Skip navigation

Category Archives: Cyber Weapons

The Great DDoS Is A Shot Across The Bow

A massive DDoS against Dyn DNS today that made it difficult for large portions of the East Coast to access many popular websites (Twitter, Reddit and Spotify, to name a few), is very likely a warning shot fired by a state actor.  With the general election just around the corner, is this a sign of things to come?

CIA Overtly Preparing Cyber Strike – Is This the New Deterrence?

The CIA is apparently preparing for a cyber operation intended to embarrass Russia in retaliation for Russian hacking of US political targets.  This is the next logical step after publicly attributing the hacks to Russia, but one has to wonder if this is the proper way to implement deterrence in the cyber realm.  The principles of Mutually Assured Destruction are every bit as relevant today as during the Cold War, but if the US is going to start meeting tit  for tat, I expect NSA and CYBERCOM to start aggressively ramping up their recruitment efforts.

Hacking Back – A Frontier Dispute?

A recent article on DefenseOne has suggested that companies who are breached by attributable actors can ethically and legally hack back in retaliation, citing a 1984 lawsuit between the United States and Nicaragua. Based upon a skirmish in an unclaimed area of Antarctica, it was determined that no one would be held liable over ‘frontier disputes’, since no one has territorial claim to the area.

Apparently, since cyberconflicts happen in terra incognita, as long as no physical property is destroyed, retaliation for breaches are legal.  I suppose that any data is fair game, but if you start bricking devices or blowing up gas pipelines (like in 1982), you’re gonna have a bad time.

NATO to extend Article 5 protection to include cyber attacks

NATO’s Article 5 has traditionally been a provision that allows for any member state to invoke a collective military response to any land, air or sea military attack against their nation.  Effectively, an attack on one is an attack on all, and this rule played a large role in keeping the peace during the Cold War, with the USSR having its own version within the Warsaw Pact.

In June of this year, NATO stated that cyber attacks are now included under Article 5, allowing for a cyber attack on any member state to receive a collective kinetic military response. Hillary Clinton has made similar statements on the campaign trail, indicating that cyber attacks should be treated like any other attack.

What remains to be seen are any sort of solid guidelines for determining what qualifies as an attack and what qualifies simply as traditional espionage.  The differentiation between Computer Network Attack (CNA) and Computer Network Exploitation (CNE) are used within the US Government, but many aspects of each overlap.

The rules are in-place, but a precedent must be set before any type of true deterrence can come into play.

PHP Backdoors Collection

Need some nice webshells?  Your target is using PHP?  Try out this collection of PHP Backdoors!

ASUS Memory Management Exploit Dropped

http://rol.im/asux/

 

Arizona Cyber Warfare Range

I just want to take this moment to point out what an awesome site Arizona Cyber Warfare Range is.  They allow aspiring netsec students and hacker jedi alike to register on any of their hacking “live-fire ranges” and learn valuable skills.  With servers for Beginners, Intermediate, Advanced and Real World skill levels, this is an excellent resource for anyone interested in infosec or hacking.  They are a non-profit organization, so please drop them a donation if you can spare.

USB Armory Released

Using crowdfunding and open-sourced hardware design, the USB Armory (which is now for sale here (no affiliate links here) for $130), has been successfully funding and released.  Featuring a smaller form-factor than an Arduino or Raspberry Pi, the Armory is a USB stick-sized computer that can be used for any number of projects. The little stick sports of lot of power, as seen in the specifications (taken from the crowdfunding page):

Hardware

Software

The USB Armory hardware is supported by standard software environments and requires very little customization effort. In fact, vanilla Linux kernels and standard distributions run seamlessly on the tiny USB Armory board:

Connectivity

  • High Speed USB 2.0 On-The-Go (OTG) with full device emulation
  • full TCP/IP connection to/from USB Armory via USB CDC Ethernet emulation
  • flash drive functionality via USB mass storage device emulation
  • serial communication over USB or physical UART

Security

The ability to emulate arbitrary USB devices in combination with the i.MX53 SoC speed and fully customizable operating environment makes the USB Armory an ideal platform for all kinds of personal security applications. Not only is the USB Armory an excellent tool for testing the security of other devices, but it also has great security features itself:

  • ARM® TrustZone®
  • secure boot + storage + RAM
  • user-fused keys for running only trusted firmware
  • optional secure mode detection LED indicator
  • minimal design limits scope of supply chain attacks
  • great auditability due to open hardware and software

The support for ARM® TrustZone®, in contrast to conventional trusted platform modules (TPMs), allows developers to engineer custom TPMs by enforcing domain separation between the “secure” and “normal” worlds that propagates throughout all SoC components, as opposed to limited only to the CPU core.

At such a low price-point and with this many options, this could become a must-have for any cyber security practitioner. I plan to pick one up at some point and will hopefully write a review.

10 Million Passwords Released

Mark Burnett recently released a cache of 10 million real passwords. For those who do a lot of password cracking and hashing, this is very welcome news. The file is a compilation of various data dumps from website compromises over the course of several years, but the value of a cache of actual passwords, rather than generated wordlists, is very encouraging for this who would seek to break hashes. It is statistically a near certainty that, in a large enough group, you are much more likely to find two people who share the same birthday, than you are you find someone with a specific birthday.  If this principle holds true for password usage as well, this dump could be priceless for security researchers.

Magnet Link: Here

Disclaimer: BY DOWNLOADING THIS AUTHENTICATION DATA YOU AGREE NOT TO USE IT IN ANY MANNER WHICH IS UNLAWFUL, ILLEGAL, FRAUDULENT OR HARMFUL, OR IN CONNECTION WITH ANY UNLAWFUL, ILLEGAL, FRAUDULENT OR HARMFUL PURPOSE OR ACTIVITY INCLUDING BUT NOT LIMITED TO FRAUD, IDENTITY THEFT, OR UNAUTHORIZED COMPUTER SYSTEM ACCESS. THIS DATA IS ONLY MADE AVAILABLE FOR ACADEMIC AND RESEARCH PURPOSES.

Hardened Anti-Reverse Engineering System (HARES)

Security researcher Jacob Torrey has announced plans to unveil a system that he claims will make the reverse engineering of software (and malware) much more difficult, thanks to his new crypto-based project Hardened Anti-Reverse Engineering System (HARES).  By utilizing a feature of Intel and AMD processors known as Translation Look-aside Buffer Split, HARES will segment the memory of a program into data and instructions, then will encrypt the instructions portion with a key stored in the processor. This makes the use of traditional reversing and debugging tools (OllyDbg, IDA Pro, etc.) much more difficult.

Adding a new hurdle for malware-analysts causes security concerns, as traditional anti-malware solutions depend upon reverse engineering of the malware sample in order to develop countermeasures. HARES could allow black hat-types to operate with impunity, jeopardizing personal information and banking records for millions.

Not all is lost, however. Through the use of JTAG debugging tools for the processor itself, it may be possible to still intercept the code before it executes, although it would likely be in a lower-level language than the x86 or x64 assembly that is the lingua franca of malware analysts everywhere. Another possible attack against HARES is for reversers to intercept the decryption key when it is first passed to the processor, allowing for the encoded instructions in memory to be read freely.

Torrey plans to unveil his project at SyScan in March.