Sectivenet.com posted about Hornet, a high speed alternative to TOR. The original post can be found HERE. Should be interesting to see how well this works since TOR is known to be limited with throughput speeds.
For many years until now,Tor has been the favorite option to maintain anonymity on the Internet. Tor was initially developed by the US Naval Research Lab and works based on ‘onion routing’ principles. Even though it handles over 2 Million user on its network daily comprising mostly journalists, activists, law enforcement and hackers etc ,Tor has its faults. It is often slow and frustrating because its performance is based on the number of systems that make up the network. HORNET aims to resolve this issue. Continue reading →
Wired.com posted about how two hackers found a way to plant a trojan on Tesla cars. The original post can be found HERE. There has been a ton of press on car hacking. Maybe its time to buy a classic verses something new.
TESLA CARS HAVE one security advantage that a lot of other cars don’t: the electric vehicles are impervious to hot-wiring, so a thief can’t just break into your $100,000 vehicle, pop open the steering column, futz with some cables and drive off. But if he has a computer with him, he could “hot-wire” it another way. Continue reading →
My buddy Aamir Lakahi from drchaos.com wrote a cool post on how to hide malware inside Adobe PDF files. The original post can be found HERE.
Distributing malware inside Adobe PDF documents is a popular method for attackers to compromise systems. Within the latest versions of Reader, Adobe has added multiple updates to address vulnerabilities. Additionally, Adobe has added a robust software sandbox capability to Reader, which activates if attackers use PDF vulnerabilities to attempt exploit of a system. Due to this sandbox addition, attackers are left with extremely limited and temporary access, restricting what can be accomplished. Continue reading →
Wow another automobile attack! This time the hacker can abuse anybody using the OnStar RemoteLink mobile app. In summary, don’t use the OnStar RemoteLink app until a patch is available or you may find one day that somebody has been joy riding in your car.
Samy Kamkar posted about this vulnerability on Computerworld including a video demonstrating his tool built to abuse this vulnerability in the app. The original post and video can be found HERE. He will be talking more about this next week at the Blackhat/DEFCON conferences. Continue reading →
Cisco Systems just released the 2015 Midyear Security Report found HERE. This report provides an overview of major threats observed in the first half of 2015. There are also parts that look at future trends and offers for small, midsize and enterprise organizations. Topics on the latest threats include exploit kits, Microsoft office exploits, malware research, java exploits and so on. Its free to download. Check it out.
Npr.org posted about the mother of all Android vulnerabilities. The original post can be found HERE.
Android is the most popular mobile operating system on Earth: About 80 percent of smartphones run on it. And, according to mobile security experts at the firm Zimperium, there’s a gaping hole in the software — one that would let hackers break into someone’s phone and take over, just by knowing the phone’s number. Continue reading →
The good people at Wired released a eye opening video about how hackers have figured out how to abuse a vulnerability in many modern automobiles that lets them take complete control remotely (kill the gas, turn on the radio, shut off the breaks, etc.). I posted about this concept last year HERE however back then, the hackers had to access the car. This time they are abusing a vulnerability in the UConnect system meaning they don’t need any device plugged in or physical modification to make this work.
They will be talking about this next month at the Blackhat Defcon events so for those that are going, make sure to check it out. Below is the post and video. The original wired post can be found HERE. I’m not buying a new car after watching this. I’m thinking maybe getting a classic instead …. with no wireless technology. Continue reading →