19 April 2017

SWIFT.net penetration

Few days ago a Russian hackers group made public the info that US authorities had secret access to SWIFT.net network via until now secret kept backdoors in software.
Now, that this information is no longer a secret,
I can disclose that as early as 2010 April,  US authorities had direct hidden access in the French bankgroup BNP Paribas in Europe.
By using a special syntax and backdoor in Google servers and Google Bot, someone could access bank internal SWIFT.net data traffic intercepted and retransmitted to US located servers.
Similar backdoor was available in 2011-2012 for intercepting of data traffic from servers belonging Romanian Government and Finance Department regarding state contracts and aquisitions.

15 March 2017

170314 Social network VKontakte backdoor giving access to any personal files of any user without login

Never used VKontakte, but being curious of Russian representant to Eurovision 2017- Юлия САМОЙЛОВА  Julia SAMOYLOVA - I "visited" VKontakte.
So I discovered a "way" to access any file of any user, without login.
BURP Suite was used for traffic analysis.

14 February 2017

Critical security flaws with router ASUS RT-AC68U

Just tested a brand new router ASUS RT-AC68U with latest firmware, here in Sweden.
Looking inside the log, discovered interesting things, which ASUS must answer.
A lot of unknown IP-addresses appeared during booting of router.
IP's addressed  by router firmware.
I tested them.
Seems that router.asus.com leads to unauthorised access to other owners of Asus routerswho authorised WAN access to their routers.
I attach more screendumps.

Something is for sure WRONG!

And ASUS engineers must answer and correct these critical security flaws.
Not naming that trying to connect a network printer via LAN, it gets an IP address for about 20 seconds, then gets disconnected.

Waiting for ASUS to address these problems!

16 November 2016

161116 Major security hole at Swedish mobile operator Comviq

Major security hole at Swedish mobile operator Comviq may reveal personal data of any subscriber.
The backdoor was discovered today 161116.
Despite logging in with a certain subscriber identity, you can access under certain conditions the personal data of any other subscriber.
Comviq company and its mother company Tele2 have been informed.
The backdoor was documented with screenshots sent to Comviq/Tele2.
For obvious security reasons no details are given here.

23 September 2016

Byepass login security and total scan on Swedish State Railways SJ WiFi

On 2016-09-22 I was travelling with a fast train X2000 belonging Swedish State Railways SJ from Linköping to Stockholm.
What I discovered... no need to authenticate or login for accessing the SJ WiFi network used by most passengers.
I atach a screendump.

All devices belonging to travellers: laptops, tablets, smartphones, became totally accessible.
No services or ports were blocked.
SSH, RDP, Telnet, Samba Shares, SMB, all were open and I could do anything on any remote device.
Over 50 devices were vulnerable.

I informed the responsible at SJ for my discovery.
No technical details will be disclosed for obvious security reasons.

30 July 2016

How secure are in fact VPN or Red Phone

How secure are in fact VPN or Red Phone
Article inspired by a PM received on XDA forum.

Hello there! Finally someone who cares about security.
Originally Posted by iunlock

Greetings, I've been reading some of your posts and all that info is right up my alley. It's hard to find someone who actually cares about this stuff like I do. Anyhow, I have some questions that you may be able to answer for me. A lot of people I've tried to run this by doesn't have any passion for security so I've only received half "" answers, which is not what I'm seeking.
What do you think about this set up.
1. I use a VPN that claims they don't keep logs on my phone. But who knows...better than nothing? Or are these companies compromised? See if I was the big bad wolf, I'd either create VPN companies to give people options to trick them into thinking they have security with a VPN (illusions) and/or pay VPN companies a dollar amount that they can't refuse for a backdoor...ie...easy access any time to the traffic and data. So what if VPN companies lie about their claims...who's going to tell right? $win-$win situation for big bad wolf and the VPN company that couldn't refuse the $ offered. Interesting eh?
2. Tor/Orweb. Hmm....slow as a dead turtle, but does it really work like they claim? I do see some truth to this though with its concept, but going back to what I said above. $ talks?
3. Password managers like last password, 1 Password etc... again if I was the big bad wolf, would I not be able to make $ talk? Make you think.
4. Secure apps...like jitsi, xabber, encrypted stuff...etc. ..
On the flip side of the coin, there are true security nuts who hate the big bad wolf and a lot of these people are the founders of some of these VPN companies and alike. So there's some comfort in knowing that I assume....also open source stuff is good because they are transparent. No messing around there. Anything funny or fishy would be known for any vulnerability in the app etc....
With all that stuff aside, assuming you did trust the VPN, tor etc....what's the best we can do security wise for our phones?
Well I think using a VPN is a must. Next using gpg to encrypt all emails along with encrypted chat clients. Then the use of tor to proxy your connections like mail, chat, fb, twitter etc....
What are your thoughts?
BTW, I don't use Facebook (Cia / prism) buffet....
I think gpg is the only sure way of true security.
In the real world, having the convenience for non important things makes the use of Gmail and other Google apps convenient.
Never do I ever use any real info for any of these accounts lol.
So the question is....will using a VPN, encrypted email, encrypted chat client, and tor do the trick?
How about the use of redphone app with Google voice on VPN since it uses data and not voice tunnel?
A lot of cool stuff....would love to hear your thoughts.

Hi sorry for so late answer.
Please read my posts on my security blog.
As a guide line:
There is no secure VPN or provider, all depends on your "enemies" or whom are you afraid of. It all depends on who "don't care about you".
And what you want to do.
Everything located on US territory will report in case to US authorities. Same goes for Germany, Russia, China.
Also for smaller countries: Canada, New Zealand, Australia - all will report to UK and USA.
Same for Austria, Finland, Sweden - all will report to USA, UK, Germany.
The closed ties in SIGINT cooperation are 100% same in so-called VPN providers/software.
IMHO it's money waste to pay for VPN. If you want to do something against law.
Respect the laws and ignore VPN.
All above is for private persons.
If enterprise, own physically the VPN server and never trust any 3rd part.
With kind regards
Zeno Sloim

Part 2

Red Phone - bogus for naive people
Any product (hardware or software) produced on German territory HAVE backdoor for German state authorities and Germany SIGINT close partners: USA, UK
Any product made on USA territory has back doors for US state authorities.
The whole Apple FBI encryption scandal was bogus for big public, all Apple products have backdoor.
It's a matter of time for how quickly will authorities know and decrypt your private data "travelling on internet".
Best solution is to try to keep it LOCALLY, as much as possible, by controlling anything going out of your phone.
It's not easy for a normal user.
But use only verified by you, apps.

With regards
Zeno Sloim

28 February 2016

IT-services Outsourcing - Between cutting costs and major security risks

Outsourcing is a widespread practice nowadays in major corporations and state organizations.
Most directors and leaders see it only as a marvel key solution for cutting costs.
True, but very naive vision.

The hidden dark other side is often ignored: major security risks.


Outsource is done by another company which has other economical interests and is more preoccupied by own image and prestige than by being a fair partner.
In case of major problems, top priority is hiding to the customer and keeping secret the real scale of events.
If all is solved in reasonable  time, a "filtered" version is presented and billed to the customer.
In case of non-solved events, all remain highly secretive and almost 100% customer will never ever know.

Hence major security risks and headaches for future.

The aspect becomes more critical when outsourcing is done via nested intermediary providers or foreign companies.
The economical and juridical aspects become very diffuse in case of incidents and disputes.
It becomes impossible to control and track high-sensitive internal information.

And when outsourcing is done by a foreign company, it's only one single step to economical/technical espionage and catastrophe.

IMHO it is a fundamental mistake to choose such solutions in critical key sectors of the state or corporations.
In such situations, ISO27000, ITIL and Common Criteria, remain only simple obsolete words.

Solution: think wider in the future, short-term cutting costs via outsourcing might be your next step to disaster.

Want outsourcing? Use only national companies which are easy to control, check and verify.

Ancient expression: "Never trust a stranger" is still very actual in IT-Security.