The good people at Wired released a eye opening video about how hackers have figured out how to abuse a vulnerability in many modern automobiles that lets them take complete control remotely (kill the gas, turn on the radio, shut off the breaks, etc.). I posted about this concept last year HERE however back then, the hackers had to access the car. This time they are abusing a vulnerability in the UConnect system meaning they don’t need any device plugged in or physical modification to make this work.
They will be talking about this next month at the Blackhat Defcon events so for those that are going, make sure to check it out. Below is the post and video. The original wired post can be found HERE. I’m not buying a new car after watching this. I’m thinking maybe getting a classic instead …. with no wireless technology. Continue reading →
VPRO International created a interesting documentary on Zero Day exploits. There is a lot of Blackhat / Defcon footage for those waiting for this years conference T minus two weeks from now. The video can be found below. It is work the watch. Enjoy Continue reading →
CBSNews has a segment of 60s minutes covering how DARPA “the creator of the Internet” is fighting cyber crime (found HERE). They claim Dan Kaufman aka Darpa Dan and his team have built a application that can monitor the military’s network for compromised hosts. They continue to claim “any device that is breached will show up as red dots so you know EXACTLY whats going on”. Uhhhhh sure … is this malware / breach detection mixed with behavior analytics or is it just smoke and mirrors to look impressive on TV?
Next they say they can shut down or quarantine an infected system. Ok well at least that sounds reasonable since technology like NAC is around so just add a desktop management application and that is accomplished. I guess it sounds reasonable when DARPA Dan’s team gets a half of billion dollars a year to develop technology according to this report. With that budget, they better be able to accomplish something. Continue reading →
My buddy Aamir Lakhani from dcchaos.com put together a list of the best cyber security talks of 2014. The rankings and opinions are purely his own. Some of these were based on technical knowledge, others were entertaining, and lastly some of these are a shout out to my friends and colleagues. You can find the original post HERE.
Last year Aamir Lakhani and Joseph Muniz developed a fake identity known as Emily Williams with the purpose of compromising a specific target using social media. We created Emily Williams based on research from Robin Sage, which showcased how a fake identity could obtain sensitive information from social media resources. We wondered if a similar approach could be used for targeted attacks and developed Emily Williams for that purpose. More information on developing Emily Williams via Part 1 of this project can be found HERE. Continue reading →
Disclaimer: This post has been modified to exclude specific subjects not approved for public viewing
Emily Williams and Robin Sage
Emily Williams and Robin Sage don’t exist in the real world. They are fake social network accounts designed to obtain sensitive information. Robin Sage was created in late 2009 to obtain information from intelligence on US military personnel. Her story was presented at the Black Hat hacker conference upsetting many people by exposing the type of sensitive data provided over social networks. Joey Muniz and Aamir Lakhani decided to go one-step further and ask the hard question: “what else can happen outside of data being leaked over social networks”. We decided to find out using EmilyWilliams. Continue reading →
Today’s highlight – WIFI Pineapple Mark III Wireless Penetration Testing Tool.
There are many cool tools sold at conferences. One tool to check out is the WIFI Pineapple Mark III for around $100 dollars. Basically it’s a wireless honeypot using a man-in-the-middle attack to access data. The way it works is it listens for devices calling out for known wireless networks / SSIDs. The WIFI Pineapple will hear the request and clone the requested SSID so the device believes its connecting to a known trusted network. Continue reading →