Archive for February, 2011

SSD Drive and data security

Posted by spaquet on February 22, 2011  |   Comments Off

So you think you deleted all that chunk of data ? Well, not that much!

According to scientists “traditional” disk-erasure techniques are not efficient on flash drives (SSD, Solid State Device) and large part of data thought to be deleted is still on the drive.

Even when the next-generation storage devices show that files have been deleted, as much as 75 percent of the data contained in them may still reside on the flash-based drives…

The difficulty of reliably wiping SSDs stems from their radically different internal design. Traditional ATA and SCSI hard drives employ magnetizing materials to write contents to a physical location that’s known as the LBA, or logical block address. SSDs, by contrast, use computer chips to store data digitally and employ an FTL, or flash translation later, to manage the contents. When data is modified, the FTL frequently writes new files to a different location and updates its map to reflect the change.

“These differences between hard drives and SSDs potentially lead to a dangerous disconnect between user expectations and the drive’s actual behavior,” the scientists, from the University of California at San Diego, wrote in a 13-page paper. “An SSD’s owner might apply a hard drive-centric sanitization technique under the misguided belief that it will render the data essentially irrecoverable. In truth, data may remain on the drive and require only moderate sophistication to extract.”

Indeed, the researchers found that as much 67 percent of data stored in a file remained even after it was deleted from an SSD using the secure erase feature offered by Apple’s Mac OS X. Other overwrite operations – which securely delete files by repeatedly rewriting the data stored in a particular disk location – failed by similarly large margins when used to erase a single file on an SSD. Pseudorandom Data operations, for instance, allowed as much as 75 percent of data to remain, while the British HMG IS5 technique allowed as much as 58 percent.

Whole-disk wiping techniques faired only slightly better with SSD media. In the most extreme case, one unnamed SSD model still stored 1 percent of its 1 GB of data even after 20 sequential overwrite passes on the entire device. Other drives were able to securely purge their contents after two passes, but most of them required from 58 hours to 121 hours for a single pass, making the technique unviable in most settings.

Right now, SSDs are most often encountered in USB thumb drives, and it’s not unusual for them to hold as much as 32 GB of data. An increasing number of laptops by default ship with SSDs installed as the primary storage mechanism. Flash storage underpins that vast majority of smartphones, as well.

The full paper can be obtained here (PDF version)

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

Anonymous attack not so anonymous

Posted by spaquet on February 18, 2011  |   Comments Off

An attack by Anonymous on security firm HBGary used a combination of software vulnerabilities and social engineering to pull off a highly sophisticated hack, it has emerged.

A brute force dictionary-based attack on these passwords allowed the miscreants to work out the login credentials used by HBGary Federal employees, including chief exec Aaron Barr and COO Ted Vera. Barr and Vera made the mistake of using the same passwords for their Twitter and LinkedIn accounts.

Crucially the same password was also used to administer a corporate email account, a failing seized upon by Anonymous to extract a cache of corporate emails which were subsequently posted as a torrent, exposing confidential emails. The emails, in turn, revealed who had access to the rootkit.com research site maintained by HBGary, and the probable root access password of the machine hosting the site. [see our article on password reuse here]

A detailed analysis of the hack can be found here.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

This is the end…

Posted by spaquet on February 18, 2011  |   Comments Off

The future of Java looks pretty gloomy: removed from next version of OS X, overpassed by PHP and Rails on the Web and it is appearing as a vector for viruses and other hacks on safe thought systems such as Linux and OS X…

This fact is illustrated by Oracle fixes of this week where 21 security vulnerabilities were patched; 19 of which allow attackers to remotely install malicious software on end-user machines.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

An other day, an other bug…

Posted by spaquet on February 16, 2011  |   Comments Off

The flaw in “BrowserWriteErrorLogEntry()” function within the Windows mrxsmb.sys driver “could be exploited by remote attackers or malicious users to cause a denial of service or take complete control of a vulnerable system,” researchers from French security firm Vupen warned. The warning came after proof-of-concept code was posted on Monday to the Full-disclosure mailing list.

Vupen, which rates the vulnerability as critical, has confirmed the bug in Windows Server 2003 SP2 and Windows XP SP3. Secunia rates it as moderately critical, the third most serious notch in its five-tier system.

A Microsoft spokesman said company researchers are investigating the reports and “will take appropriate action to help protect customers” when the inquiry is complete.

More information on this vulnerability can be found here, here and here (sources: Vupen and Secunia)

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

2010 the Botnet Year!

Posted by spaquet on February 16, 2011  |   Comments Off

Botnets used in banking credential theft and other criminal enterprises made huge gains in 2010, claiming more than seven times as many victims as the previous year, according to a report issued by a security firm that follows the large networks of infected machines.

The dramatic increase was fueled by improvements in DIY botnet construction kits, which allowed internet-based fraudsters to construct new networks that quickly gained traction, the report from Damballa said. As a result, six of the 10 biggest botnets of 2010 weren’t in existence the previous year. New infection technology that targets a hard drive’s targets a hard drive’s master boot record and changes the machine’s boot options also played role.

Like the botnets observed by Damballa, many of the spambots described by Secure Works researcher Joe Stewart made vast improvements in concealing the infections. For instance, Rustock, the biggest spam network with an estimated 250,000 zombies, waits as long as five days after taking hold of a system before it begins sending junk messages. Rustock control servers also run a TOR exit node, “likely in an attempt to avoid disconnection by network administrations who might think the abuse is originating elsewhere,” Stewart writes.

You can find more information in the following PDF version of the report.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

Passwords from locked iPhones and iPads?

Posted by spaquet on February 10, 2011  |   Comments Off

Researchers have devised a method for stealing passwords stored on locked iPhones and iPads that doesn’t require cracking of the device’s passcode.

The hack exploits cryptography in the iOS password management system – known as keychain – that uses a secret key that is completely independent of the device’s passcode. That saves attackers who manage to access the file system the hassle of deducing a key that’s based on a passphrase set up by the user.

The hack can reveal a wealth of sensitive codes, including those used for virtual private networks, Wi-Fi networks, LDAP accounts, voicemail systems and Microsoft Exchange accounts. And that’s likely to spook large business customers with employees that use the devices to connect to sensitive company systems.

How to retrieve iPhone and iPad passwords …

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

password re-use, or how to be hack more than once…

Posted by spaquet on February 10, 2011  |   Comments Off

Computer scientists have discovered that password re-use is far more prevalent than previously thought after comparing a sample of matched passwords that spilled out at a result of the revenge attack by Anonymous against security researchers HBGary with the earlier Gawker password breach sample set.

By comparing passwords associated with email addresses registered at both Gawker and rootkit.com, computer scientists at Cambridge have been able to find out whether these users picked the same passwords for both sites.

A total of 522 email addresses were registered at both HBGary and rootkit.com. Eliminating throwaway and dubious addresses whittled the sample down to 456 pairs.

Joseph Bonneau, the Cambridge University researcher who carried out the exercise, found that in many cases the tech-savvy combined users of both Gawker and rootkit.com were using the same weak passwords on both sites.

More information can be obtained on Joseph Bonneau’s blog: here

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

When Java and PHP are sharing the beast bug…

Posted by spaquet on February 9, 2011  |   Comments Off

Oracle has squashed a decade-old bug in its Java programming framework that allows attackers to bring down sensitive servers by feeding them numerical values with large numbers of decimal places.

The vulnerability in the latest version of Java was disclosed last month. The bug, which stems from the difficulty of representing some floating-point numbers in the binary format, made it possible to carry out denial-of-service attacks when Java applications process the value 2.2250738585072012e-308.

The bug was first reported in 2001 to Sun Microsystems, which was at the time the official steward of the Java environment.

The vulnerability was reported again in 2009, but remained unfixed until now…

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.