LAS VEGAS—Day two of briefings
at the Black Hat security conference produced some interesting moments here in Las
Vegas. The day began with a keynote from former
National Security Agency (NSA) Director Ret. Gen. Michael Hayden, and included
everything from mobile security to weaknesses in HTTPS.
Without further ado, here are some highlights from the final day of this
edition of Black Hat.
Former
NSA Chief Talks Cyber-war:
Hayden, who also served as director for the Central Intelligence Agency (CIA),
highlighted the complexities of cyber-war and the need for the United
States to get more involved with other
nations in conversations about fighting cyber-attacks.
Weaknesses in HTTPS:
Researchers Josh Sokol and Robert "RSnake" Hansen talked about 24
vulnerabilities in HTTPS that could be used via man-in-the-middle attacks to
potentially hijack browser sessions. While Hansen told members of the media "the
world is not crashing," he also said fixing the issue would require
changes to SSL protection, such as
additional junk code that would make it take longer for an attacker to take
advantage of the issue. The duo also recommended better tab isolation and
sandboxing as solutions.
App
Genome Project:
Researchers from Lookout Mobile Security highlighted some of the dangers
emerging due to the explosive growth of mobile applications. Urging users to be
vigilant about the apps they are downloading, Lookout noted suspicious
wallpaper applications in the Google Android marketplace from a developer known
as "jackeey,wallpaper" (who has since reportedly changed his name to "callmejack"
since the research was released) that pulled several pieces of data and
transmitted them to a remote server. The data included the device's phone
number, subscriber identifier and the current voicemail number on the phone.
Router Risks:
Researcher Craig Heffner demonstrated how many consumer routers could be
exploited through DNS rebinding to gain access to the router's internal-facing
administrative interface. According to eSecurity
Planet, Heffner, who works with security consultancy firm Seismic, urged
users to change their firewall rules to prevent an external IP from rebinding
with internal ones, and to disable the http admin interface of their routers if
possible.
(Sponsor)
(Sponsor)
(Sponsor)
