Astoria — Advanced Tor Client Designed to Avoid NSA Attacks

May 23, 2015 – 8:17 AM

In response to the threat of intelligence agencies like NSA and GCHQ, Security researchers from American and Israeli academics have developed a new advanced Tor client called Astoria specially designed to make eavesdropping harder.

Tor (The Onion Router) is the most popular anonymity network that is intended to allow a user to browse the Internet anonymously via a volunteer network of more than 6000 relays/nodes.

The encrypted traffic of a user is being routed through multiple relays in the network. The user-relay connection is known as a circuit.

Tor does not share your identifying information like your IP address and physical location with websites or service providers on the receiving end because they don’t know who is visiting.

Source:
http://thehackernews.com/2015/05/Astoria-tor-client.html

Android factory reset not enough to keep data secure

May 22, 2015 – 4:27 AM

If you sell or gift your old Android phone to someone, is it enough to do a factory reset to wipe all your sensitive data? And if your Android gets stolen, how sure are you that your anti-theft solution will do a good job wiping it and/or locking the device?

Consumers generally have no insight in how well these features work. Their only option is to trust the manufacturers’ and developers’ assurances, and wait for security researchers to test the solutions.

Today, two researchers from the Security Group at the University of Cambridge Computer Laboratory have published two papers that answer those questions.

The first one details the results of a security analysis of Android’s Factory Reset option, tested on 21 second-hand Android smartphones from 5 vendors running Android versions v2.3.x to v4.3.

The researchers concentrated on cheap data recovery attacks that require neither expensive equipment nor specific per-chip knowledge, and found that they could recover some SMSes, emails, and/or chats from messaging apps, and Google master cookies and Facebook authentication tokens which would allow them to access those users’ accounts.

All in all, they estimate that “up to 500 million devices may not properly sanitise their data partition where credentials and other sensitive data are stored, and up to 630M may not properly sanitise the internal SD card where multimedia files are generally saved.”

“We found we could recover Google credentials on all devices presenting a flawed Factory Reset,” they noted. “Full-disk encryption has the potential to mitigate the problem, but we found that a flawed Factory Reset leaves behind enough data for the encryption key to be recovered.”

Source:
http://www.net-security.org/secworld.php?id=18416

A first aid kit for ransomware infections

May 21, 2015 – 8:51 AM

You’ve been hit by ransomware and you don’t know what to do?

Jada Cyrus has assembled a helpful “Ransomware Removal Kit” which contains decryption tools for CryptoLocker, CoinVault, TeslaCrypt and FBIRansomWare, along with instructions on how to use them.

“You should never pay the ransom. This will only reinforce this type of attack,” Cyrus is adamant, and says the kit’s intended to be used for security professionals and system administrators alike, so that they can streamline the process of responding to ransomware infections.

Generally, before attempting to remove ransomware from impacted computers, they should be first removed from the network on which they are on, says Cyrus. Identifying the type of ransomware is crucial for any decrypting attempt – decryption tools are only currently available for the aforementioned ransomware types.

And not all are guaranteed to do the work thoroughly or to work in all cases.

Source:
http://www.net-security.org/malware_news.php?id=3043

NetUSB vulnerability leaves millions of routers open to attack

May 20, 2015 – 4:48 AM

Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them.

The vulnerability is located in a service called NetUSB, which lets devices connected over USB to a computer be shared with other machines on a local network or the Internet. The shared devices can be printers, webcams, thumb drives, external hard disks and more.

NetUSB is implemented in Linux-based embedded systems, such as routers, as a kernel driver. The driver is developed by Taiwan-based KCodes Technology. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients.

Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. If exploited, this kind of vulnerability can result in remote code execution or denial of service.

Since the NetUSB service code runs in kernel mode, attackers who exploit the flaw could gain the ability to execute malicious code on the affected devices with the highest possible privilege, the Sec Consult researchers said in a blog post Tuesday.

Many vendors integrate NetUSB into their products, but have different names for it. For example, Netgear calls the feature ReadySHARE, while others simply call it print sharing or USB share port.

Source:
http://www.techworld.com/news/security/netusb-vulnerability-leaves-millions-of-routers-open-attack-3612346/

Google Fixes Sandbox Escape in Chrome

May 19, 2015 – 4:54 PM

Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox.

That vulnerability is one of 37 bugs fixed in version 43 of Chrome. Six of those flaws are rated as high risks and Google paid out more than $38,000 in rewards to researchers who reported vulnerabilities to the company. Among the other serious vulnerabilities are cross-origin bypasses and three use-after-free vulnerabilities.

Google has not yet released the details of the vulnerabilities, so the nature and location of the sandbox-escape bug aren’t clear. The company waits until most users have updated to the new version before releasing complete details of the vulnerabilities.

Source:
https://threatpost.com/google-fixes-sandbox-escape-in-chrome/112899