Tag: Researcher | SpinSafe

Researcher takes on ransomware and the products for stopping it

March 8, 2024/in Internet Security

Ransomware, one of the most troublesome forms of cyber attacks, is in the crosshairs of a leading cybersecurity research outfit. The researchers at the MITRE Corporation’s Ingenuity program recently called for industry to help find out the effectiveness of cybersecurity products designed to help stop. For the answers, the Federal Drive with Tom Temin spoke with William Booth, the general manager of MITRE’s evaluations program.

Tom Temin And just a brief word on the ingenuity program, which is one of the major channels of MITRE’s work. And then tell us a little bit about the program that you specifically run for evaluating software.

William Booth Yeah. So I run a tech evaluations, which is born out of and based on either attack framework, which is really a way of describing cybersecurity tactics and techniques used in the real world. And we take that knowledge base and we apply it through evaluations to all the leading cohort of cybersecurity products.

Tom Temin In other words, you try to make sure that the products out there actually match and can take on what you know to be the real threats.

William Booth Yes. And that people have insights and a reference for performance on how they’re doing, both on the detections and on the protection side.

Tom Temin All right. And now the latest call out for industry to join with you, you’re looking at specifically what problem and what types of software?

William Booth We’re mostly focused this time on ransomware continues to be a leading issue both for private and for government. And so we’re tackling that through slightly different than before where we chose a single adversary. Here we’re using an amalgamation of multiple very prevalent and relevant ransomware attacks. And in addition to that, we’re also for the first time, introducing Mac OS, which is going to be focused on the DPR case activity. Recently, there’s a lot of products out there that cover Windows and Linux and also have Mac, but that’s kind of unknown right now on performance and where the benchmark is. And so we’re hoping to set that.

Tom Temin So the North Korea then is going after Macs for ransomware. And are they generally going after…

Source…

A security researcher has been sentenced for hacking into Nintendo and Microsoft’s servers

November 15, 2023/in Computer Security

A former security researcher at MalwareBytes, Zammis Clark, was sentenced earlier this week for breaching into Microsoft and Nintendo network servers and stealing confidential data, as well as usernames and passwords, according to The Verge. The attacker had also uploaded malware to the servers.

Clark, who was still working for MalwareBytes at the time of the Microsoft attack in January of 2017, had stolen around 43,000 files from the Redmond company’s servers thanks to the attack. After gaining access to the servers, he shared that access with other users on the internet as well, including Thomas Hounsell, who is known for running the now-defunct BuildFeed website. Hounsell used this route to gain information on Microsoft’s products through nearly 1,000 queries over a period of 17 days.

Clark was eventually arrested for his actions in June of 2017, but was released without any restrictions on computer use, so in March of last year, Nintendo also came under attack by the hacker. Clark gained access to the company’s game development servers and stole 2,365 usernames and passwords until he was caught in May. Between the Nintendo and Microsoft breaches, Clark caused damages anywhere between $2.9 and $3.8 million.

Clark had also been involved in a previous security breach around Vtech’s children toys in 2015, but hadn’t been accused since the company didn’t collaborate with the prosecution on the case and Clark walked free.

Clark will at least avoid any prison time, provided that no additional crimes are committed. Due to his autism and face blindness, in addition to the fact that Clark pleaded guilty to the attacks, Judge Alexander Miller decided that prison would be disproportionally harsh for the hacker. He was sentenced to 15 months of imprisonment, suspended for 18 months. He was also granted a Serious Crime Prevention Order which will mean an unlimited fine and up to five years of prison time should he commit any serious offenses for the next five years.

Thomas Hounsell, on the other hand, was sentenced to just six months of imprisonment, but the sentence…

Source…

Security researcher says Eufy has a big security problem

November 29, 2022/in Mobile Security

What you need to know

Security researcher Paul Moore has discovered several security flaws in Eufy’s cameras.
User images and facial recognition data are being sent to the cloud without user consent, and live camera feeds can purportedly be accessed without any authentication.
Moore says some of the issues have since been patched but cannot verify that cloud data is being properly deleted. Moore, a U.K. resident, has taken legal action against Eufy because of a possible breach of GDPR.
Eufy support has confirmed some of the issues and issued an official statement on the matter saying an app update will offer clarified language.

Update Nov 29 11:32 am: Added Paul Moore’s response to Android Central.

Update Nov 29 3:30 pm: Eufy issued a statement explaining what’s going on which can be seen below in Eufy’s explanation section.

Based on Eufy’s statement below, many of the issues Mr. Moore encountered will not appear so long as users don’t enable thumbnails for camera notifications. It’s these thumbnails that are being sent to the cloud for push notification purposes. No actual video footage is being sent to Eufy’s AWS cloud.

For years, Eufy Security has prided itself on its mantra of protecting user privacy, primarily by only storing videos and other relevant data locally. But a security researcher is calling this into question, citing evidence that shows some Eufy cameras are uploading photos, facial recognition imagery, and other private data to its cloud servers without user consent.

A series of Tweets (opens in new tab) from information security consultant Paul Moore seems to show a Eufy Doorbell Dual camera uploading facial recognition data to Eufy’s AWS cloud without encryption. Moore shows that this data is being stored alongside a specific username and other identifiable information. Adding to that, Moore says that this data is kept on Eufy’s Amazon-based servers even when the footage has been “deleted” from the Eufy app.

Furthermore, Moore alleges that videos from cameras can be streamed via a web browser by inputting the right URL and that no authentication information needs to be present to view said videos. Moore shows evidence that videos from Eufy cameras that are encrypted…

Source…

Evidence of New Twitter Features Leaked By Security Researcher

November 17, 2022/in Mobile Security

Security researcher and reverse engineering blogger Jane Manchun Wong discovered evidence that Twitter may be bringing end to end encryption to Twitter, plus two more possible changes that are fairly useful.

She made the information public via a series of tweets that leaked details of the new features still under development..

Trivial But Useful Change

The first change that’s coming is the removal of the source field.

The source field is the section beneath every tweet that tells what kind of device was used to post the tweet.

There must be a purpose for that feature but it’s not immediately apparent.

Ultimately this is a trivial change but probably useful in that it reduces clutter.

Yup. The source field is gone from the Tweet details view in this prototype https://t.co/ZTFOnfdXvP pic.twitter.com/KaCOFmKzLE

— Jane Manchun Wong (@wongmjane) November 16, 2022

End to End Encryption

End-to-end Encryption (E2EE) is a secure communication protocol that is completely private, with zero access from any other party other than those who are participating in the messaging.

In general this is a good idea. But there are also some who raise legitimate concerns about adding E2EE to messaging that might not necessarily be tied to a phone in the same way that WhatsApp and Telegram are.

Jane Manchun Wong Discovers Evidence

Jane Manchun Wong is notable reverse engineering expert who has been interviewed and profiled on sites like BBC News and MIT Technology Review.

According to the BBC profile on her:

“She discovered that Airbnb was testing a new flight integration feature that alerted hosts on the website when their guests’ planes landed safely.

And she sounded the horn when Instagram began experimenting with augmented reality profile pictures.”

MIT Technology Review wrote this about her:

“Wong, 27, has a preternatural ability to crack difficult code—along with a sizable Twitter following that includes some of the biggest names in tech and journalism.

As she gets into the back end of websites’ code to see what software engineers are tinkering with, they await her discoveries with interest. “

Exploring the Twitter Android app she recently discovered that the E2EE feature might…

Source…

Tag Archive for: Researcher

What you need to know

Trivial But Useful Change

End to End Encryption

Jane Manchun Wong Discovers Evidence