Monday, April 4, 2016

Was it a hacker who unveiled Panama papers?

Are we before a new Snowden, an employee who robs the information from inside? Or is it a hacker surgical operation with dark motivations? Today the network is mad with these questions without answers for the moment. We'll expand this information as well as another security holes that left us really surprised: not so intelligent bulbs, unsafe Firefox extensions and spying on Gmail and Facebook Messenger.

Do you know anything about the Panamá leak? It is asked to people on Reddit. And someone answers: "If this has been made by a hacker, he would have hacked the company email server". This would mean the majority of the leaked files would be emails, almost 5 millions, in front of 3 million database documents, 2 million PDFs and a million images. Anyway, the huge amount of information suggests that someone from the inside has made it, because via network many days would have been necessary.

Dumb bulbs

We keep talking about high hacks because the RSA algorithm co-inventor, Adi Shamir, and a PhD student have proved how  to hack smart bulbs to steal sensible data on isolated networks, without connexion to other networks. The vulnerability exploited is the communication between the control and the bulb, which isn't encrypted, and made possible to manipulate it to make what the attacker wants. Fascinating.

Careful with extensions

Meanwhile, we know incoming news from the Black Hat Asia, celebrated the last week: popular Firefox extensions like NoScript, used by 2,5 million people; Video DownloadHelper, with 6,5 million users or GreaseMonkey, with 1,5 millions, would have a failure allowing the virus to hide to this extensions to act without been seeing. For the moment, there isn't a solution, except uninstalling the extensions.

Gmail vulnerable, again

We finish with another discovery seen on the Black Hat. Or, better said, re-discovery because researchers had already warned 3 years ago about the danger of attacks to Gmail and Facebook Messenger and the hole had been closed. The new hack isn't easy to reproduce and it requires high knowledge, but it's here: the safe traffic among web services can be intercepted and stolen, and, also 500 times faster than the last time it was warned.


Post a Comment