Black Hat USA 2013 Day One – Latest News

Black Hat’s Barnaby Jack Statement:

We have lost a member of our family. Everyone would agree that the life and work of Barnaby Jack are legendary and irreplaceable. Barnaby had the ability to take complex technology and intricate research and make it tangible and accessible for everyone to learn and grow from. Beyond his work in our industry, Barnaby was an incredibly warm hearted and welcoming individual with a passion for celebrating life. We all have a hilarious and upbeat story about Barnaby. He is truly a shining example of what we love about this community. (Continue Reading…)

Latest BlackHat news, Courtesy of DarkReading:

‘Hangover’ Persists, More Mac Malware Found
Attackers behind the Operation Hangover cyberspying campaign out of India found dropping OS X malware, covering their tracks online

Researchers To Highlight Weaknesses In Secure Mobile Data Stores
At Black Hat USA, a team of mobile-security researchers plans to show off ways to circumvent the security of encrypted containers meant to protect data on mobile devices.

‘Tortilla’ Spices Up Active Defense Ops
New free Tor tool due out at Black Hat USA aims to make the Tor anonymizing network easier to use for all types of Intel-gathering

Black Hat USA 2013: Complete Coverage
Articles leading up to and live coverage from Black Hat USA 2013, July 27 – Aug. 1

UPCOMING EVENTS

Advertisements

Hacker Team takes over $80 Million Super Yacht

Cruise Ship Underway

Flaws in the GPS system have been known for a while now, but when a security team took over a 210 foot super yacht by spoofing a GPS signal, more than a few eyebrows were raised.

Using about $3,000 worth of equipment GPS expert Todd Humphreys and his security team from the University of Texas were able to take over the navigation system of a large ship in the Mediterranean.

“We injected our spoofing signals into its GPS antennas and we’re basically able to control its navigation system with our spoofing signals,” Humphreys told Fox News.

After spoofing the GPS guidance signal, Humphreys’ team took the ship through a series of turns, and navigational changes that if done by a real attacker, could have put the ship at great risk.

The ship Captain, Andrew Schofield and his crew could not detect anything amiss.

“Professor Humphreys and his team did a number of attacks and basically we on the bridge were absolutely unaware of any difference,” Schofield said. “I was gobsmacked — but my entire deck team was similarly gobsmacked”

This is very concerning as planes could also be attacked with similar techniques. A few months ago we talked about how plane controls could be attacked with SIMON and PlaneSploit.

GPS navigational navigational security need to be addressed and secured so this doesn’t happen in real life.

For more information see the original FoxNews article.

#OpIslam Attacks start a Day Early

OPIsrael

#OpIslam, cyber attacks against Islamic websites by pro Israeli supporters were supposed to start tomorrow. Well looks like they have begun already.

I have always been confused by the whole “Anonymous” group thing. They claimed to be a group for good, but as of late numerous radical Islamic groups seemed to have adopted the name and begun operating under the “Anonymous” tag, culminating in the “OpIsrael” cyber attacks.

The new #OpIslam attacks seem to be led by the group Israeli Elite Force.

Israel Elite

The odd thing in their #OpIslam promo video, they use the Anonymous tag name with the familiar “We are legion, we are everywhere…” bit.

Interesting move as I am sure many hackers who have been drawn to Anonymous early on probably aren’t too keen on being part of a group that now supports radical Islamic terrorism. The Israel Elite Force choice to create a new anonymous seems to be a divide and conquer move, pulling disenfranchised hackers from the “old” Anonymous and creating a “new” Anonymous to fight against radical Islam.

The whole Anonymous thing is a bit confusing anyway, as anyone it seems anyone can use the tag to perform political hacktivism in the name of their own good.

And inquiring minds want to know if “The Jester“, America’s Patriot Hacker will get involved in these operations. He normally hacks Jihad training websites and is in an ongoing war with the Anonymous collective. Will this new IEF Anonymous be an ally of convenience?

Well, anyways, what can the rest of us non-Anonymous supporters expect over the next few days or weeks?

A rise in hacks and counter hacks, as the two “Anonymous” groups battle it out in Cyber Space. Most likely websites will be DDoS’d, defaced and databases publicly dumped. The end results will most likely be many people who are just trying to run businesses online and earn a living will be disrupted.

Though on a side note, IEF seems to have much better graphic artists (see image at top of post).

Our recommendation to our friends in Israel is to make sure you have strong passwords on your internet connected systems and if possible use a proxy that defeats DDoS attacks.

And as always, we will pray for the Peace of Jerusalem (Psalm 122:6).

With Government Spying is the US Becoming a Police State?

PRISM_Collection_Details

News of the US PRISM government spying program was made public by whistle blower Edward Snowden. Yesterday the House voted to reject an amendment that would remove the authority for the government to collect phone use records of US citizens. With all of this monitoring and spying on its civilians, one would have to wonder, is the US becoming a police state?

According to information leaked by Snowden, which included 41 PowerPoint slides, industry leaders who participated in the program included Microsoft, Yahoo!, Google, Facebook, Paltalk, YouTube, AOL, Skype and Apple. The government program that, “extracts e-mail, audio, video, photos, documents, search history and logs” was started as early as 2007.

AlexanderPortraitOn Tuesday, General Keith Alexander, head of the NSA, urged Capitol Hill lawmakers to oppose the amendment that would defund the NSA phone collection program.

“We oppose the current effort in the House to hastily dismantle one of our Intelligence Community’s counterterrorism tools,” White House press secretary Jay Carney said in a late-night statement. “This blunt approach is not the product of an informed, open or deliberative process.”

Republicans and Democrats were divided amongst themselves on the issue. Some thinking the program necessary while others thought it a violation of constitutional rights.

“Have 12 years gone by and our memories faded so badly that we forgot what happened on Sept. 11?” said Rep. Mike Rogers (R-Mich.) chairman of the Intelligence committee.

Rep. Justin Amash, R-Mich., founder of the bill amendment, “told the House that his effort was to defend the Constitution and ‘defend the privacy of every American.'”

I find it odd that WH Press secretary would complain about the move to “hastily dismantle” part of the NSA’s data collection program, and that it was a “blunt approach” that was not “informed, open or deliberative.”

Many NY citizens were enraged over these same issues when in a secretive and hurried over-night session, NY Gov. Andrew Cuomo signed into law the NY SAFE act. One of the toughest gun control programs in the US. A law that is still opposed by many Upstate NY citizens and law enforcement officials as being unconstitutional.

Privacy and Civil Rights groups were also upset about how the citizens of Boston were treated when Law Enforcement groups were looking for the two Boston Bombers. Images of heavily armed military looking police units flooding the streets and performing mandatory door to door searches caused quite a stir.

Some think the searches were illegal, though there is an exception to the rule, exigent circumstances:

“An exigent circumstance, in the American law of criminal procedure, allows law enforcement to enter a structure without a search warrant, or if they have a “knock and announce” warrant, without knocking and waiting for refusal under certain circumstances. It must be a situation where people are in imminent danger, evidence faces imminent destruction, or a suspect will escape.”

Courts look at it differently when there’s a threat of public safety than if the police just want to search,” said Carol Rose, executive director of the ACLU of Massachusetts, in a phone interview with The Atlantic Wire.

Many seem to think that the monitoring of US citizens is necessary to prevent another 9/11 type terrorist attack. Many too are very upset and concerned about the erosion of American’s constitutional rights and privacy, with some thinking that the US is heading very rapidly to becoming a police state.

What do you think?