SlideShare una empresa de Scribd logo

Security Bytes - July 2013

n|u - The Open Security Community
n|u - The Open Security Community

null Trivandrum Chapter - July 2013 Meet

EducaciónTecnología
1 de 17
Descargar para leer sin conexión
n|u –The Open Security Community Trivandrum Chapter Security Bytes – July 2013 By Pranav (sh3rl0ck@null.co.in) 1
“Edward Snowden files” has blueprint of NSA surveillance programs • Edward Snowden has enough information to cause more damage to the US government in a minute alone than anyone else has ever had in the history of the United States, but he has insisted that they not be mage public, including the blue prints of NSA surveillance program. Glenn Greenwald, the Guardian Journalist , who was the first to report this, says Snowden has an "instruction manual for how the NSA built" 2
And got nominated for Nobel Prize !!! • Edward Snowden has helped to make the world a little better and safer. A Swedish professor of sociology has nominated NSA whistle-blower Edward Snowden for the 2014 Nobel Price. • In his letter to the Nobel Committee, Sociology Professor Stefan Svallfors recommended Snowden, for his "heroic effort at a great personal cost" shedding light on the expansive cyber spying conducted by the NSA. 3
New Anonimizing Tool - Tortilla • Tortilla provides a secure, anonymous means of routing TCP and DNS traffic through Tor regardless of client software and without the need for a VPN or secure tunnel. 4
New Anonimizing Tool - Tortilla • Redeems the bad aspects of Tor • No additional hardware or VM to support SOCKS proxy • Unveiling at ‘Black Hat’ Las Vegas in two weeks • Releasing as Open Source Tool 5
Signal Booster into Mobile Hacking Machine • A group of hackers from Security firm iSEC tapped into Verizon wireless cell phones using a signal- boosting devices made by Samsung to Verizon and cost about $250. 6
• The network Extender turns into miniature cell phone tower. • Fits inside a backpack. • Capable of capturing and intercepting calls, texts and data • Declined to disclose how they modified the software.  • Plans to give demos in various hacking cons this year.  7 Signal Booster into Mobile Hacking Machine
True Caller Hacked by Syrian Electronic Army • True Caller, a popular app, the world's largest collaborative phone directory compromised by Syrian Electronic Army hackers. 8
• Was running an outdated Version of WordPress(3.5.1) • Contains millions of access codes of Facebook, Twitter, Linkedin, Gmail accounts. • Hackers downloaded 7 databases of 450GB in size. • True Caller website still under maintenance. • Stop Using such Apps which harvest our data and violates our privacy. 9 True Caller Hacked by Syrian Electronic Army
Anonymous hackers expose U.S FEMA contractors • Anonymous hackers broken into Federal Emergency Management Agency(FEMA) servers and leaked the database includes names, addresses and other information of FEMA contractors, federal agents and local authorities. 10
• In their message anonymous said " This is a message to FEMA, to various world governments and to their complicit corporate lackeys as to the 2.5 regular people who use the internet and have found that their right to privacy has been utterly destroyed" • They stated : “This leak is dedicated to our fallen comrades, allies and those who fight for the same causes as us. For Jeremy Hammond, for weev, for Edward Snowden, for everyone who has risked and continues to risk their freedom for their belief in a world free from constant, invasive surveillance.” 11 Anonymous hackers expose U.S FEMA contractors
Hacking Google Glass with Malicious QR code • Researchers at mobile security firm Lookout discovered a security flaw in Google Glass which allowed them to capture data without user's Knowledge, when the user merely took a photo that captured a malicious QR code. • The problem was that Google could be told to execute a QR code without the user having to give permission. Because of Glass's limited user interface. Google set up the device's camera to automatically process any QR code in a photograph. 12
13 Hacking Google Glass with Malicious QR code
Tango website hacked by Syrian Electronic Army • Syrian Electronic Army hacked into Tango.me and compromised more than 1.5 TB Daily backup of the servers.The databases is reportedly contains more than millions of the Application users phone numbers and contacts and their emails. • "Sorry @TangoMe, We needed your database too, thank you for it! http://tango.me #SEA #SyrianElectronicArmy" The tweet posted by Syrian Electronic Army. • The Hackers breached the Tango.me with same method- The outdated Wordpress CMS allowed them to gain unauthorized access to the database server. 14
E-Hack 2013 • E-HACK, will be the largest ever workshop on Information Security on 27-28th July . • You’ll be on The Indian Book of Records, The Asian Book of Records and The Guinness Book of World Records • Workshop • Capturing The Flag(CTF) 15
Sources : • www.thehackernews.com • www.ehackingnews.com • www.news.cnet.com/security/ 16
17

Recomendados

Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM SpyingVishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Badgujar
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
VedangiBrahmbhatt
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
sherrysher82
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
satish kumar
 
Digital Piracy
Digital PiracyDigital Piracy
Digital Piracy
Centextech
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Damisetty Bala Naga Rama Sesha Sai
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
Ajay Dhamija
 
Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)
Abhinav Biswas
 

Recomendados

Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM SpyingVishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Badgujar
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
VedangiBrahmbhatt
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
sherrysher82
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
satish kumar
 
Digital Piracy
Digital PiracyDigital Piracy
Digital Piracy
Centextech
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Damisetty Bala Naga Rama Sesha Sai
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
Ajay Dhamija
 
Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)Dark - Side of Internet of Things (IOT)
Dark - Side of Internet of Things (IOT)
Abhinav Biswas
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Waqas Abbasi
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Georgekutty Francis
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Pankaj Kumawat
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
DEEPIKA WALIA
 
"Hacking"
"Hacking""Hacking"
"Hacking"
Ameesha Indusarani
 
AusCERT - Mikko Hypponen
AusCERT - Mikko HypponenAusCERT - Mikko Hypponen
AusCERT - Mikko Hypponen
Mikko Hypponen
 
Hacking
HackingHacking
Hacking
Purohit Rock
 
ethical hacking
ethical hackingethical hacking
ethical hacking
Neelima Bawa
 
Hacking
HackingHacking
Hacking
Haider Akbar
 
What is Ethical hacking
What is Ethical hackingWhat is Ethical hacking
What is Ethical hacking
Sibghatullah Khattak
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and Hackers
Farwa Ansari
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
Subhoneel Datta
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
Richard Stiennon
 
Cyber espionage
Cyber espionageCyber espionage
Cyber espionage
harshitakhandelwal26
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
vishakha bhagwat
 
Guerilla warfare by means of netwarfare [2001]
Guerilla warfare by means of netwarfare [2001]Guerilla warfare by means of netwarfare [2001]
Guerilla warfare by means of netwarfare [2001]
Mikko Hypponen
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
RamchandraRegmi
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
Hannah Jane del Castillo
 
News Bytes June 2012
News Bytes June 2012News Bytes June 2012
News Bytes June 2012
n|u - The Open Security Community
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
chauhananand17
 

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
"Hacking"
"Hacking""Hacking"
"Hacking"
 
AusCERT - Mikko Hypponen
AusCERT - Mikko HypponenAusCERT - Mikko Hypponen
AusCERT - Mikko Hypponen
 
Hacking
HackingHacking
Hacking
 
ethical hacking
ethical hackingethical hacking
ethical hacking
 
Hacking
HackingHacking
Hacking
 
What is Ethical hacking
What is Ethical hackingWhat is Ethical hacking
What is Ethical hacking
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and Hackers
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
 
Cyber espionage
Cyber espionageCyber espionage
Cyber espionage
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Guerilla warfare by means of netwarfare [2001]
Guerilla warfare by means of netwarfare [2001]Guerilla warfare by means of netwarfare [2001]
Guerilla warfare by means of netwarfare [2001]
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 

Similar a Security Bytes - July 2013

Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital World
alxdvs
 
Syrian Malware
Syrian MalwareSyrian Malware
Syrian Malware
Kaspersky
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Ivan Sang
 

Similar a Security Bytes - July 2013 (20)

News Bytes June 2012
News Bytes June 2012News Bytes June 2012
News Bytes June 2012
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital World
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet Bangalore
 
NSA, GCHQ, Five, Nine, Fourteen Eye tactics and techniques
NSA, GCHQ, Five, Nine, Fourteen Eye tactics and techniquesNSA, GCHQ, Five, Nine, Fourteen Eye tactics and techniques
NSA, GCHQ, Five, Nine, Fourteen Eye tactics and techniques
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
 
Security News Byes- Nov
Security News Byes- NovSecurity News Byes- Nov
Security News Byes- Nov
 
Syrian Malware
Syrian MalwareSyrian Malware
Syrian Malware
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
Deep web, the unIndexed web
Deep web, the unIndexed webDeep web, the unIndexed web
Deep web, the unIndexed web
 
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
Security Bytes - null Trivandrum Meet-august 2013
Security Bytes - null Trivandrum Meet-august 2013Security Bytes - null Trivandrum Meet-august 2013
Security Bytes - null Trivandrum Meet-august 2013
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...
 
Quant & Crypto Gold
Quant & Crypto GoldQuant & Crypto Gold
Quant & Crypto Gold
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
 
Hackers
HackersHackers
Hackers
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
 

Más de n|u - The Open Security Community

Más de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Último (20)

ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptx
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 

Security Bytes - July 2013

  • 1. n|u –The Open Security Community Trivandrum Chapter Security Bytes – July 2013 By Pranav (sh3rl0ck@null.co.in) 1
  • 2. “Edward Snowden files” has blueprint of NSA surveillance programs • Edward Snowden has enough information to cause more damage to the US government in a minute alone than anyone else has ever had in the history of the United States, but he has insisted that they not be mage public, including the blue prints of NSA surveillance program. Glenn Greenwald, the Guardian Journalist , who was the first to report this, says Snowden has an "instruction manual for how the NSA built" 2
  • 3. And got nominated for Nobel Prize !!! • Edward Snowden has helped to make the world a little better and safer. A Swedish professor of sociology has nominated NSA whistle-blower Edward Snowden for the 2014 Nobel Price. • In his letter to the Nobel Committee, Sociology Professor Stefan Svallfors recommended Snowden, for his "heroic effort at a great personal cost" shedding light on the expansive cyber spying conducted by the NSA. 3
  • 4. New Anonimizing Tool - Tortilla • Tortilla provides a secure, anonymous means of routing TCP and DNS traffic through Tor regardless of client software and without the need for a VPN or secure tunnel. 4
  • 5. New Anonimizing Tool - Tortilla • Redeems the bad aspects of Tor • No additional hardware or VM to support SOCKS proxy • Unveiling at ‘Black Hat’ Las Vegas in two weeks • Releasing as Open Source Tool 5
  • 6. Signal Booster into Mobile Hacking Machine • A group of hackers from Security firm iSEC tapped into Verizon wireless cell phones using a signal- boosting devices made by Samsung to Verizon and cost about $250. 6
  • 7. • The network Extender turns into miniature cell phone tower. • Fits inside a backpack. • Capable of capturing and intercepting calls, texts and data • Declined to disclose how they modified the software.  • Plans to give demos in various hacking cons this year.  7 Signal Booster into Mobile Hacking Machine
  • 8. True Caller Hacked by Syrian Electronic Army • True Caller, a popular app, the world's largest collaborative phone directory compromised by Syrian Electronic Army hackers. 8
  • 9. • Was running an outdated Version of WordPress(3.5.1) • Contains millions of access codes of Facebook, Twitter, Linkedin, Gmail accounts. • Hackers downloaded 7 databases of 450GB in size. • True Caller website still under maintenance. • Stop Using such Apps which harvest our data and violates our privacy. 9 True Caller Hacked by Syrian Electronic Army
  • 10. Anonymous hackers expose U.S FEMA contractors • Anonymous hackers broken into Federal Emergency Management Agency(FEMA) servers and leaked the database includes names, addresses and other information of FEMA contractors, federal agents and local authorities. 10
  • 11. • In their message anonymous said " This is a message to FEMA, to various world governments and to their complicit corporate lackeys as to the 2.5 regular people who use the internet and have found that their right to privacy has been utterly destroyed" • They stated : “This leak is dedicated to our fallen comrades, allies and those who fight for the same causes as us. For Jeremy Hammond, for weev, for Edward Snowden, for everyone who has risked and continues to risk their freedom for their belief in a world free from constant, invasive surveillance.” 11 Anonymous hackers expose U.S FEMA contractors
  • 12. Hacking Google Glass with Malicious QR code • Researchers at mobile security firm Lookout discovered a security flaw in Google Glass which allowed them to capture data without user's Knowledge, when the user merely took a photo that captured a malicious QR code. • The problem was that Google could be told to execute a QR code without the user having to give permission. Because of Glass's limited user interface. Google set up the device's camera to automatically process any QR code in a photograph. 12
  • 13. 13 Hacking Google Glass with Malicious QR code
  • 14. Tango website hacked by Syrian Electronic Army • Syrian Electronic Army hacked into Tango.me and compromised more than 1.5 TB Daily backup of the servers.The databases is reportedly contains more than millions of the Application users phone numbers and contacts and their emails. • "Sorry @TangoMe, We needed your database too, thank you for it! http://tango.me #SEA #SyrianElectronicArmy" The tweet posted by Syrian Electronic Army. • The Hackers breached the Tango.me with same method- The outdated Wordpress CMS allowed them to gain unauthorized access to the database server. 14
  • 15. E-Hack 2013 • E-HACK, will be the largest ever workshop on Information Security on 27-28th July . • You’ll be on The Indian Book of Records, The Asian Book of Records and The Guinness Book of World Records • Workshop • Capturing The Flag(CTF) 15
  • 16. Sources : • www.thehackernews.com • www.ehackingnews.com • www.news.cnet.com/security/ 16
  • 17. 17