Encryption system used to exploit protected Wifi networks

Everyone knows that they could be a potential target for cyber-crime; as it often appears in the news almost every day. But just how vulnerable is an individual? CERT recently made a statement about how your Wifi network could be exploited if proper precautions are not taken.

On October 16th, 2017, the Computer Emergency Readiness Team made an announcement that addresses the protection of your sensitive information. In short, its advice is to update all your devices when security advancements are available. The reason for this is that a widely used encryption system used on wireless networks can lead to a breach of your credit card information, emails, passwords, etc.

Essentially, the system allows a hacker to gain access to the internet traffic that occurs between computers. Once in, the hacker can manipulate the data that is recovered. Depending on the target’s network configurations, it is even possible for the attacker to inject malware into the network. The unsettling part about this encryption system is that it has the capability of effecting a very wide range of devices including Android, Apple, Linux, and Windows.

Companies such as Intel, Microsoft, Google, and Apple have heeded this advice and have released updates that will help protect people with their devices from this issue.

– Jared Albert

 

Advertisements

Hackers Exploit Microsoft Servers to Mine Cryptocurrency

Mining for cryptocurrency is becoming an extremely profitable investment. One of the most popular currencies, bitcoin, is skyrocketing in value. One bitcoin is currently worth $4297 U.S. dollar. These currencies are becoming more and more popular to use online for illegal activity because it’s more difficult to trace, and increasing in value so quickly.

Now to this recent attack on servers running Windows server 2003. An exploit in this software was discovered in March of this year (2017), the exploit targets the web server in Windows server 2003. Hackers have now taken to attacking servers that have not patched to the most recent update that fixes the exploit. The exploit infects the server and adds it to a botnet for the hacker to control and mine for cryptocurrency. In this attack the hackers were mining for a currency called Monero, this currency is completely untraceable and anonymous. Hackers prefer mining for Monero because it uses an algorithm called CryptoNight which works on CPUs and GPUs and unlike Bitcoin requires no special hardware to begin mining. This currency is currently significantly less valuable than bitcoin, at the time of writing 1 Monero is worth $90 U.S. dollars but, like all cryptocurrency the value fluctuates quite frequently. This attack gained the hackers $63,000 worth of Monero in 3 months. There are quite a few pieces of malware that exploit servers to mine this currency. One piece of malware called Adylkuzz uses the EternalBlue exploit, which was actually created by the NSA and released by a group called the Shadow Brokers this exploit was used in the WannaCry ransomware attack. BondNet is another form of malware that also creates a botnet to mine Monero.

 

– Levi Walker

 

Sources:

https://thehackernews.com/2017/09/windows-monero-miners.html

https://en.bitcoin.it/wiki/CryptoNight

https://coinmarketcap.com/currencies/monero/

 

 

 

New Bashware Hacking Technique Has Potential To Affect Windows 10 Users

A new hacking technique found and dubbed ‘Bashware’ by cyber security firm Check Point can be used by hackers seeking to attack Windows 10 users.

The exploit comes from the Linux shell that already exists inside Windows 10, the Windows Subsystem for Linux, or WSL, and it allows malware to just completely go undetected past antivirus software and other protections in place.

The potential impact of this attack is huge since many people use Windows 10 as their operating system, and anybody who does run it could be at risk from hackers who use this technique.

Check Point researchers Dvir Atias and Gal Elbaz commented on the threat after performing some tests with major protection software: “We tested this technique on most of the leading anti-virus and security products on the market, successfully bypassing them all”. This shows that in its current state, the WSL provides a major gateway for hackers to get into even protected systems.

What WSL does on Windows systems is that it allows for testing code on Windows and Linux settings but requires a developer to activate it.

The reason why the exploit exists is not because of lackluster coding but because it was not something that was known by the developers at the time of implementation so it was impossible to protect against.

The one thing that could hinder this hacking technique is the fact that the attacker would need to have admin access to the computer but many hackers already have ways to access this via other programs or social engineering.

Microsoft is actively trying to find a way to fight against this exploit but a spokesperson said that they are not worried. In fact, they view this as low risk. The spokesperson stated that “One would need to enable developer mode, then install the component, reboot, and install Windows Subsystem for Linux in order for this to be effective. Developer mode is not enabled by default”.

All an attacker would need to do is obtain the admin access to the computer and trick the user into rebooting the computer.

The Bashware technique is a particularly powerful exploit for Windows 10 that can be used to bypass even the best anti-virus software but security companies are already working on a fix.

Source: http://www.trustedreviews.com/news/bashware-threatens-windows-10-pcs-3286410

 

– Alex Haubert

Way to go VTech.

One month ago a hacker revealed that he had broken into the toymaker VTech and retrieved a lot of information that was disturbing. Apparently, VTech had been storing  images, chat logs, home addresses, emails, names, genders and even birthdays of every customer. This would include the parents and their children who the products were most likely being used by.  Around 4,000,000 parents and 200,000 of the children using the products information was readily available for anyone who knew what they were doing. The hacker did not relinquish the way he was able to break into VTech, probably in an attempt to keep this information secret from people who want it but do not know how to hack, but has commented that he retrieved 190GB worth of photos and shared 3832 images with motherboard, a blogging site, with all the faces blocked out.VTech has yet to concretely say what their exact reasoning was but the wording of their attempt to justify it was so that they can send the password to the user directly. You know because that is such a GREAT idea, instead of just having them reset their password every time they forgot it because the company made it entirely impossible for them to access it on their own and with ease, I will just send you it back. The person that thought this was a good idea should get fired, like, two years ago.

https://nakedsecurity.sophos.com/2015/12/01/photos-of-kids-and-parents-chatlogs-audio-files-stolen-in-vtech-breach/

Security in Healthcare

According to a recent survey, Healthcare is the latest favourite of the hacking community. There’s a shortage of security professionals in the healthcare business, and while many respondents involved in tech are worried about personal records and other data, the ones who aren’t involved in tech, while worried, do not believe their corporations to have been hit.

The tech respondents have a right to be worried. Recently, it’s come to light that Healthcare experiences 340% more security attacks and incidents than any other sector, and advanced malware is suspected in 1 of every 600 attacks, making Healthcare four times more likely to be hit by advanced malware than any other sector.

There are many ways that hackers can get in. With the digitalization of patient records, as well as the addition of wearable technology, such as smart watches and smartphones, hackers are finding many new avenues to break into the system. While security for wearable technology is a separate issue, Jonathan Collins, a principal analyst for ABI Research says that they can pave the way for easier access to Healthcare records.

By Kathleen H. Justen

http://www.technewsworld.com/story/82638.html