Man-in-the-Middle | Breaking Cybersecurity News | The Hacker News

Paul F Renda give an overview that, What and how new long distance and short distance Dead drop techniques are used by National Security Agency for secure communications. What is a dead drop? It is methods that spies use or have used to communicate with associates who have information for them. The dead drop allows them to exchange information without having actual physical contact with each other. The person leaving the information can leave it under a rock or a can or bush. A special type of empty spikes that can be dropped into holes has also been used drop information. The person leaving the information also leaves some kind of signal the drop was made. The signal could be a chalk marks on a tree or pavement. Someone views the signal and retrieves information. Some more unusual dead drops have used dead animals like rabbits, rats and large birds to hide the information. These have been used by both the CIA and KGB. The one problem with this type of dead drop is that other

The Israeli military has set plans to boost its cyber warfare capabilities with a better Cyber Army by expand its Unit 8200. " It has become clear that the demand for soldiers in this field is growing, which is why we're searching for solutions not only in Israel but abroad as well ," a top officer in the Manpower Directorate. Unit 8200, Israel's equivalent to the NSA, is undergoing a massive expansion. The U.S. Army ad slogan may be: " The Army needs a few good men ." But IDF Unit 8200′s slogan is: " The IDF needs a few good hackers ." Actually not a few, more like hundreds if not thousands. The disclosure comes amid recent reports that the Israeli army is working to enhance its cyber-warfare abilities. Military intelligence chief Maj.-Gen. Aviv Kochavi is slated to invest 2 billion shekels (525 million U.S. dollars) to that end in the coming years. " The military officials are tasked to track "young computer geniuses" and persuade them to immigrate to Israel for

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

The most common approach to protect data during communication on the Android platform is to use the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols. Thousands of applications in the Google Play market that are using these implementations. A group of researchers including Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith from Distributed Computing & Security Group - Leibniz University of Hannover, Hannover, Germany and Lars Baumgärtner, Bernd Freisleben from Department of Math. & Computer Science - Philipps University of Marburg, Marburg, Germany, have presented a paper that  most of these applications contain serious mistakes in the way that SSL/TLS is implemented, that leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Tests performed on 100 selected apps confirmed that 41 of them were vulnerable to known attacks.  The

" Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer ." From last 3 months Google users were surprised to see this unusual notification at the top of their Gmail inbox, Google home page or Chrome browser. These warnings are not being shown because Google's internal systems have been compromised or because of a particular attack. " The company said that since it started alerting users to malicious probably state-sponsored activity on their computers in June, it has picked up thousands more instances of cyberattacks than it anticipated. "  NYtimes said. Google will now start sending out these messages to tens of thousands more people, as its methods for detecting suspicious activity have improved. Mike Wiacek, a manager on Google's information security team, said that since then, Google has improved its knowledge on attack methods and the groups behind them, and has started pushing out new alerts on Tuesday - as evidenced b

According to reports, some of the United States biggest financial institutions  including Wells Fargo, JPMorgan Chase, Bank of America, Citigroup, and Bancorp were hit by a series of cyber attacks last week, by a group claiming Middle Eastern ties, that caused Internet blackouts and delays in online banking. The banks suffered denial-of-service attacks, in which hackers barrage a website with traffic until it is overwhelmed and shuts down. Such attacks, while a nuisance, are not technically sophisticated and do not affect a company's computer network or, in this case, funds or customer bank accounts. Hacktivists, calling themselves " Mrt. Izz ad-Din alQasssam Cyber Fighters ," attacked Wells Fargo and posted on Pastebin that U.S. Bancorp and PNC Financial Services Group are next. The group said it had attacked the banks in retaliation for an anti-Islam video that mocks the Prophet Muhammad. It also pledged to continue to attack American credit and financial instit

Oracle suffered with serious vulnerability in the authentication protocol used by some Oracle databases. This Flaw enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user's password. A researcher - Esteban Martinez Fayo, a researcher with AppSec tomorrow will demonstrate a proof-of-concept attack. Martinez Fayo and his team first reported the bugs to Oracle in May 2010. Oracle fixed it in mid-2011 via the 11.2.0.3 patch set, issuing a new version of the protocol. " But they never fixed the current version, so the current 11.1 and 11.2 versions are still vulnerable ," Martinez Fayo says, and Oracle has no plans to fix the flaws for version 11.1. The first step in the authentication process when a client contacts the database server is for the server to send a session key back to the client, along with a salt. The vulnerability enables an attacker to link a specific session key with a specific password hash. Th

Bank of America's website experienced periodic outages Tuesday due to cyber attacks launched in retaliation for " Innocence of Muslims ," the amateurish film whose mocking portrait of the Prophet Muhammad has incited deadly riots throughout the Middle East. " Cyber fighters of Izz ad-din Al qassam " said it would attack the Bank of America and the New York Stock Exchange as a "first step" in a campaign against properties of " American-Zionist Capitalists ." " After Successful attack to YouTube Servers in recent days made by Muslims around the world, many groups announce that they are ready to do similar attacks.When supporter of that sacrilegious movie try to punish the cast and crew, the publisher included, this story will end until that time these kinds of Cyber Attacks will be continued and the Cyber world will be an unsafe place for all of Enemies of Islam. " Hackers posted on their blog . People around the country reported on

Anonymous hacker Barrett Brown was arrested by the FBI last night, his apartment raided while he was in the middle of a live TinyChat session. For those that may not be familiar with Brown, he came to some notoriety last year for allegedly mounting an operation against the Zeta drug cartel in Mexico after they had kidnapped a member of Anonymous. Brown claimed to hold the names of 75 Zeta collaborators, which he threatened to release to the press unless the Anon member was set free. Brown is the founder of Project PM and has worked closely with the Anonymous hacker collective on several past operations. This is not the first time that Barrett Brown's home has been raided. Six months ago the FBI came knocking on Brown's door and confiscated his laptop, but no charges were filed against him. That incident followed the arrest of then-LulzSec leader Sabu, or rather Hector Xavier Monsegur, who then turned informant in exchange for leniency, although it's also been suggested that Sabu was

In JULY Kaspersky Lab and Seculert revealed the presence of a new cyber-espionage weapon known targeting users in the Middle East. Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread. The malware, known as 'Mahdi' or 'Madi', was originally discovered by Seculert. In addition to stealing data from infected Windows computers, it is also capable of monitoring email and instant messages, recording audio, capturing keystrokes and taking screenshots of victims' computers. Working together, researchers at Seculert and Kaspersky sinkholed the malware's command and control servers and monitored the campaign. What they found was a targeted attack that impacted more than 800 victims in Iran, Israel and other countries from around the globe. Israeli security company Seculert said it had identified about 150 new victims over the past six weeks as deve

How Hacker culture has contributed to the rise of the United States economy and one possible reason why it is now in decline…   by  Paul F. Renda,  Author at  The Hacker News Magazine This article is about how hacker culture has benefited the economy of the United States. It represents the creative, ingenious and innovative ideas that characterize the U.S. Also, how this sub-culture was created by the first US hacker Benjamin Franklin... Countries of the world marveled at The United States and its innovation, creativity, devices, ideas, gadgets and large middle-class. This innovation comes from the culture of a specific group. We have a hacker type culture, and when I say hacker type culture, it's not just a culture of hacking computers and electronic components, but a culture of hacking (reverse engineering) whatever innovative idea or high technology of the time. The high technology of Franklin's era could be farm implements, stoves (Franklin), light bulbs, steam engines, telephon

A new cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab , a leading computer security firm. After Stuxnet, Duqu, and Flame, this one seems to mainly spy on computer users in Lebanon. It's been dubbed Gauss (although Germanic-linguistic purists will no doubt be complaining that it should be written Gauß). Gauss is a complex cyber-espionage toolkit, highly modular and supports new functions which can be deployed remotely by the operators in the form of plugins. The currently known plugins perform the following functions: Intercept browser cookies and passwords. Harvest and send system configuration data to attackers. Infect USB sticks with a data stealing module. List the content of the system drives and folders Steal credentials for various banking systems in the Middle East. Hijack account information for social network, email and IM accounts. The researchers at Russia-based Ka

Flame Malware Spread Via Rogue Microsoft Security Certificates Microsoft released an emergency Windows update on Sunday after revealing that one of its trusted digital signatures was being abused to certify the validity of the Flame malware that has infected computers in Iran and other Middle Eastern Countries. The patch revoked three intermediate Microsoft certificates used in active attacks to "spoof content, perform phishing attacks, or perform man-in-the-middle attacks".Microsoft also killed off certificates that were usable for code signing via Microsoft's Terminal Services licensing certification authority (CA) that ultimately "chained up" to the Microsoft Root Authority.The authority issued certificates for users to authorise Remote Desktop services in their enterprises. The Microsoft blog post explains that a vulnerability in an old cryptography algorithm is exploited by some elements of Flame to make them appear as if they originated from Microsoft. Most systems around t

Flame Malware - 21st Century Massive cyber attack on Iran A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyber-espionage operation. The Flame computer virus not only stole large quantities of information from various Iranian government agencies, but apparently even disrupted its oil exports by shutting down oil terminals, information security firm Symantec Israel said yesterday. The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union. As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame. Iran's National Computer Emergency Response Team (Maher) said in a statement that the detection and clean-up tool was finished in early May and is now ready for distribution to organisations a

GFI WebMonitor - Web monitoring and Security With all the threats that Internet access can present to your users and your data, web security software is one of the most valuable investments you can make in your information security. Any solution should offer the following key protections: 1.       Site blocking 2.       Antivirus 3.       Reporting and logging GFI WebMonitor offers all that and more. GFI WebMonitor Unified Security includes both the web filtering and anti-malware capabilities, and can be installed as a standalone server or as an add-on to ISA or TMG. This web security suite can be installed on its own server or as a plug-in for TMG, and GFI offers a free 30-day-trial so you can evaluate it risk-free. Installation:  The installer for the TMG plug-in is straight-forward only requires a service restart, not a reboot. During the installation, you can choose to enable the optional HTTPS traffic inspection, which functions by dynamically creating certificates and acting a

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability Description : [+]Autopwn - Used From Metasploit For Scan and Exploit Target Service [+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin [+]format infector - inject reverse & bind payload into file format [+]phpmyadmin - Search Target phpmyadmin login page [+]lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF [+]apache users - search server username directory (if use from apache webserver) [+]Dir Bruter - brute target directory with wordlist [+]admin finder - search admin & login page of target [+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks [+]MITM - Man In The Middle Attack [+]Java Applet Attack - Java Signed Applet Attack [+]MFOD Attack Vector - Middle Finger Of Doom Attack Vector [+]USB Infection Attack - Create Executable Backdoor For Infect USB For Windows Download WebSploit Toolkit V.1.6

zDefender - Enterprise smartphone IDS/IPS released by Zimperium Do you recall the security firm Zimperium which came out with ANTI , the killer Android app that allowed even the clueless to hack and pwn like a pentester? Zimperium, an Israeli security start up founded by Zuk Avraham, a world-renowned hacker and security researcher, has debuted its latest product, the zDefender at DEMO in Santa Clara, California. Called zDefender , this product can detect malicious attacks and take proactive measures to reduce threats via automatic preventive traffic filters and a remote management console. With the onslaught of mobile malware, everyone should have antivirus up and running immediately after purchasing a smartphone. You'd think you were protected from various attacks like man in the middle (MITM) attacks ? At DEMO Spring 2012 , Zuk planted 2 Routers, providing 3 Access points, which have claimed about 3,000 mobile device victims so far. zDefender is able to do this by using Zimpe

50K Cards Compromised using Credit Card Processor Some 50,000 credit and debit cardholders may have their information exposed following a security breach at Global Payments. The breach occurred sometime between between Jan. 21, 2012 and Feb. 25, 2012. Both Visa and MasterCard have confirmed they have warned U.S. banks that a credit card processor was reportedly breached. Both firms say their own security systems were not compromised. MasterCard said law enforcement has been notified of the matter and an "independent data security organization" is conducting a forensic review of the matter. " MasterCard's own systems have not been compromised in any manner, " a company spokesman said in a statement. The company will " continue to both monitor this event and take steps to safeguard account information ." Because it sits in this middle ground directing where payment information goes, an attack on its system would leave a lot of private financial data

FBI Cyber Chief Says U.S. Losing War Against Hackers FBI is struggling to combat cyberattacks by hackers. "We're not winning," FBI executive assistant director Shawn Henry said. Four top government cybersecurity officials have basically come out to say America is getting her hiney kicked in cyberattacks by nation state hackers. Shawn Henry, who is getting ready to leave the bureau after more than two decades with the law enforcement agency, says the United States is falling behind in the ongoing fight against cyber ne'er-do-wells. " Your government failed you ," testified Richard Clarke, a former cybersecurity and cyberterrorism advisor for the White House. He said that to Congress about 9/11, but now he's warning the people that we are defenseless when it comes to cybersecurity; our government has failed us again. Clarke stated, " Every major company in the United States has already been penetrated by China ." Who declared this war and

Six National Television Stations of Iran Hacked Co-Cain Warriors hackers today hack into 6 National Television Stations of Iran including Broadcasting Elam Center, IRIB Kermanshah Center, IRIB Kerman and 3 more. Hacker upload the deface page on their server and announce the day as " HappY 7Sin Day ". With growing conflicts in middle east more intrusions and DDOS attack on Iranian websites. Iran has been identified as the main cyber threat to the United States,Israel and European Countries. Yesterday we also report that, Iran's cyber defense headquarters has succeeded in making internal mail servers which would enable Iranian organizations and bodies to use local email addresses. Also last week, Iran launched a sophisticated cyber-attack against BBC Persian TV, according to the BBC News. The Reason behind this attack is part of a broader attempt by the government to disrupt the BBC's Persian service. This attack follows various tactics by the Iranian government, s

Malicious Android application stealing banking credentials A new form of smart Android malware can not only steal your online banking information, but update itself in the future and secretly send contact information stored on your device off to the Bad Guys. Security researchers at McAfee have discovered a malicious Android application capable of grabbing banking passwords from a mobile device without infecting the user's computer. From a McAfee blog post on the subject, penned by Malware Researcher Carlos Castillo: " To get the fake token, the user must enter the first factor of authentication (used to obtain initial access to the banking account). If this action is not performed, the application shows an error. When the user clicks "Generar" (Generate), the malware shows the fake token (which is in fact a random number) and sends the password to a specific cell phone number along with the device identifiers (IMEI and IMSI). The same information is also sent to one of the co