Connect with us

Security

Ex-Ubiquiti employee posing as a hacker may be imprisoned for 20 years

Published

on

In late 2020, Nicholas Sharp stole files from his employer and, pretending to be a hacker, demanded a ransom.

On Wednesday, December 1, an ex-employee of the New York-based company Ubiquiti was arrested on charges of stealing confidential data from her and extortion of $ 2 million.

According to Reuters, 36-year-old Nicholas Sharp was arrested in his hometown of Portland, Oregon, USA and is due to stand trial in Manhattan on several counts. The most serious is the charge of fraudulent communication, which carries a maximum sentence of up to 20 years in prison.

According to the prosecution, in December 2020, Sharp regularly downloaded gigabytes of sensitive data from his employer’s network, using a VPN to hide his location. In January, disguised as an anonymous hacker, he sent the company a ransom note and demanded 50 bitcoins (at that time, it was about $ 1.9 million), in exchange for stolen files and information about the vulnerability he allegedly discovered in Ubiquiti systems.

The company refused to pay, and Sharpe released some of the information.

In March, the defendant tried to impersonate an informant and told the media that the data had been stolen by an unknown hacker. Due to publications in the press about the leak in Ubiquiti, the company’s shares fell by about 20%, reducing its capitalization by $ 4 billion.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Vulnerability in Safari could leak browser history and Google account information

Published

on

Users of Apple devices have encountered a serious vulnerability in a proprietary browser. It allows attackers to access your browser history and some Google account information. The vulnerability exists in Safari 15 on all supported platforms, and even in third-party browsers running on iOS 15 and iPadOS 15, as it is related to the IndexedDB framework, which is used in many browsers to store data. It breaks the same-origin principle, which prevents documents and scripts from one location (such as a domain or protocol) from interacting with content from another. As a result, websites with the corresponding code have access to the above information.

Vulnerability in Safari could leak browser history and Google account information

Attackers only know the names of the records, not the values. However, this is enough to get the Google username, find the profile picture, and learn more about the user. The history can also be used to build a rudimentary profile of the sites he likes. As stated, the vulnerability cannot be hidden even in private browsing mode.

According to the source, he reported the problem to Apple on November 28, but the company has not yet fixed it with security patches.

.

Continue Reading

Security

Android users can now disable 2G for security

Published

on

2G networks, like 3G networks, have become obsolete after the arrival first of 4G and later of 5G. However, as things have not been done as well as they should have been, we rely on them for mobile calls (operators without VoLTE) or to connect older IoT devices. For this reason, they have even considered switching off 3G before 2G, thus leaving more room for the development of 4G and 5G.

It is not a new concept, since we have been hearing about it for a long time, but everything was blown up about three years ago when the United States Department of Homeland Security (DHS) detected in Washington the presence of Stingrays, also known as “IMSI catcher”. These devices that connect to the mobile network act as fake repeaters and spy on the information that passes through them.

This includes access to calls, text messages or images sent without encryption. Basically, they force the use of older, outdated and less secure 2G technology to easily intercept communications. In fact, work has been done so that this no longer a problem with 5G since these mobiles will have a Subscription Permanent Identifier (SUPI). This will use the encryption key of the network operator and will allow the mobile to know if an antenna is legitimate.

Is the solution to disable 2G?

The EFF (Electronic Frontier Foundation) speaks of victory after learning that Android will allow you to disable 2G connections on your terminals. This is something that Google introduced at the end of last year and that we had not had much news about. They point out that it is a fantastic option to protect the privacy of users and the EFF applauds that the Internet giant has implemented it on mobile phones with its operating system. Now, the ball is in Apple’s court, which must also do so for the safety of its users.

To give us an idea, 2G is a technology created in 1991, so he is over 30 years old. That makes it have many problems because, in its design and conception, the circumstances and requirements were not the same as now. First of all, it has a very weak encryption between the repeater and the mobile, which allows the interception of the traffic. Second, it does not authenticate with the 2G tower in any way, allowing anyone to impersonate it.

To protect ourselves, the EFF invites us to deactivate 2G. To do this, we will go to Settings > Network and Internet > SIM cards > Allow 2G. By default, the option for our mobile to use 2G networks is activated. His thing would be to disable it, although this possibility would only be present in more modern mobiles such as the Pixel.

The big problem could be loss of coverage or problems making calls. If we live in areas dependent on 2G right now or if our operator does not allow us to make calls with the 4G network, it is possible that the remedy is worse than the disease. However, it will always be good to know that we have this possibility.

Continue Reading

Security

Chrome will restrict access to private networks for security reasons

Published

on

The restrictions will be implemented through the implementation of the Private Network Access specification in the browser in the first half of 2022.

image

Chrome browser coming soon will start block sites from responding to and interacting with devices and servers on local private networks. The reason is security concerns and known cases of abuse.

The changes will be implemented by rolling out a new W3C specification called Private Network Access (PNA) to the browser in the first half of 2022. The new PNA specification adds a mechanism to Chrome through which sites can ask systems on local networks for permission to establish a connection.

Chrome will start sending a CORS pre-request before any private networks request for a subresource, Google explained. This preflight request is an explicit permission request from the target server. The preflight request will contain the new Access-Control-Request-Private-Network: true header, and the response will also need to contain the Access-Control-Allow-Private-Network: true header.

If local devices (servers, routers, etc.) do not respond, sites will not connect to them.

Since the early 2010s, cybercriminals have realized that browsers can be used as proxies to connect to internal corporate networks. For example, a malicious site may contain code that tries to connect to an IP address like 192.168.0.1, which is the address of most router administration panels.

When users visit such a malicious site, their browsers can automatically query the router without the users’ knowledge, sending malicious code capable of bypassing the router’s authentication and modifying its settings. This type of attack is not only theoretical and is periodically used in practice.

Variants of these attacks can also attack other local systems such as internal servers, domain controllers, firewalls, and even locally deployed applications (via a domain http://localhost or other locally defined domains).

By adding the PNA specification to Chrome and its permission negotiation system, Google intends to prevent such automated attacks.

According to Google, PNA is already shipping with Chrome 96, but full support will roll out this year in two phases to Chrome 98 (early March) and Chrome 101 (late May).

.

Continue Reading

Most Popular