In a world where data is the new oil, privacy has become a paramount concern for every individual. Recent revelations about Apple's iPhone have raised serious questions about the security and privacy of its users. A targeted cyberattack was discovered by Kaspersky Lab, which involved several iPhones of the company's employees being infected with a spyware named 'Triangulation'. The alarming part is that there is currently no effective way to remove this spyware without losing user data.
More...

Mobile phones are siblings of old day PDAs, but store vast amount of data. With smart cards up to 1Tb, access to cloud storage, e-mails, messengers and social networks, possessing your phone could potentially have consequences far beyond the obvious financial loss.

In this post I will attempt to address the risks and provide the way to create your own, personal emergency protocol for cases of your phone being lost or stolen.

More...

You’ve already heard about the Windows Phone operating system. Microsoft invested a lot of money into making you hear about it. They are trying to form opinion and clear up the niche for their new attempt to settle in the mobile phone market, and this time it appears like they went for broke.

It’s not only huge resources spent on all sorts of advertisements, but also the unusual amount of FUD in their pitch. One of such arguments that riveted my attention is that iPhone is a glamorous gadget for non-geeks. If you believe it, then this article is for you. More...

Here’s some morning fun for security experts out there.

A few days ago I needed to arrange a payment to Microsoft. The credit card used in transaction wasn’t available the week after transaction, when the company decided to charge it. Not a big deal, I only needed to provide the details of an alternate card. Here is the fragment of an e-mail I’ve got regarding the issue:

“Due to security policy, we strongly recommend you send these details via fax or attached to an e-mail. Please do not type these details in the e-mail body. If you wish, you can provide us with these details via phone.”

More...

One of the qualities of the PowerShell, one of the scales to mark it’s success was the Security. It is also the first question asked when someone new to PowerShell is trying to run the PowerShell script.

The previous generations of scripting environments, like the Windows Scripting Host with it’s notorious VBS files sent automatically over e-mail by all sorts of worms and trojans – they cried for better security, and not only in terms of getting over the problems, but also in terms of applying newest standards and technologies.

So this video training article is about the security in Windows PowerShell. More...

The new culture of making business “more social” brings so many new possibilities and chances, it’s hard to analyze the consequences of every step you take. We are doing so much in order to use the latest features of the web, that don’t recognize the jeopardy hidden in most innocent things we do.

In October of 2011 I took an experiment, which lasted for two months and gave me so interesting results, that I couldn’t resist to share. For some of you these findings could be shocking and reveal something new, but the reason for the experiment was purely to prove what seemed logical even without the experiments. More...

Rather short note for pen-testers.

Sometimes you have software which is contacting some web services – especially interesting when it’s about transferring files.

Sometimes some software packages, especially custom ones, made for a small number of customers, may have web services open for consuming by that software.

Pay attention to it. Sometimes there are exposed functions which could be exploited in a way that developers were not able to imagine.

For example, during my most recent pen-test, I was able to put files, delete and execute on server using only functions of exposed web service. Needless to say, I wouldn’t need any hacking tools or social engineering to penetrate networks of their customers as well.

This topic is rather omitted in CEH and similar courses, but with some base knowledge of programming you could kill the whole family of rabbits with one shot.

Also, as a side note about pen-testing. I noticed that even when you’re using simplest technique, a “no-brainer” one, customer will call you “hacker” or “genius” just to not call their developer or system administrator an idiot.

When I began studying computers in beginning of 90s, I adopted the password policy of that time, which stated that passwords should be at least 8 symbols long and be complex, meaning that there shall be a number, uppercase and lower case symbols, and would be nice if there would also be a special character.

With Windows NT 4 we had addition to that rule, which was rarely used in practice, that the password should be longer than 14 symbols, as otherwise it could be hacked in a matter of seconds.

Windows has additional rules in corporate environment, but all of them are basically about the length, complexity and maximal age of the password. However, while you can enforce that in corporate network, most people are far from understanding the underlying idea of password policy, can’t estimate the cost of weak password, and overall they are ready to adopt the policy only if it will be reasonable enough.

So I decided to create such policy for myself, and take a look what I came up with:

More...

Have you ever think about all the possible things that could happen when you become subject of business espionage through hacking of your server? Either of the whole farm or one and only server you have in your organization? What are the possible scenarios you went through in your fantasies or security planning?

Here is one idea you didn’t go through. Imagine, that your server is hosting installation files for software which is used either on other computers inside of your organization or outside of it. Even funnier – you have part of your network which is separated from the  Internet but still it uses piece of software, whose installation files are stored on compromised machine.

Using technique called repackaging, intruder could change these installation files so you wouldn’t distinguish them from the original ones. They would look and behave identically but would also install Trojan horse. In case of targeted attack this Trojan horse wouldn’t be recognized by antivirus software, as it couldn’t be found on other machines in the Internet.

While very sophisticated, this attack is also very simple to implement and potentially could supply attacker with precious information for years.

I am not aware of any attempts of this kind were implemented ever, so probably could patent it. Too bad, hacking techniques wont be patented. But anyway, we are going to talk about “white hat” repackaging pretty soon, so stay tuned!