, whose founders had accused him of stealing their idea to build Facebook.  The details of this story were developed from a broader investigation of the origins of Facebook.  The investigation included interviews with more than a dozen sources over two years, as well as what we believe to be relevant IMs and emails from the period.

During the summer of 2004, Mark Zuckerberg's new social network theFacebook.com was already wildly popular.

After Mark launched it in February, the site dominated the conversation at Harvard all spring.  It reached 250,000 users by the end of August and a million users that fall.

TheFacebook.com was so popular that one thing Mark probably never needed to worry about was competition from the other social network launched at Harvard in 2004, ConnectU, whose founders had accused him of stealing their idea.

ConnectU's founders -- Cameron Winklevoss, Tyler Winklevoss, and Divya Narendra -- had launched the site that spring at 15 schools. But it never gained anywhere close to the critical mass of user adoption that Facebook did. Today, 400 million people visit Facebook each month while ConnectU exists only in the Internet archives.

Nevertheless, during 2004, Mark Zuckerberg still appeared to be obsessed with ConnectU. Specifically, he appears to have hacked into ConnectU's site and made changes to multiple user profiles, including Cameron Winklevoss's.

At one point, Mark appears to have exploited a flaw in ConnectU's account verification process to create a fake Cameron Winklevoss account with a fake Harvard.edu email address.

In this new, fake profile, he listed Cameron's height as 7'4", his hair color as "Ayran Blond," and his eye color as "Sky Blue." He listed Cameron's "language" as "WASP-y."

Next, Mark appears to have logged into the accounts of some ConnectU users and changed their privacy settings to invisible.  The idea here was apparently to make it harder for people to find friends on ConnectU, thus reducing its utility.   Eventually, Mark appears to have gone a step further, deactivating about 20 ConnectU accounts entirely.

Mark appeared to be worried about the risk of his actions, but reasoned that ConnectU's developers wouldn't notice a succession of account deactivations coming from the same IP address. He took comfort that Apache logs didn't reveal that type of activity either. Mark also figured that if ConnectU developers did notice anything, their most natural conclusion would be to think that someone had emailed people convincing them to deactivate their accounts.

It is not clear how Mark accessed these accounts. (In an earlier hack of the email accounts of two Harvard Crimson editors, he used login information stored in Facebook's servers.)  It does appear that he retained access to ConnectU's servers for quite some time.

Hacker who bypassed Facebook security pleads guilty.

A British student has pleaded guilty to charges that he breached security at Facebook earlier his year, despite arguing that his intentions were not malicious.


York computer science student Glenn Steven Mangham, 26, attempted to bypass security on the company's internal systems, raising alarm amongst the FBI that industrial espionage was occurring, according to media reports.

Mangham, who had previously been rewarded by Yahoo for finding vulnerabilities in its systems, discovered that Facebook was far from amused by his activities.

The social networking giant discovered evidence that pointed back to Mangham and he was arrested by the Metropolitan Police Central e-Crime Unit (PCeU) in June.

Specifically, Mangham was accused of using a computer program to secure unauthorized access to Facebook, of attempting to hack into Facebook's Mailman server (used to run internal and external email lists), and attempting to secure access to the Facebook Phabricator server used by internal developers.

Southwark Crown Court was told Mangham produced software scripts that could hack into Facebook's Phabricator server to download "highly sensitive intellectual property".

In addition, the student was said to have breached a webserver used by Facebook to set software development puzzles to programmers who might be interested in working for the company.
Mangham's defence team has argued that he was an "ethical" or "white-hat" hacker, whose intentions - rather than being malicious - were to uncover security vulnerabilities at Facebook with the intention of getting them fixed.


Facebook users will be relieved to hear that the social network told BBC News that the attack "did not involve an attempt to compromise or access user data."