Posts

Posted on

BlackBerry’s QNX Still Dominates Car Market, but For How Much Longer?

BlackBerry’s QNX Still Dominates Car Market, but For How Much Longer?

BlackBerry acquired QNX Systems in 2010. Back then, it was still called Research In Motion. A lot has changed since then, including the name.

One thing that has not changed, though, is QNX’s impressive marketshare of the automboile industry’s “infotainment” space—you know, all the new-fangled, problematic interfaces most new cars come with these days. QNX, born in Ottawa in the ’80s by two University of Waterloo, owns more than half the market. And it’s a fast-growing one, too.

QNX isn’t a massive part of BlackBerry’s overall revenue—around 3% to 5%, according to some estimates—but the automobile industry is half of QNX’s revenue. Which is why it’s a little wary of the sudden appearance of Google’s Android platform in motor vehicles today.

The connected-car market is expected to be worth more than $50 billion by 2015, according to a 2013 forecast from the GSM Association of mobile operators, which is more than triple its value today. That’s a big opportunity for QNX—and its competitors, which includes not only Google, but also Apple, the world’s most valuable company.

via BlackBerry’s QNX Still Dominates Car Market, but For How Much Longer?.

Posted on

Investigating Malware Pawn Storm for iPhone

As posted on the Fortinet Blog!

What does the malware do?

To summarize the malware’s goals, it fetches commands via HTTP GET from a remote C&C, and uploads information via HTTP POST. The command it recognizes are listed in the table below.

0 Get Info Device

1 Start Record

2 Get Audio File

3 Get Contact List

4 Current Location

5 Get Installed Apps

6 Wifi Status

7 Get all Pictures from Photo Library

8 List a given directory

9 Get a given file

10 Get process list

11 Get SMS

The code shows a few interesting things:

via Investigating on Pawn Storm for iPhone | Fortinet Blog.

Posted on

Bank Hackers Steal Millions via Malware

PALO ALTO, Calif. — In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

BankMalware

But when a Russian cybersecurity firm, Kaspersky Lab, was called to Ukraine to investigate, it discovered that the errant machine was the least of the bank’s problems.

via Bank Hackers Steal Millions via Malware – NYTimes.com.

Posted on

WhatsApp security still broken…

“WhatsSpy Public” a tool for spying on WhatsApp users bypassing security settings

WhatsAppSpy

Social media is growing at a fast pace nowadays but with growing socialization the safety measures and privacy option should also be developed so that one’s information cannot be leaked at any endpoints. Social apps such as Facebook, WhatsApp, Hike, Instagram etc. are used by several people without knowing that how safe they really are or if their messages or personal information are not leaked.

The smartphone stand alone instant messaging App, WhatsApp is once again in the news due to a certain tool which can break its security features.  WhatsSpy Public tool which was recently released can give you status updates of any WhatsApp user, even if privacy options have been enabled.

WhatsSpy Public uses the web-based utility to trace the moments of a WhatsApp user and shows them in a dashboard with events being displayed in a timeline. The tool can be used to compare activities from one user to those of another for a more comfortable experience.

via WhatsSpy Public : WhatsApp status tool lets stalkers track you bypassing privacy settings.

Posted on

Dark Clouds above the Netatmo Weather Station After Sending WPA Passphrase in the Clear

I have the bad habit of playing with home automation and various data acquisition tools. I could quit any time if I wanted to, but so far, I decided not to. My latest toy to add to the collection was a “Netatmo” weather station. It fits in nicely with the aluminum design of my MacBook, so who cares if the manufacturer considered security in its design, as long as it looks cool and is easy to set up.

Setting up the device was pretty straight forward, and looked “secure”. It requires connecting to the device via USB, and a custom application is used to configure the device with your username, password and WiFi settings including the WiFi password. After the initial setup, the station needs USB for power only, and communicates via WiFi to the “Cloud”.

InfoSec Handlers Diary Blog - Did You Remove That Debug Code? Netatmo Weather Station Sending WPA Passphrase in the Clear

But after the simple setup, a nice “surprise” waited for me in my snort logs:

[**] [1:1000284:0] WPA PSK Passphrase Leak [**] [Priority: 0] {TCP} a.b.c.d:21908 -> 195.154.176.41:25050

I do have a custom rule in my snort rule set, alerting me of the passphrase being sent in the clear. Lets just say that it happened before. The rule is very simple:

alert ip any any -> any any ( sid: 1000284; msg: “WPA PSK Passphrase Leak”; content: “[Iamnotgoingtotellyou]”; )

So what happened? After looking at the full capture of the data, I found that indeed the weather station sent my password to “the cloud”, along with some other data. The data include the weather stations MAC address, the SSID of the WiFi network, and some hex encoded snippets.

Not only should data like this not be transmitted “in the clear”, but in addition, there is no need for Netatmo to know the WPA password for my network.

I reported the problem to Netatmo, and got the following reply:

Hi,

 

Indeed at first startup we dump weather station memory for debug purposes, we will not dump it anymore.

We will remove this debug memory very soon (coming weeks).

 

So far I haven’t seen any additional transmissions from the weather station containing the password, even after restarting it. I didn’t do a full factory reset yet. But in general, the data appears to be unencrypted. The MAC address of the station and the outdoor sensor are easily found in the payload. So far, I couldn’t find a documentation for the protocol, so it will take a bit more time to reverse it.

According to the weather station map provided by Netatmo, these devices are already quite popuplar. Here a snapshot of the map in my “Neighborhood”:

via InfoSec Handlers Diary Blog – Did You Remove That Debug Code? Netatmo Weather Station Sending WPA Passphrase in the Clear.

Posted on

Alcatel-Lucent report on malware in 2014 sees rise in device and network attacks that place personal and workplace privacy at risk | Alcatel-Lucent

The Motive Security Labs report – which looked at all popular mobile device platforms – found that such malware infections in mobile devices increased 25% in 2014, compared to a 20% increase in 2013. Android™ devices have now caught up with Windows™ laptops, which had been the primary workhorse of cybercrime, with infection rates between Android and Windows devices split 50/50 in 2014. While less than 1% of infections come from iPhone® and Blackberry® smartphones, new vulnerabilities emerged last year to show they are not immune to malware threats.

Malware growth continues to be aided by the fact that a vast majority of mobile device owners do not take proper device security precautions. A recent Motive Security Labs survey found that 65% of subscribers instead expect their service provider to protect both their mobile and home devices. Motive’s malware report concluded that infection rates in residential networks also rose significantly in 2014, with malware found in 13.6% of residences, an increase of 5% over the previous year.

“With malware attacks on devices steadily rising with consumer ultra-broadband usage, the impact on customer experience becomes a primary concern for service providers,” said Patrick Tan, General Manager of Network Intelligence at Alcatel-Lucent. “As a result, we’re seeing more operators take a proactive approach to this problem by providing services that alert subscribers to malware on their devices along with self-help instructions for removing it.”

Other Motive Security Lab report highlights include:

The mobile infection rate in 2014 is 0.68%. Based on this Alcatel-Lucent estimates that worldwide, about 16 million mobile devices are infected by malware.

Mobile malware is increasing in sophistication with more robust command and control protocols

Mobile spyware, used to spy on a phone’s owner, is also on the increase. It tracks the phone’s location, monitors ingoing and outgoing calls, text messages, e-mail and tracks web browsing.

The overall monthly infection rate in residential fixed broadband networks is just under 14%. This is up substantially from the 9% seen in 2013. This is mostly attributable to an increase in infections by moderate threat level adware.

High-level threats such as ‘bots’, ‘rootkits’, and ‘banking trojans’ remain steady at around 5%.

via Alcatel-Lucent report on malware in 2014 sees rise in device and network attacks that place personal and workplace privacy at risk | Alcatel-Lucent.

Posted on

Need for Security grows Again after Anthem Breach

Gov-Security

Mobile devices are a potential entry point for hackers and their malware. If you’re considering solutions to plug your mobile security gaps, our cross-platform solution is well-positioned to help deliver those security gains and satisfy the needs of both enterprises and government agencies. BES12 supports iOS, Android and Windows Phone devices and provides the confidentiality, integrity and authenticity to help protect your organization from data loss and theft.

Furthermore, as the leading EMM provider, BlackBerry counts all G7 governments and 16 of the G20 governments among its customers.

For even more proven security, consider devices running the BlackBerry 10 platform, which is the first to obtain a coveted approval from the U.S. Defence Information Systems Agency (DISA) for Full Operational Capability on U.S. Department of Defense networks.

via U.S. Gov Cybersecurity Budget, Anthem Breach, Need for Security | Inside BlackBerry for Business Blog.

Posted on

ARKICK by REFOCUS TECH updated for Blackberry Passport and Classic

ARKICK by REFOCUSTECH has been updated to support the Blackberry Classic and Passport. Way to Go!

Arkick

ARKick is your personalilzed contextual Augmented Reality Sidekick.’ It is the world’s leading contextual Augmented Reality app which helps you find nearby places in the most innovative way ever! Use ARKick to find places in the camera view based on your context- location, weather, time and also based on trending places near you via our Sidekick Engine.

via ARKICK | REFOCUS TECH.

Posted on

Remotely install and launch Android apps from the Play Store Vulnerability

Lucky for me… i am using a Blackberry Passport! 

Vulnerability Summary

Android Metasploit

Due to a lack of complete coverage for X-Frame-Options (XFO) support on Google’s Play Store web application domain, a malicious user can leverage either a Cross-Site Scripting (XSS) vulnerability in a particular area of the Google Play Store web application, or a Universal XSS (UXSS) targeting affected browsers, to remotely install and launch the main intent of an arbitrary Play Store provided Android package (APK).

 

Affected Platforms

Many versions of Android 4.3 (Jelly Bean) and earlier ship with browsers with UXSS exposures, as discussed in this Rapid7 blog post. Users of these platforms may also have installed vulnerable aftermarket browsers, as discussed in this TrendLabs blog post. Of the vulnerable population, it is expected that many users are habitually signed into Google services, such as Gmail or YouTube. These mobile platforms are the the ones most at risk. Other browsers may also be affected.

 

Simplified Demonstration of the XFO Gap

The following Javascript is sufficient to elicit a response from the play.google.com domain without an appropriate XFO header:

via Metasploit: R7-2015-02: Google Play Store X-Fra… | SecurityStreet.

Posted on

Snap v3 Beta ready for download!

Android apps on your Blackberry 10 Device? yes u can with the new and improved SNAP V3. Still in Beta but worth a Try

What has changed prior to V2

Snap V3

Snap v3 Beta 1 (2.9.9.0)

  • Complete rewrite of Snap v2
  • New user interface inspired by the latest version of Google Play Store
  • Browse more app categories and view suggested apps
  • Read app reviews
  • Search Snap via BB10 extended search
  • Pause and resume downloads
  • View screenshots full screen
  • Download of additional files (such as .obb)
  • Remove apps from “My Apps”

Snap v3 Beta – Red Light Of Love, Ltd..