Free Facial Recognition Tool Can Track People Across Social Media Sites

Security researchers at Trustwave have released a new open-source tool that uses facial recognition technology to locate targets across numerous social media networks on a large scale.

Dubbed Social Mapper, the facial recognition tool automatically searches for targets across eight social media platforms, including—Facebook, Instagram, Twitter, LinkedIn, Google+, the Russian social networking site VKontakte, and China's Weibo and Douban—based on their names and pictures.

The tool's creators claim they developed Social Mapper intelligence-gathering tool predominantly to help pen testers and red teamers with social engineering attacks.

Although the searches of names and pictures can already be performed manually, Social Mapper makes it possible to automate such scans far faster and "on a mass scale with hundreds or thousands of individuals" at once.

"Performing intelligence gathering online is a time-consuming process, it typically starts by attempting to find a person's online presence on a variety of social media sites," Trustwave explained in a blog post detailing the tool.

How Social Mapper Open Source Intelligence Tool Works

But, "What if it could be automated and done on a mass scale with hundreds or thousands of individuals?"

Social Mapper works by running through three stages:

Stage 1—The tool creates a list of targets (consisting of a name and a picture) based on the input you give it. The list can be provided via links in a CSV file, images in a folder or via people registered to a company on LinkedIn.

Stage 2—Once the targets are processed, the second stage of Social Mapper kicks in that automatically starts searching social media sites for the targets online.

The researchers suggest running the tool overnight with a good internet connection as the search could take over 15 hours for lists of 1,000 people and use a significant amount of bandwidth.

Stage 3—After searching, the third stage of the Social Mapper starts generating reports such as a spreadsheet with links to the profile pages of the target list, or a more visual HTML report that also includes photos for quickly checking and verifying the results.

What Could Possibly Go Wrong?

While this end result is perfect for facilitating highly sophisticated phishing campaigns or intelligence gathering, Trustwave says it will help security professionals and ethical hackers by giving them the same tools as the bad guys to test their clients’ security.

However, since the tool is now available in open-source, anyone including bad actors or intelligence agencies can reuse facial recognition tech to build their own surveillance tools to search against already collected trove of data.

The company further proceeded to outline some nefarious-sounding uses of Social Mapper, which are limited "only by your imagination," once you have the end result in your hand, suggesting that it can be used to:

• Create fake social media profiles to "Friend" targets and then send them links to downloadable malware or credential capturing landing web pages.
• Trick targets into disclosing their emails and phone numbers with vouchers and offers to pivot into "phishing, vishing or smishing."
• Create custom phishing campaigns for each social media platform, making sure that the target has an account, and make these more realistic by including their profile picture in the email. Then capture the passwords for password reuse.
• View target's photos looking for employee access card badges and familiarise yourself with building interiors.

Well, that sounds horrible, but Trustwave researchers emphasized the use of Social Mapper for ethical hacking.

Trustwave has made Social Mapper available on GitHub and making it available to everyone for free.

Trustwave's Jacob Wilkin is going to present Social Mapper at the Black Hat USA conference this week, where IBM Research is detailing its highly evasive and highly targeted AI-powered malware called DeepLocker.

Source: TheHackerNews

How to Hack WiFi Password Easily Using New Attack On WPA/WPA2

Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.

Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens 'Atom' Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols with Pairwise Master Key Identifier (PMKID)-based roaming features enabled.

The attack to compromise the WPA/WPA2 enabled WiFi networks was accidentally discovered by Steube while he was analyzing the newly-launched WPA3 security standard.

This new WiFi hacking method could potentially allow attackers to recover the Pre-shared Key (PSK) login passwords, allowing them to hack into your Wi-Fi network and eavesdrop on the Internet communications.

How to Hack WiFi Password Using PMKID

According to the researcher, the previously known WiFi hacking methods require attackers to wait for someone to log into a network and capture a full 4-way authentication handshake of EAPOL, which is a network port authentication protocol.

Whereas, the new attack no longer requires another user to be on the target network to capture credentials. Instead, it is performed on the RSN IE (Robust Security Network Information Element) using a single EAPOL (Extensible Authentication Protocol over LAN) frame after requesting it from the access point.

Robust Security Network is a protocol for establishing secure communications over an 802.11 wireless network and has PMKID, the key needed to establish a connection between a client and an access point, as one of its capabilities.

Step 1 — An attacker can use a tool, like hcxdumptool (v4.2.0 or higher), to request the PMKID from the targeted access point and dump the received frame to a file.

$ ./hcxdumptool -o test.pcapng -i wlp39s0f3u4u5 --enable_status

Step 2 — Using the hcxpcaptool tool, the output (in pcapng format) of the frame can then be converted into a hash format accepted by Hashcat.

$ ./hcxpcaptool -z test.16800 test.pcapng

Step 3 — Use Hashcat (v4.2.0 or higher) password cracking tool to obtain the WPA PSK (Pre-Shared Key) password, and Bingo!

$ ./hashcat -m 16800 test.16800 -a 3 -w 3 '?l?l?l?l?l?lt!'

That's the password of the target wireless network, cracking which may take time depending on its length and complexity.

"At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers)," Steube said.

Since the new WiFi hack only works against networks with roaming functions enabled and requires attackers to brute force the password, users are recommended to protect their WiFi network with a secure password that's difficult to crack.

This WiFi hack also does not work against next-generation wireless security protocol WPA3, since the new protocol is "much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE)."

Source: TheHackerNews

Facebook Open Sources Fizz — TLS 1.3 Library For Speed and Security

Facebook has open sourced Fizz—a library designed to help developers implement TLS 1.3 protocol with all recommended security and performance related configurations.

Since late last month, Google Chrome web browser has started marking all non-HTTPS websites as 'Not Secure' in an effort to make the web a more secure place, forcing website administrators to switch to HTTPS.

TLS 1.3 is the newest and most secure cryptographic protocol of the Transportation Layer Security (TLS), the successor to Secure Sockets Layer (SSL), which encrypts data in transit between clients and servers to prevent data theft or tampering.

To make internet traffic more secure, TLS 1.3 incorporates several new features like encrypting handshake messages to keep certificates private, redesigning the way secret keys are derived, and a zero round-trip (0-RTT) connection setup, making certain requests faster than TLS 1.2.

Written in C++ 14, Fizz is a reliable and highly performant TLS library that supports all major handshake modes, robust encryption algorithms, and performance optimizations aim to transfer data securely over 10 percent higher speed.

"With zero copy encryption and decryption, tight integration with other parts of our infrastructure, and other optimizations, we see a reduced usage of memory and CPU with Fizz," Facebook says in a blog post  announcing that it's open sourcing the library.
"In addition to the enhancements that come with TLS 1.3, Fizz offers an improved solution for middlebox handshake failures, supports asynchronous I/O by default, and can handle scatter/gather I/O to eliminate the need for extra copies of data."

Facebook has already replaced its older custom protocol, called Zero protocol, with Fizz which is now responsible for securing trillions of connections every day at Facebook.

The social media giant says it has "deployed Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst. More than 50 percent of our internet traffic is now secured with TLS 1.3."

By open-sourcing Fizz, Facebook is sharing this technology with the world and helping drive deployments of the latest TLS 1.3 protocol across the Internet, making apps and services faster and more secure than ever.

Fizz is available on GitHub, and anyone can access and use it.

Source: TheHackerNews

Reddit Hacked – Emails, Passwords, Private Messages Stolen

Another day, another significant data breach.

This time the victim is Reddit... seems someone is really pissed off with Reddit's account ban policy or bias moderators.

Reddit social media network today announced  that it suffered a security breach in June that exposed some of its users' data, including their current email addresses and an old 2007 database backup containing usernames and hashed passwords.

According to Reddit, the unknown hacker(s) managed to gain read-only access to some of its systems that contained its users' backup data, source code, internal logs, and other files.

In a post published to the platform Wednesday, Reddit Chief Technology Officer Christopher Slowe admitted that the hack was a serious one, but assured its users that the hackers did not gain access to Reddit systems.

"[The attackers] were not able to alter Reddit information, and we have taken steps since the event to further lock down and rotate all production secrets and API keys, and to enhance our logging and monitoring systems," Slowe wrote.

According to Slowe, the most significant data contained in the backup was account credentials (usernames and their corresponding salted and hashed passwords), email addresses and all content including private messages.

Attacker Bypassed SMS-based Two-Factor Authentication

Reddit learned about the data breach on June 19 and said that the attacker compromised a few of the Reddit employees' accounts with its cloud and source code hosting providers between June 14 and June 18.

The hack was accomplished by intercepting SMS messages that were meant to reach Reddit employees with one-time passcodes, eventually circumventing the two-factor authentication (2FA) Reddit had in place attacks.

The security breach should be a wake-up call to those who still rely on SMS-based authentication  and believes it is secure. It's time for you to move on from this method and switch to other non-SMS-based two-factor authentication.

Reddit is also encouraging users to move to token-based two-factor authentication, which involves your mobile phone generating a unique one-time passcode over an app.

Reddit said that users can follow a few steps mentioned on the breach announcement page to check if their accounts were involved.

Moreover, Reddit will reset passwords for users who may have had their login credentials stolen in the breach, and also directly notify all affected users with tips on how they can protect themselves.

Source: TheHackerNews

Google Android P is officially called Android 9 Pie

If you have bet on Peppermint, Pancake or Pastry for "P" in the next version of Google's mobile operating system, sorry guys you lose because Android P stands for Android Pie.

Yes, the next version of sugary snack-themed Android and the successor to Android Oreo will now be known as Android 9.0 Pie, and it has officially arrived, Google revealed on Monday.

Android 9 pie five best new features

Google says Android Pie comes with a "heaping helping of artificial intelligence baked in to make your phone smarter, simpler, and more tailored to you."

1.) AI-Powered Adaptive Battery

Despite Google has made its efforts since it brought a power saving mode called Doze  in Android 6.0 Marshmallow, Battery life has always been a big concern for people.

Android 9 Pie introduces a new feature called "Adaptive Battery," which uses machine learning to learn which apps you use most and prioritize battery for them accordingly.

"Android 9 introduces a new battery management feature, App Standby Buckets." Android official documentation site says.

"Based on the app usage patterns, each app is placed in one of five priority buckets. The system limits the device resources available to each app based on which bucket the app is in."

2.) AI-Powered Adaptive Brightness

Android 9 Pie also comes with a new auto-brightness algorithm, which is also powered by AI to learn how users like to set the brightness in different settings, and does it for them.

3.) App Actions

Android Pie has a new feature called App Actions that helps users get things done faster by predicting what they will want to do next based on their context and displays that action right on their smartphone.

"Say it's Tuesday morning and you’re preparing for your commute: you’ll be suggested actions like navigating to work on Google Maps or resuming an audiobook with Google Play Books," Google explains.
"And when you put in headphones after work, you may see options to call your mom or start your favorite Spotify playlist."

4.) Slices

This is an important feature added to Android Pie which allows apps to shows a "slice" of relevant information from other apps when the operating system believes you need it, like showing you real-time pricing from services like Uber or Lyft when you are searching for a ride.

"If you start typing 'Lyft' into Google Search, you’ll see a "slice" of the Lyft app, showing prices for your ride home and the ETA for a driver so you can take action more quickly and easily."

5.) Security and Privacy

Google says Android Pie enables industry-leading hardware security capabilities that allow protecting your sensitive information such as credit card data using a secure, dedicated chip.

Besides this, Android Pie also brings important privacy improvements, like "TLS by default and DNS over TLS to help protect all web communications and keep them private."

In addition to these features, Google has also introduced new gesture-based system navigation in Android Pie that features a single home button, smart text selection, gesture navigation, and Wi-Fi round-trip time (RTT), while digital wellbeing coming in the fall.

How to Download Android 9 Pie Now

According to the tech giant, Android Pie is starting to roll out today as an over-the-air update to Google Pixel phones, while other Android devices will receive Android Pie "by the end of this fall."

All you have to do is open device Settings > System > System Update to see if the latest update has landed on your handset.

You may even get an alert via system notification as well that the Android 9 Pie update is available to download and install. Just make sure your phone is charged before you start an Android update.

Android devices, including OnePlus 6, Sony Xperia XZ2, Xiaomi Mi Mix 2S, Nokia 7 Plus, Oppo R15 Pro, Vivo X21, and Essential PH‑1, which were part of the Android P beta program, as well as "qualifying" Android One devices will also receive the Android Pie update by the end of the fall.

Google also added that Android Pie won't be coming to Nexus devices and that it is working with "a number of other partners to launch or upgrade devices to Android 9 this year" in an attempt to give more people access to the platform.

Source: TheHackerNews

Cisco to buy cyber-security company Duo for $2.35 billion

(Reuters) - Cisco Systems Inc said on Thursday it would buy Duo Security, a venture capital-backed cyber security company, for $2.35 billion in cash, as part of its push to expand into a faster growing area of software than its core business.

The deal is the biggest acquisition for Cisco since its $3.7-billion purchase of business performance monitoring software company AppDynamics last year, and its largest in the cyber security sector since its $2.7-billion takeover of Sourcefire in 2013.

The deal is an example of "a move toward software and our shift to more recurring revenue with new subscription-based solutions," Robert Salvagno, head of Cisco's corporate development said on a conference call Thursday.

Many companies are on the hunt for deals to expand their cybersecurity offerings as corporations want to bulk up their defenses against a wave of cyber attacks by criminals, spies and hacker activists. Earlier this month, telecommunications firm AT&T Inc bought AlienVault, a cybersecurity provider for small and medium-size businesses.

"Cisco is getting its act together in the cyber security market," Credit Suisse analyst Brad Zelnick said in a research note, noting that Cisco has acquired five security companies over the past three years.

Cisco shares rose 1.6 percent at $42.54 on Thursday.

The deal represents a rare multi-billion dollar exit for cybersecurity venture investors who have been pouring money at a record pace into a crowded market. There are over 3,000 cyber

security companies with more than 400 being funded per year, according to advisory firm Momentum Cyber.

One venture capital firm, Benchmark, saw a 20 times return on its early investment in the company, according to a source familiar with the matter. Benchmark declined to comment.

Based in Ann Arbor, Michigan, Duo had raised $119 million to date from investors such as Lead Edge Capital, Index Ventures, Workday, Redpoint Ventures and True Ventures.

Duo's platform allows users to verify their identity with a two-step authentication process, a product that Cisco executives said was key as more of their customers are trying to securely connect to applications in the cloud.

The deal, reported first by Reuters, is expected to close in the first quarter of Cisco's fiscal 2019.

Cisco has been making efforts to transform itself beyond networking. Besides security, it is also focused on investing in what it calls the Internet of Things and cloud-based applications.

Cisco was advised by Goldman Sachs and Barclays as well as the law firm Fenwick & West. Duo was advised by Qatalyst Partners and law firm Gunderson Dettmer.

Source: Reuters