ICT Security-Sécurité PC et Internet
87.1K views | +1 today
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

JPL: Nasa über Raspberry Pi gehackt | #CyberSecurity 

JPL: Nasa über Raspberry Pi gehackt | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.golem.de - June 22, 2019 7:06 AM

Hacker haben ungefähr 500 MByte an Daten aus dem Netzwerk des Jet Propulsion Laboratory (JPL) der Nasa erbeutet, indem sie einen Raspberry Pi als Einstiegspunkt nutzten. Der Bastelrechner war ohne Autorisierung in das Netzwerk eingebunden und entsprechend nicht ausreichend gesichert.

Der Angriff erfolgte bereits im April 2018 und blieb ein Jahr lang unentdeckt, wie Zdnet unter Berufung auf einen Bericht der Nasa schreibt. Der Zwischenfall ist unter anderem Thema eines Sicherheitsberichtes des Office of Inspector General (OIG) der Nasa, das firmeninterne Untersuchungen durchführt.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Samy+KAMKAR

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Raspberry+PI

 

Gust MEES's insight:

Hacker haben ungefähr 500 MByte an Daten aus dem Netzwerk des Jet Propulsion Laboratory (JPL) der Nasa erbeutet, indem sie einen Raspberry Pi als Einstiegspunkt nutzten. Der Bastelrechner war ohne Autorisierung in das Netzwerk eingebunden und entsprechend nicht ausreichend gesichert.

Der Angriff erfolgte bereits im April 2018 und blieb ein Jahr lang unentdeckt, wie Zdnet unter Berufung auf einen Bericht der Nasa schreibt. Der Zwischenfall ist unter anderem Thema eines Sicherheitsberichtes des Office of Inspector General (OIG) der Nasa, das firmeninterne Untersuchungen durchführt.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Samy+KAMKAR

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Raspberry+PI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

A USB dongle can hijack all your Web accounts and router in 30 seconds, even if your computer is locked

A USB dongle can hijack all your Web accounts and router in 30 seconds, even if your computer is locked | ICT Security-Sécurité PC et Internet | Scoop.it
From www.pcworld.com - November 21, 2016 6:33 PM
A proof of concept from security researcher and software developer Samy Kamkar shows that macOS, Windows, and Linux computers can have any previously active Web logins hijacked merely by plugging in a tiny Unix device via USB or Thunderbolt, even if the computer is locked and password protected, and possibly even when it seems to be asleep. It can also hijack many router brands on the same network.

PoisonTap exploits several interlocked network and browser design features, rather than relying on an operating system, hardware, or browser flaw. This will make it harder to root out and resolve. Kamkar said in an interview, “The interesting attacks to me are by design: how do you exploit the protocol rather than a single buffer overflow that gets patched the next day.”

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Samy+KAMKAR

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Raspberry+PI

 

Gust MEES's insight:
A proof of concept from security researcher and software developer Samy Kamkar shows that macOS, Windows, and Linux computers can have any previously active Web logins hijacked merely by plugging in a tiny Unix device via USB or Thunderbolt, even if the computer is locked and password protected, and possibly even when it seems to be asleep. It can also hijack many router brands on the same network.

PoisonTap exploits several interlocked network and browser design features, rather than relying on an operating system, hardware, or browser flaw. This will make it harder to root out and resolve. Kamkar said in an interview, “The interesting attacks to me are by design: how do you exploit the protocol rather than a single buffer overflow that gets patched the next day.”

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Samy+KAMKAR

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Raspberry+PI

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Raspberry Pi as physical backdoor to office networks | #CyberSecurity #MakerED | #MakerSpace | #Coding

Raspberry Pi as physical backdoor to office networks | #CyberSecurity #MakerED | #MakerSpace | #Coding | ICT Security-Sécurité PC et Internet | Scoop.it
From securityaffairs.co - February 27, 2016 5:40 PM
Now let’s imagine the potential effect of a similar device used for espionage, you can object me that it is possible to do it with many other solutions and it is true, but have a Raspberry Pi in a target network as explained before could give to the attackers a various range of opportunity.

The Achilles heel of the solution presented is that laptop power bricks presents an Ethernet that could anyway be simply hidden behind a plant or a furniture. A similar solution is very devious because an attacker to gain access to an internet network and its information remaining unnoticed for a long time … Never let your guard down!


Learn more:


http://www.scoop.it/t/securite-pc-et-internet


Gust MEES's insight:
Now let’s imagine the potential effect of a similar device used for espionage, you can object me that it is possible to do it with many other solutions and it is true, but have a Raspberry Pi in a target network as explained before could give to the attackers a various range of opportunity.

The Achilles heel of the solution presented is that laptop power bricks presents an Ethernet that could anyway be simply hidden behind a plant or a furniture. A similar solution is very devious because an attacker to gain access to an internet network and its information remaining unnoticed for a long time … Never let your guard down!


Learn more:


http://www.scoop.it/t/securite-pc-et-internet


more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux malware enslaves Raspberry Pi to mine cryptocurrency | #CyberSecurity #MakerED #Coding

Linux malware enslaves Raspberry Pi to mine cryptocurrency | #CyberSecurity #MakerED #Coding | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - June 8, 2017 10:05 AM
It's time to update your Raspberry Pi devices or risk them being infected with cryptocurrency mining malware.

 

Someone has developed a simple Linux trojan designed to harness the meager power of Raspberry Pi devices to mine cryptocurrency.

 

Raspberry Pi users may need to consider applying a recent Raspbian OS update to their devices, particularly if they are currently configured to allow external SSH connections.

According to Russian security firm Dr Web, the malware Linux.MulDrop.14 exclusively targets Raspberry Pi devices to use their processing power to mine a cryptocurrency.

 

Dr Web discovered the Raspberry Pi mining malware after its Linux honeypot machine became infected with it. The malware uses a simple Bash script to attempt to connect to Raspberry Pi devices configured to accept external SSH connections. It targets Raspberry Pi boards with the default login and password, which are 'pi' and 'raspberry', respectively.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Raspberry+PI

 

Gust MEES's insight:
It's time to update your Raspberry Pi devices or risk them being infected with cryptocurrency mining malware.

 

Someone has developed a simple Linux trojan designed to harness the meager power of Raspberry Pi devices to mine cryptocurrency.

 

Raspberry Pi users may need to consider applying a recent Raspbian OS update to their devices, particularly if they are currently configured to allow external SSH connections.

According to Russian security firm Dr Web, the malware Linux.MulDrop.14 exclusively targets Raspberry Pi devices to use their processing power to mine a cryptocurrency.

 

Dr Web discovered the Raspberry Pi mining malware after its Linux honeypot machine became infected with it. The malware uses a simple Bash script to attempt to connect to Raspberry Pi devices configured to accept external SSH connections. It targets Raspberry Pi boards with the default login and password, which are 'pi' and 'raspberry', respectively.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Raspberry+PI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

This $5 device can hack password-protected computers in just 30 seconds | #CyberSecurity #Awareness

This $5 device can hack password-protected computers in just 30 seconds | #CyberSecurity #Awareness | ICT Security-Sécurité PC et Internet | Scoop.it
From thenextweb.com - November 16, 2016 3:33 PM
Even the strongest passwords are fallible, and as Samy Kamkar demonstrates, sometimes it doesn’t take much. Kamkar’s new exploit, PoisonTap, uses free software and a $5 Raspberry Pi Zero microcomputer. After attaching the Raspberry Pi to a USB adapter and plugging it in, the device goes to work. In all of 30 seconds, it bypasses your …

 

 

Gust MEES's insight:
Even the strongest passwords are fallible, and as Samy Kamkar demonstrates, sometimes it doesn’t take much. Kamkar’s new exploit, PoisonTap, uses free software and a $5 Raspberry Pi Zero microcomputer. After attaching the Raspberry Pi to a USB adapter and plugging it in, the device goes to work. In all of 30 seconds, it bypasses your …

 

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn