Friday, 29 May 2015

BSides London 2015 - Virtual Terminals, POS Security and Becoming a Billionaire Overnight!

Yes, it is true. The talk was short-listed and it was voted for the BSides London 2015 conference! Thank you all for voting for my talk. 

I am looking forward to fantastic line-up of talks at the conference. As you probably noticed at the schedule page, the session is not to be recorded due to the sensitive content, so please, do respect this request. 

This means that if you want to find out more about the talk, you will have to be there and attend the session
Tripwire (@TripwireInc) posted a short article about my forthcoming Security BSides London 2015 talk, which you can find at this link.
 
As far as I know Track 2 is quite big and I really hope there are going to be enough spaces for everyone. For those attending the talk, mark it down on your schedule, tweet about it and follow me @drgfragkos to find out more! :) 

I have only one thing to say to you for now: Great things do come, to those who attend ;)

If you want to tweet about the talk dont forget to use the BSides London 2015 handler: #BSidesLDN2015

Copy-Past Tweet for sharing: 

Virtual Terminals, #POS Security and Becoming a Billionaire Overnight! via @drgfragkos at @BSidesLondon #BSidesLDN2015

I am looking forward to the event, hoping to have a chance to speak to all of you at the conference and potentially share a drink or two. I really appreciate your interest in this field and I can only hope my talk will keep you all excited once more. I really believe that anyone who has the opportunity to be at this conference should not miss the chance. We are all going to be there and if you have like five minutes to spare, come and say hi.

Tuesday, 26 May 2015

NitlovePOS - POS terminals being targeted through phishing emails

Cyber-criminals and fraudsters have started targeting employees working on Point-of-Sales terminals in order to get their hands on card details. 

There is now evidence that social engineering and spear phishing emails are actively being used and have become the next attack method against employees who have access to payment applications, virtual terminals and electronic cash registries. 
The new malware is named NitlovePOS [Virus Total Detection Rate] and it targets track one and track two data by scanning the processes running. In other words, it is yet another memory-scraping malware that sends the captured data to a remote server over SSL.


Monday, 25 May 2015

Personal Greeting for your mobile phone, using a bash script, Kali Linux and the Raspberry Pi

First of all, this is a quick way for making your Kali Linux speak. I am going to tell about a couple of ways to do text-to-speech on your Linux box. I used this for fun, for having audio alerts embedded to my applications and finally for recording a personal greeting for my phone. 
I started playing with espeak, and experimented with the different voices. The espeak application is fantastic but the different voices/languages it has, are too computerised. They do not sound as natural as you would have expected. However, for some quick tasks like listening to your LAN and/or WAN IP address, it can be useful, and cool.

Thursday, 21 May 2015

Adult Friend Finder data breach, the aftermath...

Did you hear about the Adult Friend Finder data breach? Of course you did, it’s all over the news [1] [2] and it is getting major attention due to the spicy nature of the content. 
The online adult service was breached and 3.8 million accounts became public. 

The information including sexual preference, marital status and other personal data (such as, date of birth, email addresses and postal/home addresses) are now all publicly available

Well, we have seen data breaches before, but how is this data breach a little bit different??

Up to now, every article I read online about this incident treats it as yet another data breach, without paying any attention to the effects such a data breach will bring to people. Let us see the issues that come to mind, one by one in the following lines. 

Wednesday, 20 May 2015

Logjam attack - Diffie-Hellman key exchange weakness (a quick and brief explanation)

A study was published regarding the security of the Diffie-Hellman key exchange. This popular cryptographic algorithm can be found among many protocols such as HTTPS, SSH, IPsec, SMTPS and it is used for sharing a key and establishing a secure connection. 

The weaknesses uncovered affect websites, mail servers, and other TLS-dependent services that support DHE_EXPORT ciphers. The exploitation of this vulnerability  was given the name Logjam attack [1] and depends on how Diffie-Hellman key exchange has been deployed in each case. 

The Logjam attack against TLS can be performed by downgrading vulnerable TLS connections to 512-bit export-grade cryptography, allowing the man-in-the-middle (MiTM) attacker to read and modify any data passed over the connection. At the moment, this attack affects all modern web browsers.