Aldi hatte vergangenes Jahr mehrfach IP-Überwachungskameras mit denkbar schlechten Voreinstellungen verkauft. Die Geräte sind zu Hunderten fast ungeschützt über das Internet erreichbar.
Die bei Aldi verkauften IP-Überwachungskameras der Marke Maginon haben massive Sicherheitsprobleme: Unbefugte könnten über das Internet auf das Kamerabild zugreifen und sogar den Ton anzapfen. Zudem verraten die Geräte unter anderem die Passwörter für WLAN, E-Mail und FTP-Zugang ihres Besitzers. Hunderte Aldi-Kameras sind nahezu ungeschützt über das Internet erreichbar. Darauf hat uns der Zusammenschluss Digitale Gesellschaft aufmerksam gemacht.
Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet services are vulnerable to a new attack that lets eavesdroppers read and modify data passing through encrypted connections, a team of computer scientists has found.
The new attack, which its creators have dubbed Logjam, can be exploited against a subset of servers that support the widely used Diffie-Hellman key exchange, which allows two parties that have never met before to negotiate a secret key even though they’re communicating over an unsecured, public channel.
The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad.
Nobody expects the BIOS inquisition, so nobody patches them
Millions of flawed BIOSes can be infected using simple two-minute attacks that don’t require technical skills and require only access to a PC to execute.
Basic Input/Output Systems (BIOS) have been the target of much hacking research in recent years since low-level p0wnage can grant attackers the highest privileges, persistence and stealth.
LegbaCore researchers Xeno Kopvah and Corey Kallenberg revealed the threat to El Reg ahead of a presentation How Many Million BIOSes Would You Like to Infect? at CanSecWest tomorrow.
SPIEGEL-Veröffentlichung: Experten enttarnen Trojaner „Regin“ als NSA-Werkzeug
Telekom-Unternehmen, die EU-Kommission und eine Mitarbeiterin des Kanzleramts – alle wurden zum Opfer der Schadsoftware „Regin“. Die Analyse eines vom SPIEGEL veröffentlichten Codes zeigt nun: „Regin“ ist ein NSA-Werkzeug.
Als der SPIEGEL Mitte Januar anhand neuer Unterlagen aus dem Snowden-Archiv das digitale Wettrüsten der Nachrichtendienste mit immer ausgefeilteren Cyberwaffen beschrieb, veröffentlichte SPIEGEL ONLINE auch das Beispiel einer in den Snowden-Materialien enthaltenen Schadsoftware namens „QWERTY“ als Quellcode.
Google secretly gave the emails of WikiLeaks journalists to the US government in response to an espionage investigation targeting Julian Assange, according to documents disclosed by the internet giant.
Three journalists who have worked for WikiLeaks since 2010 – Sarah Harrison, Joseph Farrell and Kristinn Hrafnsson – have been informed by Google that all their Gmail account content, metadata, subscriber information, and other content were provided to US federal law enforcement in response to search warrants issued in March 2012.
A new threat has been found by Kasperky Labs
The Linux Turla is a new piece of malware designed to infect only Linux computers, which has managed to remain relatively hidden until now and has the potential of doing a lot of harm. Unfortunately, very little is known about it or how to fix it.
It doesn’t need root
One of the most interesting aspects of this Turla cd00r-based malware is that is doesn’t require elevated privileges, which is probably one of the reasons it’s so dangerous. It needs to be activated remotely with a „magic packet“ (similar to port knocking) and it needs existing network interface name. The end result is that it provides a backdoor to the user’s computer, and that the attacker can send commands with „/bin/sh -c “ script.“. It’s a little bit more complicated than this, but that is just the summary of it.
An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals.
The open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web has found vulnerable to a critical flaw.
GNU Wget is a command-line utility designed to retrieve files from the Web using HTTP, HTTPS, and FTP, the most widely used Internet protocols. Wget can be easily installed on any Unix-like system and has been ported to many environments, including Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS.
When a recursive directory fetch over FTP server as the target, it would let an attacker „create arbitrary files, directories or symbolic links“ due to a symlink flaw.
In a talk at the Derbycon hacker conference in Louisville, Kentucky last week, researchers Adam Caudill and Brandon Wilson showed that they’ve reverse engineered the same USB firmware as Nohl’s SR Labs, reproducing some of Nohl’s BadUSB tricks. And unlike Nohl, the hacker pair has also published the code for those attacks on Github, raising the stakes for USB makers to either fix the problem or leave hundreds of millions of users vulnerable.