Tag: california

Guerilla researcher created epic botnet to scan billions of IP addresses

Aurich Lawson (after Aliens) In one of the more audacious and ethically questionable research projects in recent memory, an anonymous hacker built a botnet of more than 420,000 Internet-connected devices and used it to perform one of the most comprehensive surveys ever to measure the insecurity of the global network. In all, the nine-month scanning project found 420 million IPv4 addresses that responded to probes and 36 million more addresses that had one or more ports open. A large percentage of the unsecured devices bore the hallmarks of broadband modems, network routers, and other devices with embedded operating systems that typically aren’t intended to be exposed to the outside world. The researcher found a total of 1.3 billion addresses in use, including 141 million that were behind a firewall and 729 million that returned reverse domain name system records. There were no signs of life from the remaining 2.3 billion IPv4 addresses. Continually scanning almost 4 billion addresses for nine months is a big job. In true guerilla research fashion, the unknown hacker developed a small scanning program that scoured the Internet for devices that could be logged into using no account credentials at all or the usernames and passwords of either “root” or “admin.” When the program encountered unsecured devices, it installed itself on them and used them to conduct additional scans. The viral growth of the botnet allowed it to infect about 100,000 devices within a day of the program’s release. The critical mass allowed the hacker to scan the Internet quickly and cheaply. With about 4,000 clients, it could scan one port on all 3.6 billion addresses in a single day. Because the project ran 1,000 unique probes on 742 separate ports, and possibly because the binary was uninstalled each time an infected device was restarted, the hacker commandeered a total of 420,000 devices to perform the survey. Read 16 remaining paragraphs | Comments

Read the original post:
Guerilla researcher created epic botnet to scan billions of IP addresses

Chameleon botnet steals millions from advertisers with fake mouseclicks

Security researchers have discovered a botnet that is stealing millions of dollars per month from advertisers. The botnet does so by simulating click-throughs on display ads hosted on at least 202 websites. Revealed and dubbed “Chameleon” by the Web analytics firm spider.io because of its ability to fool advertisers’ behavior-tracking algorithms, the botnet is the first found to use display advertisements to generate fraudulent income for its masters. In a blog post today, spider.io reported that the company had been tracking Chameleon since December of 2012. Simulating multiple concurrent browser sessions with websites, each bot is able to interact with Flash and JavaScript based ads. So far, more than 120,000 Windows PCs have been identified—95 percent of them with IP addresses associated with US residential Internet services. The company has issued a blacklist of the 5,000 worst-offending IP addresses for advertisers to use to protect themselves from fraud. While in many respects the botnet simulates human activity on webpages to fool countermeasures to clickfraud, it generates random mouse clicks and mouse pointer traces across pages. This makes it relatively easy for bot-infected systems to be identified over time. The bot is also unstable because of the heavy load it puts on the infected machine, and its frequent crashes can also be used as a signature to identify infected systems. Read 1 remaining paragraphs | Comments

See the original post:
Chameleon botnet steals millions from advertisers with fake mouseclicks

Cisco switches to weaker hashing scheme, passwords cracked wide open

Password cracking experts have reversed a secret cryptographic formula recently added to Cisco devices. Ironically, the encryption type 4 algorithm leaves users considerably more susceptible to password cracking than an older alternative, even though the new routine was intended to enhance protections already in place. It turns out that Cisco’s new method for converting passwords into one-way hashes uses a single iteration of the SHA256 function with no cryptographic salt. The revelation came as a shock to many security experts because the technique requires little time and computing resources. As a result, relatively inexpensive computers used by crackers can try a dizzying number of guesses when attempting to guess the corresponding plain-text password. For instance, a system outfitted with two AMD Radeon 6990 graphics cards that run a soon-to-be-released version of the Hashcat password cracking program can cycle through more than 2.8 billion candidate passwords each second. By contrast, the type 5 algorithm the new scheme was intended to replace used 1,000 iterations of the MD5 hash function. The large number of repetitions forces cracking programs to work more slowly and makes the process more costly to attackers. Even more important, the older function added randomly generated cryptographic “salt” to each password, preventing crackers from tackling large numbers of hashes at once. Read 7 remaining paragraphs | Comments

Continue reading here:
Cisco switches to weaker hashing scheme, passwords cracked wide open

UAE Opens Biggest Solar Power Station In The World

The Shams Power Company opened their Shams 1 concentrated solar power station this week in Abu Dhabi. The station generates 100 MW and can power 20,000 homes while reducing CO2 emissions by 175,000 tons per year. More »

Taken from:
UAE Opens Biggest Solar Power Station In The World

Here Are the Clearest Pictures of What’s Probably the Samsung Galaxy S IV

We’ve seen pictures and video of the Samsung Galaxy S IV already but we haven’t seen it like this. In what’s probably the clearest pictures of the S IV until it’s announced later today, we get to see what the powerful beast of a phone will look like in all its glory. More »

Originally posted here:
Here Are the Clearest Pictures of What’s Probably the Samsung Galaxy S IV

For first time, US military says it would use offensive cyberweapons

For the first time ever, the Obama administration has publicly admitted to developing offensive cyberweapons that could be aimed at foreign nations during wartime. According to an article published Tuesday night by The New York Times , that admission came from General Keith Alexander, the chief of the military’s newly created Cyber Command. He said officials are establishing 13 teams of programmers and computer experts who would focus on offensive capabilities. Previously, Alexander publicly emphasized defensive strategies in electronic warfare to the almost complete exclusion of offense. “I would like to be clear that this team, this defend-the-nation team, is not a defensive team,” Alexander, who runs both the National Security Agency and the new Cyber Command, told the House Armed Services Committee on Tuesday. “This is an offensive team that the Defense Department would use to defend the nation if it were attacked in cyberspace. Thirteen of the teams that we’re creating are for that mission alone.” Read 3 remaining paragraphs | Comments

Excerpt from:
For first time, US military says it would use offensive cyberweapons

Dropbox 2.0 brings functional drop-down menus to Mac and Windows

Dropbox for Mac received an update to version 2.0 on Tuesday, bringing with it a number of UI upgrades to the desktop. The most noticeable difference is the revamped and prettified drop-down interface, which now allows you to accept or decline sharing requests right from the menu instead of requiring a trip to the website. The new drop-down interface also displays a list of recently updated files from across your Dropbox-enabled devices, and it gives easy access to both sync settings and the Dropbox website. This is a small but significant change to the way the menu item previously functioned. In the past, there was not much functionality there, but now it’s a place where the user might actually go in order to see which files are being synced. Additionally, the new menu interface makes for much easier file or folder sharing. Select the item in the menu that you want to share and a “Share” button pops up on the right. Clicking it still takes you to the Dropbox website in order to invite other users, but it’s a start in making the desktop software a little more usable. Read 1 remaining paragraphs | Comments

Visit link:
Dropbox 2.0 brings functional drop-down menus to Mac and Windows

Dating site Zoosk resets some user accounts following password dump (Updated)

A screenshot from Jeremi Gosney showing passwords cracked by the ocl-Hashcat-plus program. Jeremi Gosney Zoosk.com, an online dating service with about 15 million unique visitors each month, is requiring some users to reset their passwords. The move comes after someone published a list cryptographically protected passcodes that may have been used by subscribers to the website. In the past, the San Francisco-based company has said it has more than 50 million users . With this dump, a small but statistically significant percentage of the 29-million-strong password list contained the word “zoosk,” an indication that at least some of the credentials may have originated with the dating site. Jeremi Gosney, a password expert at Stricture Consulting Group , said he cracked more than 90 percent of the passwords and found almost 3,000 had links to Zoosk. The cracked passcodes included phrases such as “logmein2zoosk,” “zoosk password,” “myzooskpass,” “@zoosk,” “zoosk4me,” “ilovezoosk,” “flirtzoosk,” “zooskmail.” Other passwords contained strings such as “flirt,” “lookingforlove,” “lookingforguys,” and “lookingforsex,” another indication that they were used to access accounts at one or more dating websites. Many users choose passwords containing names, phrases, or topics related to the specific website or generic type of service they’re used to access. In December, Ars profiled a 25-GPU cluster system Gosney built that’s capable of trying every possible Windows passcode in the typical enterprise in less than six hours. . Read 6 remaining paragraphs | Comments

Originally posted here:
Dating site Zoosk resets some user accounts following password dump (Updated)

Mac malware that infected Facebook bypassed OS X Gatekeeper protection

Researchers have identified the Mac malware that infected employees of Apple, Facebook, and Twitter, and say it may have been used to compromise machines in other US organizations, including auto manufacturers, government agencies, and a leading candy maker, according to a published report. Pintsized.A is a new family of Mac malware that uses an exploit to bypass Gatekeeper, an OS X protection that allows end users to tightly control which sources are permitted to install apps , according to an article published Monday by The Security Ledger. Mac antivirus provider Intego says  the trojan masquerades on infected machines as Linux printing software known as cupsd, although it runs from a different location than the legitimate title. It’s unclear exactly how the malware gets around Gatekeeper. Once installed, Pintsized establishes a reverse shell to a command and control server controlled by the attackers. It uses a modified version of the OpenSSH utility to encrypt traffic, a measure that can help it remain undetected on infected networks. One of the domain names that hosted such a server was corp-aapl.com. It caught the attention of members of Facebook’s security team, tipping them off that there was an infected machine inside their network . When they later took control of the domain, they discovered multiple other companies were also compromised by the same attackers. Around the same time, Apple , Twitter , and Microsoft were also hit with attacks that meet the same pattern. Read 1 remaining paragraphs | Comments

Link:
Mac malware that infected Facebook bypassed OS X Gatekeeper protection