Wednesday, 3 December 2014

Free Hacking Tools You May Not Be Aware of

Here is a list of Free Hacking Tools that you may not have heard of
1.) Brakeman
is a vulnerability scanner for Ruby on Rails apps that also offers data flow analysis, following values from one part of a program to another. There is no need to set up an entire application stack to use the software, according to Justin Collins, author and maintainer of Brakeman.
While not exceptionally fast, Brakeman purports to be faster than “black box” scanners, with large applications taking mere minutes to scan. Users need to pay attention to false positives, though fixes to aid with them have recently been developed. Brakeman should be used with a website security scanner. Collins has no plans to extend it to other platforms, but developers are encouraged to look at the code.

2.) Cuckoo Sandbox
is an automated dynamic malware analysis system for examining suspicious files in an isolated environment.
“Its main purpose is to automatically execute and monitor the behavior of any given malware when launched inside a Windows virtual machine. When the execution is completed, Cuckoo will further analyze the collected data and produce a comprehensive report that explains what the malware is capable of,” says project founder Claudio Guarnieri.
Generated data includes native function and Windows API call traces, copies of created and deleted files, and a memory dump of the analysis machine. Processing and reporting can be customized, and resulting reports can be generated in various formats, including JSON and HTML. Cuckoo Sandbox began as a Google Summer of Code project in 2010.

3.) MozDef: The Mozilla Defense Platform
The Mozilla Defense Platform, aka MozDef, is aimed at automating the security incident handling process, enabling defenders to get what attackers have had: a real-time, integrated platform to monitor, react, collaborate on and advance their capabilities, according to project author Jeff Bryner.
MozDef expands traditional SIEM (security information and event management) functionality into collaborative incident response, visualizations, and easy integration into other enterprise systems, Bryner says. It uses Elasticsearch, Meteor, and MongoDB to collect a variety of data and retain it in whatever way is suitable. “You can view MozDef as a SIEM overlay on top of Elasticsearch that facilitates security incident response workflows,” Bryner says. The project started out as a proof of concept within Mozilla in 2013.

Indian IT entrepreneur pushes for greater UAE cyber security

Indian IT entrepreneur pushes for greater UAE cyber security
Saket Modi loves to sift through the gargantuan dead data large corporations use to fortify themselves against growing cyber security breaches. He cites the examples of the US retail firm, Target; the telecoms company, Nortel Networks; the e-commerce major, eBay; and closer to home the state-owned Saudi Arabian Oil Company, known as Saudi Aramco, which have all been the victims of cyber attacks in recent times.
Consider the case of Saudi Aramco. In 2012, Riyadh found that more than 30,000 computers of the company were hit by “spear-phishing”, disrupting production from the world’s largest exporter of crude oil.
It’s exactly these kind of events, Mr Modi’s enterprise Lucideus Tech, a cyber security start-up, would step in to plug the loopholes with intricate coding .
“We fortify the digital DNA of an organisation from across verticals who may be high on work experience but extremely low on cyber security knowledge,” explains Mr Modi, who was in Dubai recently to deliver a talk titled “Hacker – Yesterday, Today and Tomorrow”, at the iSafe Conference 2014, organised by the Information Systems Audit and Control Association’s (Isaca) UAE Chapter.
At only 25, the Indian cofounder and chief executive of the company, which has branches in New Delhi, Ahmedabad and Kolkata, proves why an IT professional’s success is often inversely proportional to his tender age.
The young entrepreneur was born in Howrah – the twin city of Kolkata, located across the Hooghly River and what was once known as the Sheffield of the East – and did his formative education from Kolkata. Born at the cusp of economic liberalisation and first-generation reforms in India, he was exposed to the coming of age of IT from his early teens. Having a father in the computer business – the senior Mr Modi runs a slew of computer training institutes in Kolkata – helped the son to be exposed to the wired world when he was barely a toddler. Cashing in on the IT boom and his innate love for computers, he graduated with a degree in computer science engineering from a Jaipur college two years ago, but unlike his peers he opted out of chasing the American dream.
He spurned a Dh1 million offer from a social media major a couple of years ago, and instead chose to become an entrepreneur. The timing could not have been more opportune.
The demand for cyber security has been exponentially growing in India, thanks to several instances of breaches and unethical practices. Mr Modi stepped up to the plate and has become a successful cyber security consultant for several ministries of Indian governments as well as C-level executives in large organisations across India, with several of his batch mates still going through the elementary rigours of coding as software developers. A stereotype that, he says in hindsight, he is happy to pass over.
The young entrepreneur reckons digital is the new buzzword across the globe. It is no longer a matter of choice, but a necessity.
He quotes Gartner’s forecast – “Digital Business is driving Big Change” – to illustrate his point.
Mr Modi feels the UAE is on the right track for digital innovation. He cites the recent announcement made by Dubai to invest Dh4.5 billion to make the emirate an innovation hub for global technology businesses and entrepreneurs as a case in point.
However, he warns that the UAE needs to be on its guard.
“With hackers evolving from anonymous teenaged pranksters to state-sponsored militants on the cyber space, the cyber warfare in the near future has a potential to cause massive destruction to a country or an enterprise, and that too with a couple of clicks on a device sitting thousands miles away and outside the ambit of legal jurisdiction of the target,” he warns.
Mr Modi offers a bespoke solution to the emerging threat perception.
According to him, the UAE, which is “quick and agile to adopt new technology”, needs to broadly tackle its core verticals such as banking and hospitality.
“As competition among banks hots up to seduce customers, technology and security can often be an unwitting casualty,” he says.
Mr Modi, who is seeking a tie-up with a like-minded company in the region, is upbeat about global spending on cyber security – he quotes the research firm MarketsandMarkets, which forecasts the allocation to grow to US$120 billion in 2017 from $80bn last year. “Today’s cyber risk cannot be mitigated, it needs to be embraced. Risk, today, is a conscious leadership decision,” he adds.

Syrian Electronic Army Hacks UK based Media Websites

Syrian Electronic Army (SEA), a pro-hacker group supposed to be aligned with Syrian President Bashar al-Assad has again gain media attention by compromising a number of popular news websites and displayed a Thanksgiving popups informing people that they’ve been hacked.
The Forbes, The Independent, The Chicago Tribune, The Daily Telegraph, The London Evening Standard, broadcaster CNBC, PC World and the US National Hockey League were among those popular websites affected by the group.
This time they apparently targeted a third-party widget that is used by all those compromised websites. It is being reported that the hacker group found a way into registrar GoDaddy to compromise DNS records for the Gigya, a customer identity management platform used by all the sites.
Although all site visitors were not affected by the attack, but some visitors using a line of Javascript were redirected to SEA web pages with the message “You’ve been hacked by the Syrian Electronic Army.
The visitors to the site were shown the above image. The Telegraph admitted it had been “compromised” and blamed a “third party” (which is Gigya) widget used by the website, the Telegraph tweeted after being hacked.
Some calls to Gigya domains were redirected to the hackers site or showed a hacking message to end users“, Gigya said in a statement to El Reg. “It might take some time until the changes propagate to all users. We have worked with GoDaddy to resolve the issue and the redirection was removed.”
A Twitter account linked to the SEA group claimed responsibility for attacking Global media organizations, appearing to link it to ISIS — a reference to the Islamic State terrorist organization, which is fighting against Syria’s President Bashar al-Assad.
Happy thanksgiving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians. #SEA,” said a message posted by the group to a Twitter feed.
The SEA group is the same hackers group popular for its advance phishing attack and using the same technique they also hacked into the Official Twitter account of Microsoft News, Xbox Support, Skype and also defaced the Microsoft, Skype Official Blog pages in the past.

Sony Pictures struggles as staff details, salaries and films leaked

It's getting worse for Sony: the latest data dump from the raid that's brought the company to an IT standstill includes the personal details of staff.
Documents leaked through BitTorrent show the names, home addresses, salaries (and bonuses), and social security numbers of thousands of staff, including executives.
Sony Pictures Entertainment could not be reached for comment at the time of writing.
Some 17 executives, from programming to advertising, were listed as having salaries over US$1m. Severance pays also appeared to be listed.
The beleaguered content king has recruited forensics mammoth Mandiant and the FBI to help track the attackers known only as the Guardians of Peace who broke into the network and wrought havoc.
Speculation has led to reports Sony was fingering North Korea as a possible target and that current and pending movies Fury and Annie leaked to BitTorrent were stolen from the company and not from regular sources.
It could have been quite an act of revenge if true: the firm was sent back to pen and paper during the height of the hack.
Sony Pictures has regained control of its technical networks after requesting staff disconnect personal devices from the compromised network.
In a bizarre statement an unnamed North Korean government official told the BBC the world will have to "wait and see" to learn of North Korean involvement in the hack. The Hermit Kingdom was thought by some to have popped the company in retaliation over the comedy film The Interview which mocks the country.
The leaks come as the FBI issued a restricted alert about malware it found that wipes hard drives and master boot records, and beacons home to servers in Thailand, Italy and Poland - the same infrastructure fingered by security bods PacketNinjas in July.

Alca-Lu security stuff goes virtual

Yet more of Alcatel-Lucent's portfolio has escaped its hardware prison to be virtualised: this time, it's the vendor's security solutions.
Alca-Lu's Motive Security Guardian (MSG) – based on technology that came with Kindsight Security Labs, which it acquired in April 2013 – is to be turned into a virtualised service, the company announced on December 1.
The vendor reckons the service processes 120,000 malware samples daily and keeps a database of 30 million “active” samples.
It's designed to live in a carrier's cloud, watching over end devices and identifying malware instances without needing end-user installation.
MSG is also supporting Alcatel-Lucent's network function virtualisation (NFV) strategy: it will be integrated into CloudBand 2.0 platform, so carriers can quickly spin up new instances if there's a malware outbreak they need to deal with. There's also (naturally) integration with the Motive customer management system.
The MSG system can fire off alerts to IT departments and customer care agents, the company says, as well as end users. El Reg can't help but wonder how the average punter is likely to react to a message saying “your device may be infected!” but at least the pros will know what's going on.
The latest announcement is part of a program that Alca-Lu has pursued throughout 2014 to virtualise its crown jewels. First announced in February, the NFV push started with mobile infrastructure. In November, the company decided its network edge routers also deserved the NFV treatment.

Not sure what RFID is? Can't hack? You can STILL be a card fraudster with this Android app

Cybercrooks have developed an Android app that makes it possible to hack RFID payment cards, researchers discovered after a Chilean transport system was defrauded.
The app at the centre of the scam hacked into the user’s radio frequency ID (RFID) bus transit card in order to recharge credits. The fraud-enabling Android tool, found distributed through forums and blogs and circulating in Chile, was detected by Trend Micro and detected as STIP-A.
After a slow start, paying via RFID cards is gradually becoming more popular as more mobile devices add Near Field Communication (NFC) support. Banks, merchants or public services issue RFID cards to their customers with prepaid credits.
RFID cards have therefore become an interesting target for cybercriminals. The Tarjeta Bip card hacking incident in Chile involved a malicious app that writes predefined data onto the card, raising the user’s balance to 10,000 Chilean pesos (approximately $16, £10).
The Android app used to facilitate the scam runs on a device equipped with NFC that is capable of reading and writing to these cards. "This particular trick will only work with this particular fare card, since it relies on the format of the card in question," according to an analysis of the malware by Veo Zhang, a mobile threat analyst at Trend Micro. "Using widely available tools, the attacker cracked the card’s authentication key. With the cracked key and the native NFC support in Android and the device, cloning a card and adding credits can be easily implemented in a mobile app."
Hackers were able to rewrite the card’s information despite not having the correct authentication keys because the Chilean cards are based on an older version of the MIFARE series of cards (MIFARE Classic), which is known to have multiple security problems. "An attacker is able to clone or modify a MIFARE Classic card in under 10 seconds, and the equipment (such as the Proxmark3), together with any needed support, is sold online," Trend Micro concludes.

Don't fret, your contactless bank card is likely NOT susceptible

Rob Miller, security consultant at MWR InfoSecurity, said techniques for hacking this type of card have been known about for at least six years.
“The Bip card is based on the MIFARE classic card," Miller explained. "This card is one of a range of RFID cards, each offering different levels of security for a relative cost.
"This particular type is one of the lowest cost cards available, but is also one of the most insecure. Methods to exploit this type of card were shown as early as 2007," he added.
Miller agreed with Trend's analysis that the fraud-enabling hack was possible because of weak crypto on an antiquated smartcard.
"Normally contactless smartcards contain sensitive information, so they protect this data using cryptographic functions that require the reader to know a key," Miller said. "The exploits found allow an attacker to recover data from the device and write new data to the device without initially knowing the key.
"In Bip's case, this exploit was built in to an Android app, which uses Android's NFC functionality to communicate with and edit the id and money values held on the owner's Bip card," he added.