Flashpoint recently published an assessment of the aftermath of the DNS service provider Dyn DDoS attacks and indicated that script kiddies are the likely culprit behind it and not politically-motivated hacking groups.
Chinese Webcam Company Pulls Devices Used in Dyn Attack
Chinese tech manufacturer Hangzhou Xiongmai Technology issued a recall for millions of webcams after it has been identified as one of the main causes for the massive DDoS attacks against cloud-based DNS provider Dyn’s servers on Friday. Chinese Webcam Company Pulls Devices Used in Dyn Attack
Ex-NSA Contractor Stole 50 TB of Classified Data and Hacking Tools
A few months ago, the FBI quietly arrested NSA contractor Harold Thomas Martin III for stealing an enormous number of top secret documents from the agency in the largest ever breach of intelligence classification. And now a court document filed Thursday has revealed that the FBI has seized at least 50 terabytes (TB) of data that Martin has been secretly collecting for the past 20 years. The latest filing indicated that Martin was hoarding stolen information that included 500 million pages of government records involving top-secret information about “national defense” and six bank boxes of documents marked “Secret” or “Secret”. Ex-NSA Contractor Stole 50 TB of Classified Data and Hacking Tools
Rowhammer Attack Bitflips Android Phones
Researchers at the VUSec Lab at Vrije Universiteit Amsterdam have published details of a new method for exploiting a problem with Android devices, exploiting a relatively new type of bug that allows adversaries to manipulate data within DRAM memory modules. The vulnerability, dubbed Drammer, employs an existing PC-based hack known as Rowhammer, a technique where the vulnerability gains unfettered “root” access in a matter of seconds to a large variety of Android phones including Nexus, Samsung, LG and Motorola.
The researchers describe the attack as a Flip Feng Shui exploitation technique which carefully selects the sizes of the portion of memory where dynamically allocated memory resides (heap). After detecting the hardware vulnerability location, Rowhammer targets rows of cells of memory in DRAM devices to induce cells to flip from one state to another, making the settings perfect for memory manipulation. Those bit flips could include simply changing a 0-to-1 or 1-to-0.