opinions
Biggest hacker underground market going bust; what next?
DarkMarket.ws, the online forum better known as the biggest hacker market for trading stolen online identities, credit card information, ATM skimmers, and a host of other related items - is shutting down Oct 4 according to a notice posted on the forum by one of the forum administrators, Splyntr.
The shut down plan follows arrest of one of its administrators, Cha0 (Cagatay Evyapan), by Turkish police earlier this month.
The whole story is covered in great detail this story on Wired’s Blog, Threat Level. So, what’ next after DarkMarket.ws?
Videos from Black Hat 2008 - LA
Here’s a round-up of some of the interesting interviews from this year’s Black Hat event:
1. This year’s most popular Black Hat speaker - Dan Daminsky
Justice for largest hacking case ever
CNN is reporting that 11 people were charged yesterday for allegedly stealing more than 40 million credit and debit card numbers. The hacking incidents relating to the accused took place at various major retail outlets in the USA over the past three years.
The defendants come from U.S.; Estonia; Belarus; China, with one individual whose country of origin still remains unknown.
From the report:
Under the indictments, three Miami, Florida, men — Albert “Segvec” Gonzalez, Christopher Scott and Damon Patrick Toey — are accused of hacking into the wireless computer networks of retailers including TJX Companies, whose stores include Marshall’s and T.J. Maxx, BJ’s Wholesale Club, OfficeMax, Barnes and Noble and Sports Authority, among others.
The three men installed “sniffer” programs designed to capture credit card numbers, passwords and account information as they moved through the retailers’ card processing networks, said Michael Sullivan, the U.S. attorney in Boston.
RF Barrier Helps Deter Wardrivers
Meru Networks has introduced RF Barrier, a solution for wardriving threat that uses wireless technology itself to produce a barrier to protect corporate wireless networks.
The RF Barrier system involves mounting a specialized Wireless Access Point on the inside Wireless perimeter with an advanced antenna extending to the outside of the Wireless perimeter. The technology inspects the traffic in real time to differentiate the “sensitive” (internal) traffic from the outside traffic. Sensitive traffic is protected by the RF Barrier by simultaneously transmitting harmless, but stronger RF waves through the external antenna. The stronger RF waves in turn degrade the sensitive traffic outside the internal wireless perimeter, leaving the wardrivers with very weak or no signals to work with.
The official press release states:
RF Barrier is the first solution using exclusively 802.11 technology to offer wireless perimeter protection for organizations with regulatory requirements or policies regarding data privacy, such as retailers, financial and government institutions, manufacturers and health-care organizations. RF Barrier protects clients with legacy security mechanisms, such as handhelds and scanners equipped only with WEP or WPA/TKIP, as well as modern WPA2- and EAP-based networks, where it helps prevent the exposure of potentially exploitable information such as user identities. Furthermore, it provides physical wireless security in remote branch offices where no IT personnel are present to detect or stop an attack from outside the site’s physical boundaries.
Unexpected results when port scanning AS/400
Penetration testers often use port scanning as a first step to discover active hosts and to map-out active network services. This is often done without any hesitation once the written formalities are completed. That’s exactly what I did in one of my assignments that included AS/400 (now iSeries) systems, and things did not turn out as expected.
I issued an nmap service version and OS detection scan on the target network:
nmap -sV -O -iL case_4301_hosts_1.txt
All seemed to go well and I got my results, until about an hour later when the test subjects started to crawl and did not accept new requests. The system administrator ended up rebooting the affected systems which restored everything back to the way it was supposed to be. Good for me that it was a planned activity and no one was affected by it. Read the rest of this entry
RIM unable to honor India Gov demand
Canadian wireless device company, Research in Motion (RIM), maker of the popular Blackberry handheld communication device, has finally broken the silence surrounding Indian Government’ demands to handover the “keys” to decrypt secure email communications.
RIM claims that it not possible to handover the decryption keys and claims setting up a local datacenter would serve no purpose given the end-to-end security deployed in its solution. RIM further declared that its solution architecture is designed in a way that does not allow any third party including RIM to read the email data under any circumstances. Read the rest of this entry
