News
04 Aug 2017

The Friday Tech Takeaway - 04.08.17

Hack the Vote: During the recently completed DEF CON cybersecurity conference last week, several hackers managed to hack into multiple US voting machines... in some cases within minutes. Jake Braun, a cybersecurity expert at the University of Chicago, who sold DEF CON's founder Jeff Moss on the idea of creating the Voting Machine Village said "Without question, our voting systems are weak and susceptible. Thanks to the contributors of the hacker community today, we have uncovered even more about exactly how." https://github.com/josephlhall/dc25-votingvillage-report

Microsoft refuses to fix Server Message Blocks (SMB) server takedown: Back in 2009, an attack tool known as "Slow Loris" operated over HTTP web connections. A server-side resource depletion attack, it exhausted a server's incoming connection-handling capacity and required very little bandwidth from the attacker. Unlike traditional DDoS attacks, just one machine could bring a remote website to its knees, preventing legitimate visitors from obtaining access. Today, as revealed at last week's DEF CON, we have a similar server-side resource depletion attack using that troublesome version 1 of Microsoft's still-supported, yet long obsolete, file and printer sharing protocol known as SMB.

Sean Dillon of RiskSense was amongst the first researchers to analyze EternalBlue, the leaked NSA SMB exploit that was used to spread the WannaCry ransomware attack. It was during that analysis that Dillon uncovered this issue. “While working on EternalBlue, we observed a pattern in the way memory allocations were done on the non-paged pool of the Windows kernel. The non-paged pool is memory that has to be reserved in physical RAM; it can’t be swapped out,” Dillon explained. “That’s the most precious pool of memory on the system. We figured out how to exhaust that pool, even on servers that are very beefy, even 128 GB of memory. We can take that down with a Raspberry Pi.”

Broadpwn: Android and IOS compromised via Broadcom WiFi chipset bug: Until both Google and Apple both issued patches last month, an estimated one billion devices were vulnerable to this new, remotely exploitable worm attack which Exodus Intelligence's Nitay Artenstein has dubbed "Broadpwn."

At the Black Hat security conference, Nitay demonstrated proof-of-concept attack code that exploited this vulnerability which affects the widely and pervasively used BCM43xx family of WiFi chips manufactured by Broadcom. Nitay's attack fills the airwaves surrounding any compromised device with probes requesting low-level (no user alert or action required) connection requests to any and all nearby mobile smartphones. When the specially devised requests reach a device using the BCM43xx family of Wi-Fi chipsets, the attack rewrites the firmware that controls the chip. The compromised chip then sends the same malicious packets to other vulnerable devices, setting off a potential chain reaction. https://blog.exodusintel.com/2017/07/26/broadpwn/

Do you speak AI? Researchers at Facebook realized their bots were chattering in a new language. Then they stopped it. The real story not the over hyped version the press picked up on. https://www.fastcodesign.com/90132632/ai-is-inventing-its-own-perfect-languages-should-we-let-it

Apple pulls many iOS VPN clients from its Chinese App Store: The makers of those VPN applications were up in arms over Apple's "capitulation" to pressure from the Chinese government. They were claiming that this was a human rights issue and were "disappointed" in Apple. https://www.cnbc.com/2017/07/31/apple-removes-vpn-apps-in-china-app-store.html

WannaCry 'Kill Switch' Creator Arrested in Vegas: Federal authorities indicted and nabbed Marcus Hutchins, aka MalwareTech, for allegedly creating and distributing the Kronos banking Trojan. https://www.darkreading.com/threat-intelligence/wannacry-kill-switch-creator-arrested-in-vegas/d/d-id/1329556

Chinese Telecom DDoS Attack Breaks Record: A DDoS siege spanning more than 11 days has broken the record for the year, according to a report from Kaspersky Lab. DDoS attackers launched a 277-hour attack against a Chinese telecom company in the second quarter of 2017, registering a 131% hourly increase compared to the longest attack recorded earlier this year, according to a report released this week by Kaspersky Lab. https://www.darkreading.com/attacks-breaches/chinese-telecom-ddos-attack-breaks-record-/d/d-id/1329518

How the CIA disable security cameras Hollywood style: In last 20 years, we have seen hundreds of caper/heist movies where spies or bank robbers hijack surveillance cameras to either stop recording or set up an endless loop for covert operations without leaving any evidence. Whenever I see such scenes in a movie, I ask myself: Does this happen in real-life? The answer is yes, it does: http://thehackernews.com/2017/08/surveillance-camera-hacking.html

New standards for IoT devices: Almost everyone now owns at least one internet-connected device, collectively known as the "Internet of things”. Attempts are now being made in the US to introduce industry-wide security standards via the Internet of Things Cybersecurity Improvement Act of 2017 http://thehackernews.com/2017/08/iot-bill-security-standard.html

Alexa, are you spying on me? In light of the above, should we be worried about hackers turning your smart speaker into a covert listening device? Not if you’re not currently on the watch list of the NSA, CIA or your clever-than-average hacker. Despite reports of an Amazon Echo hack that allows n’er-do-wells to turn your smart speaker into a covert listening device, you shouldn’t be losing any sleep just yet. The hack is complex, requires physical access to the device and does not work on all devices. Yet. https://labs.mwrinfosecurity.com/blog/alexa-are-you-listening