A Django site.
January 4, 2010

Inside Security News
insecnews
is about »
» Decaf COFEE put me to sleep

Decaf[1] is the hackers reply to Microsoft's COFEE tool set. Once again creating a tool to combat a set of tools as old as Sysinternals is nothing new or surprising. If it did not happen we would have been surprised.

Unfortunately (and thank god) systems are open and when they are closed (-source) people can still reverse-engineer and break them. This is the nature of the system, be that a PC, Apple, hardware, software or a mobile phone.

In other news an Xbox 360 thief was caught when the original user's account automatically signed in [2]. Proving that with some effort it is possible to track and catch thieves that keep and connect Internet-capable systems. Hear that UK!

Links used:
[1] - http://www.theregister.co.uk/2009/12/14/microsoft_cofee_vs_decaf/
[2] - http://www.theregister.co.uk/2009/12/30/x_box_theft_suspect_racked_down/

November 8, 2009

Inside Security News
insecnews
is about »
» iPhone: myPhone on lock-down

...and you thought you were the only person to have the privilege of locking your iPhones screen. Think again. Once again a stunt and proof of concept demonstrates that high tech. mobile devices can be manipulated and possibly locked down by malicious people, leaving the users at their mercy. In some cases even try to get you to part with your money. This was demonstrated with the iPhone 'Your iPhone's been hacked' stunt as reported [1] by Wired.

It appears that jailbroken iPhones have SSH and a default root password (if not changed), allowing full remote access to the phone. It is that easy. The users are lucky that the creator didn't start locking the devices as we have seen with ransomware (malware that requests ransom to decrypt data or unlock a pc).

I would not be surprised if Apple didn't try to use this problem to demonstrate to people that jailbreaking the iPhone will mean that you are taking avoidable risks and that you are not being protected to the fullest.

[1] Wired - Hacker holds Dutch iPhones for €5 ransom - http://www.wired.co.uk/news/archive/2009-11/04/hacker-holds-dutch-iphones-for-€5-ransom.aspx

September 21, 2008

Inside Security News
insecnews
is about »
» Aberdare College / Coleg Morgannwg defacement

I have been informed, that Aberdare College / Coleg Morgannwg [1, 2] a University of Glamorgan Partner College has been defaced. It seams that the defacement happened on Friday 19 Sep. around 21:3x. The hacker with alias abuder3 seams to have been responsible for the defacement. A look online [3] (i.e., google) shows that there are more defacements and Zone-h.org reports [4] a few more.

Based on his profile on Zone-h.org and the Google searches we can see that this person is targeting random sites and a certain Operating System (i.e., Win 2000). It seams that there is a zero-day vulnerability that this person is using and he is passing some kind of political message. Like the reporting of the CERN hack, in my previous post, his message is in his own language and therefore it is hard to impossible for English speakers to understand any message conveyed.

His main purpose is to create collateral damage, without any particular reason. It is often seen as a way of self-promoting ones self. Surely he has caused frustration. Once again we do not agree with these types of actions.
Images:

On-load
Defacement
Site Source
Site & Source

Links used:
[1] Aberdare College / Coleg Morgannwg - http://www.morgannwg.ac.uk/morgannwg/
[2] Aberdare College / Coleg Morgannwg - http://www.aberdare.ac.uk/morgannwg/
[3] abuder3 - Google Search - http://www.google.co.uk/search?hl=en&q;=abuder3&btnG;=Google+Search&meta;=
[4] Zone-H.org - abuder3 Filter - http://www.zone-h.org/component/option,com_attacks/Itemid,160/filter_defacer,abuder3/

September 15, 2008

Inside Security News
insecnews
is about »
» A Hacker Cause : CERN site defacement

Let us see how the Greek defacement of a CERN website is a cry for unity in the online Greek Security scene dominated by hacker bullies, wannabes and script-kiddies .

A few days ago (i.e., 9-10 Sep. 2008) one of CERN’s websites, the Compact Muon Solenoid Experiment (CMS) monitoring site (i.e.,http://cmsmon.cern.ch), was hacked and defaced by Greek hackers going by the name Greek Security Team (GST). What is interesting is that BBC has a report on the matter[1]. After reading the original defaced webpage from a screenshot a user has left on a blog [2], I think the BBC is reporting things incorrectly. As a fluent Greek speaker I can read and understand the message the hackers are trying to pass on and interpret it accordingly.

Unfortunately the BBC [1] reports:
‘The CMS website displayed a page with a mocking message, in Greek, which included the line: "We are 2600 - don't mess with us".’

And

‘The number 2600 is often used by the hacking community. It is believed to have originated in the US in the 1960s with the discovery that a tone of 2600Hz played down the line could be used to access restricted parts of the national telephone system. ’

All this is well and correct but the message the hackers left is not that. After reading the text it is clear that the message is targeting other so called hackers/security individuals that chat all day and provide no knowledge or product to the security community. The phrase "We are 2600 - don't mess with us" is supposedly that of these so called individuals/script-kiddies that use this phrase (and ‘2600’) to discourage and intimidate others without providing any meaningful results (i.e., loosely translated πράξη ) . It is clearly an Internet social states cry for reform for the online Greek Security communities.

It is also mentioned that the defacers also patched a security bug. .. who knows.. only the site admin.

Obviously there is more in the defacement posting but I will not sit and translate the whole document as it is not the purpose of this blog posting.

Personal disappointment
Might I also add at this point that I enjoyed the freedom of looking around at the different sites provided by the CERN project. I think I was on that site (i.e.,CMS mon.) recently and I could see the live status of the CMS project. Now the site has been taken down, my curiosity has to be limited to what news sites report. Some of the disadvantages of web page defacements, public access denied!

Links Used:

[1] -BBC News - 'Big bang' experiment is hacked - http://news.bbc.co.uk/1/hi/technology/7616622.stm
[2] - The Daily Buzzz - 'Hackers HACK Large Hadron Collider’s computer system! How Safe…' - http://www.dailybuzzz.com/science/hackers-hack-large-hadron-colliders-computer-system-how-safe