Cyber Security Tool Kit (felt this was needed)

Security Testing Tools

 

 

Advertisements

Hackers Hijack Police Drone with 40$ worth of equipment… From 2KM away!!!

                   A researcher has demonstrated how easy it is to steal high-end drones, commonly deployed by government agencies and police forces, from 2 kilometres away with the help of less than $40 worth of hardware.
The attack was developed by IBM security researcher Nils Rodday, who recently presented his findings at Black Hat Asia 2016.

Hacking the $28,463 Drone with Less than $40 of Hardware

Rodday explained how security vulnerabilities in a drone’s radio connection could leverage an attacker (with some basic knowledge of radio communications) to hijack the US$28,463 quadcopters with less than $40 of hardware.
Rodday discovered (PPT) two security flaws in the tested drone that gave him the ability to hack the device in seconds.
First, the connection between drone’s controller module, known as telemetry box, and a user’s tablet uses extremely vulnerable ‘WEP‘ (Wired-Equivalent Privacy) encryption – a protocol long known to be ‘crackable in seconds.’

This flaw could be exploited by any attacker in Wi-Fi range of 100 meters to break into that connection and send a malicious command that disconnects the drone’s owner of the network.
Second, the onboard chips used for communication between that telemetry module and the drone uses even less-secured radio protocol.

Hijacking Drones from 2 Kms Away

Hacker Hijacks a Police Drone from 2 Km Away

The module and drone communicate using ‘Xbee‘ chip, created by the Minnesota-based chipmaker Digi International and is commonly used in unmanned aerial vehicles (UAVs) everywhere.

According to Rodday, Xbee chips do have built-in encryption capabilities, but for avoiding latency between the drone and the user’s commands, the chips doesn’t implement encryption.
This issue leaves the drones open to ‘Man-in-the-Middle’ (MitM) attacks, leveraging an attacker to intercept everything happening on the UAVs network connection and inject commands between the drone and the telemetry box from up to 2 kilometres away.
Furthermore, Rodday also warned that any sophisticated hacker with the ability to reverse engineer the drone’s software would be able to send navigational controls, block all commands from the real operator, or even crash it to the ground.
Rodday’s research proves that there are critical issues with what’s likely the most expensive drone yet, as well as one that is used for more serious purposes than high-altitude selfies, which needs to be considered seriously.
Credit Hacker News

ATM Skimmer Hacker – Escapes from Jail.

A Romanian card skimmer arrested for being part of an international cybercrime group that used malware to plunder US$217,000 from ATMs has escaped from a Bucharest prison on Sunday morning (6th March).
Renato Marius Tulli, 34, was being held at Police Precinct 19 in Bucharest, the capital of Romania, after being arrested together with 7 other suspects as part of a joint Europol, Eurojust, and DIICOT investigation on January 5, 2016.
Tulli was part of a criminal gang specialized in robbing NCR-based ATMs.
 used a piece of malware called Tyupkin, to conduct what’s known as Jackpotting attack and made Millions by infecting ATMs across Europe and beyond.
Using Tyupkin malware, the criminals were able to empty cash from infected ATMs by issuing commands through the ATM’s pin pad.
Authorities announced on Monday that Tulli escaped with Grosy Gostel, 38, a man held for robbery charges, while both of them and other prisoners were out in the precinct’s yard taking their daily outdoor break, local media report.
Though Police caught Gostel, ATM malware man Tulli remains on the run.
The ATM hacker and robber managed to cut a hole in the police precinct’s fence and then jumped an outer fence at the police station without being noticed by the two officers that were keeping watch.
The 2 Police officers that were on duty that day are now investigated on charges of negligence.
Tulli and his criminal gang raided ATMs between December 2014 and October 2015 in countries including Romania, Hungary, Spain, the Czech Republic, and Russia. Europol estimates the group caused damages to banks of around US$217,000 (€200,000).
Tyupkin malware the gang used has been upgraded in recent months. The malware is now dubbed as GreenDispenser and is being used to target ATMs across Mexico.

“Guccifer” Hacker arrested… Extradition to US

‘Guccifer,’ who Hacked former President, to be extradited to the US

 

hacker-guccifer
Upon the request of US authorities, Marcel Lazar Lehel, well known as Guccifer, has finally been approved to extradite to the United States to face Computer Intrusion and Identity Theft Charges for 18 months.

Guccifer is an infamous Romanian hacker who was arrested in Romania for hacking into the emails and social networking accounts of numerous high profile the US and Romanian Politicians.

A Court has approved a request by US authorities to extradite Guccifer to the United States, a source within Romania’s DIICOT anti-organized crime and terrorism unit told Reuters.
Guccifer’s well known political targets included:

  • Bill Clinton (Former President)
  • Hillary Clinton (U.S Presidential Candidate)
  • George W. Bush (Former U.S. President)
  • Colin Powell (former U.S. Secretary)
  • George Maior (chief of the Romanian Intelligence Service)
  • John Tenet (State Director of Central Intelligence for the United States CIA)
  • Richard Armitage (Republican politician)
  • Lisa Murkowski (U.S. Senator and former Secret Service Agent) and many more.

Guccifer rose into the popularity in 2013 after hacking into the email account of George W. Bush and leaking Bush’s personal photographs and artwork, including two self-portraits: one in the shower and one in the bathtub.

The same hacker was responsible to crack into the AOL Account of Bush’s Sister, Dorothy Bush Koch and targeted a number of high-profile celebrities, including Nicole Kidman, ComedianSteve Martin, Actor Leonardo DiCaprio, Actress Mariel Hemingway, ‘Sex and the City’ authorCandace Bushnell, Biographer Kitty Kelley, released some of Hillary Clinton’s private emails and many more.

The 42-year-old hacker had also claimed that Bush was a member of Ku Klux Klan – a White Supremacist Racist group by the Anti-Defamation League and the Southern Poverty Law Center, allegedly having total 5,000 to 8,000 members.

This intensified leakage had caused many repercussions on many topics like the romantic relationships between Colin Powell and Corina Cretu (Romanian Politician), even though both denied the statement.

If you want to explore more about the Guccifer Leaks, you may visit the site named ‘The Smoking Gun‘ to which he published the leaked contents (don’t expect a Wikileaks model).

Guccifer was serving as a Taxi Driver when Romania’s DIICOT anti-organized crime and terrorism unit arrested him. He kickstarted his career as a Hacker at the age of 35.

According to his wife, Guccifer did most of his hacking from the quiet Sâmbăteni, which is located in the Draculan Village Transylvania.

Guccifer was sentenced for intrusion charges to popular profiles by the Romanian court to four years in jail in 2014 “with the aim of getting … confidential data” and is serving another three-year term for other offences.

Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings

Myth: By disabling all privacy compromising and telemetry features on Windows 10 will stop Microsoft to track your activities.
Fact: Even after all telemetry features disabled, Windows 10 is phoning home more than you could ever think of.
Ever since the launch of Microsoft’s newest operating system, Windows 10 is believed to be spying on its users. I wrote a number of articles to raise concern about Windows 10 privacy issues, including its controversial data mining features and privacy invasion features.
The only solution believed to cope up with these issues is to disable all the telemetry features or use an automated tool to disable all privacy-infringing features in just one click.
But unfortunately, all these efforts got wasted because Microsoft still tracks you, even after you tighten your Windows 10 privacy to an extreme level, claims the recent analysis conducted by a Voat user CheesusCrust.

Traffic Analysis Reveals Extent of Windows 10 Spying

Curious to know the extent of Windows 10 spying, CheesusCrust set up his Linux laptop with a Windows 10 Enterprise virtual machine as well as a DD-WRT router that was being utilized to monitor traffic.
CheesusCrust also disabled every single tracking and telemetry features in the operating system. He then left the machine running Windows 10 overnight in an effort to monitor the connections the OS is attempting to make.

The results are not so surprising:

Eight hours later, he found that the idle Windows 10 box had tried over 5,500 connections to 93 different IP addresses, out of which almost 4,000 were made to 51 different IP addresses belonging to Microsoft.
After leaving the machine for 30 hours, Windows 10 expanded that connection to 113 non-private IP addresses, potentially allowing hackers to intercept this data.
DisableWinTracking
Taking his test to a step further, CheesusCrust again installed Windows 10 Enterprise virtual machine on his laptop, disabled all tracking features and enabled a third-party tool known as DisableWinTracking
After this, the number was reduced to 2758 connections to 30 different IP addresses in the period of 30 hours.
The interesting fact here is: This analysis was conducted on Windows 10 Enterprise Edition that comes with the most granular level of user control, far more than the standard Windows 10 Home Edition used by a sizable audience.

The Greatest Cost to Owning ‘Free’ Windows 10

However, based on these logs, it would be inaccurate to say that Windows 10 is sending your personal data to Microsoft’s servers. But, thousands of connection attempts in the period of 8 hours just to check for updates or adjust the time, sounds more complicated than thought.
A September 2015 blog from Terry Myerson, head of the Windows team, explained that while Windows 10 does send some of your data to the company, everything is encrypted and doesn’t include any of your personal details.
Here’s what Microsoft says about the Windows 10 Spying concerns:

“We collect a limited amount of information to help us provide a secure and reliable experience. This includes data like an anonymous device ID, device type, and application crash data which Microsoft and our developer partners use to continuously improve application reliability. This doesn’t include any of your content or files, and we take several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID.”

While this research doesn’t provide what details Windows 10 is sending to the company even after disabling the telemetry features, you have to keep this in mind that Nothing comes for FREE. “Free” is just a relative term. May be you are paying the greatest cost to owning Windows 10.

ENCRYPT Act of 2016 — Proposed Bill Restricts States to Ban Encryption

The last year’s ISIS-linked terror attacks in Paris and California has sparked debate on Encryption, and the intelligent agencies started reviving their efforts to weaken encryption on various encrypted products and services.
But, there is some Good News!
California Congressman and Texas Republican are now challenging state-level proposals to restrict US citizens’ ability to encrypt their smartphones.
On Wednesday, California Congressman Ted Lieu, one of four members of Congress, and Texas Republican Blake Farenthold, a member of the House Oversight and House Judiciary committees, introduced a new bill in Congress that…
…attempts to ban states efforts to implement their own anti-encryption policies at a state level while a national debate on Encryption is ongoing.
The bill, called “Ensuring National Constitutional Rights for Your Private Telecommunications Act of 2016” – in short, “ENCRYPT Act of 2016” – would stop states from individually trying to make major companies change their technology to fulfil law enforcement requirements.
The bill comes almost a month after two state bills in California and New York proposed to ban the sale of smartphones equipped with strong cryptography that cannot be unlocked and accessed by the manufacturer.

ENCRYPT ACT of 2016

Here’s what the “ENCRYPT Act of 2016” reads [PDF]:
A State or political subdivision of a State may not order or request that a manufacturer, seller, developer, or provider of covered products or services:
  1. Design, alter or modify the security features in its product or service in an effort to allow the surveillance of its users, or to allow the physical search of such product or service by any federal agency or instrumentality of a State, a political subdivision of a State, or, of course, the United States.
  2. Have the ability to decrypt or otherwise provide intelligible information that is encrypted or otherwise rendered unintelligible using its product or service.
Although the privacy advocates have largely applauded the new bill, it would need to pass both the House of Representatives as well as the Senate, and signed by the President in order to take effect.
However, many federal officers, including FBI Director James Comey, would not be so happy with the proposed bill, as they forced major companies to provide backdoor access to their services.

As Comey previously stressed, “There’re plenty of companies today that [offer] secure services to their customers and still comply with court orders. There are plenty of folks who make good phones [and can] unlock them in response to a court order.”

But in my opinion, no backdoors can help law enforcement, and intelligence agencies tackle terrorism.

Would Handing Over a Backdoor to the Federal Agencies Help?

As I previously said, “Technically, there is no such backdoor that only the government can access. If surveillance tools can exploit the vulnerability by design, then an attacker who gained access to it would enjoy the same privilege.”
Even if these backdoors are not creating vulnerabilities for hackers to attack, we do not trust the government asking for backdoor encryption keys.
Recently Department of Justice or DoJ got hacked by an unknown hacker who leaked personal data belonging to roughly 20,000 FBI agents and 9,000 DHS employees on Monday.
A similar thing happened last year when the US Office of Personnel Management (OPM) got hacked multiple times, exposing extremely sensitive security records of over 21.5 Million government employees.
These incidents prove that the government agencies fail to protect its most sensitive data, so can’t be trusted to keep these backdoor encryption keys safe from hackers.

Tis the season – Knowledge and News – How we roll

storecardcomplete

 

In other news..  Kim DotCom will be on US soil after losing his extradition fight..292040_10150997003461986_948013383_n

 

Internet millionaire and Megaupload founder Kim Dotcom and his three associates are eligible for extradition to the US to face criminal charges over massive copyright infringement on Megaupload (now-shuttered), the court has ruled citing “overwhelming” evidence.
On Tuesday afternoon, New Zealand District Court Judge Nevin Dawson told the court that the United States had presented enough evidence against Dotcom and his co-defendants and that they should be surrendered to the US.
US prosecutors want Dotcom, and colleagues Mathias Ortmann, Bram van der Kolk and Finn Batato to stand trial on charges of copyright infringement, racketeering, and money laundering. 
 

“No matter what happens in Court tomorrow, I’ll be fine. Don’t worry. Enjoy your Christmas & know that I’m grateful to have you, my friends,” Dotcom tweeted before the court hearing.

The court ruling comes almost three years after the New Zealand police raided Dotcom’s Auckland mansion at the request of the FBI and in the same year the US government launched extradition proceedings.

Video of High-Profile Armed Raid at Kim Dotcom’s House

It was a high-profile armed raid (you can watch the raid video below), but it has taken almost four years for the courts to reach a decision on whether to send Dotcom to America.
Officials say Dotcom’s file-sharing service Megaupload served copyright contents, including music, movies, electronic books, television programs, as well as business and entertainment software on ‘a massive scale.’ (Ground breaking!! )
The US government estimates the harm to film studios and record companies was more than $500 Million (£322 Million). (Bullsh!t!)
However, Dotcom and three defendants now have 15 days to appeal the court ruling.
Justice was not served today,” Dotcom’s California-based lawyer Ira Rothken tweeted, confirming their plans to appeal the US extradition request in the High Court.

“The @KimDotcom team looks forward to having the US request for extradition reviewed in the High Court. We have no other comments at this time,” Rothken said.

However, the defendants are allowed to remain out on bail in the meantime. Although the judge insisted that all the defendants should be ordered to report to probation every day. (EVERY SINGLE DAY! WOW)
Hope your holidays are a bit more inspiring and enjoyable!