Hackin9
The National Institute of Standards and Technology (NIST) has published the final version of its guidance for federal agencies to ensure that sensitive federal information remains confidential when stored in nonfederal information ...
 

Several weeks ago, New York Times columnist Nick Bilton wrote about his car being broken into in front of him. After speaking with security researchers, Bilton arrived at the theory that his car was snatched with the help of a signal repeater that boosted the range of the keyless entry fob. That seemed like a reasonable explanation to us; we reported on a spate of car burglaries in southern California in 2013, arriving at a similar conclusion. In both cases, the work of a Swiss-based security expert named Boris Danev was central to pointing the finger at signal repeaters. This week, Bozi Tatarevic at The Truth About Cars wrote up his attempt to test this potential exploit in quite some detail.

Danev's 2010 paper "Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars" demonstrated the vulnerability of keyless entry fobs to signal amplification, but doing so required a lab bench full of equipment, and an AC power supply. Tatarevic was unable use Danev's approach to create a low-cost cordless signal amplifier and instead concludes that the burglaries were more likely the result of a brute force attack against the rolling codes that some manufacturers use for their unlocking signals.

Tatarevic bases this on the work of Silvio Cesare, another security researcher who demonstrated such an attack at last year's Black Hat conference. That attack involved using a laptop and a software-defined radio (SDR) to send the car code after code until the right one unlocked the doors, something that could take up to two hours. That could fit with the facts; in each burglary, the cars had been parked for some time. This trick would also only unlock the car, unlike amplifying the signal of a keyless entry system, which would allow the car to be started, if only once.

Read 2 remaining paragraphs | Comments

 

Researchers have unearthed dozens of Android apps in the official Google Play store that expose user passwords because the apps fail to properly implement HTTPS encryption during logins or don't use it at all.

The roster of faulty apps have more than 200 million collective downloads from Google Play and have remained vulnerable even after developers were alerted to the defects. The apps include the official titles from the National Basketball Association, the Match.com dating service, the Safeway supermarket chain, and the PizzaHut restaurant chain. They were uncovered by AppBugs, a developer of a free Android app that spots dangerous apps installed on users' handsets.

AppBugs CEO Rui Wang told Ars that the Match.com app uses unencrypted hypertext transfer text protocol when sending user passwords, making it trivial for people in a position to monitor the traffic—such as someone on the same Wi-Fi network—to read the credentials. Other apps, such as NBA Game Time and those from Safeway and PizzaHut use HTTPS encryption but don't implement it correctly. As a result, a man-in-the-middle attacker can use a self-signed or otherwise fraudulent digital certificate to read the login data.

Read 4 remaining paragraphs | Comments

 
Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability
 
Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability
 
Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability
 
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability
 

IT PRO

Infosec 2015: Has GCHQ lost the cyber security plot?
IT PRO
Infosecurity 2015 has been a great place to be if you care about IT security either from the vendor or enterprise perspective. The biggest event of its type in Europe, you would have expected a big-hitter to open things and that's what you got in the ...

 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: Security Report Summary
 
LinuxSecurity.com: - Update to 1.3.11This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability.Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-1.3.11-released
 
LinuxSecurity.com: update to 1.4.20
 
LinuxSecurity.com: Inject pyOpenSSL. https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning https://urllib3.readthedocs.org/en/latest/security.html#pyopenssl
 
LinuxSecurity.com: Inject pyOpenSSL. https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning https://urllib3.readthedocs.org/en/latest/security.html#pyopenssl
 
LinuxSecurity.com: - Update to 1.3.11This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability.Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-1.3.11-released
 
LinuxSecurity.com: Security Report Summary
 
[SECURITY] [DSA 3292-1] cinder security update
 
DUO Security push Timing Attack
 
Internet Storm Center Infocon Status