Tag Archives: crack

IP-Überwachungskameras von Aldi mit massiven Sicherheitslücken | heise online


Aldi hatte vergangenes Jahr mehrfach IP-Überwachungskameras mit denkbar schlechten Voreinstellungen verkauft. Die Geräte sind zu Hunderten fast ungeschützt über das Internet erreichbar.


Die bei Aldi verkauften IP-Überwachungskameras der Marke Maginon haben massive Sicherheitsprobleme: Unbefugte könnten über das Internet auf das Kamerabild zugreifen und sogar den Ton anzapfen. Zudem verraten die Geräte unter anderem die Passwörter für WLAN, E-Mail und FTP-Zugang ihres Besitzers. Hunderte Aldi-Kameras sind nahezu ungeschützt über das Internet erreichbar. Darauf hat uns der Zusammenschluss Digitale Gesellschaft aufmerksam gemacht.


HTTPS-crippling attack threatens tens of thousands of Web and mail servers | Ars Technica



Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet services are vulnerable to a new attack that lets eavesdroppers read and modify data passing through encrypted connections, a team of computer scientists has found.




The new attack, which its creators have dubbed Logjam, can be exploited against a subset of servers that support the widely used Diffie-Hellman key exchange, which allows two parties that have never met before to negotiate a secret key even though they’re communicating over an unsecured, public channel.


The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad.


Noobs can pwn world’s most popular BIOSes in two minutes | The Register

Nobody expects the BIOS inquisition, so nobody patches them


Millions of flawed BIOSes can be infected using simple two-minute attacks that don’t require technical skills and require only access to a PC to execute.


Basic Input/Output Systems (BIOS) have been the target of much hacking research in recent years since low-level p0wnage can grant attackers the highest privileges, persistence and stealth.


LegbaCore researchers Xeno Kopvah and Corey Kallenberg revealed the threat to El Reg ahead of a presentation How Many Million BIOSes Would You Like to Infect? at CanSecWest tomorrow.


NSA-Trojaner: Kaspersky enttarnt Regin | SPIEGEL ONLINE

SPIEGEL-Veröffentlichung: Experten enttarnen Trojaner „Regin“ als NSA-Werkzeug

Von Marcel Rosenbach, Hilmar Schmundt und Christian Stöcker


Softwarecode im Vergleich: Links Trojaner

Kaspersky Softwarecode im Vergleich: Links Trojaner „Regin“, rechts vom SPIEGEL veröffentlichter NSA-Code


Telekom-Unternehmen, die EU-Kommission und eine Mitarbeiterin des Kanzleramts – alle wurden zum Opfer der Schadsoftware „Regin“. Die Analyse eines vom SPIEGEL veröffentlichten Codes zeigt nun: „Regin“ ist ein NSA-Werkzeug.


Als der SPIEGEL Mitte Januar anhand neuer Unterlagen aus dem Snowden-Archiv das digitale Wettrüsten der Nachrichtendienste mit immer ausgefeilteren Cyberwaffen beschrieb, veröffentlichte SPIEGEL ONLINE auch das Beispiel einer in den Snowden-Materialien enthaltenen Schadsoftware namens „QWERTY“ als Quellcode.


Google provided WikiLeaks journalists‘ metadata in Julian Assange investigation | Technology

 Sarah Harrison, assistant to Julian Assange, thanks supporters outside Ecuador'’s embassy in London in 2012. She is among the journalists whose details were provided to authorities.



Google secretly gave the emails of WikiLeaks journalists to the US government in response to an espionage investigation targeting Julian Assange, according to documents disclosed by the internet giant.


Three journalists who have worked for WikiLeaks since 2010 – Sarah Harrison, Joseph Farrell and Kristinn Hrafnsson – have been informed by Google that all their Gmail account content, metadata, subscriber information, and other content were provided to US federal law enforcement in response to search warrants issued in March 2012.


Breaking: Stealth „Turla“ Malware Infects Unknown Number of Linux Systems | Softpedia

Linux is attacked

Linux is attacked

A new threat has been found by Kasperky Labs


The Linux Turla is a new piece of malware designed to infect only Linux computers, which has managed to remain relatively hidden until now and has the potential of doing a lot of harm. Unfortunately, very little is known about it or how to fix it.




It doesn’t need root


One of the most interesting aspects of this Turla cd00r-based malware is that is doesn’t require elevated privileges, which is probably one of the reasons it’s so dangerous. It needs to be activated remotely with a „magic packet“ (similar to port knocking) and it needs existing network interface name. The end result is that it provides a backdoor to the user’s computer, and that the attacker can send commands with „/bin/sh -c “ script.“. It’s a little bit more complicated than this, but that is just the summary of it.


Regin: Top-tier espionage tool enables stealthy surveillance | Symantec Connect

An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals.



Figure 1. Regin’s five stages



s.a.: technical whitepaper from Symantec

CVE-2014-4877: Wget FTP Symlink Attack Vulnerability | The Hacker News


The open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web has found vulnerable to a critical flaw.


GNU Wget is a command-line utility designed to retrieve files from the Web using HTTP, HTTPS, and FTP, the most widely used Internet protocols. Wget can be easily installed on any Unix-like system and has been ported to many environments, including Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS.


When a recursive directory fetch over FTP server as the target, it would let an attacker „create arbitrary files, directories or symbolic links“ due to a symlink flaw.


The Unpatchable Malware That Infects USBs Is Now on the Loose | WIRED


Alex Washburn / WIRED




In a talk at the Derbycon hacker conference in Louisville, Kentucky last week, researchers Adam Caudill and Brandon Wilson showed that they’ve reverse engineered the same USB firmware as Nohl’s SR Labs, reproducing some of Nohl’s BadUSB tricks. And unlike Nohl, the hacker pair has also published the code for those attacks on Github, raising the stakes for USB makers to either fix the problem or leave hundreds of millions of users vulnerable.