InfoSec Week 47, 2018
Posted
The German government-issued identity card (nPA) SDK had a critical security vulnerability allowing an attacker to impersonate arbitrary users against affected web applications.
https://seclists.org/fulldisclosure/2018/Nov/56
One of the largest dark Web hosting service providers was hacked using the PHP vulnerability we wrote a week ago and taken offline by deleting the whole database.
More than 6500 Dark Web services were hosted there which means that literally one third of the publicly facing dark web is gone.
https://www.zdnet.com/article/popular-dark-web-hosting-provider-got-hacked-6500-sites-down/
For 30 months, internet traffic going to Australian Defense websites flowed through the China Telecom’s data centers due to BGP hijacking.
“How the strange routing occurred is known. But the reasons why it persisted for so long aren’t, and many involved in the situation aren’t eager to directly comment.”
https://www.databreachtoday.com/did-china-spy-on-australian-defense-websites-a-11714
The Computer Emergency Response Team of Ukraine (CERT-UA) and the Foreign Intelligence Service of Ukraine detected a new malware Pterodo Windows backdoor that was targeting computers at Ukrainian government agencies.
https://hackercombat.com/new-pterodo-backdoor-malware-detected-by-ukraine/
The US government is persuading wireless and internet providers in allied countries to avoid telecommunications equipment from Chinese company Huawei.
https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12165136
Mozilla published a blog post about their concern regarding the EU Terrorist Content Regulation.
https://blog.mozilla.org/netpolicy/2018/11/21/the-eu-terrorist-content-regulation-a-threat-to-the-ecosystem-and-our-users-rights/
TinkerSec security researchers published on a Twitter a great story about his insider penetration testing assignment. Really good read, he got busted.
https://threader.app/thread/1063423110513418240
The VUSec security group published ECCploit paper and an article demonstrating Rowhammer bitflip exploits on the Error-correcting Code (ECC) enabled systems.
https://www.vusec.net/projects/eccploit/
The Crypto.cat author, security researcher Nadim Kobeissi published ProtonMail encryption paper, “An Analysis of the ProtonMail Cryptographic Architecture”.
https://eprint.iacr.org/2018/1121
MiSafes’ Kids Watcher child-tracking smartwatches can be compromised, children can be tracked.
https://www.pentestpartners.com/security-blog/tracking-and-snooping-on-a-million-kids/
Zydis is the ultimate, open-source X86 & X86-64 decoder/disassembler library.
https://github.com/zyantific/zydis