Category: Seguridad Info.

Winston Smith Productions Inc. Idea Lab [Data Management] live data


SITE: https://sites.google.com/site/hackspergercorporation/home

President: Winston Smith CEO: Hacksperger Media: Er1cBl41r   Marketing: Stephen Roissy. We experimented with live data, create autonomous entities through complex instructions for certain purposes.

The active and Ethical Hacker   [Experiemntal tool for data collection]***** fase Beta 1.0
IDEA LAB
OBJECTIVEControls the teaching data “information” to self-manage their potential.
Data, data, data. Hack the universal code. [Knowledge increases the chances of understanding the present and shaping the future.
#HackUniversalCode  [disassembling toys*****
#HelloDave [The game of life*****
#werther-bureau [Deliberation plans***
#TheGarage [Small spaces, we intimate and private. Protected. Disconnected****
#ZombieFarm [We released Zombies, deprogramming, emptied brains Incorrect evolution, brain infections brutal treatment.*****
#SpecialBrains [Mental computers*****
 

Report: UK and US spies have cracked BlackBerry’s BES encryption


http://news.techworld.com/security/3467695/report-uk-and-us-spies-have-cracked-blackberrys-bes-encryption/

By Peter Sayer
Techworld
09 September 2013

The U.S. National Security Agency is able to read messages sent via a corporate BlackBerry Enterprise Server (BES), according to a report by German news magazine Der Spiegel. The purpose of this spying is economic or political, and not to counter terrorism, the magazine hints.


The report, published in English on Monday, cites internal documents leaked by former NSA contractor Edward Snowden.


Governments have long demanded that BlackBerry provide access to encrypted messages carried by its email and BlackBerry Messenger (BBM) services, to allow them to monitor for terrorist activity.


BlackBerry has complied in the case of its consumer-grade BlackBerry Internet Service (BIS), notably providing the Indian government with access to consumer messages. Indeed, Der Spiegel cited NSA documents claiming that since 2009, analysts have been able to see and read

[...]

--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/

Car immobilizer hacking [SIGINT13] Speaker: Karsten Nohl


lecture: Car immobilizer hacking

Car manufacturers nicely illustrate what _not_ to do in cryptography.

Immobilizers have for a long time increased the difficulty of stealing cars. Older immobilizer transponders defeated thieves by requiring non-trivial RF skills for copying keys. Current transponders go one step further by employing cryptographic functions with the potential of making car cloning as difficult as breaking long-standing mathematical problems. Cryptography, however, is only as strong as the weakest link of key management, cipher strength, and protocol security. This talk discusses weak links of the main immobilizer technologies and their evolution over time.

Speaker: Karsten Nohl
EventID: 5034
Event: SIGINT 2013 by the Chaos Computer Club [CCC] Cologne
Location: KOMED; Im Mediapark 7; 50670 Cologne; Germany
Language: english
Begin: 05.07.2013 17:00:00 +02:00
Lizenz: CC-by-nc-sa

SIM cards are prone to remote hacking by Karsten Nohl


https://srlabs.de/

SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets.

With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.

Cracking SIM update keys. OTA commands, such as software updates, are cryptographically-secured SMS messages, which are delivered directly to the SIM. While the option exists to use state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA, many (if not most) SIM cards still rely on the 70s-era DES cipher. DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM’s A5/1 cipher breakable by anyone.

To derive a DES OTA key, an attacker starts by sending a binary SMS to a target device. The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS. A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer.

MORE: https://srlabs.de/rooting-sim-cards/

SIM cards are prone to remote hacking

karsten-nohl

karsten-nohl

http://actualidad.rt.com/actualidad/view/100862-hacker-tarjeta-sim-rt-telefono

WEB FEMEN.ORG malicious attack


femen.org

femen.org

femen.org

Ataque

Ataque

¿Cuál es la clasificación actual de femen.org?

El sitio está clasificado como sospechoso; visitar este sitio web puede dañar su equipo.

Parte de este sitio ha recibido la clasificación de actividad sospechosa 8 veces en los últimos 90 días.

¿Qué sucedió cuando Google visitó este sitio?

De las 77 páginas que hemos comprobado en el sitio durante los últimos 90 días, 48 páginas han provocado la descarga e instalación de software malicioso sin el consentimiento del usuario. La última vez que Google visitó el sitio fue el 2013-03-25 y la última vez que se encontró contenido sospechoso en él fue el 2013-03-25.El software malicioso incluye 3 trojan(s). La infección ha provocado una media de 2 procesos nuevos en el equipo atacado.

El software malicioso está alojado en 40 dominios, incluidos u-qufxuqet9.kein.hk/ifici71alpol.rr.nu/anc75edt.rr.nu/

Parece que 5 dominios funcionan como intermediarios en la distribución de software malicioso a los visitantes de este, incluidos u-qufxuqet9.kein.hk/uinowi33thdrew.rr.nu/dvfnjjywg7.kein.hk/.

El sitio estaba alojado en 1 redes, incluidas AS26496 (26496).

¿Este sitio ha actuado de intermediario en la distribución de software malicioso?

Parece que en los últimos 90 días, femen.org ha funcionado como intermediario en la infección de 6 sitios, incluidos vk.com/away.php/t.co/findnews.ru/.

¿Este sitio ha alojado software malicioso?

No, este sitio no ha alojado software malicioso en los últimos 90 días.

¿Cómo ha sucedido esto?

En algunos casos, otras personas pueden añadir código malicioso a sitios legítimos, lo que podría provocar que mostrásemos el mensaje de advertencia.

Pasos siguientes:

———————————————————————————-

https://plus.google.com/communities/114637485542553432224

#ideas #action