FaceDancer : Security Issue Buzzing USB !!!!

1.   The typical USB protocol requires that anything with USB  declares itself as either a "device" or "host". "Host" can be a PC and other bigger machines accessible whereas "Devices" can be iPod, iPads, USB thumb drives, and other "small" accessory-like things.  If you ever want a USB "host" to pretend to be a USB "device", you need special hardware. The FaceDancer is that key.

2.   The FaceDancer allows a computer (or "host") to masquerade as a USB "device" to communicate with other USB devices or USB Hosts. The FaceDancer allows a developer to access data on the USB bus from high level languages like C, Python, and Ruby.

Details and above info from : http://int3.cc/products/facedancer21

XP still Continues though "eXPired"

1.    XP has now got the authorized prefix and suffix to get renamed as "eXPired" since it has been now officially announced by Microsoft as discontinued and has advised XP and Office 2003 users to migrate to Windows 7 and Office 2010 and thus systems are left vulnerable to new forms of malware. No further support to XP...no patches to update...no updates by Microsoft.....but certainly it will take time for XP to get disowned by more then a decade old loyal user population most of whom made their first PC experience with a XP machine...for a home guy who surfs net...it will be difficult to make him/her understand about how vulnerable he/she is now....actually very difficult.

2.    But what about the corporates and govt sector offices? I am sure private sector will make a fast change since it may adversely effect their business model in case of a undesired info leakage or a hack!!!Only recently I made a visit to a post office in Delhi for doing a speed post...wherein the dedicated  loyal postmaster was using a xp machine connected to Internet.I informally asked him about any upgrades in OS planned in their department to which he replied confidently that it's not required since it is working fine.Today the Indian postal department is slowly getting online.Today thanks to vision implementation of the government(though late) that we are able to locate the movement of a speed post letter...what time it was opened..whats the location and when it got delivered...etc etc..but all this can go waste and get a setback if the backbone nodes are not updated and monitored....more so if the staff handling all the machines are low on security aspect.

3.   Well...this postal department is one of the examples cited here since I just interacted with one of them today...but the risk stakes are high when we see this at national level...all the online-governance machines located in remote areas...have they been ensured removed of XP?....if it has not been done....this can be just on the lines of zero day exploits...in this case there must be millions of machines thrown open to hacking....and invasion to classified information.

HP LaserJet Pro printers : Telnet Vulnerable

1.    A critical vulnerability discovered in few LaserJet Pro printers that could give remote attackers access to sensitive data. The latest breach expose by Germany security expert, Christoph von Wittich.In brief points below :

-   HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data.

-   Christoph von Wittich,the guy detected the vulnerability during a routine network scan of his company's corporate network.

-   Vulnerability could also be used for a denial-of-service attack.

-   As long as the printer is not connected to the Internet, this vulnerability should not cause much trouble for the end user,".

-  Effected printers include

      HP LaserJet Pro P1102w
      HP LaserJet Pro P1102
      HP LaserJet Pro P1606dn
      HP LaserJet Pro M1212nf MFP
      HP LaserJet Pro M1213nf MFP
      HP LaserJet Pro M1214nfh MFP
      HP LaserJet ProM1216nfh Multifunction Printer,
      HP LaserJet Pro M1217nfw Multifunction Printer,
      HP LaserJet Pro M1218nfs MFP
      HP LaserJet Pro M1219nf MFP
      HP LaserJet Pro CP1025nw
      HP LaserJet Pro CP1025nw

2.    Now for HP something like this is not new....even in past about 2 years back in dec 2011,a vulnerabilty was discovered wherein "Print of one malicious document can expose your whole LAN".

3.    In-fact I discussed a past case at Feb 2012 last year here....3 months after that happened.HP seems to be busy with printing only....high time they start focusing serious work on security aspects too!!!!

4.    Thanks THN....The Hacker News

Browser fight continues : CHROME continues topping too!!!

1.    Not long back we all have seen or might have experienced when violent and pornographic images were fed across facebook profiles of FB friends without the knowledge of the online FB user when he used to simply click on a tempting link!!!!All that happened owing to so many malwares but the exact launching vulnerability was indeed in the BROWSER!!!!!

2.    The openweb is full of options for seemingly good browsers viz Mozilla Firefox, Google Chrome, and Microsoft’s Internet Explorer. But who is the best?.....though when u google u find so may individual claims but third party tests are always welcome on such issues...specially when they have huge evidence to support....like few years back I posted on ACID3 test for the browsers...this one comes from Accuvant...and its actually huge in terms of a conclusive report that's 139 pages in toto......:-)

3.   The full report can be accessed by clicking here...so the Accuvant study revealed that Chrome ranks as the most secure web browser when compared to Internet Explorer and Firefox. Interestingly, German government named Chrome the most secure browser, perhaps lending weight to the study. 

4.   The criteria to test these browsers included factors like ASLR,GS,Sandboxing,JIT Security etc as shown below :

(CLICK ON THE IMAGE TO ENLARGE)

5.   Please google if you wish to know the criteria factors mentioned above in the image.Thanks http://www.accuvant.com/

FBI : A Parent's Guide to Internet Safety

A must read guide from  The Federal Bureau of Investigation (FBI), an agency of the United States Department of Justice for all the parents in the world, advising & trying to make them understand the complexities of online child exploitation.....please click HERE