Spoofing

Barnaby_Jack_Jackpotting

Famed Hacker Barnaby Jack Died Of Accidental Overdose

Barnaby Jack, the world-renowned hacker who was found dead in his San Francisco apartment in July died of an accidental overdose of cocaine, heroin and prescription drugs, according to a report released by the San Francisco Medical Examiner’s office.  The news was first reported by the website theverge.com. Jack, a 36-year-old New Zealand resident was found unresponsive in bed, surrounded by bottles of pills, empty bottles of beer and champagne and evidence of “illicit drug use,” the Medical Examiner’s report states. Jack had traces of cocaine, heroin, Xanax, and Benadryl in his system at the time of death. Jack was one of the most gifted security researchers of his generation. The head of embedded device security at the firm IOActive, Jack electrified audiences with his demonstrations of vulnerabilities in devices such as ATMs and implantable insulin pumps. In a now-famous “Jackpotting” demonstration, he demonstrated a remotely exploitable hole affecting bank automated teller machines […]

Continue Reading

NSA Toolbox Included Hacks For Juniper, Cisco, Dell

The German magazine Der Spiegel made headlines this week with its story detailing the US National Security Agency’s (NSAs) offensive hacking capabilities. The story is based on classified NSA documents absconded with by former contractor Edward Snowden and lays bare a Webster’s Dictionary full of classified hacking tools and programs.   Among the highlights of the story: + The NSA developed and deployed a wide range of hacking tools that could compromise hardware from leading IT and networking equipment makers including Cisco Systems, Juniper Networks and the Chinese vendor Huawei and Dell Inc.   + The NSA tools were designed to provide persistent access that allowed the NSA to monitor activity on the compromised endpoint, avoid detection by third party security software and survive software and firmware updates. One such tool, DEITYBOUNCE, provided persistent access to Dell’s PowerEdge servers by “exploiting the system BIOS” and using “System Management Mode to […]

Continue Reading
Smart Meters

Verizon: New Cloud Encryption Service Will Secure IoT Devices

Identity is one of the biggest challenges facing companies that are deploying products for the “Internet of Things,” as well as traditional enterprises that find IoT technologies of all types knocking at the door. The question, in short, is “how do I know that this device is legitimate, and ties back to an identity that I trust with access to my network resources and data? Of course, identity management has always been an aching problem in the enterprise space. The problem with the IoT is scale – given the sheer size of the IoT (30 billion connected devices by 2020), you can add a few “zeros” onto the number of devices that could, potentially, be seeking access to your network at any time. [Related read: Identity Management’s Next Frontier: The Interstate] It makes sense that, in a distributed environment like that, the cloud may be the best place to address […]

Continue Reading

iPhone TouchID Falls To Well-Known Hack

Apple’s Touch ID may be the new thing when it comes to signing on to your iPhone. But the underlying finger print scanning technology proved vulnerable to a very old-school attack, according to information posted by the German hacking crew The Chaos Computer Club (CCC). The group announced late Saturday that it was able to successfully bypass TouchID with a fake fingerprint, lifted from a glass surface. “This demonstrates – again – that fingerprint biometrics is unsuitable as access control method (sp) and should be avoided,” the group wrote in blog post announcing the compromise. Apple’s Touch ID biometric sign-on was the major new feature in the just-released iPhone 5S (the feature is not offered for the lower-cost 5C, which was also just announced.) The feature makes use of technology Apple acquired in July 2012 with the firm AuthenTec, and its addition to the iPhone line was no surprise. But […]

Continue Reading

What Is The NSA’s Big Crypto Breakthrough?

The revelations about US government spying keep coming fast and furious, thanks to Edward Snowden, the former Booz Allen Hamilton contractor who absconded with reams of classified (and highly classified) documents from the National Security Agency. The latest details come courtesy of The Washington Post which on Thursday published documents detailing the so-called “Black Budget” – government spending on its intelligence services including the CIA and NSA – over the last nine years, including the $52 billion spent in 2013. The documents give the most detailed accounting to date on U.S. government spending on intelligence in the post September 11 world and contain quite a few surprises. Among them: proof that the CIA receives far more money than does the NSA. But it is Uncle Sam’s work on cryptanalysis  that has attracted a lot of attention from computer security and privacy experts. First, the Black Budget reveals that the NSA […]

Continue Reading
1 2 3 4