Calendario

Mayo 2017
LunMarMierJueVierSabDom
 << < > >>
1234567
891011121314
15161718192021
22232425262728
293031    

Anuncio

¿Quién está en línea?

Miembro: 0
Visitante: 1

rss Sindicación

 
07 Agos 2015 - 13:00:57

Hack like HammerToss: Students spin social media into data siphons - The Register

It utilizes RSA http://socialmediahc.com along with Base64 encoding, in add-on to steganography which can hide data inside sounds along with images.

The team includes Nelson; Bryan Wasti; Gabe Butterick; Nick Francisci; Bonnie Ishiguro, and also Nora Mohamed.

The student's Sneaky Creeper Python instrument inside development prior to the HammerToss revelations enables hackers to move data in along with from popped networks more than Tumblr, Twitter, along with SoundCloud.

"It is actually kinda cool that you can encode your information as audio along with upload it in order to SoundCloud along with download it later," Butterick says.

A sextet associated with security students have released any instrument that spins social media networks into stealthy data siphons, an approach currently inside use by simply an elite Russian hacking group.

. it can encoding and will be also actually flexible and also adaptable," researcher Dakota Nelson says.

"From the particular network perspective it looks just like someone uploading to become able to SoundCloud as normal, with nothing unusual heading on, nevertheless you're one command series coming from pulling which data out."

They questioned the protection neighborhood to help make make contact with with the particular team for any advice or remark that might aid making use of their exfiltration works.

"It is actually a fresh sort associated with attack vector, along with we're wanting to bring focus on it," Wasti says.



The device released from BSides las Vegas this week assists hackers emulate your information pillaging tactics with the HammerToss crime group. ®

Sneaky Creeper will be useful however requires much polishing and also can be compiled to a Linux binary with a Windows port inside the works. Olin college associated with Engineering throughout Massachusetts.

The team will think about working about "push-button" exfiltration for the ultra-lazy hacker described like a "one-stop-shop" for manual theft.

"It is truly a framework designed to get modules added while they tend to be needed.

"It can become a information exfiltration framework which that makes use of social media to move your data in and also out, regarding command as well as manage ... FireEye last week described its social media siphon tricks as marking the actual group's elite status.

"If you played the background music it sounds terrible."

The Twitter module could issue and pull down encoded tweets from an attacker's Twitter account associated with choice.

The social network channels help keep information movements beneath the actual radar, according towards the team coming from Franklin W

Admin · 20085 vistas · Escribir un comentario

Vínculo permanente hacia el artículo completo

http://ugliestwarlock337.hazblog.com/Primer-blog-b1/Hack-like-HammerToss-Students-spin-social-media-into-data-siphons-The-Register-b1-p15.htm

Comentarios

Este artículo no tiene Comentario por el momento .....


Escribir un comentario

Estatuto de los nuevos comentarios: Publicado





Se mostrará tu URL


Por favor introduce el código contenido en las imágenes.


Texto del comentario

Opciones
   (Salvar el nombre, el mail y la URL en los cookies)