Engadget

WhiteHat Security hacks into Chrome OS, exposes extension vulnerability at Black Hat

Amar Toor — Sat, 06 Aug 2011 17:07:00 EST

It's been a rough Black Hat conference for Google. First, FusionX used the company's homepage to pry into a host of SCADA systems, and now, a pair of experts have discovered a way to hack into Chrome OS. According to WhiteHat security researchers Matt Johansen and Kyle Osborn, one major issue is Google's vet-free app approval process, which leaves its Chrome Web Store susceptible to malicious extensions. But there are also vulnerabilities within native extensions, like ScratchPad -- a note-taking extension that stores data in Google Docs. Using a cross-site scripting injection, Johansen and Osborn were able to steal a user's contacts and cookies, which could give hackers access to other accounts, including Gmail. Big G quickly patched the hole after WhiteHat uncovered it earlier this year, but researchers told Black Hat's attendees that they've discovered similar vulnerabilities in other extensions, as well. In a statement, a Google spokesperson said, "This conversation is about the Web, not Chrome OS. Chromebooks raise security protections on computing hardware to new levels." The company went on to say that its laptops can ward off attacks better than most, thanks to "a carefully designed extensions model and the advanced security available through Chrome that many users and experts have embraced."

WhiteHat Security hacks into Chrome OS, exposes extension vulnerability at Black Hat originally appeared on Engadget on Sat, 06 Aug 2011 17:07:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Black Hat hackers demo Square card skimmer, feed it stolen credit card numbers

Terrence O'Brien — Fri, 05 Aug 2011 17:17:00 EST

Here's some more fun out of Vegas, this time involving Jack Dorsey's Square and a little thing we like to call credit card fraud. Researchers from Aperture Labs (seriously) held two demonstrations at the Black Hat Conference. The first used a script, written by Adam Laurie, to convert stolen credit card data into a series of audio tones that were then fed to the Square app via the headphone jack on a phone -- removing the need to have a physical card. A second avenue of fraud, also using code authored by Laurie, turned the Square dongle into a skimmer. It intercepted incoming data, which is unencrypted, and spit out human readable numbers that could easily be used to clone a card. New hardware that encrypts information pulled from the magnetic strip is in the pipeline but, until then, it seems everyone's favorite smartphone-based payment service has some troublesome holes to fill.

Black Hat hackers demo Square card skimmer, feed it stolen credit card numbers originally appeared on Engadget on Fri, 05 Aug 2011 17:17:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Microsoft offers 'mad loot' Bluehat prize to entice security developers (video)

Sean Buckley — Fri, 05 Aug 2011 09:22:00 EST

Mere numbers aren't enough to describe cash prizes for Microsoft, it seems. The firm's inaugural Bluehat security competition's introduction video opted for a clearer term: "mad loot, lots of it." The big M hopes the hefty first prize of $200,000 will inspire the creation of the next generation of defensive computer security technology. The most innovative "novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities" (phew!) will take home the aforesaid mad loot, while second and third places will receive $50,000 and an MSDN Universal subscription, respectively. The winner won't be announced until Blackhat 2012, of course, and applicants have until April to submit their prototypes and technical descriptions. Hit the break for the official announcement video, complete with CG backgrounds and prize euphemisms.

Continue reading Microsoft offers 'mad loot' Bluehat prize to entice security developers (video)

Microsoft offers 'mad loot' Bluehat prize to entice security developers (video) originally appeared on Engadget on Fri, 05 Aug 2011 09:22:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Google search opens SCADA systems to doomsday scenarios

Joseph Volpe — Thu, 04 Aug 2011 05:26:00 EST

Google, the service so great it became a verb, can now add security risk to its roster of unintended results. The search site played inadvertent host to remotely accessed Supervisory Control and Data Acquisition (SCADA) systems in a Black Hat conference demo led by FusionX's Tom Parker. The security company CTO walked attendees through the steps required to gain control of worldwide utility infrastructure -- power plants, for one -- but stopped short of actually engaging the vulnerable networks. Using a string of code, unique to a Programmable Logic Controller (the computers behind amusement park rides and assembly lines) Parker was able to pull up a water treatment facility's RTU pump, and even found its disaster-welcoming "1234" password -- all through a Google search. Shaking your head in disbelief? We agree, but Parker reassured the crowd these types of outside attacks require a substantial amount of effort and coordination, and "would be extremely challenging to pull off." Panic attack worn off yet? Good, now redirect those fears to the imminent day of robot-helmed reckoning.

Google search opens SCADA systems to doomsday scenarios originally appeared on Engadget on Thu, 04 Aug 2011 05:26:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Hackers disguise phone as keyboard, use it to attack PCs via USB

Michael Gorman — Sun, 23 Jan 2011 02:02:00 EST

We've seen hackers use keyboards to deliver malicious code to computers, and we've seen smartphones used as remote controls for cars and TV -- but we've never seen a smartphone disguised as a keyboard used to control a computer, until now. A couple folks at this year's Black Hat DC conference have devised a clever bit of code that allows a rooted smartphone -- connected to a PC through USB -- to pose as a keyboard or mouse in order to attack and control the computer. The hack takes advantage of USB's inability to authenticate connected devices coupled with operating systems' inability to filter USB packets, which would enable users to thwart such an attack. While utilizing a digital costume to hack a computer is a nifty idea, it doesn't pose much additional risk to users because the method still requires physical access to a USB port to work -- and most of us would probably notice someone plugging a smartphone into our laptop while we're using it.

[Image Credit: Angelos Stavrou / CNET]

Hackers disguise phone as keyboard, use it to attack PCs via USB originally appeared on Engadget on Sun, 23 Jan 2011 02:02:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Researcher will enable hackers to take over millions of home routers

Sean Hollister — Wed, 21 Jul 2010 06:33:00 EST

Cisco and company, you've got approximately seven days before a security researcher rains down exploits on your web-based home router parade. Seismic's Craig Heffner claims he's got a tool that can hack "millions" of gateways using a new spin on the age-old DNS rebinding vulnerability, and plans to release it into the wild at the Black Hat 2010 conference next week. He's already tested his hack on thirty different models, of which more than half were vulnerable, including two versions of the ubiquitous Linksys WRT54G (pictured above) and devices running certain DD-WRT and OpenWRT Linux-based firmware. To combat the hack, the usual precautions apply -- for the love of Mitnick, change your default password! -- but Heffner believes the only real fix will come by prodding manufacturers into action. See a list of easily compromised routers at the more coverage link.

Researcher will enable hackers to take over millions of home routers originally appeared on Engadget on Wed, 21 Jul 2010 06:33:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Christopher Tarnovsky hacks Infineon's 'unhackable' chip, we prepare for false-advertising litigation

Tim Stevens — Fri, 12 Feb 2010 10:31:00 EST

As it turns out, Infineon may have been a little bit... optimistic when it said its SLE66 CL PE was "unhackable" -- but only a little. The company should have put an asterisk next to the word, pointing to a disclaimer indicating something to the effect of: "Unless you have an electron microscope, small conductive needles to intercept the chip's internal circuitry, and the acid necessary to expose it." Those are some of the tools available to researcher Christopher Tarnovsky, who perpetrated the hack and presented his findings at the Black Hat DC Conference earlier this month. Initially, Infineon claimed what he'd done was impossible, but now has taken a step back and said "the risk is manageable, and you are just attacking one computer." We would tend to agree in this case, but Tarnovsky still deserves serious respect for this one. Nice work, Big Gun.

Christopher Tarnovsky hacks Infineon's 'unhackable' chip, we prepare for false-advertising litigation originally appeared on Engadget on Fri, 12 Feb 2010 10:31:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Researchers claim GSM calls can be hacked on the cheap

Joshua Topolsky — Thu, 21 Feb 2008 22:10:00 EST

Callers, your worst nightmare is coming true... maybe. According to a report, a group of hackers at the Black Hat conference in Washington D.C. claim that they're able to hack GSM calls with equipment costing about $1,000. If you believe the team (and we're inclined to at least have a listen), they can decrypt GSM phone conversations and text messages on a network using inexpensive tools called field programmable gate arrays. Until now, the cost of the technology required to hack GSM transmissions has been prohibitively expensive for all but your government and large-scale snooping operations, but that's beginning to change. Not only can this technique allow access to calls, but some of the tech demonstrated at the conference might also enable a user to pinpoint a phone's distance from the surveillance hardware, and find out what type of device is being used. There was no mention of CDMA hacking, so you might want to move over to Sprint for all your seedy activities. Er, we mean stay on Sprint.

Filed under: Cellphones

Researchers claim GSM calls can be hacked on the cheap originally appeared on Engadget on Thu, 21 Feb 2008 22:10:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Researchers claim GSM calls can be hacked on the cheap

Joshua Topolsky — Thu, 21 Feb 2008 22:10:00 EST

Filed under: GSM, Misc

Researchers claim GSM calls can be hacked on the cheap originally appeared on Engadget on Thu, 21 Feb 2008 22:10:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments