malgregator

InfoSec Week 10, 2018

Google is contracted by the US Defense Department to apply its artificial intelligence solutions to drone strike targeting.

Posted Mar 9, 2018

#Weekly-News

InfoSec Week 9, 2018

Wandera security researchers spotted a new sophisticated Android RedDrop malware hidden in at least 53 Android applications. It can intercept SMS, record audio and exfiltrate data to the remote server.

Posted Mar 2, 2018

#Weekly-News

InfoSec Week 8, 2018

Fraudsters are impersonating authors and publishing computer generated books so they can launder money via Amazon.

Posted Feb 22, 2018

#Weekly-News

InfoSec Week 7, 2018

The Fidelis Cybersecurity researcher Jason Reaves demonstrated how covertly exchange data using X.509 digital certificates. The proof of concept code is using SubjectKeyIdentifier and generating certificates on the fly.

Posted Feb 15, 2018

#Weekly-News

InfoSec Week 6, 2018

A buffer overflow vulnerability in older Starcraft version enabled modders to create new maps, so Blizzard tasked reverse engineer to safely emulate the bug in the newer, fixed version. The author says it all: 'This is a tale about what dedication to backward compatibility implies.'

Posted Feb 9, 2018

#Weekly-News

InfoSec Week 5, 2018

A.P. Moller–Maersk Group, the world's largest container shipping company, reinstalled 45000 PCs and 4000 Servers to recover from the NotPetya ransomware attack.

Posted Feb 1, 2018

#Weekly-News

InfoSec Week 4, 2018

Electron applications designed to run on Windows that register themselves as the default handler for a protocol, like Skype, Slack and others, are vulnerable to the remote code execution vulnerability.

Posted Jan 26, 2018

#Weekly-News

InfoSec Week 3, 2018

Notoriously known Necurs spam botnet is sending millions of spam emails that are pumping shitcoin cryptocurrency named Swisscoin. Attackers are probably invested and are expecting to do pump-and-dump scheme.

Posted Jan 17, 2018

#Weekly-News

InfoSec Week 2, 2018

New research has found a flaw in a group messaging part of a Signal protocol used by Signal, WhatsApp and Threema. It’s hardly exploitable, but the server (attacker) could be, in some theoretical scenario, able to silently join an encrypted group chat.

Posted Jan 11, 2018

#Weekly-News

InfoSec Week 1, 2018

Daniel Shapira from Twistlock wrote a blog about exploiting a Linux kernel vulnerability in the waitid() syscall (CVE-2017-5123) in order to modify the Linux capabilities of a Docker container, gain privileges and escape the container jail.

Posted Jan 3, 2018

#Weekly-News