There is something about deception, it can bypass a lot of security controls through a very basic principle, to make you believe about something that isn’t there. It is a bit like magic.
Like this WEBSITE, where you can see an example of what the new HTML5 fullscreen function could make you believe. That you are on a bank website, where in fact you are on a phishing site. The previous link is harmless and only serves as an example, one I would advise you to try yourself (you can’t enter any details anyway in case you haven’t understood it isn’t really a Bank of America website).
Basically, they use the HTML5 Fullscreen function to recreate your browser TABS and URL. If you are not used to browse the internet in full screen mode then you would see the trickstraightaway. However, if you are following the trend to browse in full screen mode, especially on mobile phones or on MACs where app...
>>[READ MORE]
Distributed Credential Protection
#74 - Posted on
15 October 2012 - Author: SM - Category: Security
RSA recently announced their Distributed Credential Protection (DCP) technology which should help address the impact of passwords leakage/theft when the system where they are stored gets compromised. They accomplish that by splitting up stored credentialsacrossdifferent systems.
In its current implementation it uses 2 servers. 1 server (BLUE) stores the password XOR to a random number and another server (RED) stores that random number.
When a user wants to authenticate it uses his password to XOR it with his own Random number. It then sends the transformed password to the BLUE server and the new random number to the RED server.
The BLUE and RED servers then compare the stored password with the one the user just provided. At this stage, I guess it must communicate to the RED server to get the corresponding random numbers.
This process is given an overview ...
>>[READ MORE]
MD5 Security Flaws
#71 - Posted on
13 June 2012 - Author: SM - Category: Security
In case you were in any doubts about the security flaws of MD5, in recent days, 2 implementations of MD5 have been shown to have severe security issues.
1) The md5crypt password scrambler used in many Unix based distributions has been deemed as “unsafe” by its author (in fact this has been known for some time now).
2) MD5 collisions were used in the recent Flame malware to bypass Microsoft Update signature certificates.
The sole use of MD5 as a security vector must be avoided.
...
>>[READ MORE]
An interesting timeline representation of the CloudFlare’s hack
#70 - Posted on
12 June 2012 - Author: SM - Category: Hacking, Security
CloudFlare is an interesting young company, a few years old, as introduced in this Bloomberg article. Although it is tempting to just describe it as being similar to Akamaibecauseit provides web acceleration and DOS protection through the use of a Content Distributed Network (CDN), it is also different. As explained by its founder, Matthew Price, it can understand, analyse and protect all requests to a website, not just a subset. It also has a different price model starting with a free offering and generally being much less expensive than the competition even with its pro/business/enterprise options.
In a nutshell, CloudFlare appears to be a service that can help optim...
>>[READ MORE]
Flame and the DEB93D trail
#69 - Posted on
6 June 2012 - Author: SM - Category: Security, Hacking
In the last few weeks there has been a lot of noise about what looks like the latest State sponsored malware, Flame. You can find a lot of information about it from Kaspersky and also from the CrySyS lab who seems to have done some parallel investigation and call it differently (sKyWIper).
This malware is quite interesting for several reasons:
1) It seems to focus on stealing information rather than being directly disruptive.
2) It has been active for 5+ years and has remained undetected until now.
3) It has an option to delete itself, but in doing so leaves one file. a ~DEB93D.tmp file.
4) It is modular and can/has been used to intercept Microsoft update using fake certificates t...
>>[READ MORE]