TechBlog

BBC: Hackers gained “full functional control” of key Nasa computers in 2011, the agency’s inspector general has told US lawmakers. Paul K Martin said hackers took over Jet Propulsion Laboratory (JPL) computers and “compromised the accounts of the most privileged JPL users”. He said the attack, involving Chinese IP addresses, was under investigation. In a statement, Nasa said it had “made significant progress to protect the agency’s IT systems”. ...

SophosLabs: This week has seen the annual Mobile World Congress event. For 2012, the giants of the mobile tech world are back in Barcelona to captivate the imagination of the tech press with their latest smartphone and tablet offerings. The mobile industry trade show has certainly not disappointed. Announcements of smartphones with new quad core processors, phone cameras with huge numbers of megapixels crammed onto its sensor and 3 in 1 smartphone-tablet-netbooks have all provided much excitement. ...

Symantec Connect: The Opfake gang has been targeting Android mobile devices, as well as Symbian, but that does not mean they are limiting their targets to these platforms. Where there is money to be made, they are willing to invest time and resources. This includes scams designed for iPhone users. We have come across a couple of Opfake websites that, while hosting malicious apps that Symantec detects as Android.Opfake, are also designed to perform social engineering attacks on iPhone users. ...

At the RSA Conference 2012, McAfee’s Chief Technology Officer, Stuart McClure, and several of his colleagues, have demonstrated a whole range of different attacks on mobile devices. For example, they demonstrated an attack on an NFC (Near Field Communication)-enabled smartphone: the attacker simply attaches a modified NFC tag to a legitimate surface such as an advertising poster. For their live demo, the researchers used a Red Cross donations appeal such as those seen at bus stops in various cities across Europe. ...

At the RSA Conference 2012, former McAfee executives George Kurtz and Dmitri Alperovitch have presented a Remote Access Tool (RAT) that infects Android smartphones (version 2.2). They used an as-yet unpatched bug in Android’s WebKit browser to inject the malware. The researchers say that they bought the vulnerability information, and a range of other tools, on the black market. The finished exploit is based on 20 components that apparently cost a total of $1,400 on the black market. ...

Hey Folks How are you? I hope you will have a good weekend! Many of you have had sent me messages asking me how you can pay for my services, even that I offered all my services free of charge for everyone (and yet its free, and will be free), but since you requested it often, I made it available at my site for everyone from every side of world to pay, now you can go to “Payment Options” page and fill the form to receive the required info for your payments. ...

It is widely anticipated that Apple will announce a new version of its iPad tablet computer in San Francisco on March 7th. An invitation sent to journalists, inviting them to an event organized by Apple, has fueled speculation even further as it appears to show a close-up of someone using an iPad. Could it be the new iPad with a much lusted for improved display and souped-up processor? Only time will tell.. ...

H-Online: Version 2.0 of the HTTPS Everywhere browser extension has been released. Where possible, the add-on automatically redirects users to more secure HTTPS connections when they access certain web pages. HTTPS Everywhere 2.0 includes an optional “Decentralised SSL Observatory” feature that detects weaknesses in encryption. When the extension detects an encryption issue, such as weak keys, it notifies users that the site they are visiting may contain security vulnerabilities that could be used to for man-in-the-middle (MITM) attacks. “This is an extra level of protection that we encourage Firefox users to download, install, and use” said Electronic Frontier Foundation (EFF) Technology Projects Director Peter Eckersley. ...

Google is to offer up to a million dollars in rewards for Chrome exploits at the CanSecWest conference. Previously, Google has sponsored the Pwn2Own competition which is held at CanSecWest, but has decided that this year it will directly reward exploits. “We discovered that contestants are permitted to enter Pwn2Own without having to reveal full exploits (or even all of the bugs used!) to vendors” says Google in a blog post. In previous years, full details have been handed over, but the revised rules make it “an explicit non-requirement in this year’s contest” – a change that Google calls “worrisome”. The organizers revised the rules to make the contest “more fair” and “more of a competition”. ...

Oops indeed. At least if you were one of the Facebook users who believed that a hidden camera video had leaked onto the net of Justin Bieber sharing some intimate moments with his girlfriend Selena Gomez. Of course, Bieber’s typical fans – or those who would delight in his public humiliation by a hungry paparazzi – are probably unlikely to think twice about clicking on a link shared with them by their Facebook friends, claiming to leak to a sex video. ...