Greek facebook users under “attack”

Over the last few days, a malware was spreading among the greek users of facebook.After a couple of days hunting for a sample, I managed to get one. Continue reading

Open-source intelligence

My research, which resulted in my thesis, was mostly a breach of users’ privacy. I collected their data, run some data-mining algorithms and detect whether or not they could be classified as possible insider’s threats. This fired a series of events that led me to a simple conclusion. What if we use OSINT the other way round?
Continue reading

Spotting the leak.

I came across this which reminded me of a story some time ago. I get a call from a guy asking for help. Someone from his company was leaking personal data. The problem, beyond the personal data, was who was the leaker.

Continue reading

The worst company ever.

Greek company is hiring. Hooorayyyy. They want some HTML/PHP/MySQL registration form. A friend of mine sends his CV along with the registration form. They contact him and schedule a presentation of the form with their chief PHP developer.  Continue reading

No hard feelings, I stole your cookies.

and I pwned your server. Have you ever heard about the Samy worm? If not, read the link. If yes, carry on. I was having fun around when I noticed that I could input HTML in a site.

I can’t actually explain everything regarding the attack but… I bypassed their XSS-protection (HttpOnly) by using HTTP defined requests. I “debugged” their server as well because someone never turned off that feature and I was able to steal some OAUTH keys (of my victim account) which in turn allowed me to post the same code in his profile. If both profiles were public, you understand that things would turn ugly pretty fast. On top of this, while I was filing the bug report, I noticed that some cookies allowed you to login, logout, the level of access etc. Ermmm… I woke up and it was 2014, not 2005.

 

Infosec ruined my Saturday.

The correct approach for this post is swearing, kicking trashcans around the room and in general bringing the total chaos. OK, I did most of the things described above.

Continue reading

Look Dad, I bypassed 3factor authentication

The most important aspect of security is inspecting that everything works as it should. If people inside your organisation don’t have distinct duties, you are going to get screwed really quick.

Continue reading

Security as a profits mechanism

During the greek riots of May 2010, someone threw petrol bombs (a/k/a molotow cocktails) inside a bank. The bank caught fire and three people died. More info about that here. The trial took place in 2013, because of a faulty security policy.

Continue reading

ΕΡΤ

What happens when you let your guards “unguarded”?

I’m about to recycle some thoughts that derive from the NSA incident and the greek economic crisis. For the NSA part I guess you already know what’s going on, in a nutshell, NSA is able to wiretap pretty much anyone. For the greek economic crisis part, although what I am about to say is just a small fragment of what’s going on, yet, it is valid.

Continue reading