BitTorrent Analysis!!!

By -
Bittorrent Analysis (Source: theRegister.co.uk)
 Interesting research that analyzes bittorrent traffic to find content providers.

Popular posts from this blog

iPhone's Persistent Connection to Apple

By S G -
I recently noticed that iOS MDM servers have the ability to connect to phones and initiate checkins even when a device is connected to WiFi. Packet analysis showed absolutely no communication between Apple PUSH service or MDM servers with the phone. On the contrary, the transaction was always magically initiated by the iOS device. How could this happen? As we know, iOS devices have 2 NIC's - one for WiFi and the other for 3G communication. On further analysis, I was able to observe that even though the device switched over to the WiFi network, the 3G network interface of the device was still active in the background and maintained a persisten connection to apple PUSH servers at port 5223 . Hence, whenever Apple or MDM servers wanted to send a PUSH notification, the notification was sent over 3G and in response the device responds back over WiFi. A simple netstat on the device reveals the following: netstat -a tcp4 0 0 10.XXX.XXX.XXX.4XXXX nk11p01st-courie.5223 ESTABLISHED The 3G/E
Read more

Problems with Equifax Breach Disclosure

By S G -
"Insecurities in a security disclosure" UPDATE (9/20/17) : Looks like the observation in this blog has already become a reality. Phishing sites already up and running: http://www.businessinsider.com/report-equifax-directed-concerned-consumers-to-a-spoof-site-2017-9?utm_content=buffer1df4d&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer-bi ORIGINAL STORY: As I was going through the myriad of news articles and url's floating around, I ended up at this site  equifaxsecurity2017.com . To my surprise I noticed that this site is NOT hosted in or by Equifax, instead it was hosted on a completely untrusted domain called " equifaxsecurity2017.com ". Except the EQUIFAX logo, nothing on this site points to the authenticity of this site. Moreover this site redirects users to a 3rd party site that then asks UNAUTHENTICATED users to enter the last 6 digits of SSN and last name. As an Equifax consumer, the least anyone expects is
Read more

iOS Credential Leakage

By S G -
Now that iOS 5 has released and Apple CLAIMS to have fixed the issue, I believe its time for a full disclosure... What Users/Enterprises MUST know: I had reported a security vulnerability with iOS 4 implementation to Apple in OCT 2011. This vulnerability allows an attacker with physical possession of an iOS device or an attacker with the ability to remotely jailbreak a device to retrieve the victims EXCHANGE/Account (email or exchange account) credentials (username + password) in clear text. Hence, if an iOS 4 device is lost/unwillingly jailbroken, immediate steps MUST be taken to ensure that the users credentials are RESET or account locked. Remote administration options like Remote Wipe/Lock/Locate are not effective as an attacker can easily bypass or block remote administration options. This issue has been partially addressed and fixed by Apple in iOS 5. New changes in iOS 5 ensures that the credentials on an iOS device remain secure if a device is lost/stolen. However, the ri
Read more