Check Your Network: Linksys and Netgear Vulnerable

Internet, Security, , ,
13
Jan 2014

A Common Netgear Wireless Router. Model DG834G.

A Common Netgear Wireless Router. Model DG834G.

A number of Linksys and Netgear DSL modems have been found to be exploitable via a simple hole in the components’ firmware.

How Was This Discovered?

Eloi Vanderbeken recently took up the task of reverse engineering his Linksys WAG200G wireless DSL gateway’s firmware.  At first he did it just for kicks, but during the process he found out even brand name tech components are just as vulnerable to hackers as off-brand products.  Vanderbeken found out during his self-imposed hack-a-thon that his WAG200G DSL gateway was accessible to hackers via an undocumented port.

After Vanderbeken toyed around with the Linksys firmware, he was able to come up with a simple interface that allowed him to send various commands to the gateway without administration authentication.  At first, Vanderbeken found that he couldn’t do much with the interface besides resetting the gateway to its factory settings.  However, as he delved deeper into it, he found that he could inject some home-brewed command lines into the interface.  These simple code injections allowed him to gain control of certain administrative properties using a wireless connection, and to reset the gateway’s web password.

How To Check if Your Are Affected

People interested in the hack and are tech savvy enough can check out Vanderbeken’s published work on Github.  Would-be hackers can do a few things with the script.  Firstly, Vanderbeken only hacked his router because he wanted access to his router’s web console without having to input the admin password—which he forgot.  So if you are the proud owner of these selective devices, you can be assured that they’re hack-able to both you and others with malicious intents.  Chances are most people will rather reset their gateways the easy way by pressing the little red reset button on the back of their device using a pen tip.  People looking for an adventure into the world of coding, however, might actually test out the scripts to see if their highly secured network is bulletproof or not.

Eloi Vanderbeken's bruteforce code to test the vulerability.

Eloi Vanderbeken’s bruteforce code to test the vulerability.

Another thing to note is that the backdoor vulnerability in these LinkSys and Netgear components are only assessable locally.  Meaning, a hacker would have to be in range of your Wi-Fi network for them to compromise your network and personal data.

What Should I Do If I Am Affected?

Quite frankly speaking, unless your neighbor or a passerby knows exactly the type of router you’re currently using, they won’t bother to attempt to hack your network.  The easiest solution, if you happen to own one of these vulnerable devices, is to name your wireless network something other than the router’s brand and model.

Often times, the routers come shipped with preconfigured settings which use the brand or model as the default wireless network name.  If that is the case, simply log into your router, and change the network’s name.  Next, you may also want to upgrade the product’s firmware, but keep in mind that different manufacturers have different firmware upgrade requirements.  Check your product manuals or website before attempting to upgrade firmware, because one wrong move can render your router unusable.

If you need further help, contact your office IT support.

Read More

Quickly Check If You’re Email Was Breached

Uncategorized,
06
Jan 2014

OnsitePCSolution_Have_I_Been_Pwned

Recently, eight major websites have had security breaches where attackers got access to user’s email addresses, user names, passwords and various other personal information. Some of the sites include:

  • 152,445,165 Adobe Accounts
  • 4,609,615 Snapchat Accounts
  • 453,427 Yahoo Accounts
Adobe is among some of the recent companies to have security breaches.

Adobe is among some of the recent companies to have security breaches.

Finding out whether one of your accounts or emails were a part of the breach has been difficult to do until now. Newly created website https://haveibeenpwned.com/ lets you type in your email address or username and will check if your account was compromised.

If your account has infact been compromised, the best thing to do is to change your password immediately.  If you are not sure what steps to take, contact your office iT support.

Read More

Office 365 Users: Hack Vulnerability

Security, Software, Uncategorized, , , ,
05
Jan 2014

OnsitePCSolution_Office_365_Vulnerability

Noam Liran, the chief software architect at Adallom, recently detected a flaw in Microsoft Office 365 which can easily expose account credentials through Word Documents that are hosted on a webserver which is currently invisible to existing anti-virus software.

What Specifically Is The Problem?

When a user downloads a document from a SharePoint server, the user is required to log in their account first – after which the server verifies the login credentials and then issues an authentication token. Liran discovered that he can use his own server to copy the responses which are sent from the sharepoint.com domain server.  At that point he can generate and fake the token. An attacker doing this can inject his code to connect to an untrusted web server to capture the user’s private Office 365 authentication token.  This allows the attacked to go to the user’s organization’s SharePoint site to access anything they want without the user knowing. According to Liran this is a perfect cyber crime in which the organization does not know they have been hit.

Microsoft has been working on this vulnerability, but at the time of this writing the backdoor still existed.

How would this work in the real world?:

  • The user will get an e-mail asking them to review a document or visit a webpage. This document could be coupons, someone’s CV or contract.
  • The user will click on the link and be redirected to Sharepoint which will ask to open the document in Word. If the user accepts, Word will request the document from the malicious webpage.
  • The malicious webpage in turn will ask Word for an Office 365 token. The malicious webpage gives Word a legitimate looking document in return. The attacker will then have the Office 365 token and access to the organization’s data.

OnsitePCSolution_Word_Document

This is a serious potential threat to organizations and companies that use Office 365. Important company data can be stolen without anyone knowing. The attacker could also monitor the data which could be confidential. The attacker also has access to delete the data.

What Can I Do To Protect My Business?

Until Microsoft comes up with a solid solution to this vulnerability, users should not open any unknown or suspicious looking emails.  They should also confirm from known senders to verify the authenticity of the email.  It is also important to absolutely avoid clicking on any unknown URLs and links or open attached documents in a file.

For further assistance, let your office IT support know about this vulnerability and stay ahead of a corporate data breach.

 

 

Read More

What are Bitcoins?

Internet, ,
18
Dec 2013

One_Bitcoin_OnsitePCSolution

What exactly are Bitcoins?

Bitcoins are a digital currency that can be transferred securely between any two people in the world.  Think of it as electronic cash that you can use to buy goods and services.  Ultimately, a bitcoin is a number associated with an address.  A person can have as many addresses as they want

How does it work?

Every transaction that has ever happened with Bitcoins are recorded in a public ledger called a block chain.  Whenever a new transaction happens, for example Person A sends money to Person B, it is added to the block chain in an encrypted format.  In order to confirm that the transaction is valid, individuals called miners will use their computers to break this encryption and finally confirm that Person A did indeed send money to Person B.  The reward for miners dedicating their computers to confirm these transactions is Bitcoins.

Only a fixed number of Bitcoins are released at a time.  As time goes on, breaking the encryption and therefor being rewarded more Bitcoins becomes harder and harder.

A transaction being sent from person to person, showing how the network of individuals called miners verifies the transaction.

A transaction being sent from person to person, showing how the network of individuals called miners verifies the transaction.

What gives Bitcoins their value?

One difference between Bitcoins and normal fiat currencies like the dollar is how they get their value.  Normal fiat currencies get their values from government and private banks and agencies.  Bitcoins however are valued based on how people choose to value them.  When many people are using Bitcoins to buy goods and services, or to trade them for fiat currencies the demand goes up.  Since there are a fixed number of Bitcoins in the world at any given moment, that demand increases their value.  There are several websites that track the value of Bitcoins.

Can I accept Bitcoins at my business?

Businesses have already started accepting Bitcoins as payment such as Virgin Galactic and BitcoinShop.us.  Services such as Bitpay have also been popping up giving shop owners and businesses a quick way to integrate Bitcoins into their payment systems.  To learn more, check out this Getting Started page at the Bitcoin Wiki.

Read More

Microsoft Ending Sales of Windows 7

Software,
16
Dec 2013

Onsite_PC_Solution_Windows_7_Ending_Retail_Sales_2
It has been reported recently that Microsoft will be ending its retail sales of Windows 7. The customers who want to install Windows 7 on their present computers after this deadline may be out of luck. From 30th October, 2014, you will not be able to buy pre-loaded Windows 7 PCs. This is to keep with their stated policy where they stop selling an Operating System directly after one year of its release. And around two years after release, they also stop supplying licenses to Original Equipment Manufacturers (OEMs).

This announcement means that Windows 7 copies will no longer be shipped to retailers and Original Equipment Manufacturers (OEMs) and they won’t be pre-installed in new computers. If you are a business that was looking to mass-install Windows 7 on office computers, then you may be out of luck. OEM partners like Dell and Toshiba won’t be pre-installing Windows 7 in new computers as well and if a business wants to buy in bulk, they will have to buy the present stock in the market.

Onsite_PC_Solution_Windows_7_Ending_Retail_Sales

For vast majority of people, this may not mean much as vendors will continue to sell Windows 7 licenses long after Microsoft stops supplying. Microsoft may not sell them directly anymore, but they are easily available online and offline. You can grab a copy of Windows 7 from Amazon virtual shelves or Newegg. And you can also buy them from offline big box stores. Often these operating system DVDs continue to be sold decades after they are released. Ordinary customers should face no problem if they intend to buy a Windows 7 license in the foreseeable future.

For large enterprises that have volume licensing arrangements with Microsoft, there is no hurdle as they will continue to enjoy downgrade rights as a part of these agreements. So in many ways, Windows 7 will continue to be a force to be reckoned with for a long time to come. Often, Microsoft also extends retail sales deadlines of operating systems to allow everyone to grab a copy.

One of the best ways to stay ahead of the Windows lifecycle is to install Windows 8.1 right now or to update your computers to Windows 7 if you haven’t done so already. Most PCs today come bundled with Windows 8, which should keep you worry free of upgrade cycles in the near future. You can also circumvent this problem as the Windows 8 Pro editions include downgrade rights that allow people to pre-install Windows 7 if they want. Using this method, you can get a direct Windows 7 license from Microsoft for a long time to come.

Read More
1 117 118 119 120 121 122