Monday, 2 November 2015

It’s a Vulnerable World: October 2015

October’s insecurities bring more tricks than treats, leaving the entities that sustain modern society—Wi-Fi routers, the cloud, nuclear facilities, telecom companies and even clocks—open to attack.
Journalists: Not one, but two tools advertised to protect journalists’ communications were found to be not-so-secure this month: TrueCrypt, a disk encryption software program, has taken responsibility for its recently discovered threat to Windows computers’ security and included a disclaimer on its homepage: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”; conversely, Reporta’s website boasts its technology was designed “to empower journalists working in potentially dangerous conditions to quickly implement their security protocols with the touch of a button,” yet in response to numerous concerns from security experts, Executive Director Elisa Lees Munoz acknowledged the technology is still a “work in progress.”

Wi-Fi routers: Linux.Wifatch has brought a whole new meaning to malware. Wifatch has illegally infected more than 10,000 unprotected routers, but with the purported intention of making them more secure. Nonetheless, when Symantec asked the anonymous hacker whether s/he could be trusted, the response was: “Of course not, you should secure your device.” Routers have been infected worldwide, in countries including China, Brazil, Mexico and India.

AWS, Amazon Web Services, cloud computing, cross-VM RSA Key Recovery, Worcester Polytechnic Institute
Cloud computing proves yet again to be insecure. [Source: FutUndBeidl]
The cloud: “Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud,” a study published by the Worcester Polytechnic Institute, demonstrated how a hacker could steal encryption keys in Amazon Web Services’ cloud. Amazon argued that the flaw, since fixed, did not represent a real-world vulnerability. Security scientist Yehuda Lindell countered: “Although a difficult attack to carry out, this further highlights the fact that secret keys are vulnerable, wherever they may be. They are even more vulnerable in cloud and virtualized environments where you have less direct control.”
Nuclear power stations: A recent Chatham House report found that nuclear facilities are at an elevated risk for cyberattacks, as standard security precautions—such as air gapping, training for personnel, and proactive cybersecurity policies—are largely lacking.

Wireless printers: Singapore researchers successfully hacked a wireless printer with only a drone and a mobile phone, proving that even the most hard-to-reach offices are none too secure. Let this be your reminder to check your printer’s security settings.

Siri and Google Now: For those who tend to keep microphone-enabled headphones plugged into their phones, know that French researchers can convert the headphone cord into an antenna and then use Siri or Google Now to “make calls and send texts, dial the hacker’s number to turn the phone into an eavesdropping device, send the phone’s browser to a malware site, or send spam and phishing messages via email, Facebook, or Twitter.” A word to the wise: disable Siri or Google Now from your lock screen now.

Telecom companies: TalkTalk is determined to prove why companies should not store their users’ data: the U.K. telecommunications and Internet provider has suffered its third hack in the past year. This time, the unencrypted names, email addresses and phone numbers of 1.2 million users were stolen, along with dates of birth and obscured credit and debit card details.

Back to the Future, Part II, data manipulation, Network Time Protocol
Data manipulation comes to computer clocks. [Source: Back to the Future, Part II]
Clocks: Keeping with a growing trend of manipulating data rather than simply stealing it, Boston University security researchers have shown it is possible for hackers to attack the Network Time Protocol (NTP) of a computer system in order to change the system’s time and also to prevent the synchronization of clocks via a denial of service attack. Back to the future, indeed.  

As always, let us know if there are any vulnerabilities we missed in the comments below.

Curious about additional security vulnerabilities? Read on!

SumRando Cybersecurity is a South Africa-based VPN, Web Proxy and Secure Messenger provider. Surf secure and stay Rando!

No comments:

Post a Comment