Marcus Brinkmann demonstrated how some configuration options in the GnuPG allow remote attackers to spoof arbitrary signature. He used the embedded “filename” parameter in OpenPGP literal data packets, together with the verbose option set in their gpg.conf file.
Posted
#Weekly-News
Yet another high severity attack against the Intel CPUs. Unpatched systems can leak SIMD, FP register state between privilege levels. These registers are used for private keys nowadays. The cost of a patch is more expensive context switches because the fix has to unload and reload all SIMD, FP state.
Posted
#Weekly-News
Australian government drafts new laws, that will force technology giants like Facebook, Google to give government agencies access to encrypted data.
Posted
#Weekly-News
Google Pixel 2 devices implement insider attack resistance in the tamper-resistant hardware security module that guards the encryption keys for user data. It is not possible to upgrade the firmware that checks the user's password unless you present the correct user password.
Posted
#Weekly-News
500,000 routers in more than 50 countries are infected with the malware targeting routers. Primarily home devices like Linksys, MikroTik, NETGEAR and TP-Link. Cisco's Talos Security attributed malware to the future Russian cyber operations against the Ukraine. The US FBI agents seize control of the botnet.
Posted
#Weekly-News
Major (probably not only) US cell carriers are selling access to the real-time phone location data. Because, you know the Electronic Communications Privacy Act only restricts telecommunication companies from disclosing data to the government, it doesn't restrict disclosure to other companies. Which can resell back to the gov. Hacker News discussion on a topic is quite informative.
Posted
#Weekly-News
There is a first ransomware which is taking advantage of a new Process Doppelgänging fileless code injection technique. Working on all modern versions of Microsoft Windows, since Vista. This variant of a known SynAck ransomware is using NTFS transactions to launch a malicious process by replacing the memory of a legitimate process.
Posted
#Weekly-News
Multiple tech giants like Apple, Microsoft, Google and others formed an industry coalition and have joined security experts in criticizing encryption backdoors, after Ray Ozzie's CLEAR key escrow idea was widely derided. He basically proposed a scheme where the users have no control over their own devices, but the devices can be securely forensically analyzed by the government agencies.
Posted
#Weekly-News
A loud sound emitted by a gas-based fire suppression system deployed in the data center has destroyed the hard drives of a Swedish data center, downing NASDAQ operations across Northern Europe.
Posted
#Weekly-News
Google disables domain fronting capability in their App Engine, which was used to evade censorship. What a fortunate timing.
Posted
#Weekly-News
The U.S. Secret Service is warning about a new scam scheme where the crooks are intercepting new debit cards in the mail and replace the chips on the cards with chips from old cards. Once owners activate the cards, crooks will use stolen chips for their financial gain.
Posted
#Weekly-News
There is a critical flaw in Microsoft Malware Protection Engine (CVE-2018-0986). They have used the open source unrar code, changed all the signed ints, breaking the code. Remote SYSTEM memory corruption.
Posted
#Weekly-News