Monthly Archives: April 2017

Dronejacking

By Michael Birman on December 7, 2019

The world in which we live gets more technologically advanced every day and things that were previously accessible to only a select few have now become available to pretty much everyone. During the 1980’s when personal computers were the newest thing, the desktop devices were much more expensive (not to mention cumbersome) than they are today.

Thirty plus years later, personal computers are commonplace in homes around the industrialized world and everything on the internet is now available anywhere at anytime thanks to a large variety of handheld mobile electronic devices, including cell phones, laptops and tablets.

Another electronic device that is quickly changing the way we live and work is the drone that began as a hobby for flying enthusiasts or expensive gifts to kids from parents who could afford them. Today multiple companies are manufacturing affordable drones which have made them more popular and the devices are quickly becoming mainstream business tools.

Multiple government agencies and a variety of businesses are now using drones to assist in accomplishing their goals which include photography, news media, farming, law enforcement, shipping and more uses for drones are always being found.

Both UPS and Amazon plan to start delivering packages using drones instead of the typical mail transporting services. When that becomes reality you will have to worry about your package even making it to your doorstep to be stolen by someone watching for package deliveries because hackers will be able to gain control of drones in-flight and redirect them to another location.

As we have seen in the past any type of electronic device that gets connected to a network becomes a potential target for hacking. These nefarious efforts are made easier by devices that have little or no security measures in place and are easy to set up facilitated by using open ports and unencrypted communications.

A recent example sparked anxiety in the up-and-coming drone industry when a drone was found outfitted with hacking capabilities that would allow it to hack into local wireless networks after landing on roofs of businesses, homes or government facilities.

DefCon demonstrated in 2015 that someone could very easily take control of a drone while in flight. Since shipping drones will likely be launched each time from a specific location, it won’t take long for hackers to determine flight patterns and easily assume control of regularly flying drones and their cargo.

The logistical nightmare created by dronejacking for companies like Amazon and UPS could negatively impact the success of such programs even though successful dronejackings would be unreliable and package contents are unknown.

Drones have also been known to annoy people when they fly over their houses and many have resorted to throwing rocks or shooting guns to bring them down. This presents questions about invasions into personal space and “no-fly zones,” which are just a few of the issues currently being considered by national and local authorities. Ordinances and regulations about drones are still being formulated so many agencies don’t know how to handle drone complaints.

The media and photography enthusiasts use drones to get pictures that are not easily accessed otherwise using expensive high-quality photographic equipment. Hackers could easily assume control of not only the expensive drone, but the costly equipment it carries which creates a tempting target for dronejacking by those who resell various devices including drones and camera equipment.

Multiple federal, state and local law enforcement agencies use drones for surveillance and to assist with crowd control in highly charged scenarios like protests and situations involving active shooters. Protesters could look to technology to take out surveillance drones and security feeds upon which law enforcement agencies rely.

Researchers have found open ports and weak authentication tools in many drones used for consumer shipping which allows hackers to send remote commands to drones to redirect them. Most of these redirections are currently being done manually but it won’t be long before someone produces a format that makes exploitation easier.

Most vulnerabilities are easily remedied with a software update from the drone manufacturer and those who manufacture more expensive high-end drones will probably offer fixes sooner than cheaper drones for which fixes will be a long time coming.

Cybersecurity experts predict that drone exploit kits will soon start making the rounds on the internet and more media stories about dronejackings will appear in newscasts worldwide. Questions about personal no-fly zones will abound and debates on social media will be heated about solutions that may include running software from a laptop instead of hurling rocks and loading weapons.

Experts also predict drones will be taken out of the air by individuals using directional antennas and that hackers will develop a way to quickly eliminate surveillance drones used by law enforcement.

Commercial aviation grew slowly over a long period of time as did rules and regulations governing it. Drones are advancing at a much more rapid pace which is leaving the United States Federal Aviation Administration scrambling to formulate regulations governing where and when both private and commercial drones can fly and local authorities are awaiting those rules and regulations, as are individuals who operate or are affected by drones.

Top 10 Vulnerabilities

By on December 7, 2019

Intel Corp is a leader in the tech world of cyber security and uncovers an average of 245 new computer related threats daily. The experts at Intel have developed a Threat Dashboard that lists all the current threats, vulnerabilities, ransomware, exploit kits and campaigns of which their experts are aware that are designed to nefarious invade electronic devices for the purpose of stealing valuable personal and confidential information.

Intel has determined the following to be the Top 10 Vulnerabilities of which computer users everywhere need to be aware:

CVE-2017-0038

This is a vulnerability in Microsoft Windows that could permit a remote hacker to gain access to sensitive information. The flaw lies within the Graphics Device Interface (gdi32.dll) which can be exploited using an EMF file which is an extension of the spool file format Enhanced MetaFile which is used for reading, filing, storing and printing documents in the Windows computer operating system.

Cloudbleed

This vulnerability was found in websites that use CloudFlare which is a content delivery network that lies between the computer user and the user’s internet host. The vulnerability results in possible memory leaks that expose private customer information.

CVE-2016-1019

Adobe Flash Player is affected by this vulnerability which allows remote hackers to cause a denial of service, application crash and/or the possibility of executing arbitrary code using unspecified vectors (direction and magnitude). Adobe Flash Player is a popular freeware for accessing content created there, including Internet applications, viewing multimedia and streaming audio and video.

CVE-2016-4117

This vulnerability also affects Adobe Flash Player’s by enabling remote code execution.

CVE-2016-0189

This vulnerability allows remote hackers to execute arbitrary code, cause a denial of service or memory corruption in Microsoft JScript 5.8 and VBScript 5.7 and 5.8 engines, which are used in Internet Explorer’s versions 9 through 11 and other products.

CVE-2016-7200

Microsoft Edge’s Chakra JavaScript engine is affected and allows remote hackers to execute arbitrary code, cause a denial of service or memory corruption using a “crafted” website which are those built for purposes of carrying out a cyber attack.

CVE-2017-0037

This vulnerability could result in remote code execution in Microsoft Internet Explorer and the flaw lies within the “HandleColumnBreakOnColumnSpanningElement.”

CVE-2016-7201

Microsoft Edge’s Chakra JavaScript is affected with this vulnerability and allows remote hackers to execute arbitrary code, cause a denial of service or memory corruption using a crafted website.

CVE-2016-7288

This vulnerability also affects Microsoft Edge and could result in execution of arbitrary code or a denial of service and the flaw lies within the scripting engines that are exploitable using crafted websites.

CVE-2017-0016

This vulnerability causes memory corruption in Microsoft Windows applications and could result in a denial of service with the flaw lying in mrxsmb20.sys and the way SMB traffic is handled.

Computer users have their work cut out for them trying to keep up with the latest computer viruses and hacking vulnerabilities that can affect anyone anywhere anytime. Maintaining up-to-date security software is critical to fighting nefarious computer invasions as well as developing a working relationship with competent IT professionals like those at EyesEverywhere.

Potentially Unwanted Programs (PUPs)

By on December 7, 2019

The term Potentially Unwanted Programs or PUPs refers to software programs that contain possibly malicious adware or cause other unspecified objectives like installation of toolbars or nefarious programs.

The title was given to this type of software to distinguish it from malicious software (malware) because PUPs are voluntarily downloaded by computer users who don’t read and/or fully understand the true terms and conditions of download agreements that may include installation of other programs whether wanted or not.

Usually PUPS are adwares on websites you frequent which appear as coupons, underlined words, advertising banners or annoying pop-up ads. These ads are nefariously aimed at getting users to click on them after which malicious content is installed onto electronic devices that can include optimization tools, web browser toolbars and other unsafe cyber products.

These crafty PUPs do nothing but generate “pay-per-click” income for the PUPs’ creator from unsuspecting personal computer and hand-held electronic device operators who unknowingly download malicious programs onto their electronics. Most PUPS get into electronic systems via bundled installations of “freeware” software, PDF creators, download managers and video streaming or recording.

A lot of PUPs are bundled within customized installer tools on download websites like Brothersoft, Softonic and CNET that enable computer users to download various computer software programs.

Some signs of the presence of PUPs on electronic devices are completely stealth while others are blatantly obvious. For example if your electronic device is infected with Ransomware, you will know immediately because a pop-up window will appear on the computer screen demanding a specified amount of money in order to restore your stolen and encrypted data. Other symptoms are not as obvious and include the following common indications that PUPs may have infiltrated computers and other electronic devices:

Injection of advertising banners within website pages you visit.

Website text is randomly turned into hyperlinks, which are links to another location, document or file that are typically activated by clicking on a word or image that is highlighted on the computer screen.

Slow running computer (not caused by running too many programs or lack of hard drive or memory space).

Slow internet connection.

Frozen or unresponsive browser.

Cursor drags 10 seconds behind the mouse.

Different home page continually appears.

New toolbars appear that you can’t remove.

Pop-ups that recommend fake software or software updates.

Bombardment with pop-up ads; close one and another appears even when you’re not online.

Browser redirects repeatedly redirect users from the website they’re trying to access to a different one.

Lots of bounced back email (indicative of having been hacked).

Unfamiliar icons appear on desktop.

Constant computer crashing.

Cell phones and other electronic devices are not immune and are vulnerable to mobile malware, the symptoms of which may include short battery life (drains quickly) or cell phone bills that include charges for things you didn’t buy or messages you didn’t send.

Botnets and other types of malware are nearly impossible to detect unless you run a cyber security scan. Computer users can protect electronic devices from land and mobile cyber threats by using anti-malware security software designed specifically for personal computers, smartphones and/or tablets and other devices. Safeguards exist specifically designed to keep Android devices from infected applications, unauthorized surveillance and nefarious malware.

Inasmuch as Intel uncovers 245 new cyber threats per minute, it has never been more important to utilize up-to-date cyber security software to protect electronic devices from malicious infections that can turn one’s life upside down or completely halt business operations.

If you think you’ve been the victim of PUPs or other malicious computer infections, contact the professionals at Eyes Everywhere today to begin the process of locating, identifying and eradicating PUPs and other malware applications from your electronic devices.