Thursday, July 16, 2015

Raid in the dark network

One or more FBI agents infiltrated the forum cybercriminal Darkode and, with the help of 20 countries have arrested 70, accused of exchanging data for misdeeds of all kinds on the Internet: data theft, botnets, viruses ...It is the news that yesterday we published in our Twitter and today we can expand with very interesting information. Also discuss a new attack that allows theft of cookies, what happened to a researcher who warned of a hole and another type of security, community, exemplified in the famous Reddit.

Darkode was a forum in English, where cybercriminals met, mainly from Europe and the United States, almost all in their twenties. At the forum, which took eight years running, entered by invitation and was password protected, a lax security which allowed the police and even reporters infiltrate into it. One was Brian Krebs, who in his blog explains andverse who their leaders, including the Lizard Squad group or the creators of the famous Mariposa botnet, resident in Spain for years and one spanish from Vizcaya.

Denounced for help

And while the "bad guys" are arrested, the "good guys do not have the things better, if we pay attention to the ordeal of Zammis Clark, a researcher who discovered several security flaws in the Impero Education Pro program, widely used in schools British to monitor the activities of students, whose private data were exposed because of these failures. Clark warned the company that took a patch but also  his lawyers against the investigator. It sounds like science fiction, in a world where major computer companies who offer financial rewards to discover faults in its products.

Stealing cookies

We talked to researchers, in this case Mathy Vanhoef and Frank Piessens who have shaken the world of cryptography with the publication of a paper, "All your biases belong to us: Breaking RC4 in WPA-TKIP & TLS", which analyzed the weaknesses RC4 algorithm and demonstrate the practical implementation of attacks on HTTP / TLS connections allow steal cookies from the web. Also against the TKIP (Temporary Key Integrity Protocol) encryption using WPA networks.

Rebellion in the community

We finish with a very interesting investigation report on what is happening in one of the largest online communities in the world, Reddit. Several organizational changes have created serious unrest among its members, reminding us that the security should not look only to flaws in programs or machines, also in what happens in communities, with their rebellions, protests and strikes, as in any city or village Real Life.

We strongly encourage those interested in cyberculture reading this report and we also congratulate Xataka for publishing it.


Post a Comment