McAfee predictions for 2012…

2011.12.29

McAfee released it prediction for year 2012 in Security world.

Interesting, is that document was created at 07.12.2011. And here  is part regarding Hacktivism:

Hacktivism

Although hacktivism is not new, with the WikiLeaks saga on the front pages in 2010 hacktivism gained wider publicity, acceptance, and usage than ever before. Overall, 2011 was a muddled year for online activists, with conflicting players frequently at odds with each other and no clearly stated goals. It was often difficult to sort things out between politically motivated campaigns and simple script-kiddies entertainment, but one thing became clear: When hacktivists picked a target, that target was compromised either through a data breach or denial of service. They are a credible force. Agree with their goals or not, Anonymous and other hacktivist groups have shown themselves to be dedicated, resourceful, and even agile in choosing some of their targets and operations.

The coming year will be decisive for hacktivism. And the Anonymous stories represent only one aspect of this issue.

*  The “true” Anonymous (that is, its historical wing) will reinvent themselves and their scene or die out. If the Anonymous circles of influence are unable to become organized—with clear calls for action and responsibility claims—all those labeling themselves Anonymous will eventually run the risk of becoming marginalized. Either way, we will see a large increase in such attacks. Distributed denial of service (DDoS) and personal data disclosures justified by a political conscience will continue to grow.

*  The people leading digital disruptions will become better engaged with the people leading physical demonstrations. We will see more mating of social media-based hacktivism with social media-coordinated hacktivism. We expect many future operations to include both physical and digital components. Joint and coordinated actions, in the field and online, will be simultaneously planned. It is not hard to predict the evolution of the Occupy and other outraged groups to include more direct digital actions. As we posited in other predictions, the possibility of mating hacktivist goals with industrial controller or SCADA system availability is a very real possibility. We expect hard-line hacktivists supporting the worldwide Occupy movements will drop the Anonymous label and soon operate as “Cyberoccupiers.”

*   For political and ideological ends, the private lives of public figures—politicians, industry leaders, judges, and law-enforcement and security officers—will be disclosed this year more than in the past. Protesters will stop at nothing to obtain data from social networks or web servers to support their various operations.

*   Some hacktivists will operate along the same lines as the various “cyberarmies” that primarily flourish in nondemocratic or nonsecular states (Iranian Cyber Army, Pakistan Cyber Army, ChinaHonker group, etc.). Mostly used for defacement in the past two years, the armies will move to more disruptive actions in the new year. Some of these groups will clash themselves, possibly causing unpredictable collateral damages (Palestinian versus Israeli, Indian versus Pakistani, North versus South Korean, etc.). In 2011, cyberarmies were rumored to be manipulated or supported by their governments. Totalitarian states will go further next year, even acknowledging the actions of local cyberarmies.

It was before Stratfor… At least 1 part is becoming true even before 2012 :)

 

Netgear WNAP320 ProSafe

2011.12.26

Another wireless device for medium business, local branches etc.

Default IP: 192.168.0.100

Username: admin

Password: password

Default passphrase for Wireless WPA-PSK: sharedsecret

 

Tags :

Stratfor.com hacked by Anonymous

2011.12.26

Well, all news report it is.

In IRC released some additional INFO:

Screenshot of deface: http://imagebin.org/190224

List of clients of STRATFOR, posted by AntiSec: http://pastebin.com/8MtFze0s

Well, there is an update in pastebin for tag stratfor that declare that Anonymous not participated in this action, but who cares? :)

And just to remember:

Again and again…

2011.12.19

Again, if You install in Your office multi-purpose device (usually SOHO type of device), make sure that Wireless network is disabled. Even if DHCP is off, even if on the way to LAN there is a Firewall, even if You personally see 200 meters around this device 24×7 – there is a way to get thru and use it.

PHP code review

2011.12.12

So many automatic tools for PHP code review, so almost forgot how to do it manually.

Looking forward to prepare manual of hands-on to PHP code review, looking for known, less known or possibly unknown (?) code vulnerabilities.

 

upd1: O!. looks like not only me thinking about going back to basics. Ryan Dewhurst from InfoSec – “Finding Security Vulnerabilities in PHP Using Grep”

Upd2: Now, when I look at it, there are some previous work done, but as usual – when someone start to make a review of what to look and how to look – someone point him to automatic tool that “do the job” like RIPS, and there it stops. :) major result – less and less people who know what exactly they looking for, and more interesting – what they miss. )

p.s. actually, when You look at code itself, it overdue the language borders and differences. Already found few articles in Arabic with code examples, one Chinese forum with brightfull ideas (in open access and google-indexed, I am sure there are much more) and a lot of Russian articles (that one I still remember :) )

 

Tags :   

Rising Antivirus

2011.12.05

Well, new AV available for English-speakers, Rising Antivirus from Rising Global company

Company, according to it’s website, placed in China. As CNET report, it’s largest player on China AV market.

Free Antivirus< Firewall and Mobile security of Rising products currently available here

Looks Yellow,  have it’s problems (see CNET article), do not detect some samples I have collected about a month ago (virustotal detection less than 20% for today).

Anyway – It is available if You need it :)

Poverty defeat captcha! :)

2011.12.05

While poverty will be tolerated in our world, captcha will be defeated instantly. Price for human-based captcha recognition: 1$ for 1000 of any captcha-images, 80% of success guarantee. Bonus program, etc.
Google for anti-captcha. :))

Tags :

Encryption as a lose-lose solution.

2011.12.05

Almost all security techs, or “experts” if You wish, that I have been linked with, use encryption as a protection layer.

Well, for stolen laptop or compromised file archive, it’s may be a solution. but, lets say, You use encryption for preventing authorities from looking at it in some point for some reasons. Then You at least should be familiar with local law’s regarding encryption. For example, see the news headline about a year ago: UK: Youth jailed for not handing over encryption password or here

Same news You can find regarding other countries. In States there is Fifth Amendment that can be used as a protection point for such cases, but as we may see – not automatic and require major support of community (do You have it? :) ) For example: US court test for rights not to hand over crypto keys

I spoke with local Israel lawyer, she said that Israel state also have a similar law as UK have, that allow authorities to jail suspect for not revealing the measures for decrypt data.

So, If You using encryption to have a safe place from system eye-drop,  make sure they cannot force You by law to reveal it.  How? Hmmmm…  Use Your imagination and approve it with lawyer. :)