Monday, November 30, 2015

Data of thousands kids and their parents was stolen

Personal data of 5 million of parents and more than 200.000 kids, with an average age of 5 years, would have been stolen from the systems of the Chinese corporation Vtech, world leader in the selling of electronic toys for childhood and preschool. The attack would have been easy, given the non existent security measures by the company. We'll talk about a VPN error which seems serious although isn't to much clear, about the CyberCamp congress celebrated the past weekend in Madrid and we'll recommended an interesting article about how the biggest companies of cybereconomy avoid taxes.

5 millions of emails with their corresponding passwords weren't encrypted and protected in any way. Secret questions were not either, of course. Names of the parents easily linked with names of the children, whose homes addresses were saved too. Now the "bad guys" can know Mary is 9 years old, where she lives, what's the name of her pet and who are her parents. The company didn't know the existence of SSL and they have taken 15 days to give an answer: "Luckily they haven't taken financial information". Sorry for the expression but this is pathetic.

Sunday, November 29, 2015

We can´t keep hidding behind risk analysis

Antonio Ramos. CEO of Leet Security.

Antonio Ramos has a solid CV in cybersecurity. Not only for the places where he had worked or the amount of certifications he has (we swear he has more than José Selvi :), but also the quantity and quality of the organizations he belongs to, starting from the Spanish chapter of the Cloud Security Alliance, of which he is founding member; ISACA Madrid, where he was president and now vice-president; the European cibersecurity organism ENISA; ISMS Forum Spain or the Spanish Association of Certification and Standardization (AENOR).

But when you met him in person, all these headlines and baggage take a back seat and are his humanity and sympathy the things you'll remember. Antonio, 42 years, from Extremadura living in Madrid, in addition of being expert in cybersecurity has a tradesman´s soul and is one of the few people in this savage world who dare to undertake without dying while trying. Member on his own right of the business sector (the real one) of the Spanish cybersecurity, is one of the closer members.

Friday, November 27, 2015

Windows Phone has fallen finally

It seemed impossible because Microsoft and Nokia had ensured for the difficulty of someone could  break the guards of the Windows Lumia smartphones , but finally a hacker called HeatCliff made it. We advise today also of a new malware campaign in websites that affects to the popular "Reader´s Digest", we explain how a criminal is blackmailing a bank of Arab Emirates and we are going to finish with a text for thinking... all the weekend

HeathCliff didn´t break only the guards of the Windows smartphones, he has also created a free tool called "Window Phone Internals" to let users of this device to unlock it automatically and even create personalized ROMs. The tool works in every versions of Windows Phone 8.1 and Windows 10 Mobile, which makes it really interesting.

Thursday, November 26, 2015

Security holes in web stores menace the Black Friday

The Black Friday is very close and the entire world is ready: some stores are elevating the prices, as it is warned via Twitter, other are improving their security before the spected avalanche. Today we'll talk also about a ransomware for Linux, a millionaire robbery in Russian banks, about a scandal suspected by a lot of people and a recent discovery from a study: milliosn of devices have the same key encryption.

While the rumours about something has happened to the credentials of some Amazon clients are increasing, and the company has asked them to change their passwords, we don't know if it´s caused by a security breach in Amazon (something improbable) or other reasons, it has revealed a critical vulnerability in the popular  sales management system Zen Cart that could allow attackers to infiltrate in the servers and install malware to infect the guest or get the data of the buyers. A few hours before the Black Friday is questionable that the stores, enough busy, will start to patch their systems, so be careful!

Wednesday, November 25, 2015

This little thing knows your credit card number and doesn’t need the pin to empty it

The researcher Samy Kamkar caused a really mess this time: he discovered that using a credit card it was possible to guess the number of the new credit card sent to their owners by the banks when the actual expires or is stolen. He combined this knowledge with the possibility of shopping without entering the correct PIN and he created an infernal device on sale for 10 $. If after that shock somebody can keep reading us, we will talk about why Yahoo doesn’t like adblockers, how Facebook warned to government employees that they had been hacked and our reader will join us in the reflection on the called “cyberterrorism” and if it is a real menace.

Samy Kamkar warned to American Express about his amazing discovering but the entity didn’t pay attention because, although the device predict the number of our future credit card, it can’t do the same with the 4 control digits, removing the possibility of shopping in stores where this is asked as a security measure. Not idle, Kamkar decided to show them the danger is real, building a device to emulate credit cards allowing to shop in stores or restaurants, without entering the PIN. Now American Express pays attention and they assures they will solve the issue soon.

Tuesday, November 24, 2015

Epic Fails: Dell, Wired and the Greek Prime Minister

Today, it looks like we are on Epic Fail National Day: to start, the discovery of Dell computers bought since august 2015 have a serial certificate the company didn´t notified about and could be dangerous to user´s safe browsing. To continue with the mistakes, some days ago the “Wired” magazine showed as the ISIS manual in Internet what it´s really is harmless manual for journalists. Later, we have the Greek Minister doing official pictures with a post-it on his side with a written password. At last, a guy is crying in Twitter, repentant because he helped to kill to the CyberCaliphate leader. 

Dell´s response has been impeccable, or almost: as soon as the notice in Reddit was known, Dell has launched a note explaining the certificate preinstalled in their computers, with the private password included, served to give more information to their online technical service. Dell offers a tool for uninstall it and also manual instructions. But what they don´t tell is that two weeks ago some researchers contacted to the company to notify the failure and they didn´t mind. They don´t tell either that this certificate could be used to steal personal data or to make users visit webs thinking they are secured.

Monday, November 23, 2015

"Top Secret" information from USA is avalaible for hackers

An audit by Department of National Security of the United States has unveiled the existence of at least 17 databases with "secret" and "top secret" information with vulnerabilities which left them vulnerable to any malicious hacker. Who says “I knew it” here is the demonstration. Today, we will speak about new data robberies in a hotel company, Starwood; about an analysis of TrueCrypt program which has revealed that the vulnerabilities unveiled some weeks ago weren´t so horrible and bout a fair in Paris, a few days after the terrible attacks, it united to guns and cyberweapons dealers from all around the world.

According the audit by DHS, 136 of their systems have software that hadn´t been updated correctly, so they are open to cyberattacks. Of these 136 systems, at least 17 would be databases with information classified like Secret or Top Secret. In addition the non updated software, inspectors detected weak passwords, webs vulnerable to Cross-Site or Cross-Frame-Scipting attacks and wrong configurations. It´s necessary to clarify that the rest of countries doesn´t make these audits and if they would do it we would enough to tear at their hair. So, the news is not the failures fond in USA systems, but the USA has had the courage to analyze their systems. So, the news, should not be the failures found in USA systems, of but the USA has had guts to analyze their systems.

Sunday, November 22, 2015

Yago Jesús: "I spent one year in a police bunker to implement the DNIe"

Yago Jesús, co-founder of Security By Default

Men like Yago Jesús aren’t from Mars. Are from Saturn at least. Yago gives the impression of a mysterious being even for a lot of his friends. Serious, cold head, just his presence command respect and, like happens with other hackers, an invisible barrier looks separate him from the world. That doesn’t mean that they’re rude or they don’t care of anything: they just live above the rest of us, in an abstract mental corner. “I have a high sense of my personal and private life, I don’t like air my live, I suppose that’s why you don’t have many data about me”, says Yago Jesús when I asked him for his age or place of resident.

He encourage me to find information in an interview made by Chema Alonso who, confessing he isn’t very familiar with him, praise that he could “move at ease analyzing a hexadecimal uploading or managing the 2.0 image of a company”. Yago gave data about his work there: “I participated in one of the most important deployment in Europe for ‘The ruling ISP’, (also) we built the security department for another great ‘wire’ ISP. (…) I designed and developed a tool to encrypt mobile devices for a bank entity. I was with the responsible of the security and monitoring area in a military project…”. 

Friday, November 20, 2015

This is how the Russian cybercrime works

Kaspersky Lab gives us today a new report about how do cybercriminals work . This time they talk about the Russian cybercriminals, specialized in financial crimes and everything related to stealing money on Internet. We’ll talk about this interesting study and also about a phishing incident in the World Bank, about some good measures taken by the north American FTC to finish with online fraud and we’ll continue with the CIA´s social network strategy.

Someone said once that the Russian cybercriminal were the best hackers in the world. Reading the report made about them by the cybersecurity company Kaspersky Lab, we don’t doubt it. From credit data trade until DDoS attacks and most risky financial crime, like the direct robbery of the users, companies and even bank accounts, the cybernetic thieves from Russia and the old URSS are really good. We really recommend to find a moment to read it.

Thursday, November 19, 2015

The 0days seller Zerodium publishes his price list and there are some surprises

What would you say is more expensive: an exploit which attacks an unknown failure in the Tor browser or in Android? …, …, …, Who have thought Android, because the elevate number of failures discovered daily, are wrong: is cheaper an exploit for the browser Tor, which isn’t the same as the theoretically super secure network with the same name. We’ll keep talking about that and, also, today we highlight the increasingly complexity of the bank Trojan Dyre, the discovery of a botnet which has deceived a lot to announcers in the network and an opinion text which advocates for the “sensible divulgation” of computer failures.

Zerodium, the 0day exploits and other advanced cybersecurity tools seller, has made something unprecedented until now in his business sector: publishing his price list. In this price list we can see that the most expensive exploits are the exploits which attacks the security in smartphones: a 0 day for Android and Windows Phone cost more than 100.000 dollars, being the iPhone exploit the most expensive: more than 500.000 dollars. Instead, the 0days for traditional operative systems: Windows, Mac OS X and Linux, cost “only” 30.000 dollars. We encourage our readers to see the price list, which is also well designed to facilitate the reading.

Wednesday, November 18, 2015

The experts doubt that a serious terrorist uses Telegram

The attacks of Paris have initiated a tsunami in the network and outside, where the defenders and detractors of the encryption are arguing, fed by the secret services, which are exploiting the situation to ask more money and the expansion of their monitoring capacities of the population, meanwhile the activists say that so many monitoring hasn’t avoided the attacks. Meanwhile, Anonymous entangles the situation launching cyberattacks on ISIS and they call them “idiots” and “lamers”. Writting a quality post about cybersecurity without dins among so many noise was hard, but we think we made it.


About the “mess” in hand, we´ll just highlight a text about the allegation that the terrorist used the messaging app Telegram, which allows encrypted private chats. The recognized security expert The Grugq explains that, although officially nobody has broken the encryption of Telegram, “personally I wouldn’t trust that the encryption of Telegram would protect me from an adversary in the shape of a nation”. Moreover, hoping the terrorist would use only Telegram is candid, given the multiple possibilities offered on the Internet to hide their communications, mentioned by Lorenzo Martínez in “Security By Default”.

Tuesday, November 17, 2015

The encryption of Windows Bitlocker could be decoded in seconds

The Bitlocker hard disk encryption software, very popular in Windows systems, don’t encrypt the data as safely as we think: an easy trick allows to hack it and that’s why Microsoft corrected it so quickly, in its last security update. We´ll also talk today about the controversy about how much the encryption helped terrorists in Paris, we’ll discover so many failures of one of the more used software platforms in the corporate world and we’ll know finally if it is safe to log in a website using our Facebook credentials.

Microsoft has patched a vulnerability which allowed attackers with physic access to our PC or laptop to reach our encrypted data using the Bitlocker tool. Ian Haken, from Synopsys company, published the last week his research, which uses a fake domain server to get the passwords of encryption, saved in the cache by Windows. A few weeks ago, were discovered failures in other encryption data program for Windows, TrueCrypt.

Monday, November 16, 2015

The USA military armament has “great cybersecurity failures”

The military artillery systems are part of the Internet of the Things too and, like this, have important cybersecurity failures. The USA Government  will dedicate 200 million dollars to securize them better. We’ll see if they achieve it. Today we talk also about a virus which entered in a police’s camera, of thousand vulnerable Java applications and also about fatal 0day on Chrome.

The president of the Unite States, Barack Obama, has compromised to sign an order for the Pentagon to secure its weapon systems against cyberattacks. The last year, a complete inspection of armament detected “important vulnerabilities” like misconfigured programs, weak passwords and another failures that allow to assault the systems with “amateur-intermediate” level skills. Another analysis make to drones, sensors, missiles and other systems detected similar problems.

Sunday, November 15, 2015

"There are many companies spending a lot in security without thinking"

Juan Antonio Calles. Cyber Security Senior Manager in KPMG Spain

Juan Antonio Calles (on the left in the pic) and Pablo González, who we talked with in this same section a about two months ago, form an unusual friendship tandem in the individualist world of the cyber security. Juan Antonio, Juanan for friends, began in this world when he started as an intern in the company Informática64, today Eleven Paths. But Juanan toke many years playing with computers, specifically and this isn’t a joke, since he was 4 years old, when his uncle Juan Luís gave him an Amstrad CPC 464. His uncle didn’t stop and kept on giving him his used computers, as well as the necessary knowledge. 

Actually, explains Juan Antonio, today 28 years old and living in Mostoles, what always attracted his attention was “being an undercarriage designer, like Scaglietti or Pininfariina, I spent all day drawing cars”. But the influence of his uncle was stronger and, on top of that, his friend since he was 8 years old, Pablo, is dedicated to computing too. So he was condemned: Juanan signed in the university while working. In March 2014 he created his own company, Zink Security, which was sold to the multinational KPMG six months ago.

Friday, November 13, 2015

The good life of cybercriminals

“The first impression of the Brazilian cybercriminals is they love boast of the money stolen and the good life of being a criminal. They compared themselves to Robin Hood”. That’s the beginning of an interesting report about the Brazilian computing underground, made by Fabio Assolini. Today we talk about other criminals too, like the criminals who rent ransomware services, or those who make DDoS attacks and ask for a rescue. We found a lot of different people in this world, even managers from Apple who don’t need criminals to create a great chaos. 

The report “Beaches, carnival and cybercrime: a look to the Brazilian underground” by Kaspersky Lab makes a conscientious analysis about one of the older, more creative and more colorful cybercriminal communities of the world, specialized in bank Trojans and phishing campaigns. During many years, Brazilian laws didn’t contemplate the cybercrime, which has made grown up this community with a high sentiment of impunity. So, they boast about the money stolen, their luxury life and the prostitutes who hire in the pics the show on social networks. Interesting reading.

Thursday, November 12, 2015

Amazon sells tablets with virus

It Isn’t the first time that smartphones, tablets or even computers go on sale with pre-installed malware. Especially if are made in China. What is unusual is that this devices are sold in trustfully shops like Amazon. We talk about that, in a day with really big news: It has been discovered that the company responsible of the telephone service of the USA penitentiaries had  recorded conversations between prisoners and lawyers ,also that the FBI paid to a respected university to hack Tor and finally that the calls made using the new Samsungs can be intercepted… without being the operator or the police. 

According to a report by Cheetah Mobile, more than 30 Chinese Android tablets brands sold nowadays in Amazon and other online stores would have preinstalled the Cloudsota malware, a dangerous Trojan which can install adware, steal data or kidnap the results of a search. Cheetah Mobile provide a list of brands infected, which would be in the stores since months and more than 17.000 units were sold  in 150 countries, especially in Mexico, Unite States and Turkey. The most painful thing is, despite of been advised, the online stores, Amazon included, didn’t retire the tablets. The infected users are who warn the people of the problem in the comments of these products.

Wednesday, November 11, 2015

The biggest finantial hack of the history revealed

Yesterday the Justice Department of the Unite States told the world an amazing story: how three men, two of them arrested this July, planned the biggest financial hack of History, in which they won more than 100 million dollars. Today is a trending topic of the digital media and we try to resume it to our readers. Also we talk about the sale of nuclear plants 0days, about pentesting with drones and a revealing interview with the ex-director of the Spanish National Intelligence 
Center (CNI).

They are allegedly the responsable of the biggest data robbery to a bank, JPMorgan in 2014, where they obtained personal information about 83 million of people. They assaulted too other banks and financial centers, among them E*Trade and Scottrade. They used the stolen information to artificially manipulate the price of the shares of the stock market and laundered money with the help of online casinos and a web of Bitcoins exchange. One of them, Joshua Samuel Aaron, 31 years old, is still still being sought.

Tuesday, November 10, 2015

A “bad guys” critical failure allows to decode the Linux ransomware

Yesterday, astonished and frightened, we related the emergence of a ransomware that attacks Linux servers. Today we have a smile in our lips when we explain the ending: the ransomware is badly encrypted, so it’s possible know how decode it. We´ll also talk today about the unbearable vulnerability of Adobe Flash Player, the increasingly laziness in the world of certifications and about an intrusion quite soundly in the networks of the Britain Parliament. 

Since yesterday many webs infected by the ransomware Linux Encoder1 have been discovered, the malware uses the hole in the e-commerce platform Magento to enter in the servers of Linux, encrypting their contents, backups included, and asking for a rescue of 1 Bitcoin. Luckily, the firm Bitdefender has discovered a huge failure in the encryption that allows to infer the decoding password. They have created a tool which do it automatically and they offer it by free. But nobody should lower their guard, because for the criminals it’s as easy as releasing another ramsonware, this time without failures.

Monday, November 9, 2015

Even more dangerous: now ransomware infects websites

Ransomware is a good business for computer crime, so much that it evolves into new and sophisticated ways. One of the most dangerous opens Linux.Encoder.1, a ransomware able to attack web servers with Linux operating system. There is a lot of business that may become victims of this new virus... better not to guess it. Today we will talk mainly of attacks: DDoS against ProtonMail goes on, as well as CiberCalifato resurges and some kids called Crackas With Attitude play Billy the Kid with the CIA and the FBI.

New ramsomware, discovered by Russian security firm Dr. Web, raided webpage of a designer using ecommerce platform Magento without patches. Last April, this flaw was announced, and that's what virus took advantage of to get into the server. It encrypted the whole home, backup directories and folders linked to web server, with files, images, libraries and scripts. By the moment, no antivirus is able to detect this ramsomware.

Sunday, November 8, 2015

Deepak Daswani: "Don’t fight against envy, transform it"

Deepak Daswani. Communicator and IT security expert.

Deepak Daswani is known by his work, in the last two years, as the Security Evangelist of one of the main cybersecurity state centers in Spain, INCIBE. When you know him you realize they made the correct decision choosing him: topic expert knowledge, perfect word, emotional intelligence, diplomatic spirit and a really good looking like not much people in the hacking world; 1,95 of height and 86 kg of muscle forged by boxing and weight training. Slurps, would say some female hacker, but no. Dipu is happily married, he has a beautiful 3 years old daughter and he's a little shy at the beginning, not a heart breaker.

He's just landed in Deloitte's CyberSOC Academy, his new work after leaving INCIBE recently. There, he’ll keep teaching, educating and, in the end, evangelizing about IT security, but with the option of sleeping every night (or most of the times) at home, in the Canary Islands. He’ll keep collaborating in media, but without stress, helping to “translate this world so technique and complex into a clear language, so the spectator could understand it”. This, this is his gift.

-Well, and the music?

- It's one of my biggest passions, besides hacking. When I was a child I played organ during 8 years with the Yamaha Japanese method, and I love be a DJ too, in the Canary Islands there’s a lot of DJ and electronic music culture. I played like an amateur in some parties, weddings and this kind of stuff.

- Are you Spanish?

- Yes, I’m canary with Hindu origins. In Canary Islands there’s a big community of hindu people with electronic business. I was born here, from the second or third generation, a real canary with an Hindu origin, but it also generates confusion because I’m not the common hindu for my look (i'm not brown, rather the opposite)… so I go unnoticed.

- Your name would have been a little cross for you...

- When I was a child it brought me a lot of problems at the school. When calling the roll and the teacher was new and he jammed, I knew it was my turn, like in the University… but it has good things too, because now, that in addition of giving conferences I collaborate with a lot of media, at last a different name attracts much more attention. 

- Why did you leave INCIBE?

- In INCIBE I lived an amazing time both in a professional and personal level, and I’ll always be grateful to the direction for the confidence who had in me, giving me a relevant mission like representing the organization, as well as the colleagues who made me feel at home. But I’m the kind of person who always look for new challenges and runs from the immobility. One of my faculty teachers, a great friend of mine, says that I’m a “restless person”.

- To achieve this position you have to beat 600 people??!

- If I remember well, 600 people were registered in the platform to make the online hacking tests, 160 completed it, 60-70 were interviewed and 20 were selected, finally entering 19.

- INCIBE taught you this serious and qualified look guy or you already had it before?

- Since before I guess. However, who knows me a little bit assume that I could seem serious at work, but I love joking. When I built confidence with someone, I don’t stop joking.

- How did you discover that you like the IT security?

- I always loved scraping with computers. When I had my first AMIGA 500, besides playing with it I dedicated to program in BASIC thanks to a book bought by my father of BASIC for childrens. After that, with my first 286, I made scripts in BAT with MS-DOS, and when the modem/fax appeared, I liked to connect to the BBS to download programs and exchange knowledge. Since I was a child I liked the hacking and his mystic halo associated to the referents of those times, like Kevin Mitnick. I made my teenager works and then I focused on the University.

- Wow! But, how old are you?

- 35. I always knew that I wanted to learn and became a hacker, but I never had the hope of dedicating to it professionally. In Tenerife there’s a lot of work in the TIC sector, but not in security. I worked in the TIC sector in development, in banking, in geographic engineering and GIS, and finally I finished working in my real passion.

- You’re the author of the “Whatsapp Discover” tool, which extracts phone numbers from Whatsapp users though network traffic.

- I discovered it at the end of 2013 and I published it at the middle of 2014. Despite of the Whatsapp conversations we have with our contacts are encrypted, our smartphones send to the Whatsapp servers data packets with our phone number before establishing the communication. This is why the users who use public Wifi networks like airports, hotels or mails have the risk of showing their phone number. Whatsapp Discover extracts these phone numbers in these kind of networks.

- Personally I loved your investigation called “Mi daughter of 2 years old helped me to hack the Pocoyó app” :)

- Well, it wasn’t such a big deal, but it was funny because while I was monitoring the home network traffic to work in WhatsApp Discover, Lara was sit by my side focused seeing Pocoyó in her iPad. So isn’t a coincidence that her traffic interfered in my web catch, and from there, the rest is the same: curiosity and set at the details. It's clear that without her help I wouldn’t made it :)

- Do you have any beautiful quote you’ve converted in a password?

“If you can dream it, yo can do it…”

(Unfortunately isn’t mine but I love it) ;)

If you want one of mine, here we go, although I don’t know if it’s beautiful: “The envy is a natural emotion. Don’t fight against it, transform it in your motivation”.

-It’s very accurate. :)

Text: Mercè Molist

Friday, November 6, 2015

They pay $6.000 to stop bombing them and… they keep bombing them

The encrypted and free mail service ProtonMail has been, during two days, under a strong attack of service display denial. According to ProtonMail, “advised by third people” decided to surrender to the blackmail by the attackers and paid what they want. But it was useless. We'll talk today, as well, last day of the weekend, about a million of wifi devices saying “hack me”, from an important fine imposed to an American cable supplier and the polemic declarations by Linus Torvalds which are being the gossip of the hacker community.

ProtonMail is a server based in Switzerland which offers encrypted and free mailing to half million people. According to their blog, they have suffered attacks from government pressure lobbies but they hadn't live yet a “real one”: a DDoS which exceeded the 100 Gigabytes per second and affected all the infrastructure of their services provider. The attack began on November the 3rd. The attackers asked for 15 bitcoins in exchange of stopping the attacks and, bad advised, they decided to pay. It was useless. Now it seems to have forwarded and ProtonMail asks via crowdfunding for money to improve its security against DDoS.

Thursday, November 5, 2015

You’ll have to change your smartphone if you get this virus

We assist day by day, amazed, to harder challenges in cheating, stealing, harassment and demolition techniques against mobile telephony. Today is a kind of adware for Android which, according to their discoverers, is virtually impossible to uninstall. This means that the only possibility of get rid of it is changing our smartphone. We'll also talk about two studies which aim to prove the privacy of Android and iOS, on the one hand, and of the biggest technology companies, on the other hand. We advance that nobody achieves more than a 6,5. We'll finish with a lucrative business: the sale in the black market of certifications to sign virus. 

Researchers from the company Lookout have discovered this adware in more than 20.000 fake apps which simulate to be popular apps like Twitter, Facebook or even the double factor authentication service, Okta. The trojan is installed like a system application, acquiring this way administrator privileges to install whatever it wants. According to the researchers, it’s impossible to erase a system application, so the only solution for anyone infected is changing the phone.

Wednesday, November 4, 2015

DefCon closes its forums out of fear of being attacked like vBulletin

First we believed the attack against vBulletin and Foxit Software forums, this weekend, just compromised emails and passwords of half million users. Now things are getting worse: credit cards would have been stolen, every forum which use the vBulletin software would be exposed too and more serious problems we'll comment down below. Today we also talk about the Android rampant insecurity and about a topic we didn't remove too much: email and its failures.

The last news about the vBulletin case, increasing in importance as the hours go by, are the existence of a 0day exploit based on a failure which would be present in the software over the past three years and which would allow to execute code remotely. The author of the attack, Coldzer0, has offered it for sale in, while vBulletin has launched a patch which theoretically solve the bug. The forums of, which use the vBulletin software, like many others in Internet, have decided to close their doors to apply the patch and wait until the storm fades out.

Tuesday, November 3, 2015

The man who recruited a hacker to delete his fines goes to jail

Yes, we know that today the unquestionable IT security news are related to the iPhones 6 and 5, and the relevant iPads, jailbreak, besides remotely, via web. ¡Almost nothing! But because this information is everywhere, we allow ourselves to open our daily summary with another news, less important in the history of cybersecurity but a human story which provides us moral, a kind of story which must be taught in the schools for adults and kids: how a man who owed 25.000 dollars recruited a hacker to delete his debts and has been imprisoned for, at least, two years.  

Zachary J.Landis
The story of Zachary J. Landis would be even funny, if he hasn't ended with a jail sentence. Landis had some debts, among them administration fines, so he decided to hire a hacker to remove them. Using his real name and e-mail address, he put an ad on Craiglist, read by the local police. A detective contacted with Landis, pretending to be a hacker and Landis told him everything: he wanted to delete his fines and, afterwards, another debts.

Monday, November 2, 2015

A new serious failure in ATMs brings access to the bank network

The Wincor Nixdorf ATM's have serious security problems, according to a German researcher who casually discovered that, when you withdraw money, the machine showed an important amount of sensible information while it was upgrading the software. We'll discuss it as well as the problem suffered by 2000 Vodafone customers who have seen their accounts committed for using the same password in different sites. We'll also recommend a free tool to fight against ransomware and a delicious documentary about girls making apps. 

The ATMs affected belong to the German bank Sparkasse, which is already patching them up. Benjamin Kunz-Mejri discovered the problem when, withdrawing money from a cash dispenser, it sudennly stopped working and started to upgrade its software. The researcher fiddled around a little bit to discover, amazed, how the terminal was showing all the update process as well as users names, serial numbers, firewall and ATM's configuration, network information, IDs from the devices and even two system passwords. And, to make matters worse, the operating system was the outdated Windows XP.

Sunday, November 1, 2015

Pepelux: "Today, the naive with curiosity gets spanked"

José Luis Verdeguer, VoIP expert.

Today we talk with one hacker from the goods side, not too much lover of the media. José Luis Verdeguer, Pepelux, 43, from Alicante, is CTO at Zoonsuite VoIP operator. In his spare time he enjoys competing in hacking contests or giving security talks. There's no Spanish CON(ferende) where Pepelux has not speaked, at lease once with presentations or workshops. Besides, he has written a book: "Hacking VoIP and security".

But do not get fooled by those many talks. Pepelux is a discrete type, almast tight, not giving his confidence to everyone. We repeat: A good boy, old-fashioned hacker, so humble that often he goes unnoticed. This week we had the honor to hear many things that we've never heard in public: from his business vision in cybersecurity to his beginnings in hacking. That's why we allow us to offer one larger interview than other Sundays, since we think the information provided has a great value.