InfoSec Week 44, 2018
The US federal prosecutors say that Chinese spies hacked dozen firms to steal aviation engineering secrets for the Chinese aerospace company.
Posted
#Weekly-News
DevOps, Security, Whatewer
InfoSec Week 43, 2018
A zero-day vulnerability in the jQuery File Upload plugin is actively exploited for at least three years. Patch now!
Posted
#Weekly-News
InfoSec Week 42, 2018
The Czech Security Intelligence Service (BIS) shuts down Hezbollah servers in the Hezbollah hacking operation. Hackers used female Facebook profiles to trick victims into installing spyware.
Posted
#Weekly-News
InfoSec Week 41, 2018
Memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation can screw you. Just answering a call from an attacker could completely compromise WhatsApp.
Posted
#Weekly-News
InfoSec Week 40, 2018
Estonia sues Gemalto for €152M over ID card flaws. According to an article, some keys were NOT generated on a smartcard due to a scaling issue. Well, looks like they are not affected by ROCA vulnerability, just compromised by Gemalto:)
Posted
#Weekly-News
InfoSec Week 39, 2018
Linux had officially committed to implementing and obeying the Code of Conduct — which is immediately misused to remove top Linux coders. Some of the Linux developers are now threatening to withdraw the license to all of their code.
Posted
#Weekly-News
InfoSec Week 38, 2018
Purism project introduced their own security token called the Librem Key. They have partnered with the Nitrokey manufacturer, but the firmware provides additional functionality, like a challenge response mode where the key informs you if the bios running on a PC has validated itself to the key.
Posted
#Weekly-News
InfoSec Week 37, 2018
Tesla model S is using a 40bit challenge response scheme broken back in 2005. Researchers stole a car in ~6 seconds with precomputed tables.
Posted
#Weekly-News