How Your Computer Gets Hacked in Under a Minute

Sept. 27 (Bloomberg) – With just a few clicks, hackers can access all of your online information and stay in your system for years. Bloomberg’s Megan Huges talks to the experts to show you how it’s done. (Source: Bloomberg)

iTunes accounts plundered, Apple's App store needs better control mechanisms

"iTunes accounts have been compromised by money-loving criminals. It all started on Sunday, when The Next Web noticed that the list of the top 50 best selling application in the "Books" category contained 40 applications from the same application developer - one Thuat Nguyen."

iTunes accounts plundered, Apple's App store needs better control mechanisms

Google Dumps Microsoft Windows Company-Wide!

"Employees wanting to stay on Windows required clearance from “quite senior levels”, one employee said. “Getting a new Windows machine now requires CIO approval,” said another employee."

Macintosh = Hacker-Proof?

Charlie Miller has a habit of upending Apple's security claims.

Charlie A. Miller loves his Macbook Pro laptop. And his four other Apple ( AAPL - news - people ) PCs, the iPhone he uses daily and two older iPhones he keeps for tinkering. But his relationship with the company that created those gadgets is somewhat more complicated.

In March, for instance, the 36-year-old security researcher publicized his discovery of 20 security vulnerabilities in Apple's software. Each would allow a cybercriminal to take over the computer of a user who's tricked into opening a certain PDF attachment or who simply visits an infected Web page using Apple's Safari browser.

That haul of bugs is a record even for Miller, who over the last four years has become perhaps the world's most prominent Mac hacker. It may also be definitive proof that Apple devices aren't safe "right out of the box," as the company has claimed for years. "When I first began saying that Macs were less secure than Windows, everyone thought I was an idiot," says Miller. "So I had to prove it again and again and again."

In 2007 Miller became the first to hack the iPhone, using a flaw in its Safari browser to remotely gain control of the not-so-smart phone. Six months later he hacked a Macbook Air in two minutes at a competition in Vancouver. Last summer he revealed a method that allowed him to virally hijack the iPhone using text messages spread via a user's contact list.

Miller says his latest research doesn't aim to show off his elite hacking skills,most of which he learned over five years as a global network exploitation analyst for the National Security Agency. Instead, he wants to show just how easy it is to find chinks in the armor of commonly used software. Miller used a technique known as "dumb fuzzing" to find flaws. He ran the procedure more persistently than most hackers, leaving his fuzzing program to throw junk information at each target for three weeks before mining the data for exploitable flaws.

As for Apple, Miller says the company has learned to accept, if not appreciate, his work. He usually gives Apple weeks of notice before publicly describing its bugs. "They're always very polite," he says. "But I suspect they wish I didn't exist."

Read the full story at Forbes.com by Andy Greenberg

Updated:
Apple Patches Pwn2Own Bug

Attention Members of the dark side. The Evil emperor has given you a gift

So do you use Microsoft Windows? Do you want to help stop your system from being hacked or getting a virus? If you use Windows 7, Vista, XP then Microsoft is offering you free software called Microsoft Security Essentials all you have to do is download and install it and yes it's free!

Change your default web browser

After you install Microsoft Security Essentials you should download and start using FireFox or Google Chrome even Safari as your default web browser.

Lock down Internet Explorer

After you have your new web browser installed launch your copy of Internet Explorer. Just launch if it's in the tray, or you use Windows Update, however it is you get IE going. And then under the Internet Options icon, which generally most recently has looked like a little gear, you open that, go to the bottom line on the menu, which is Internet Options, and then choose the Security tab. That's where it shows you those zones. Now set your security to high. So you then need to, on the trusted zone, add *.windowsupdate.com and *.microsoft.com. So essentially what you've done is turned IE into a browser only useful for going to Microsoft and using Windows Update. You've also locked it down so that in Outlook there's no scripting and no permissions to run ActiveX controls and none of these things that are dangerous. So if you're going to view email, it's as safe as it could be using Outlook by having IE locked down.

Other Security issues

After Windows (remember Microsoft update is your friend) and Explorer hackers often get into your system via outdated Adobe software. So go and update your Adobe Acrobat reader and Adobe Flash software.

So, just how did Google get hacked?

Security expert Graham Cluley asks whether infected PDFs were to blame

UPDATE: The vector for the attack on Google has since been confirmed as Internet Explorer.

Earlier this week the internet was rocked by a blog post from Googlerevealing that it had been the victim of a targeted attack from Chinese hackers, and was planning to express its outrage by no longer censoring the Chinese version of its search engine.

Google said that it and at least 20 other large companies had been on the receiving end of the "highly sophisticated and targeted attack", which resulted in the theft of intellectual property and the attempted access of Gmail accounts belonging to Chinese human rights activists.

Although targeted attacks are nothing new, it is very unusual for a corporation to be so upfront about an attack, and to pinpoint the blame in a clear direction.

Google, however, must be feeling fairly confident about its facts to so clearly imply that the Chinese state may have been responsible for the hacking attempt.

But how did the hack happen, and how can other companies and individuals protect themselves from similar attacks in the future?

Read the full story

Microsoft admits IE fault in Google China hack

"One of the vectors..."

Microsoft has confessed that a flaw in Internet Explorer was "one of the vectors" used in the attack on Google, with an investigation by McAfee revealing some of the details.

McAfee has been brought in by a number of companies attacked, and they insisted that there was nothing to substantiate the claimsthat Adobe's notorious PDF software could be responsible.

"We have never seen attacks of this sophistication in the commercial space," said Dmitri Alperovitch, a Vice President of Research with McAfee.

"We have previously only seen them in the government space."

Read the full story

German government warns citizens off IE!

"Don't use IE 6, 7 or 8 and switch browser," says Federal Office

"The German government's Federal Office for Information Security is warning computer users in the country NOT to use Microsoft Internet Explorer due to recent security scares.

The state organisation has issued the warning following Microsoft's admission that IE was a 'vector' in the recent attacks on Google in China.

The German government is thus advising its citizens to use alternative browsers such as Mozilla's Firefox, Google Chrome, Apple Safari or Opera."

Read the full story

Several Restaurants Sue Vendor for Unsecured Card Processor

"Seven restaurants have sued the maker of a bank card-processing system for failing to secure the product from a Romanian hacker who breached their systems.

The restaurants, located in Louisiana and Mississippi, filed a class-action suitagainst Georgia-based Radiant Systems for producing a point-of-sale (POS) system that they say was not compliant with payment card industry security standards and resulted in an undetermined number of customers having their debit and credit card numbers stolen.

The suit alleges that the system stored all the data embedded on the bank card magnetic stripe after the transaction was completed — a violation of industry security standards that made it a high-risk target for hackers.

Also named in the suit is Computer World, a Louisiana-based retailer, which sold and maintained Radiant’s Aloha POS system.

According to plaintiffs, Computer World’s technicians allegedly installed the remote-access program PCAnywhere on the systems to allow its technicians to fix technical problems from off-site. The only problem is, the company failed to secure the program. The suit alleges that the system was not up to date with software patches, and the PCAnywhere remote log-in and password that technicians used to access the POS systems was the same at every one of the 200 Louisiana locations where the system was installed. According to one of the plaintiffs who spoke with Threat Level, the default login was “administrator” and the password was “computer.”

As a result, a hacker, believed to be based in Romania, accessed the systems of at least 19 businesses through the PCAnywhere software, and possibly others plaintiffs say. "

Image courtesy California State Controller’s Office & Wired

Read the full story by Kim Zetter of Wired

SSL/TLS Zero-day flaw found in web encryption

"Security researchers Marsh Ray and Steve Dispensa unveiled the TLS (Transport Layer Security) flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its predecessor, SSL (Secure Sockets Layer), are typically used by online retailers and banks to provide security for web transactions.

The flaw in the TLS authentication process allows an outsider to hijack a legitimate user's browser session and successfully impersonate the user, the researchers said in a technical paper.

The fault lies in an "authentication gap" in TLS, Ray and Dispensa said. During the cryptographic authentication process, in which a series of electronic handshakes take place between the client and server, there is a loss of continuity in the authentication of the server to the client. This gives an attacker an opening to hijack the data stream, they said.

In addition, the flaw allows practical man-in-the-middle attacks against hypertext transfer protocol secure (Https) servers, the researchers said. Https is the secure combination of http and TLS used in most online financial transactions."

Read the full story at ZDnet UK

Unlock Any iPhone in Seconds!

Superstar iPhone hacker George Hotz has just released Blacksn0w, an addition to his latest Blackra1n iPhone jailbreaking application. Why would you want it? Because it will take any iPhone or iPod Touch and jailbreak it with one click. It will also unlock any iPhone and allow it to be used on any cell carrier, anywhere in the world. It even restores internet connection tethering for iPhones running the latest 3.1.2 software.

Better still, it does all this in a few seconds flat.

Apple patching nasty iPhone SMS vulnerability

Given the hype surrounding Apple's iPhone, we're actually surprised that we haven't seen more holes to plug over the years. In fact, the last major iPhone exploit to take the world by storm happened right around this time two years ago, and now -- thanks to OS X security expert Charlie Miller -- we're seeing yet another come to light.

Read the full story by by Darren Murph at engadget.

According to Miller, the attack "exploits a weakness in the way iPhones handle text messages received via SMS (Short Message Service)," but due to a prearranged agreement with Apple to keep the details out of the press, he refused to say more. In fairness, we're glad that he's passing the evidence onto Apple for it to mend up the problem before it becomes something more serious. For those unfamiliar with the name, Charlie Miller is a renowned expert on Mac OS X security, so while he's credited with finding the gap, he's certainly a "good guy" in all of this.

The only details Miller had were as follows: "The SMS vulnerability allows an attacker to run software code on the phone that is sent by SMS over a mobile operator's network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet."

Read the full story by at http://hothardware.com

Microsoft Warns of SQL Attack

Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software.

Microsoft issued a security advisory late Monday, saying that the bug could be exploited to run unauthorized software on systems running versions of Microsoft SQL Server 2000 and SQL Server 2005.

Attack code that exploits the bug has been published, but Microsoft said that it has not yet seen this code used in online attacks. Database servers could be attacked using this flaw if the criminals somehow found a way to log onto the system, and Web applications that suffered from relatively common SQL injection bugs could be used as stepping stones to attack the back-end database, Microsoft said.

Desktop users running the Microsoft SQL Server 2000 Desktop Engine or SQL Server 2005 Express could be at risk in some circumstances, Microsoft said.

read more | digg story

E-Passports Can Be Hacked and Cloned in Minutes

A computer researcher proved it by cloning the chips in two British passports and then implanting digital images of Osama bin Laden and a suicide bomber. Both passports passed as genuine by UN approved passport reader software. The entire process took less than an hour.

read more | digg story