Quantcast

Archive: Nov 2013

Hacking, Surveilling, and Deceiving Victims on Smart TV 2: Attack Vectors

Having outlined the key features of Smart TV technology, SeungJin Lee is now focusing on reverse-engineering its exploitable components for the attack purpose. I’m going to talk about the Smart TV attack vectors (see right-hand image). I want to say that Smart TV has almost the same attack vectors as...

Hacking, Surveilling, and Deceiving Victims on Smart TV

Special guest at the Black Hat USA event SeungJin Lee, aka beist, from the Korea University highlights the main vectors for exploiting Smart TV technology. I’m going to talk about Smart TV hacking. Let me introduce myself: SeungJin Lee; my handle is ‘beist’ and I’m from Korea University – the name...

Under Attack 6: The Challenge of Taming the Cyber Genie

Gordon Corera makes a judicious point here that the undoubted benefits from using computers and the downside of our increasing vulnerability go hand in hand. Over at the State Department in the office of Chris Painter, lead negotiator on cyber issues, the walls are filled with posters of films over the...

Under Attack 5: Massive DDoS Attacks and Stuxnet

BBC reporter’s focus in this entry lies in the realm of the infamous cyber attack on Estonia in 2007 and facts behind Stuxnet as viewed by renowned experts. The first signs that one state might be prepared to use the cyber realm to attack another came in Europe in 2007. The conflict began with a monument,...

Under Attack 4: Cyber Threats to Critical Infrastructure

Gordon Corera and his interviewees dwell in this part of the series on cyber attacks targeting components of critical infrastructure, and their consequences. Everyone says they’re under attack in cyberspace. But they all have different ideas of what that means. Part of this is about nations finding their...

Piriform CCleaner review

Free Without exaggeration, CCleaner is an excellent system optimization tool. Usability:  Features:  Efficiency:  Support:  Overall:  Download Maintaining a healthy computer is not restricted to only keeping malicious software away; it’s a matter of troubleshooting a...

Under Attack 3: Who Spies on Whom?

The issues raised here by Gordon Corera as he’s taking more interviews largely include the attribution of cyber attacks and espionage to specific nation states. Cyber attacks may be launched through computer networks, but they’re still about people. Attackers research employees in a target company,...

Under Attack 2: Major Security Agency Executives on Industrial Espionage

In this part, high-level executives of GCHQ, MI6, BAE Systems and the RSA reveal some information about attempted data breaches and cyber attacks targeting their organizations as well as powerful businesses. On the outskirts of Cheltenham in South West England sits GCHQ. For decades it’s been Britain’s...

Under Attack: BBC’s Study of Contemporary Cyber Threats

This series reflects contemplations and interviews by BBC’s Gordon Corera with executives and experts regarding the present-day state of the cyber threatscape. I’m Gordon Corera, and for the BBC World Service I’ve been looking at the extent to which cyberspace is being used to steal, spy and wage war....

Web Application Hacking 5: Tools for Decrypting SSL and TLS Traffic

This is the final part of the lecture describing Convergence as an alternative to the CA system, also covering sslstrip, sslsniff and other tools compromising SSL / TLS protocols. Let’s get back to the problem of secure protocol. (Slide 38) The problem with SSL and the secrecy is that everyone is a CA...

Web Application Hacking 4: Notorious CA Hacks

Find out in this part of the lecture at FSU about the most outrageous certificate authority attacks of the last years and the consequences they could lead to. So, about securing the Internet. Let’s go over some important certificate authority attacks (see right-hand image). Now in this first slide I used...

Web Application Hacking 3: Hurdles for Securing the Internet

This part of the lecture encompasses an insight into the trust issues associated with certificate authorities, SSL vulnerabilities, and CA scoping problems. So, who can become a certificate authority? Any ideas? You, me, anyone really. What’s the problem here? The problem is when you visit a website and...

Web Application Hacking 2: Components of Public Key Infrastructure

From this entry, which is a follow-up on the dedicated lecture at FSU, you can learn an in-depth outline of how digital certificates and certificate authorities work. Certificates are composed of a public and a private key. I should mention that there was a point where there was only one root certificate...