“security” via n8xja in Google Reader 2012-12-27 23:00:34

Computer security firm McAfee Labs released its annual Threat Predictions report today, taking a look at what we’ll see (and hope not to see) on 2013’s deck of malware and viruses. Interestingly, McAfee’s analysis predicts a decline in Anonymous’ attacks, a rise in the frequency and sophistication of mobile malware, and a rise in large-scale attacks that aim to cause as much destruction as possible.

This time last year, McAfee’s report for 2012 predicted that “Hacktivism and Anonymous will reboot and evolve.” While this year didn’t see anything on the level of the hacks of Sony and HBGary from 2011, Anonymous did execute a number of high-profile attacks and threats. Now McAfee says that in 2013, hacktivisim will be conducted by more homogeneous, politically-motivated groups rather than Anonymous’ pantheon of personalities and pet causes. Still, McAfee suggests that Anonymous may be able to stage a few high-visibility attacks in the coming months despite its predicted decline. The report reads:

Sympathizers of Anonymous are suffering. Too many uncoordinated and unclear operations have been detrimental to its reputation. Added to this, the disinformation, false claims, and pure hacking actions will lead to the movement’s being less politically visible than in the past. Because Anonymous’ level of technical sophistication has stagnated and its tactics are better understood by its potential victims, the group’s level of success will decline. However, we could easily imagine some short-lived spectacular actions due to convergence between hacktivists and antiglobalization supporters, or hacktivists and ecoterrorists.

The analysts go on to say that smaller groups with extremist views will redouble their efforts to hack bastions of democratic societies, improving their tactics “in sophistication and aggressiveness.”

Read 2 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-27 23:00:34

Computer security firm McAfee Labs released its annual Threat Predictions report today, taking a look at what we’ll see (and hope not to see) on 2013’s deck of malware and viruses. Interestingly, McAfee’s analysis predicts a decline in Anonymous’ attacks, a rise in the frequency and sophistication of mobile malware, and a rise in large-scale attacks that aim to cause as much destruction as possible.

This time last year, McAfee’s report for 2012 predicted that “Hacktivism and Anonymous will reboot and evolve.” While this year didn’t see anything on the level of the hacks of Sony and HBGary from 2011, Anonymous did execute a number of high-profile attacks and threats. Now McAfee says that in 2013, hacktivisim will be conducted by more homogeneous, politically-motivated groups rather than Anonymous’ pantheon of personalities and pet causes. Still, McAfee suggests that Anonymous may be able to stage a few high-visibility attacks in the coming months despite its predicted decline. The report reads:

Sympathizers of Anonymous are suffering. Too many uncoordinated and unclear operations have been detrimental to its reputation. Added to this, the disinformation, false claims, and pure hacking actions will lead to the movement’s being less politically visible than in the past. Because Anonymous’ level of technical sophistication has stagnated and its tactics are better understood by its potential victims, the group’s level of success will decline. However, we could easily imagine some short-lived spectacular actions due to convergence between hacktivists and antiglobalization supporters, or hacktivists and ecoterrorists.

The analysts go on to say that smaller groups with extremist views will redouble their efforts to hack bastions of democratic societies, improving their tactics “in sophistication and aggressiveness.”

Read 2 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-23 17:00:07

Aurich Lawson

2012 was an “exciting” year for OS X security—at least if you’re a security expert or researcher. There were plenty of events to keep people on their toes. Although Apple took some egg on the face for some of them, overall, the company came out ahead when it came down to keeping users safe.

At least that’s the opinion of some security researchers who followed OS X developments throughout the year.

Back to the Flashback

Remember Flashback? That malware first made its way onto the Mac in 2011, but never became widespread enough for most users to even become aware of it—until earlier this year. Suddenly, Apple was faced with arguably the first truly high-profile malware to appear on OS X, right as Apple was appearing more than ever in the media.

Read 23 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-23 17:00:07

Aurich Lawson

2012 was an “exciting” year for OS X security—at least if you’re a security expert or researcher. There were plenty of events to keep people on their toes. Although Apple took some egg on the face for some of them, overall, the company came out ahead when it came down to keeping users safe.

At least that’s the opinion of some security researchers who followed OS X developments throughout the year.

Back to the Flashback

Remember Flashback? That malware first made its way onto the Mac in 2011, but never became widespread enough for most users to even become aware of it—until earlier this year. Suddenly, Apple was faced with arguably the first truly high-profile malware to appear on OS X, right as Apple was appearing more than ever in the media.

Read 23 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-17 16:30:30

A Westboro Baptist Church member’s Twitter account was hacked and has been tweeting about it since Sunday evening.

Over the weekend, Anonymous was stirred to action against an old nemesis: the Westboro Baptist Church. The most recent feud came in the wake of WBC’s appalling reaction to the Sandy Hook shooting Friday in Newtown, CT. Anonymous’s offensive increased in intensity as WBC announced plans to picket a vigil for the elementary school’s victims. The hacker collective has since managed to hijack a high-profile Twitter account as well as take down WBC’s site, among other claimed victories.

Anonymous, like much of the world, has a deep-seated hatred for the wildly intolerant WBC. Upon discovering WBC’s unsympathetic reaction to the shooting, Anonymous began by doxing some of the church’s members that it could find on Twitter. It also encouraged followers to sign a whitehouse.gov petition recognizing WBC as a hate group.

Today, Anonymous scored several more successes: godhatesfags.com, the website of WBC, went down, possibly as a result of DDoS attacks by anonymous members. Other high-profile hackers have joined in, such as @cosmothegod, who hijacked the personal Twitter account of WBC spokesperson Shirley Phelps-Roper and retweeted several posts about his victory. Anonymous’s official Twitter account also claims that its members managed to change Phelps-Roper’s desktop background to gay porn, uncovered alleged social security numbers of key WBC members through the doxing process, and successfully filed for a death certificate for Phelps-Roper. The group has since tweeted out the alleged hotel where WBC members were staying and offered an IRC channel specifically to talk about its #OpWBC movement.

Read 1 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-17 16:30:30

A Westboro Baptist Church member’s Twitter account was hacked and has been tweeting about it since Sunday evening.

Over the weekend, Anonymous was stirred to action against an old nemesis: the Westboro Baptist Church. The most recent feud came in the wake of WBC’s appalling reaction to the Sandy Hook shooting Friday in Newtown, CT. Anonymous’s offensive increased in intensity as WBC announced plans to picket a vigil for the elementary school’s victims. The hacker collective has since managed to hijack a high-profile Twitter account as well as take down WBC’s site, among other claimed victories.

Anonymous, like much of the world, has a deep-seated hatred for the wildly intolerant WBC. Upon discovering WBC’s unsympathetic reaction to the shooting, Anonymous began by doxing some of the church’s members that it could find on Twitter. It also encouraged followers to sign a whitehouse.gov petition recognizing WBC as a hate group.

Today, Anonymous scored several more successes: godhatesfags.com, the website of WBC, went down, possibly as a result of DDoS attacks by anonymous members. Other high-profile hackers have joined in, such as @cosmothegod, who hijacked the personal Twitter account of WBC spokesperson Shirley Phelps-Roper and retweeted several posts about his victory. Anonymous’s official Twitter account also claims that its members managed to change Phelps-Roper’s desktop background to gay porn, uncovered alleged social security numbers of key WBC members through the doxing process, and successfully filed for a death certificate for Phelps-Roper. The group has since tweeted out the alleged hotel where WBC members were staying and offered an IRC channel specifically to talk about its #OpWBC movement.

Read 1 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-12 11:55:41

On Tuesday, the FBI announced that it had arrested ten people connected to a botnet that had spread through Facebook. Spread by a virus targeting Facebook users, the botnet caused over $850 million in losses to financial institutions, infected over 11 million computers, and stole credit card and bank account data. The botnet itself was shut down in October, according to an FBI statement.

This is the second major outbreak of botnets based on the Butterfly (aka Mariposa) bot tool. The first incarnation, discovered in December 2008 and shut down a year later, infected over 12 million PCs worldwide and was spread primarily through file-sharing and instant messaging attacks. It also harvested financial information from over 800,000 victims.

In the latest incarnation of Butterfly, the botnet spread itself using variants of Yahos, a virus that spreads itself by sending links via social networks and instant messaging. Victims clicked on the link, launching Yahos’ attack. The malware, which in some variants disguised itself as an NVIDIA video driver, then downloaded and installed the botnet controls and browser exploits that captured users’ credit card and bank account information. The spread of viruses like Yahos prompted Facebook to  partner with McAfee in 2010 to provide tools to users to clean infected systems.

Read 1 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-12 11:55:41

On Tuesday, the FBI announced that it had arrested ten people connected to a botnet that had spread through Facebook. Spread by a virus targeting Facebook users, the botnet caused over $850 million in losses to financial institutions, infected over 11 million computers, and stole credit card and bank account data. The botnet itself was shut down in October, according to an FBI statement.

This is the second major outbreak of botnets based on the Butterfly (aka Mariposa) bot tool. The first incarnation, discovered in December 2008 and shut down a year later, infected over 12 million PCs worldwide and was spread primarily through file-sharing and instant messaging attacks. It also harvested financial information from over 800,000 victims.

In the latest incarnation of Butterfly, the botnet spread itself using variants of Yahos, a virus that spreads itself by sending links via social networks and instant messaging. Victims clicked on the link, launching Yahos’ attack. The malware, which in some variants disguised itself as an NVIDIA video driver, then downloaded and installed the botnet controls and browser exploits that captured users’ credit card and bank account information. The spread of viruses like Yahos prompted Facebook to  partner with McAfee in 2010 to provide tools to users to clean infected systems.

Read 1 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-09 19:00:11

Welcome to Radeon City, population: 8. It’s one of five servers that make up a high-performance password-cracking cluster.
Jeremi Gosney

A password-cracking expert has unveiled a computer cluster that can cycle through as many as 350 billion guesses per second. It’s an almost unprecedented speed that can try every possible Windows passcode in the typical enterprise in less than six hours.

The five-server system uses a relatively new package of virtualization software that harnesses the power of 25 AMD Radeon graphics cards. It achieves the 350 billion-guess-per-second speed when cracking password hashes generated by the NTLM cryptographic algorithm that Microsoft has included in every version of Windows since Server 2003. As a result, it can try an astounding 958 combinations in just 5.5 hours, enough to brute force every possible eight-character password containing upper- and lower-case letters, digits, and symbols. Such password policies are common in many enterprise settings. The same passwords protected by Microsoft’s LM algorithm—which many organizations enable for compatibility with older Windows versions—will fall in just six minutes.

The Linux-based GPU cluster runs the Virtual OpenCL cluster platform, which allows the graphics cards to function as if they were running on a single desktop computer. ocl-Hashcat Plus, a freely available password-cracking suite optimized for GPU computing, runs on top, allowing the machine to tackle at least 44 other algorithms at near-unprecedented speeds. In addition to brute-force attacks, the cluster can bring that speed to cracks that use a variety of other techniques, including dictionary attacks containing millions of words.

Read 10 remaining paragraphs | Comments

“security” via n8xja in Google Reader 2012-12-09 19:00:11

Welcome to Radeon City, population: 8. It’s one of five servers that make up a high-performance password-cracking cluster.
Jeremi Gosney

A password-cracking expert has unveiled a computer cluster that can cycle through as many as 350 billion guesses per second. It’s an almost unprecedented speed that can try every possible Windows passcode in the typical enterprise in less than six hours.

The five-server system uses a relatively new package of virtualization software that harnesses the power of 25 AMD Radeon graphics cards. It achieves the 350 billion-guess-per-second speed when cracking password hashes generated by the NTLM cryptographic algorithm that Microsoft has included in every version of Windows since Server 2003. As a result, it can try an astounding 958 combinations in just 5.5 hours, enough to brute force every possible eight-character password containing upper- and lower-case letters, digits, and symbols. Such password policies are common in many enterprise settings. The same passwords protected by Microsoft’s LM algorithm—which many organizations enable for compatibility with older Windows versions—will fall in just six minutes.

The Linux-based GPU cluster runs the Virtual OpenCL cluster platform, which allows the graphics cards to function as if they were running on a single desktop computer. ocl-Hashcat Plus, a freely available password-cracking suite optimized for GPU computing, runs on top, allowing the machine to tackle at least 44 other algorithms at near-unprecedented speeds. In addition to brute-force attacks, the cluster can bring that speed to cracks that use a variety of other techniques, including dictionary attacks containing millions of words.

Read 10 remaining paragraphs | Comments