Monday, December 31, 2012

Facebook eliminated potential 'webcam spying' hack this summer


A Facebook security vulnerability, which could have been exploited to activate a user's webcam and record them without their knowledge, was closed off this summer, it has been revealed.

Facebook paid Indian research firm XY Security a $2,500 (UK£1,546, AUD$2,409) "bounty" in July for discovering the issue and drawing the bug to its attention, the social network has confirmed.

The flaw, which Facebook said had never exploited by a potential 'Peeping Tom', could, conceivably have troubled users who had already agreed to give Facebook permission to access the camera.

Beyond that the user would have to be 'tricked' into visiting a malicious page, then agree to activate the camera - allowing the spy/pervert to begin recording.

Five times the going rate

Facebook must have felt the threat was serious at it paid five times its usual rate to the two researchers who reported the flaw.

"This vulnerability, like many others we provide a bounty for, was only theoretical, and we have seen no evidence that it has been exploited in the wild," Facebook spokesperson Josh Wolens told Bloomberg.

"Essentially, several things would need to go wrong - a user would need to be tricked into visiting a malicious page and clicking to activate their camera, and then after some time period, tricked into clicking again to stop/publish the video."

Facebook is one of many Silicon Valley heavyweights (other notables being Google and Mozilla) who offer 'bug bounties', paying out millions to researchers who spot flaws and potential dangers.

 

There will always be another hack.  The only way to protect yourself from webcam spying is with a webcam cover.  C-SLIDE is the best webcam cover on the market today buy one now.

Monday, December 17, 2012

Is your TV Watching you? Security ALERT Over Samsung's Smart TV.


 

TV Owners that have the Plasma 8000 series, the 7500 LED LCD series, the 8000 LED LCD series or the 9000 LED  LCD series might want to know that HACKERS claim they can access to these TV's  

·         Security experts reveal they have been able to gain access to the device and scour its hard drives and connected drives for information

·         They claim to have 'complete root access' allowing them to install malicious software that could monitor its cameras and microphones

·         More and more devices that connect to the Internet are leaving unwitting consumers vulnerable to such hacking attacks

 Samsung's Smart TV could used by hackers to watch everything that happens in your living room by gaining access to the device's built-in camera and microphones, it has been claimed.

Malta-based security firm ReVuln posted a video showing how its researchers had learned to crack the television to access its settings - including any personal information stored on it.

'We can install malicious software to gain complete root access to the TV,' they claim in the video.

With such malware installed, hackers could use the Smart TV's built-in microphones and camera to hear and see everything in front of it.

Samsung's Smart TV can be used to browse the internet, use social networks, watch net-based commercial film streaming services and play online games, among other things, from the comfort of your sofa.

The devices can also be controlled by voice commands and gestures, using their microphones and cameras to detect what is happening in front of them.

However, while the Smart TV's are connected to the internet they are vulnerable to hackers who can access the device and access files stored on them.

Luigi Auriemma, co-founder of ReVuln, says he has found a way to track down the IP address of the device and gain access to seize control and scour any drives connected to it.

The video appears to show he is able to access remote files and information like the viewing history, as well as siphon data from USB drives attached to a compromised set.

Mr Auriemma told Ars Technica: 'At this point the attacker has complete control over the device.

Devices from lighting systems to air conditioners to computer games consoles now rely on online functionality, but their operating systems often do not have the same kinds of security measures now commonly deployed on Microsoft and Apple powered devices.

At the moment, ReVuln's exploit only works once hackers have managed to breach the network which the television is connected to. As such, Mr Auriemma told NBC News, he expects the main danger is of hackers targeting specific companies or individuals.

'In our opinion, it’s more interesting and realistic to think about attacks [against] specific targets reached via open/weak/hacked Wi-Fi or compromised computers of a network, instead of mass-exploiting via the Internet,' he said.

'That’s interesting due to the effects of the vulnerability (retrieving information and the possibility of monitoring) which are perfect for targeted attacks, from a specific person with a TV at home to a company with TVs in its offices.'

Revuln plans to sell information on the vulnerabilities to the highest bidder, the Register reported, claiming this will 'speed up' fixes faster than merely reporting them to the manufacturer.

The company would not go into details about the flaws it has discovered.

The possibilities of such vulnerabilities are worrying with increasing numbers of consumer electronics devices being equipped with sensors, cameras and microphones to detect what is happening around them.

A spokesman for Samsung said: 'We have discovered that only in extremely unusual circumstances a connectivity issue arises between Samsung Smart TV’s released in 2011 and other connected devices. We assure our customers that our Smart TVs are safe to use.

'We will release a previously scheduled software patch in January 2013 to further strengthen Smart TV security. We recommend our customers to use encrypted wireless access points, when using connected devices.'


The simple fix is not a patch which will also be hacked but a webcam cover that fits the Samsung Smart TV product line.  These webcam covers can be purchased at C-SLIDE.
 
 
 

 

 

Friday, December 7, 2012

U.S Lags Far Behind in Cyber Security


This picture shows Cadets engaging in the annual Cyber Defense Exercise at West Point. 
You can see from the picture that there is a BIG HOLE in their strategy.  Any laptop in this room that has a webcam which are most need to have a webcam cover to stop Webcam Hacking.  Webcam Hacking is an essential tool in espionage. 

Cyber attacks on federal agencies have increased 650% from 2006 to 2011, according to the Government Accountability Office Report.

Government agencies can protect them selves with the best Webcam Cover called C-SLIDE.