Google Releases 'nogotofail' Network Traffic Security Testing Tool

Google introduced a new security tool to help developers detect bugs and security glitches in the network traffic security that may leave passwords and other sensitive information open to snooping.

The open source tool, dubbed as Nogotofail, has been launched by the technology giant in sake of a number of vulnerabilities discovered in the implementation of the transport layer security, from the most critical Heartbleed bug in OpenSSL to the Apple's gotofail bug to the recent POODLE bug in SSL version 3.

The company has made the Nogotofail tool available on GitHub, so that so anyone can test their applications, contribute new features to the project, provide support for more platforms, and help improve the security of the internet.

Android security engineer Chad Brubaker said that the Nogotofail main purpose is to confirm that internet-connected devices and applications aren't vulnerable to transport layer security (TLS) and Secure Sockets Layer (SSL) encryption issues.

The network security testing tool includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library vulnerabilities and misconfigurations, SSL and STARTTLS stripping issues, and clear text traffic issues, and more.

"Google is committed to increasing the use of TLS/SSL in all applications and services. But 'HTTPS everywhere' is not enough; it also needs to be used correctly," Brubaker wrote in a blog post.

"Most platforms and devices have secure defaults, but some applications and libraries override the defaults for the worse, and in some instances we've seen platforms make mistakes as well. As applications get more complex, connect to more services, and use more third party libraries, it becomes easier to introduce these types of mistakes."

Nogotofail tool, written by Android engineers Chad Brubaker, Alex Klyubin and Geremy Condra, works on devices running Android, iOS, Linux, Windows, Chrome OS, OS X, and “in fact any device you use to connect to the Internet.” The tool can be deployed on a router, a Linux machine, or a VPN server.

The company says it has been using the Nogotofail tool internally for "some time" and has worked with developers to improve the security of their apps before releasing it. "But we want the use of TLS/SSL to advance as quickly as possible," Brubaker said.

The Nogotofail tool requires Python 2.7 and pyOpenSSL>=0.13. It features an on-path network Man-in-the-Middle (MiTM), designed to work on Linux machines, as well and optional clients for the devices being tested.

By "Kunal Vohra", Director@H2K

Still Having Problem..!!! Connect with Admin
BBM: 7F72A48D


 Kunal Vohra Download Our Official Android App & Get Free Internet

"The Hackers Street"

For Daily Updates 

Facebook Now Accessible Via Tor Anonymous Network Using .Onion Address

If you are fan of the largest social networking site Facebook, but also want to remain anonymous while using your Facebook account, then there is really a Good news for you.

Facebook on Friday began offering a way for security and Privacy conscious users to connect to its social networking service using the anonymizing service running on the Tor network, by launching a .onion address. This is really a historic move of the social network.

Tor Browser is an open source project, launched in 2002, designed to increase the anonymity of your activities on the Internet by not sharing your identifying information such as your IP address and physical location with websites and your service providers. Browsing and data exchange over a network is made through encrypted connections between computers.

The social network just created a special URL – https://facebookcorewwwi.onion – that will allow users running Tor-enabled browsers to connect Facebook’s Core WWW Infrastructure. Hidden services accessed through the Tor network allow both the Web user and website to remain anonymous. Do note that the Tor link will only work on Tor-enabled browsers.

"Facebook’s onion address provides a way to access Facebook through Tor without losing the cryptographic protections provided by the Tor cloud," Alec Muffett, a software engineer with Facebook’s security infrastructure group, said in a blog post. "It provides end-to-end communication, from your browser directly into a Facebook datacenter."

Facebook has previously been criticised by Tor users as the company’s security features treated Tor as a botnet — a collection of computers designed to attack the site. Users were able to access their Facebook account before today, but it often loaded irregularly with incorrectly displayed fonts and sometimes didn't load at all.

Back in 2013, the social network assured Tor users that the company would work with Tor service on a possible solution. Now, after a year, we can see a great move from Facebook’s side with the launch of a dedicated Tor access address. However, the company said that the Tor network may poses some risks as the .onion address is described as an "experiment" by the social network.

"Tor challenges some assumptions of Facebook's security mechanisms – for example its design means that from the perspective of our systems a person who appears to be connecting from Australia at one moment may the next appear to be in Sweden or Canada," Alec Muffett said.

"In other contexts such behaviour might suggest that a hacked account is being accessed through a "botnet", but for Tor this is normal. Considerations like these have not always been reflected in Facebook’s security infrastructure, which has sometimes led to unnecessary hurdles for people who connect to Facebook using Tor."

Furthermore, the company also offers encryption using SSL over Tor with a certificate that cites the unique Tor address, so that users won’t have to deal with SSL certificate warnings and can therefore be assured they are connecting to a secure and real Facebook, preventing users from being redirected to fake sites.

Runa Sandvik, a security researcher who was consulted by Facebook on the project and previously worked at the Tor Project, tweeted, "The launch of the Facebook Tor hidden service also marks the first time a CA has issued a legitimate SSL cert for a .onion address."

By "Kunal Vohra", Director@H2K

Having Problem.??!! Connect with Admin
BBM: 7F72A48D


 Kunal Vohra Download Our Official Android App & Get Free Internet

"The Hackers Street"

For Daily Updates 

Koler Android Ransomware Learns to Spread via SMS

Users of Android operating system are warned of a new variant of Android malware Koler that spreads itself via text message and holds the victim’s infected mobile phone hostage until a ransom is paid.

Researchers observed the Koler Android ransomware Trojan, at the very first time, in May when the Trojan was distributed through certain pornographic websites under the guise of legitimate apps. It locks the victim’s mobile screen and then demands money from users with fake notifications from law enforcement agencies accusing users of viewing and storing child pornography.

ANDROID SMS WORM

Recently, researchers from mobile security firm AdaptiveMobile has discovered a new variant of the rare piece of mobile malware – named Worm.Koler – that allows the malware to spread via text message spam and attempts to trick users into opening a shortened bit.ly URL, turning Koler into an SMS worm.

Once the device is infected by the Koler variant, it will first send an SMS message to all contacts in the device's address book with a text stating, "Someone made a profile named -[the contact's name]- and he uploaded some of your photos! is that you?" followed by a Bitly link, according to the security firm.

When a victim clicks on the Bitly link, he or she is then redirected to a Dropbox page with a download link for a 'PhotoViewer' app that, if installed, will push a ransom screen to pop up incessantly on the users' screen. The ransom message reads that the device has been locked up because of having illicit content and users must pay $300 via MoneyPak to 'wave the accusations.'

"The device appears to be completely locked down with the screen on the phone blocked, so the user won't be able to close the window, or deactivate the malware through the app manager," reads the blog post. "The victim is forced to buy a voucher as instructed on the blocking page, and send the voucher code to a malware author."

INFECTION SPREADING RAPIDLY

The Worm.Koler is capable of displaying localized ransomware messages to users from at least 30 countries, including the U.S., where three quarters of the latest Koler variant infections were seen by the firm, and smaller number of infections were also being detected in parts of the Middle East.

"Due to the Worm.Koler's SMS distribution mechanism, we are seeing a rapid spread of infected devices since the 19th of October, which we believe to be the original outbreak date," the blog post states. "During this short period, we have detected several hundred phones that exhibit signs of infection, across multiple US carriers. In addition to this, other mobile operators worldwide—predominantly in the Middle East, have been affected by this malware."

HOW TO PROTECT YOURSELF

If users suspect they are infected by the malware, they should never authorize any payment as it won't guarantee the unlocking of your device, as well as it will further encourage cyber criminals to carry out such ransomware practices again and again.

Koler does not encrypt files, according to the security firm, therefore it becomes easy for users to eliminate the threat from their infected devices by following two simple steps:

• Reboot your phone in the "Safe Mode"
• Remove the 'PhotoViewer' app using standard Android app uninstallation tool

In order to protect yourself from such threats in future, the best practice is to have the "Unknown Sources" option turned off in your Android device' security settings menu. Turning off of this option won't let users to install applications from unknown sources, but only from the official Google Play store.

By "Kunal Vohra", Director@H2K

Still Having Problem..!!! Connect with Admin
BBM: 7F72A48D


 Kunal Vohra Download Our Official Android App & Get Free Internet

"The Hackers Street"

For Daily Updates