LulzSec Hacker Responsible For Sony Hack Gets A Year In Prison

In 2011, LulzSec was a name that everybody knew. They were the hacking group behind the PlayStation Network hack of 2011 that brought the service down for more than a month. They were also responsible for a number of other attacks on companies over the course of a few months.
Since then, the members of LulzSec have been rounded up and taken to trial. The latest trial saw Cody Kretsinger, known as “Recursion” in online circles, sentenced to a year in prison. He was convicted on one count of conspiracy and unauthorized impairment of a protected computer. After his year in prison, he will remain under home detention.
You may be thinking that Kretsinger’s sentence is a little light. He was able to get his sentence down to a year thanks to a plea bargain he made last year with federal prosecutors. As part of that plea bargain, he admitted to hacking into a Sony Pictures’ database and sharing the information with other members of LulzSec.
Home detention won’t be the only thing that Kretsigner has to look forward to after his stint in prison either. The U.S. district judge ordered him to complete 1,000 hours of community service. Maybe he can help clean up Sony Pictures’ studios in Los Angeles to help make up the $600,000 in damages that federal prosecutors say he caused the studio.
Kretsinger is one of the last original LulzSec members to be sentenced for their hacking spree in 2011. The hacker collective fell apart last year when its leader, known as Sabu, went rogue and started working with the FBI as an informant. There have been attempts to resurrect the group since then, but nothing has come of it.

Largest DDoS Attack Hit hong kong democracy voting website

Hackers and cyber attacks are getting evil and worst nightmare for companies day-by-day. Just last week a group of hackers ruined the code-hosting and software collaboration platform, ‘Code Spaces’ by destroying their Amazon cloud server, complete data and its backup files too.

Recently, the largest ever and most severe Distributed Denial of Service (DDoS) attacks in the history of the Internet has been recorded that hit the online democracy poll promoting opinion on the upcoming Hong Kong elections.

PopVote, an online mock election operated by The University of Hong Kong’s Public Opinion Program, by Saturday recorded more than half a million votes in less than 30 hours in the unofficial referendum that provided permanent residents of Hong Kong to choose their preferred political representatives, that is suppose to be continued until June 29.

However, the Chief Executive is officially chosen by a 1,200-member Election Committee under the current political system and drawn largely from pro-Beijing and business camps.

On the first day of voting, China’s State Council denounced the voting as “illegal and invalid.” Hong Kong’s chief executive, Leung Chun-ying, said all the proposals on the ballot are not complied with Hong Kong’s Basic Law, the territory’s de facto constitution.

On Friday, Matthew Prince, the CEO and co-founder of San Francisco based CloudFlare, the web performance company maintaining the voting website, said that the DDoS attack on the Occupy Central’s voting platform was “one of the largest and most persistent” ever.

According to Prince, the cybercriminals appeared to be using a network of compromised computers around the world to effectively disable the service of the voting website with an overwhelming amount of traffic. In such cases of attacks, the computer users who are exploited are usually unaware that their systems have been compromised.

Prince also wrote on Twitter: “Battling 300Gbps+ attack right now,” on the first day that the vote began. Three hundred gigabits per second is an enormous amount of data to take down any huge servers.

Also a DDoS attack last year on Spamhaus, a non-profit organisation that aims to help email providers filter out spams and other unwanted contents, is largely considered to be the biggest DDoS attack in the history, which the Cloudflare said the attack “almost broke the Internet.”

Cisco Open sources experimental small domain block cipher

In cryptography, Block ciphers such as AES or DES are a symmetric key cipher operating on fixed-length groups of bits, called blocks, and typically operate on large input data blocks i.e. 64 or more than 128, 256 bits.

Block cipher encrypts Plain-text to Cipher-text by applying cryptographic key and algorithm to a block of data at once as a group rather than to one bit at a time, so that identical blocks of text do not get encrypted the same way.

However, some applications need smaller blocks, and possibly non-binary blocks. So, to fulfil this need Cisco is providing a small block cipher, what it calls “FNR” (Flexible Naor and Reingold), but currently it is an experimental block cipher rather a production software.

Sashank Dara, software engineer at the security technology group Cisco, says in a detailed explanation that FNR is a flexible length small domain block cipher for encrypting objects that works without the need for padding, as happens in the traditional block ciphers such as AES (Advanced Encryption Standard) and DES (Data Encryption Standard).

 

“But one of the issues is the need for padding—so if you need to encrypt small amounts of data you may end with a huge difference in input vs. output size. As an example, using AES/128 on ECB mode to encrypt an IPv4 address results in an input size of 32 bits, but an output size of 128 bits. This may not be desired for some applications.” Sashank Dara said.

FEATURES OF FNR

1. Format-preserving encryption (FPE) - the length of plaintext and ciphertext remains same.
2. FNR is flexible for large input domains that are greater than 32 bits and less than 128 bits.
3. The encryption key length is not dependent on the input length and rather depends on underlying pseudo-random function (PRF).

I have taken an example from Wikipedia to explain the importance of Format-preserving encryption (FPE):

 

Suppose we want to encrypt a 16-digit credit card number 1234567812345670 using AES algorithm like ECB or CBC that will transform a credit card number into a large, fixed-length, binary value i.e. hexadecimal output value - 0x96a45cbcf9c2a9425cde9e274948cb67, which contains many bytes that are considered invalid when compared to a typical credit card number. If a credit card number is stored in a column of a database whose entries are char or varchar data, then the encrypted data cannot be stored in same column without changing the format of the column. If the encrypted data is Base64 encoded to ensure that it only contains valid characters, the size of the encrypted credit card number increases from 16 bytes to 24 bytes, changing the encrypted credit card number to lqRcvPnCqUJc3p4nSUjLZw==. In either case, applications that process the credit number may similarly be unable to handle an encrypted value without some modification.

SMALL-BLOCK ENCRYPTION SECURITY?

Small domain block ciphers are useful tool in designing privacy of sensitive data fields of smaller length, but smaller blocks leads to important security issues and building a secure small block cipher is known to be a tricky task.

According to Cisco, FNR is an experimental small domain block cipher for encrypting objects like IPv4, Port numbers, MAC Addresses, IPv6 address and any random short strings and numbers, while preserving their input length.

“Like all deterministic encryption methods, this does not provide semantic security, but determinism is needed in situations where anonymizing telemetry and log data (especially in cloud based network monitoring scenarios) is necessary,” Cisco warned.

Cisco has Open Sourced the FNR encryption scheme under open source license LGPLv2 on Github.

CASH CASH! Hacking ATM machines with just a text Message

As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million ATM machines are run on it. Microsoft's decision to withdraw support for Windows XP poses critical security threat to the economic infrastructure worldwide.

MORE REASONS TO UPGRADE

Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs.

"What was interesting about this variant of Ploutus was that it allowed cybercriminals to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time." researchers said.

 

HARDWIRED Malware for ATMs

According to researchers - In 2013, they detected a malware named Backdoor.Ploutus, installed on ATMs in Mexico, which is designed to rob a certain type of standalone ATM with just the text messages.

To install the malware into ATMs machines, hacker must connect the ATM to a mobile phone via USB tethering and then to initiate a shared Internet connection, which then can be used to send specific SMS commands to the phone attached or hardwired inside the ATM.

 

"Since the phone is connected to the ATM through the USB port, the phone also draws power from the connection, which charges the phone battery. As a result, the phone will remain powered up indefinitely."

HOW-TO HACK ATMs

• Connect a mobile phone to the machine with a USB cable and install Ploutus Malware.
• The attacker sends two SMS messages to the mobile phone inside the ATM.
• SMS 1 contains a valid activation ID to activate the malware
• SMS 2 contains a valid dispense command to get the money out
• Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet.
• Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus
• Amount for Cash withdrawal is pre-configured inside the malware
• Finally, the hacker can collect cash from the hacked ATM machine.

Researchers have detected few more advanced variants of this malware, some attempts to steal customer card and PIN data, while others attempt man-in-the-middle attacks.

This malware is now spreading to other countries, so you are recommended to pay extra attention and remain cautious while using an ATM.

Crysis 3 v.10 Plus 6 Game Trainer Free Download THE ONLY 1 WORKING!

Microsoft has released Security Patch for CVE-2013-5065 TIFF Zero-Day vulnerability and 5 other emote code execution flaws

Microsoft has released 11 Security Patch this Tuesday, including one for CVE-2013-5065 zero-day vulnerability, recently discovered Local privilege escalation vulnerability that could allow a hacker to launch an attack using corrupted TIFF images to take over victims' computers. FireEye researchers said they found the exploit in the wild being used alongside a PDF-based exploit against a patched Adobe Reader vulnerability. December's Patch Tuesday update bundle brings five bulletins ranked critical, including a patch for a vulnerability that could allow remote code execution in Internet Explorer and another remote code execution vulnerability in Office and Microsoft Server is also addressed. Other patches addressing remote code execution vulnerabilities in Lync, all versions of Office and Microsoft Exchange. All supported versions of Windows, from XP to RT and 8.1, are affected by at least one of the critical vulnerabilities. The Six Security bulletins rated important deal with local elevation of privilege vulnerabilities in Windows and Microsoft Developer Tools. Users are recommended to upgrade to Windows 7/above or Linux Distributions, and make sure that you have installed the latest versions of Adobe Reader. Microsoft has also released an updated version (1.163.1657.0) of the Windows Malicious Software Removal Tool.

Hacker fined with $183,000 for just One-Minute of DDoS attack

Eric Rosol, A 38-year-old hacker who joined an Anonymous hacker attack for just one minute has been sentenced to two years of federal probation and ordered to pay $183,000 fine. Yes you read right! $183,000 fine for just 1 Minute of DDoS attack. In 2011, Eric participated in a distributed denial-of-service (DDoS) attack organized by hacker collective Anonymous against the servers of Koch Industries. The DDoS attack was organized in opposition to Koch Industries’ reported weakening of trade unions. He used a software called a Low Orbit Ion Cannon Code, LOIC is a popular DDoS tool used by anonymous hackers and other hackers to perform the DDoS attack. Rosol pleaded guilty and was agreed to direct pay for the losses as a result of the attack on the company website i.e. around $5,000 only, but Koch Industries had argued that it hired a consulting group to protect its web sites at a cost of approximately $183,000. Unfortunately, the company website was knocked offline for just 15 minutes and now Eric has to pay the bill of the Cyber Security consulting group. Similar crimes have also carried heavy punishments i.e. Jeremy Hammond, 28, Anonymous group member was sentenced last month to 10 years in prison for hacking various government agencies and a global intelligence company - Stratfor.