Avast WEBforum

Other => General Topics => Topic started by: Asyn on November 16, 2010, 02:46:28 PM

Title: Technical
Post by: Asyn on November 16, 2010, 02:46:28 PM
Kaminsky To Release 'Phreebird' For Easy DNSSEC
http://ba.darkreading.com/authentication/167901072/security/application-security/228200646/index.html
Title: Re: Technical
Post by: Asyn on November 19, 2010, 09:43:37 PM
Stuxnet has a double payload
http://www.h-online.com/security/news/item/Stuxnet-has-a-double-payload-1137521.html
Title: Re: Technical
Post by: Asyn on November 19, 2010, 10:03:31 PM
GPUs crack passwords in the cloud
http://stacksmashing.net/2010/11/15/cracking-in-the-cloud-amazons-new-ec2-gpu-instances/
Title: Re: Technical
Post by: Asyn on November 20, 2010, 05:24:27 PM
Super-secret debug capabilities of AMD processors
http://www.woodmann.com/collaborative/knowledge/index.php/Super-secret_debug_capabilities_of_AMD_processors_! (http://www.woodmann.com/collaborative/knowledge/index.php/Super-secret_debug_capabilities_of_AMD_processors_!)
http://www.eweekeurope.co.uk/news/amd-denies-cpu-debugger-was-a-secret-13759
Title: Re: Technical
Post by: Asyn on November 21, 2010, 01:15:12 PM
McAfee Threats Report - Third Quarter 2010
http://www.mcafee.com/us/local_content/reports/q32010_threats_report_en.pdf
Title: Re: Technical
Post by: Asyn on November 24, 2010, 04:50:28 PM
The enemy in the network card
http://esec-lab.sogeti.com/dotclear/index.php?post%2F2010%2F11%2F21%2FPresentation-at-Hack.lu-%3A-Reversing-the-Broacom-NetExtreme-s-firmware
Title: Re: Technical
Post by: Asyn on November 25, 2010, 03:02:05 PM
Slow CPU equals malware defense...?
http://www.f-secure.com/weblog/archives/00002067.html
Title: Re: Technical
Post by: Asyn on November 25, 2010, 10:45:02 PM
European ATM skimmer attacks on the rise
http://krebsonsecurity.com/2010/11/crooks-rock-audio-based-atm-skimmers/
Title: Re: Technical
Post by: Asyn on November 27, 2010, 09:10:57 AM
Secure Java programming with Fabric
http://www.cs.cornell.edu/projects/fabric/
http://www.cs.cornell.edu/andru/papers/fabric-sosp09.pdf
http://www.news.cornell.edu/stories/Sept10/Fabric.html
Title: Re: Technical
Post by: Asyn on December 03, 2010, 07:54:10 AM
Chrome to run Flash Player in a sandbox
http://blog.chromium.org/2010/12/rolling-out-sandbox-for-adobe-flash.html
Title: Re: Technical
Post by: Asyn on December 04, 2010, 04:08:49 PM
Escaping IE Protected Mode
http://www.verizonbusiness.com/resources/whitepapers/wp_escapingmicrosoftprotectedmodeinternetexplorer_en_xg.pdf
Title: Re: Technical
Post by: Asyn on December 05, 2010, 09:07:57 PM
An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications
http://cseweb.ucsd.edu/~d1jang/papers/ccs10.pdf
Title: Re: Technical
Post by: Asyn on December 08, 2010, 02:47:17 PM
IE9 and Privacy: Introducing Tracking Protection
http://blogs.msdn.com/b/ie/archive/2010/12/07/ie9-and-privacy-introducing-tracking-protection-v8.aspx
Title: Re: Technical
Post by: disPlay on December 08, 2010, 04:33:03 PM
IE9 and Privacy: Introducing Tracking Protection
http://blogs.msdn.com/b/ie/archive/2010/12/07/ie9-and-privacy-introducing-tracking-protection-v8.aspx


Pretty interesting information.

Thanks Asyn.
Title: Re: Technical
Post by: Asyn on December 09, 2010, 12:56:29 PM
Support for WebSockets in Firefox 4 disabled (for now)
http://www.0xdeadbeef.com/weblog/2010/12/disabling-websockets-for-firefox-4/
https://bugzilla.mozilla.org/show_bug.cgi?id=616733
http://www.ietf.org/mail-archive/web/hybi/current/msg04744.html
Title: Re: Technical
Post by: bob3160 on December 09, 2010, 10:22:20 PM
Asyn,
What's the difference between what you're posting in here and what's being posted in the
Security Warnings threat ???
http://forum.avast.com/index.php?topic=52252.0 (http://forum.avast.com/index.php?topic=52252.0)
Title: Re: Technical
Post by: Asyn on December 10, 2010, 08:17:21 AM
Asyn,
What's the difference between what you're posting in here and what's being posted in the
Security Warnings threat ???

Hi Bob..!
Well, the difference is that I don't post any security warnings here.
Have a nice day,
asyn
Title: Re: Technical
Post by: Asyn on December 11, 2010, 08:55:40 AM
NIST's search for the super hash – just five candidates left in SHA-3 final
http://www.h-online.com/security/news/item/NIST-s-search-for-the-super-hash-just-five-candidates-left-in-SHA-3-final-1151325.html
Title: Re: Technical
Post by: Asyn on December 12, 2010, 08:16:25 PM
Operation Payback: protests via mouse click
http://www.h-online.com/security/news/item/Operation-Payback-protests-via-mouse-click-1150790.html
Title: Re: Technical
Post by: Asyn on December 16, 2010, 08:47:53 AM
Brief Analysis of the Gawker Password Dump
http://www.duosecurity.com/blog/entry/brief_analysis_of_the_gawker_password_dump
Title: Re: Technical
Post by: Asyn on December 16, 2010, 11:36:03 PM
HeapLocker tool for Windows blocks injected code
http://blog.didierstevens.com/2010/12/06/heaplocker/
http://blog.didierstevens.com/2010/12/14/heaplocker-private-memory-usage-monitoring/
Title: Re: Technical
Post by: Asyn on December 18, 2010, 09:51:02 AM
FBI back door in IPSec implementation of OpenBSD..??
http://www.h-online.com/open/news/item/FBI-back-door-in-IPSec-implementation-of-OpenBSD-1153297.html
http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

Update: Audits give no indication of back doors
http://www.h-online.com/security/news/item/OpenBSD-audits-give-no-indication-of-back-doors-1158604.html
http://marc.info/?l=openbsd-tech&m=129296046123471&w=2
Title: Re: Technical
Post by: Asyn on December 27, 2010, 05:31:51 PM
Merry Hacksmas
http://www.h-online.com/security/news/item/Merry-Hacksmas-1159312.html
Title: Re: Technical
Post by: Asyn on December 31, 2010, 04:45:52 PM
27C3: danger lurks in PDF documents
http://www.h-online.com/security/news/item/27C3-danger-lurks-in-PDF-documents-1162166.html
Title: Re: Technical
Post by: CharleyO on January 01, 2011, 09:56:38 AM
***

SSDs Gaining Ground In Storage, Servers, Laptops

"Solid state drives and Flash memory modules offer multiple-times the performance of traditional spinning hard drives."

http://www.crn.com/news/storage/228800876/ssds-gaining-ground-in-storage-servers-laptops.htm


***
Title: Re: Technical
Post by: Asyn on January 05, 2011, 10:05:26 AM
Security tool uncovers multiple bugs in every browser
http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html
http://en.wikipedia.org/wiki/Fuzz_testing
Title: Re: Technical
Post by: Asyn on January 06, 2011, 08:29:29 PM
Bypassing Flash’s local-with-filesystem Sandbox
http://xs-sniper.com/blog/2011/01/04/bypassing-flash%E2%80%99s-local-with-filesystem-sandbox/
Title: Re: Technical
Post by: Asyn on January 07, 2011, 11:18:23 PM
Proof of ownership for IP addresses
http://www.h-online.com/security/news/item/Proof-of-ownership-for-IP-addresses-1164707.html
Title: Re: Technical
Post by: Asyn on January 08, 2011, 07:42:19 PM
Linux capabilities don't add security
http://forums.grsecurity.net/viewtopic.php?f=7&t=2522
Wiki: https://secure.wikimedia.org/wikipedia/en/wiki/Capability-based_security
Discussion: http://lwn.net/Articles/421671/
Exploit: http://lists.grok.org.uk/pipermail/full-disclosure/2011-January/078350.html
Title: Re: Technical
Post by: Asyn on January 11, 2011, 10:01:56 AM
Email authentication comes to Google Apps customers
http://googleenterprise.blogspot.com/2011/01/spam-takes-another-hit-email.html
Title: Re: Technical
Post by: bob3160 on January 11, 2011, 01:58:03 PM
Email authentication comes to Google Apps customers
http://googleenterprise.blogspot.com/2011/01/spam-takes-another-hit-email.html

Can you explain how this will effect the average computer user ???
Title: Re: Technical
Post by: Asyn on January 11, 2011, 02:15:47 PM
Email authentication comes to Google Apps customers
http://googleenterprise.blogspot.com/2011/01/spam-takes-another-hit-email.html

Can you explain how this will effect the average computer user ???

This doesn't affect most of the average (private) computer users..!!
Only interesting for those who use Google Apps... ;)
http://www.google.com/apps/intl/en/business/index.html
http://www.google.com/support/a/bin/answer.py?answer=174124&&hl=en
asyn
Title: Re: Technical
Post by: Asyn on January 12, 2011, 04:26:33 PM
Waking up the sleeping dragon
http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html
http://www.exploit-db.com/exploits/15957/
Title: Re: Technical
Post by: YoKenny on January 12, 2011, 09:24:17 PM
Waking up the sleeping dragon
You are full of happy news. ;)

Maybe you should take a walk outside once in a while ???
 
Title: Re: Technical
Post by: Asyn on January 14, 2011, 11:39:17 AM
Adobe plans to make it easier to delete Flash cookies in web browsers
http://blogs.adobe.com/flashplatform/2011/01/on-improving-privacy-managing-local-storage-in-flash-player.html
Title: Re: Technical
Post by: Asyn on January 14, 2011, 11:16:03 PM
Waking up the sleeping dragon
http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html
http://www.exploit-db.com/exploits/15957/

SCADA exploit - the dragon awakes
http://threatpost.com/en_us/blogs/china-cert-we-missed-report-scada-hole-011311
http://thesauceofutterpwnage.blogspot.com/2011/01/wellintech-issues-security-patch-to.html
Title: Re: Technical
Post by: Asyn on January 19, 2011, 01:18:24 PM
Governmental Cloud in the EU - New Agency Report
http://www.enisa.europa.eu/media/press-releases/governmental-cloud-in-the-eu-new-agency-report
http://www.enisa.europa.eu/act/rm/emerging-and-future-risk/deliverables/security-and-resilience-in-governmental-clouds/at_download/fullReport
Title: Re: Technical
Post by: Asyn on January 20, 2011, 09:10:02 AM
Stuxnet not such a masterpiece after all?
http://threatpost.com/en_us/blogs/stuxnet-authors-made-several-basic-errors-011811
http://rdist.root.org/2011/01/17/stuxnet-is-embarrassing-not-amazing/
Title: Re: Technical
Post by: Asyn on January 20, 2011, 11:23:39 AM
New MS Tool: Attack Surface Analyzer!
http://blogs.msdn.com/b/sdl/archive/2011/01/17/announcing-attack-surface-analyzer.aspx
http://go.microsoft.com/?linkid=9758398
Title: Re: Technical
Post by: YoKenny on January 20, 2011, 02:34:35 PM
New MS Tool: Attack Surface Analyzer!
http://blogs.msdn.com/b/sdl/archive/2011/01/17/announcing-attack-surface-analyzer.aspx
http://go.microsoft.com/?linkid=9758398
Key comment
Quote
Supported Operating Systems: Windows 7; Windows Server 2008; Windows Vista
Title: Re: Technical
Post by: Asyn on January 21, 2011, 01:56:53 PM
The New Trend in "Malware Evolution"
http://blog.seculert.com/2011/01/new-trend-in-malware-evolution.html
Title: Re: Technical
Post by: Asyn on January 25, 2011, 02:48:07 PM
"Do not track" - Mozilla advocates new data protection standard
http://firstpersoncookie.wordpress.com/2011/01/23/more-choice-and-control-over-online-tracking/
http://www.open-mike.org/entry/thoughts-on-do-not-track
http://ftc.gov/os/2010/12/101201privacyreport.pdf
Title: Re: Technical
Post by: Asyn on January 25, 2011, 09:50:04 PM
Google releases data protection extension
http://googlepublicpolicy.blogspot.com/2011/01/keep-your-opt-outs.html
https://chrome.google.com/webstore/detail/hhnjdplhmcnkiecampfdgfjilccfpfoe
Title: Re: Technical
Post by: bob3160 on January 25, 2011, 11:55:48 PM
Just so this is understood, It will not stop you from seeing ads.
It simply stops some of the targeted ads.
Title: Re: Technical
Post by: Asyn on January 27, 2011, 01:22:26 PM
Facebook now SSL-encrypted throughout
http://blog.facebook.com/blog.php?post=486790652130
Title: Re: Technical
Post by: Asyn on February 06, 2011, 05:03:56 PM
Hotmail offers disposable alias accounts
http://windowsteamblog.com/windows_live/b/windowslive/archive/2011/02/03/hotmail-delivers-aliases-to-help-you-manage-and-secure-your-email-account.aspx
Title: Re: Technical
Post by: Asyn on February 08, 2011, 02:10:24 AM
Facebook now SSL-encrypted throughout
http://blog.facebook.com/blog.php?post=486790652130

Facebook's crude https workaround
http://www.h-online.com/security/news/item/Facebook-s-crude-https-workaround-1184731.html
Title: Re: Technical
Post by: YoKenny on February 08, 2011, 01:28:33 PM
Safer Internet Day
8 February 2011

http://www.saferinternet.org/web/guest/safer-internet-day
Title: Re: Technical
Post by: Asyn on February 08, 2011, 04:24:11 PM
One in three computer users within the EU had a malware problem in 2010
http://epp.eurostat.ec.europa.eu/cache/ITY_PUBLIC/4-07022011-AP/EN/4-07022011-AP-EN.PDF
Title: Re: Technical
Post by: Asyn on February 10, 2011, 12:21:12 PM
Windows Server 2008 R2 and Windows 7 SP1 Releases to Manufacturing Today
http://blogs.technet.com/b/windowsserver/archive/2011/02/09/windows-server-2008-r2-and-windows-7-sp1-releases-to-manufacturing-today.aspx
Title: Re: Technical
Post by: Asyn on February 10, 2011, 03:40:51 PM
Breaking up the Romance between Malware and Autorun
http://blogs.technet.com/b/mmpc/archive/2011/02/08/breaking-up-the-romance-between-malware-and-autorun.aspx
http://blogs.technet.com/b/msrc/archive/2011/02/08/deeper-insight-into-the-security-advisory-967940-update.aspx
Title: Re: Technical
Post by: nnoa110 on February 12, 2011, 10:47:04 AM
Google extends 2-step authentication to all users

http://www.h-online.com/security/news/item/Google-extends-2-step-authentication-to-all-users-1188120.html
Title: Re: Technical
Post by: YoKenny on February 12, 2011, 03:07:07 PM
Google extends 2-step authentication to all users

http://www.h-online.com/security/news/item/Google-extends-2-step-authentication-to-all-users-1188120.html
Key comment
Quote
This code is either generated by a smartphone app, or Google sends it to a registered number via an SMS text message. A successful log-in will then require two independent factors: users will need to know their password and have access to the previously registered mobile phone.
Title: Re: Technical
Post by: Asyn on February 14, 2011, 11:26:08 AM
Intel, Symantec and Vasco propagate single-use passwords
http://www.h-online.com/security/news/item/Intel-Symantec-and-Vasco-propagate-single-use-passwords-1189071.html
http://www.vasco.com/company/press_room/news_archive/2011/news_vascos_digipass_technology_to_be_embedded_into_intel_identity_protection_technology_ipt.aspx
http://ipt.intel.com/Libraries/Documents/Intel_IdentityProtect_techbrief_v5.sflb.ashx
Title: Re: Technical
Post by: Asyn on February 15, 2011, 04:52:21 PM
Additional Fixes in Microsoft Security Bulletins [Silent Fixes]
http://blogs.technet.com/b/srd/archive/2011/02/14/additional-fixes-in-microsoft-security-bulletins.aspx
Title: Re: Technical
Post by: Asyn on February 16, 2011, 10:20:55 AM
Oracle releases database firewall
http://www.oracle.com/us/corporate/press/313230?rssid=rss_ocom_pr
White Paper: http://www.oracle.com/us/products/database/bwp-oracle-database-firewall-302484.pdf
Title: Re: Technical
Post by: Asyn on February 17, 2011, 09:47:29 AM
Windows Security Survival Guide
http://social.technet.microsoft.com/wiki/contents/articles/windows-security-survival-guide.aspx
Title: Re: Technical
Post by: Asyn on February 18, 2011, 12:27:08 PM
Advancing the Idea of Collective Action to Improve Internet Security and Privacy
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2011/02/15/advancing-the-idea-of-collective-action-to-improve-internet-security-and-privacy.aspx
Title: Re: Technical
Post by: Asyn on February 25, 2011, 01:53:04 PM
IE9 and Privacy: Introducing Tracking Protection
http://blogs.msdn.com/b/ie/archive/2010/12/07/ie9-and-privacy-introducing-tracking-protection-v8.aspx

W3C Team Comment on the "Web Tracking Protection" Submission
http://www.w3.org/Submission/2011/01/Comment/
Title: Re: Technical
Post by: Asyn on February 26, 2011, 10:26:38 AM
Thunderbolt: Introducing a new way to hack Macs
http://erratasec.blogspot.com/2011/02/thunderbolt-introducing-new-way-to-hack.html
Title: Re: Technical
Post by: Asyn on March 01, 2011, 01:20:19 PM
Apple invites bug researchers to scrutinize Lion OS
http://www.computerworld.com/s/article/9211599/Apple_invites_bug_researchers_to_scrutinize_Lion_OS
Title: Re: Technical
Post by: Asyn on March 06, 2011, 09:28:42 AM
The Internet Explorer 6 Countdown
http://ie6countdown.com/
Title: Re: Technical
Post by: Asyn on March 10, 2011, 02:59:49 PM
Botnets: Measurement, Detection, Disinfection and Defence
http://www.enisa.europa.eu/act/res/botnets/botnets-measurement-detection-disinfection-and-defence
http://www.enisa.europa.eu/act/res/botnets/botnets-measurement-detection-disinfection-and-defence/at_download/fullReport [PDF document, 3974Kb]
Title: Re: Technical
Post by: Asyn on March 11, 2011, 01:54:06 PM
Pwn2Own 2011: no-one goes after Chrome
http://www.h-online.com/security/news/item/Pwn2Own-2011-no-one-goes-after-Chrome-1206149.html
Title: Re: Technical
Post by: bob3160 on March 11, 2011, 02:05:52 PM
Pwn2Own 2011: no-one goes after Chrome
http://www.h-online.com/security/news/item/Pwn2Own-2011-no-one-goes-after-Chrome-1206149.html

I knew there was a reason I liked Chrome. :)
Title: Re: Technical
Post by: Asyn on March 11, 2011, 02:10:25 PM
Pwn2Own 2011: Day 2 - iPhone and Blackberry hacked
http://www.h-online.com/security/news/item/Pwn2Own-2011-Day-2-iPhone-and-Blackberry-hacked-1206254.html

@Bob: It seems we both like good browsers. ;)

Quote
As well as attacks on mobile devices, attacks on Firefox were also on the agenda but the candidates for that competition did not show up, just as no one did on the first day for Chrome.
Title: Re: Technical
Post by: Asyn on March 14, 2011, 01:00:34 PM
Pwn2Own 2011: Google patches hole in Chrome
http://www.h-online.com/security/news/item/Pwn2Own-2011-Google-patches-hole-in-Chrome-1207231.html
Title: Re: Technical
Post by: bob3160 on March 14, 2011, 01:14:35 PM
Pwn2Own 2011: Google patches hole in Chrome
http://www.h-online.com/security/news/item/Pwn2Own-2011-Google-patches-hole-in-Chrome-1207231.html

Interesting article. I'm not too worried about the so called "security breach" in chrome as I am
in the attitude Apple is taking in it's protection for those that own iPhone 3G's.
They appear to think that if you bury your head in the sand, the security problems will go away.
Deleting posts that bring this attitude to peoples attention are simply deleted with an "against policy"
reason.
Bad move Apple. Poor and uncaring customer relations have been the downfall of many a good company.  :'(
Just my 2 cents.
Title: Re: Technical
Post by: Asyn on March 16, 2011, 03:31:19 PM
Credit Card skimming and PIN harvesting in an EMV world
http://dev.inversepath.com/download/emv/emv_2011.pdf
Title: Re: Technical
Post by: Asyn on March 18, 2011, 09:31:48 PM
Rustock botnet out of action
http://blogs.technet.com/b/microsoft_blog/archive/2011/03/17/taking-down-botnets-microsoft-and-the-rustock-botnet.aspx
http://krebsonsecurity.com/2011/03/rustock-botnet-flatlined-spam-volumes-plummet/
Title: Re: Technical
Post by: Asyn on March 19, 2011, 08:26:38 AM
Revealed: US spy operation that manipulates social media
http://www.guardian.co.uk/technology/2011/mar/17/us-spy-operation-social-networks
Title: Re: Technical
Post by: bob3160 on March 19, 2011, 06:15:45 PM
An I'm supposed to believe the Guardian ??? Why trust them any more the the Government ???  ;D
Title: Re: Technical
Post by: Asyn on March 19, 2011, 06:21:51 PM
Why trust them any more the the Government ???  ;D

What did the government say..??? ;)
http://www.rawstory.com/rs/2011/02/22/exclusive-militarys-persona-software-cost-millions-used-for-classified-social-media-activities/
Title: Re: Technical
Post by: Asyn on March 22, 2011, 11:54:03 AM
Vulnerabilities in some SCADA server softwares
http://www.securityfocus.com/archive/1/517080/30/0/threaded
Title: Re: Technical
Post by: Asyn on March 23, 2011, 12:54:23 PM
Detecting Certificate Authority compromises and web browser collusion
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
http://blog.mozilla.com/security/2011/03/22/firefox-blocking-fraudulent-certificates/
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 01:20:27 PM
Quote
This issue was reported to us by the Comodo Group, Inc., the certificate authority responsible for issuing the fraudulent certificates.

Oh, what a surprise. We've been discussing this a couple of days ago wrt CIS vendor whitelists, haven't we?  :D

Comodo vs Mozilla 2008 story (http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/9c0cc829204487bf#) (also here (https://blog.startcom.org/?p=145)).

Oh, and on a preventive note: How to disable the Comodo reseller root certificate in Firefox (http://benjamin.smedbergs.us/blog/2008-12-24/how-to-disable-the-comodo-root-certificate-in-firefox/). (For IE and Chrome, certmgr.msc MMC snap-in is your friend.  ;))
Title: Re: Technical
Post by: Asyn on March 23, 2011, 01:31:41 PM
Quote
This issue was reported to us by the Comodo Group, Inc., the certificate authority responsible for issuing the fraudulent certificates.

Oh, what a surprise. We've been discussing this a couple of days ago wrt CIS vendor whitelists, haven't we?  :D

Yes, you a right, doc..!! It's really a big surprise. ;D
Title: Re: Technical
Post by: bob3160 on March 23, 2011, 01:56:48 PM
Isn't "Trust" what Comodo sells ???
Title: Re: Technical
Post by: Asyn on March 23, 2011, 02:00:09 PM
Isn't "Trust" what Comodo sells ???

Bad job then. ;D
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 03:38:17 PM
Isn't "Trust" what Comodo sells ???

Let's have some phun: Comodo issues fraudulent certificates (incl. Mozilla) once again (https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-certificates-incl-mozilla-once-again-t70973.0.html) @ Comodo forums. Wondering how long will the thread last.  :P ;D

EDIT: Thread moved to Policy Violations forum after banning me (https://forums.comodo.com/forum-policy-violation-board/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70973.0.html) (Requires registation @ Melih's hunted by Iran government forums ;D)
Title: Re: Technical
Post by: Asyn on March 23, 2011, 03:44:47 PM
Wondering how long will the thread last.  :P ;D

I wonder, too. ;)
You may add this, if you like...

SSL meltdown forces browser developers to update
http://www.h-online.com/security/news/item/SSL-meltdown-forces-browser-developers-to-update-1213358.html
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 03:51:41 PM
SSL meltdown forces browser developers to update
http://www.h-online.com/security/news/item/SSL-meltdown-forces-browser-developers-to-update-1213358.html

Thanks. Couldn't agree more with this:

Quote
The incident is further proof that the entire concept of SSL and of users' trust in the Certificate Authorities are standing on feet of clay. After all, a certificate is also considered trustworthy even if it is issued by a CA reseller based in a country to which users probably wouldn't even go on holiday for security reasons. And the promised technologies don't even work when a compromised certificate is made public. It is time to come up with a new concept – and "EV-SSL" certificates, at least, should not be a part of it.
Title: Re: Technical
Post by: Asyn on March 23, 2011, 03:55:22 PM
NP, doc..!!
Now, let's sit and wait for the replies. ;D 8)
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 06:30:55 PM
NP, doc..!!
Now, let's sit and wait for the replies. ;D 8)

Looks like the Comodo morons also issued a fraudulent certificate for login.live.com (Windows Live ID), not just addons.mozilla.org  ::)

Microsoft Releases Security Advisory 2524375 (http://blogs.technet.com/b/msrc/archive/2011/03/23/microsoft-releases-security-advisory-2524375.aspx)

Quote
Today we're releasing Security Advisory 2524375, to address nine fraudulent digital certificates issued by Comodo Group Inc, a root certificate authority. Comodo has since revoked the digital certificates. This is not a Microsoft security vulnerability; however, one of the certificates potentially affects Windows Live ID users via login.live.com. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against end users. We are unaware of any active attacks.

Wow, and login.skype.com, login.yahoo.com and www.google.com and mail.google.com - just excellent.

Already got KB2524375 via Windows Update.
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 08:15:10 PM
Ok, guys, now it's official, no sloppy job or anything, instead - Iran has attacked Melih and Comodo!!!! (http://www.melih.com/2011/03/23/).

Quote
Who is attacking it?
We believe these are “politically motivated”, “state driven/funded” attacks.

Why do we think these are state driven/funded?
Well, one of the origin of the attack that we experienced is from Iran, what is being obtained would enable the perpetrator to intercept web based email/communication and the only way this could be done is if the perpetrator had access to the Country’s DNS infrastructure (and we believe it might be the case here). Of course this is our interpretation of the situation.

First time we are seeing a “state funded” attack against the “Authentication” infrastructure. The Threat Model is changing and Comodo had already initiated a proposal for new standards in 2010 which would help mitigate some of these attacks. We will make sure to double our efforts in getting industry wide acceptance to these much needed standards so that we can continue to defend our security and freedom.

 :o ;D :o ;D :o ;D

P.S. Mozilla Bug 642395 - Deal with bogus certs issued by Comodo partner (https://bugzilla.mozilla.org/show_bug.cgi?id=642395)
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 09:01:12 PM
Let's have some phun: Comodo issues fraudulent certificates (incl. Mozilla) once again (https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-certificates-incl-mozilla-once-again-t70973.0.html) @ Comodo forums. Wondering how long will the thread last.  :P ;D

Did not last long:

Quote
An Error Has Occurred!
Sorry doktornotor, you are banned from using this forum!
Forum Policy Violation

;D :D ;D :D

P.S. Thread moved  here: (requires registration) (https://forums.comodo.com/forum-policy-violation-board/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70973.0.html[/url). Well whatever - here's the sequel for you. Bye bye Comodo. Sincerely yours, Comodo's Hero.  :P

Title: Re: Technical
Post by: YoKenny on March 23, 2011, 09:09:01 PM
Let's have some phun: Comodo issues fraudulent certificates (incl. Mozilla) once again (https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-certificates-incl-mozilla-once-again-t70973.0.html) @ Comodo forums. Wondering how long will the thread last.  :P ;D

Did not last long:

Quote
An Error Has Occurred!
Sorry doktornotor, you are banned from using this forum!
Forum Policy Violation

;D :D ;D :D

P.S. Thread moved  here: (requires registration) (https://forums.comodo.com/forum-policy-violation-board/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70973.0.html[/url). Well whatever - here's the sequel for you. Bye bye Comodo. Sincerely yours, Comodo's Hero.  :P

Comodo's Melih does not like critics.  ;)

Title: Re: Technical
Post by: bob3160 on March 23, 2011, 09:29:29 PM
https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70990.0.html (https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70990.0.html)
Title: Re: Technical
Post by: doktornotor on March 23, 2011, 09:45:34 PM
https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70990.0.html (https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-google-microsoft-mozilla-skype-yahoo-certificates-t70990.0.html)

Haha... Well, as I said on the original thread - their image cannot be harmed much more no matter how much their censored the forums...

Oh, and remember, Iran government is going after them!  :o
Title: Re: Technical
Post by: Lisandro on March 23, 2011, 10:23:36 PM
I've started the discussion in a neutral field.
http://www.wilderssecurity.com/showthread.php?p=1847026#post1847026
Title: Re: Technical
Post by: Asyn on March 23, 2011, 10:36:25 PM
Hi guys, as I don't want this thread to become a discussion thread. ;)
Please post further replies to the Comodo issue here: http://forum.avast.com/index.php?topic=74516.0
Thanks,
asyn

Edit: Or follow Tech's link to WSF... (Thanks Tech..!!)
Title: Re: Technical
Post by: bob3160 on March 24, 2011, 12:15:05 AM
Hi guys, as I don't want this thread to become a discussion thread. ;)
Please post further replies to the Comodo issue here: http://forum.avast.com/index.php?topic=74516.0
Thanks,
asyn

Edit: Or follow Tech's link to WSF... (Thanks Tech..!!)


It would be a lot nicer to do it directly on the Comodo forum (https://forums.comodo.com/ssl-certificate/comodo-issues-fraudulent-certificates-incl-mozilla-once-again-t70973.0.html). :0
Title: Re: Technical
Post by: Asyn on March 24, 2011, 12:21:19 AM
It would be a lot nicer to do it directly on the Comodo forum. :0

Bob, please post this in the new topic. Thanks..!! :)
http://forum.avast.com/index.php?topic=74516.0
asyn

@ALL: Please, no more Comodo related discussion here...!!! Thanks..!!
Title: Re: Technical
Post by: Asyn on March 24, 2011, 01:47:05 PM
Password service (Lastpass) locks out hackers
Password service Lastpass simply blocks the IP addresses of users who test the site's security measures in a move which may very well cause collateral damage.
http://www.h-online.com/security/news/item/Password-service-locks-out-hackers-1214086.html
Title: Re: Technical
Post by: Asyn on March 25, 2011, 11:40:20 PM
Vulnerabilities in some SCADA server softwares
http://www.securityfocus.com/archive/1/517080/30/0/threaded

SCADA Trojans: Attacking the Grid + 0dayZ!
http://www.reversemode.com/index.php?option=com_content&task=view&id=72&Itemid=1
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-01.pdf
Title: Re: Technical
Post by: Asyn on March 26, 2011, 04:52:56 PM
Microsoft Shuts off HTTPS in Hotmail for Over a Dozen Countries
https://www.eff.org/deeplinks/2011/03/microsoft-shuts-https-hotmail-over-dozen-countries
http://jilliancyork.com/2011/03/25/microsoft-hotmail-no-https-for-arab-iranian-users/

Update: Microsoft: Mystery bug blocks Syrian secure Hotmail
http://www.theregister.co.uk/2011/03/26/microsoft_https_hotmail_syria/

Quote
Microsoft is blaming a mystery bug for preventing access to the encrypted version of Hotmail, denying that it deliberately blocked access to the service in Syria.
Title: Re: Technical
Post by: Asyn on March 28, 2011, 12:01:36 PM
MySQL.com Vulnerable To Blind SQL Injection Vulnerability
http://seclists.org/fulldisclosure/2011/Mar/309

Edit: http://www.h-online.com/security/news/item/MySQL-allegedly-hacked-via-SQL-injection-1216281.html
Title: Re: Technical
Post by: Asyn on March 29, 2011, 12:45:48 PM
Vulnerabilities in *McAfee.com
http://seclists.org/fulldisclosure/2011/Mar/313
http://news.cnet.com/8301-27080_3-20048135-245.html
Title: Re: Technical
Post by: Asyn on March 30, 2011, 02:19:16 PM
Critical NASA network vulnerable to attack
http://oig.nasa.gov/audits/reports/FY11/IG-11-017.pdf
Title: Re: Technical
Post by: Asyn on April 01, 2011, 01:40:19 PM
FBI asks for help cracking a code in unsolved murder case
http://www.fbi.gov/news/stories/2011/march/cryptanalysis_032911/cryptanalysis_032911
Title: Re: Technical
Post by: Asyn on April 01, 2011, 02:25:06 PM
Firefox - Advertisers and Publishers Adopt and Implement Do Not Track
http://blog.mozilla.com/blog/2011/03/30/advertisers-and-publishers-adopt-and-implement-do-not-track/
Title: Re: Technical
Post by: Asyn on April 04, 2011, 12:32:31 PM
Mozilla begins crackdown on slow starting Firefox add-ons
http://www.h-online.com/security/news/item/Mozilla-begins-crackdown-on-slow-starting-Firefox-add-ons-1220906.html
http://blog.mozilla.com/addons/2011/04/01/improving-add-on-performance/
https://addons.mozilla.org/en-US/firefox/performance/
https://developer.mozilla.org/en/Extensions/Performance_best_practices_in_extensions
Title: Re: Technical
Post by: Asyn on April 06, 2011, 10:53:24 AM
Google Chrome - Protecting users from malicious downloads
http://googleonlinesecurity.blogspot.com/2011/04/protecting-users-from-malicious.html
Title: Re: Technical
Post by: bob3160 on April 06, 2011, 03:50:48 PM
Google Chrome - Protecting users from malicious downloads
http://googleonlinesecurity.blogspot.com/2011/04/protecting-users-from-malicious.html

"The data produced by our systems and published via the Safe Browsing API is used by Google search and browsers such as Google Chrome, Firefox, and Safari to warn users who may attempt to visit these dangerous webpages. "
Title: Re: Technical
Post by: Asyn on April 08, 2011, 05:01:32 PM
The Linux Foundation Releases Carrier Grade Linux 5.0 Specification
http://linux-foundation.org/weblogs/press/2011/04/06/the-linux-foundation-releases-carrier-grade-linux-50-specification/

Quote
The Linux Foundation’s CGL workgroup has been collaborating on CGL gaps and requirements since 2002, and today’s release of CGL 5.0 covers several specification categories that include Availability, Clustering, Serviceability, Performance, Standards, Hardware, and Security.
Title: Re: Technical
Post by: Asyn on April 12, 2011, 09:22:19 AM
FSB Backs Away From Gmail Ban
http://www.themoscowtimes.com/mobile/article/434782.html
Title: Re: Technical
Post by: Asyn on April 12, 2011, 03:04:06 PM
Learning the Importance of WAF Technology – the Hard Way
http://www.barracudalabs.com/wordpress/index.php/2011/04/11/learning-the-importance-of-waf-technology-the-hard-way/
http://hmsec.tumblr.com/
Title: Re: Technical
Post by: Asyn on April 14, 2011, 11:06:13 AM
DNS hacks with added value
http://www.h-online.com/security/news/item/DNS-hacks-with-added-value-1227656.html
Title: Re: Technical
Post by: Asyn on April 14, 2011, 12:10:00 PM
Apple Adds Do-Not-Track Tool to New Browser
http://online.wsj.com/article/SB10001424052748703551304576261272308358858.html

Quote
The move by the Cupertino, Calif., company leaves Google Inc. as the only major browser provider that hasn't yet committed to supporting a do-no-track capability in its browser, called Chrome.
Title: Re: Technical
Post by: Asyn on April 14, 2011, 05:15:50 PM
Department of Justice Takes Action to Disable International Botnet
http://newhaven.fbi.gov/dojpressrel/pressrel11/nh041311.htm

With Court Order, FBI Hijacks ‘Coreflood’ Botnet, Sends Kill Signal
http://www.wired.com/threatlevel/2011/04/coreflood/
Title: Re: Technical
Post by: Asyn on April 18, 2011, 04:07:42 PM
UK: Ministry of Defence fails at redacting nuclear sub secrets
http://www.h-online.com/security/news/item/Ministry-of-Defence-fails-at-redacting-nuclear-sub-secrets-1229523.html
http://www.parliament.uk/deposits/depositedpapers/2011/DEP2011-0648.pdf
http://cryptome.org/0003/mod-nuke-leak.htm
http://www.telegraph.co.uk/news/uknews/defence/8457506/Secrets-put-on-internet-in-Whitehall-blunders.html
Title: Re: Technical
Post by: Asyn on April 19, 2011, 01:31:35 PM
Whitehats pierce giant hole in Microsoft security shield
http://www.theregister.co.uk/2011/04/18/windows_heap_exploit_shield_pierced/
Title: Re: Technical
Post by: YoKenny on April 19, 2011, 08:42:38 PM
China's Cyber Hackers Target Western Firms
http://news.sky.com/skynews/Home/World-News/Video-Chinas-Cyber-Hackers-Growing-Threat-To-Western-Security-Sky-News-Investigation/Article/201104315974328?lpos=World_News_Right_Promo_Region_1&lid=ARTICLE_15974328_Video%3A_Chinas_Cyber_Hackers_Growing_Threat_To_Western_Security_Sky_News_Investigation
Title: Re: Technical
Post by: Asyn on April 19, 2011, 11:06:34 PM
Microsoft Safety Scanner
http://www.microsoft.com/security/scanner/en-us/default.aspx

Quote
The Microsoft Safety Scanner is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software.

Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.
Title: Re: Technical
Post by: Asyn on April 20, 2011, 08:38:11 AM
Newest Adobe flash 0-day used in new drive-by download variation: drive-by cache
http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html
Title: Re: Technical
Post by: Asyn on April 20, 2011, 06:05:26 PM
A Security Comparison: Microsoft Office vs. Oracle Openoffice
https://www.cert.org/blogs/certcc/2011/04/office_shootout_microsoft_offi.html
http://dankaminsky.com/2011/03/11/fuzzmark/
Title: Re: Technical
Post by: Asyn on April 21, 2011, 11:44:18 AM
"HTTPS Now" campaign launched to protect internet security
http://www.h-online.com/security/news/item/HTTPS-Now-campaign-launched-to-protect-internet-security-1231563.html
http://www.eff.org/press/archives/2011/04/19-0
https://www.httpsnow.org/
Title: Re: Technical
Post by: bob3160 on April 21, 2011, 05:00:05 PM
The interesting part of that article for me was at the very end:
"Facebook's HTTPS workaround was rather crude; if users clicked a link to a Facebook app, the site would ask them if they wanted to switch to a standard HTTP connection as the content they wanted to display could not be displayed using HTTPS. Once users clicked continue, the site completely disabled the HTTPS option under account settings in the background without indicating to users that it would do so."
Title: Re: Technical
Post by: Asyn on April 21, 2011, 07:44:05 PM
The interesting part of that article for me was at the very end:
"Facebook's HTTPS workaround was rather crude; if users clicked a link to a Facebook app, the site would ask them if they wanted to switch to a standard HTTP connection as the content they wanted to display could not be displayed using HTTPS. Once users clicked continue, the site completely disabled the HTTPS option under account settings in the background without indicating to users that it would do so."

Bob, I already posted that in February. ;)
http://forum.avast.com/index.php?topic=66267.msg594233#msg594233
Title: Re: Technical
Post by: Asyn on April 26, 2011, 12:55:58 PM
Designing a cluster-based covert channel to evade disk investigation and forensics
http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6V8G-51BBKRS-1&_user=10&_coverDate=01%2F31%2F2011&_rdoc=1&_fmt=high&_orig=gateway&_origin=gateway&_sort=d&_docanchor=&view=c&_acct=C000050221&_version=1&_urlVersion=0&_userid=10&md5=ee913861b3d05b46b905bd4d52ca9380&searchtype=a
Title: Re: Technical
Post by: Asyn on April 27, 2011, 09:56:37 AM
NSA CIO Pursues Intelligence-Sharing Architecture
http://www.informationweek.com/news/government/leadership/229401971
Title: Re: Technical
Post by: ManyQs on April 27, 2011, 10:15:18 AM
NSA CIO Pursues Intelligence-Sharing Architecture
http://www.informationweek.com/news/government/leadership/229401971

Times sure change. 30 something years ago one would never have seen any information put out by the media credited to anyone at the NSA. That "anyone" would have been fired. Maybe thrown in jail. Amazing!

By the way, the nickname 30 something years ago was, No Such Agency.
Title: Re: Technical
Post by: Asyn on April 27, 2011, 05:54:21 PM
Google adds Flash cookie protection to Chrome
http://www.h-online.com/security/news/item/Google-adds-Flash-cookie-protection-to-Chrome-1233706.html
http://blog.chromium.org/2011/04/providing-transparency-and-controls-for.html
Title: Re: Technical
Post by: Asyn on April 29, 2011, 08:13:04 AM
Amazon's Cloud Crash Disaster Permanently Destroyed Many Customers' Data
http://www.businessinsider.com/amazon-lost-data-2011-4
Title: Re: Technical
Post by: Asyn on April 29, 2011, 04:51:33 PM
Treacherous metadata in company documents
http://www.h-online.com/security/features/Treacherous-metadata-in-company-documents-1233053.html
https://office.microsoft.com/en-us/excel-help/find-and-remove-metadata-hidden-information-in-your-legal-documents-HA001077646.aspx
Title: Re: Technical
Post by: Asyn on May 04, 2011, 08:20:59 AM
‘Weyland-Yutani’ Crime Kit Targets Macs for Bots
http://krebsonsecurity.com/2011/05/weyland-yutani-crime-kit-targets-macs-for-bots/
Title: Re: Technical
Post by: Asyn on May 04, 2011, 08:52:18 PM
The Tor Project plans a Firefox fork
http://www.h-online.com/security/news/item/The-Tor-Project-plans-a-Firefox-fork-1237745.html
https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton
https://www.torproject.org/projects/torbrowser.html.en
Title: Re: Technical
Post by: ManyQs on May 04, 2011, 11:38:01 PM
Amazon's Cloud Crash Disaster Permanently Destroyed Many Customers' Data
http://www.businessinsider.com/amazon-lost-data-2011-4

I had some need to keep myself informed on this issue and I'd like to share one of the better pieces that goes into the technical aspects of this trouble.

http://www.itworld.com/cloud-computing/161203/english-time-how-amazon-let-its-cloud-crash-and-why-it-should-have-known-bett
Title: Re: Technical
Post by: Asyn on May 05, 2011, 07:45:36 AM
Safer network traffic, but with potential side effects
http://www.h-online.com/security/news/item/Safer-network-traffic-but-with-potential-side-effects-1237238.html
http://ripe62.ripe.net/presentations/29-110502.ripe-bgpsec-policy.pdf
Title: Re: Technical
Post by: Asyn on May 05, 2011, 09:28:41 AM
I had some need to keep myself informed on this issue and I'd like to share one of the better pieces that goes into the technical aspects of this trouble.

Thanks, ManyQs..!
Interesting read. :)
asyn
Title: Re: Technical
Post by: Asyn on May 06, 2011, 12:17:38 PM
Mozilla rejects US government request to remove add-on
http://www.h-online.com/security/news/item/Mozilla-rejects-US-government-request-to-remove-add-on-1238743.html
http://lockshot.wordpress.com/2011/05/05/homeland-security-request-to-take-down-mafiaafire-add-on/
Title: Re: Technical
Post by: bob3160 on May 06, 2011, 04:39:18 PM
Mozilla rejects US government request to remove add-on
http://www.h-online.com/security/news/item/Mozilla-rejects-US-government-request-to-remove-add-on-1238743.html
http://lockshot.wordpress.com/2011/05/05/homeland-security-request-to-take-down-mafiaafire-add-on/

Mozilla rejects US government request to remove add-on - because it hasn't received a court order to do so.
Title: Re: Technical
Post by: Jtaylor83 on May 06, 2011, 07:38:11 PM
Mozilla rejects US government request to remove add-on
http://www.h-online.com/security/news/item/Mozilla-rejects-US-government-request-to-remove-add-on-1238743.html
http://lockshot.wordpress.com/2011/05/05/homeland-security-request-to-take-down-mafiaafire-add-on/


Typical. Firefox is officially dead. :'(

It won't be long until DHS shuts the browser down and Mozilla for good. Time to switch to Google Chrome.

DHS is simply stifling free speech and open source in the name of Copyright, ICE, ACTA, and the Trans-Pacific Partnership (TPP).
Title: Re: Technical
Post by: Asyn on May 07, 2011, 05:15:16 PM
MS Exploitability Index Improvements Now Offer Additional Guidance
http://blogs.technet.com/b/msrc/archive/2011/05/05/exploitability-index-improvements-amp-advance-notification-service-for-may-2011-bulletin-release.aspx
Title: Re: Technical
Post by: Asyn on May 07, 2011, 06:43:53 PM
A Syrian Man-In-The-Middle Attack against Facebook
https://www.eff.org/deeplinks/2011/05/syrian-man-middle-against-facebook
http://advocacy.globalvoicesonline.org/2011/05/05/did-syria-replace-facebooks-security-certificate-with-a-forged-one/
Title: Re: Technical
Post by: Asyn on May 10, 2011, 01:25:19 PM
WebGL - A New Dimension for Browser Exploitation
http://www.contextis.com/resources/blog/webgl/
http://www.contextis.com/resources/blog/webgl/poc/index.html
http://www.contextis.com/resources/blog/webgl/webgl.avi
Title: Re: Technical
Post by: Asyn on May 12, 2011, 09:36:18 AM
Security distribution BackTrack 5 released
http://www.h-online.com/open/news/item/Security-distribution-BackTrack-5-released-1241332.html
http://www.backtrack-linux.org/backtrack/backtrack-5-release/
Title: Re: Technical
Post by: Asyn on May 13, 2011, 09:35:48 AM
WebGL - A New Dimension for Browser Exploitation
http://www.contextis.com/resources/blog/webgl/
http://www.contextis.com/resources/blog/webgl/poc/index.html
http://www.contextis.com/resources/blog/webgl/webgl.avi

Khronos respond to WebGL security report
http://www.h-online.com/security/news/item/Khronos-respond-to-WebGL-security-report-1241304.html
http://www.opengl.org/registry/specs/ARB/robustness.txt
Title: Re: Technical
Post by: Asyn on May 13, 2011, 10:31:49 AM
The RTLO unicode hole - sequence manipulation as an attack vector
http://norman.com/security_center/security_center_archive/2011/rtlo_unicode_hole/

Quote
Vulnerable versions of Windows

This issue is by default apparently only present in Windows Vista and Windows 7. In Windows XP you need to install support for right-to-left languages for this to work.
Title: Re: Technical
Post by: Asyn on May 17, 2011, 03:14:07 PM
Microsoft Security Intelligence Report (SIR) #10
http://www.microsoft.com/security/sir/default.aspx
http://download.microsoft.com/download/6/0/5/605BE103-9429-4493-898B-E3D50AB68236/Microsoft_Security_Intelligence_Report_volume_10_Key_Findings_Summary_English.pdf
http://download.microsoft.com/download/6/0/5/605BE103-9429-4493-898B-E3D50AB68236/Microsoft_Security_Intelligence_Report_volume_10_Global_Threat_Assessments_English.pdf
Title: Re: Technical
Post by: Asyn on May 19, 2011, 12:35:24 PM
New version of EMET (2.1) is now available
http://blogs.technet.com/b/srd/archive/2011/05/18/new-version-of-emet-is-now-available.aspx
Download: http://go.microsoft.com/fwlink/?LinkID=200220&clcid=0x409
Forum: http://go.microsoft.com/fwlink/?LinkID=213962&clcid=0x409
Title: Re: Technical
Post by: Asyn on May 22, 2011, 01:54:10 PM
Click Trajectories: End-to-End Analysis of the Spam Value Chain
http://cseweb.ucsd.edu/~savage/papers/Oakland11.pdf
Title: Re: Technical
Post by: Asyn on May 24, 2011, 09:36:42 AM
Successful timing attacks on elliptic curve cryptography
http://www.h-online.com/security/news/item/Successful-timing-attacks-on-elliptic-curve-cryptography-1247772.html
http://eprint.iacr.org/2011/232.pdf
http://www.kb.cert.org/vuls/id/536044
Title: Re: Technical
Post by: Asyn on May 24, 2011, 01:00:33 PM
The Failure of Noise-Based Non-Continuous Audio Captchas
http://cdn.ly.tl/publications/decaptcha-audio.pdf
Title: Re: Technical
Post by: Asyn on May 26, 2011, 04:04:04 PM
Comodogate v2
Continued from: http://forum.avast.com/index.php?topic=52252.msg649567#msg649567
Some details: http://pastebin.com/F5nUf5kr
Title: Re: Technical
Post by: Asyn on May 26, 2011, 05:01:38 PM
Cookiejacking
https://sites.google.com/site/tentacoloviola/cookiejacking
http://www.reuters.com/article/2011/05/25/us-microsoft-security-idUSTRE74O86F20110525
Title: Re: Technical
Post by: Asyn on May 27, 2011, 11:33:09 AM
When Angry Birds attack: Android edition
http://blog.duosecurity.com/2011/05/when-angry-birds-attack-android-edition/
Title: Re: Technical
Post by: Asyn on June 01, 2011, 11:15:26 AM
Web Application Attack and Audit Framework 1.0 arrives
http://www.h-online.com/security/news/item/Web-Application-Attack-and-Audit-Framework-1-0-arrives-1253108.html
http://sourceforge.net/projects/w3af/
http://sourceforge.net/news/?group_id=170274&id=300685
http://w3af.sourceforge.net/videos/video-demos.php
Title: Re: Technical
Post by: Asyn on June 04, 2011, 09:32:35 AM
The Electronic Frontier Foundation (EFF) Tor Challenge
https://www.eff.org/torchallenge
Title: Re: Technical
Post by: Asyn on June 05, 2011, 12:35:29 PM
Twitter new follow button clickjacking attack
http://serphacker.com/twitter/twitter-new-follow-button-clickjacking-attack.html

Google plus1 clickjacking attack
http://serphacker.com/clickjacking/google-plus1-clickjacking-attack.html
Title: Re: Technical
Post by: DavidR on June 05, 2011, 03:03:19 PM
I believe the ClickClear function in Firefox NoScript add-on protects against clickjacking.
Title: Re: Technical
Post by: Asyn on June 06, 2011, 09:58:58 AM
I believe the ClickClear function in Firefox NoScript add-on protects against clickjacking.

That's right David.
NoScript blocks these attacks.
Title: Re: Technical
Post by: Asyn on June 08, 2011, 12:33:55 PM
One in four US hackers 'is an FBI informer'
The FBI and US secret service have used the threat of prison to create an army of informers among online criminals
http://www.guardian.co.uk/technology/2011/jun/06/us-hackers-fbi-informer/print
Title: Re: Technical
Post by: Asyn on June 10, 2011, 10:38:45 AM
Cross-domain WebGL textures disabled in Firefox 5
http://hacks.mozilla.org/2011/06/cross-domain-webgl-textures-disabled-in-firefox-5/
https://developer.mozilla.org/en/WebGL/Cross-Domain_Textures
https://bugzilla.mozilla.org/show_bug.cgi?id=656277
Title: Re: Technical
Post by: Asyn on June 10, 2011, 02:14:48 PM
Cookiejacking
https://sites.google.com/site/tentacoloviola/cookiejacking
http://www.reuters.com/article/2011/05/25/us-microsoft-security-idUSTRE74O86F20110525

http://blogs.technet.com/b/msrc/archive/2011/06/09/june-advance-notification-service-and-10-immutable-laws-revisited.aspx

Quote
One of the issues we start to address in this release is “cookiejacking,” which allows an attacker to steal cookies from a user’s computer and access websites the user has logged into.
Title: Re: Technical
Post by: Asyn on June 12, 2011, 10:01:21 AM
Twitter authorisation misleads users
http://www.h-online.com/security/news/item/Twitter-authorisation-misleads-users-1259205.html
http://lab.thisisroyal.com/twitter/
http://techcrunch.com/2011/06/10/third-party-twitter-apps-can-access-your-private-messages-without-authorization/
Title: Re: Technical
Post by: Asyn on June 14, 2011, 04:16:55 PM
Nissan LEAF cars leak speed, position, destination to RSS feeds
http://seattlewireless.net/~casey/?p=97
Title: Re: Technical
Post by: Asyn on June 15, 2011, 12:40:29 PM
Siemens fixes vulnerabilities in automation systems
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=41886031&subtype=133100&caller=view
http://support.automation.siemens.com/dnl/TY/TYzNTUxOQAA_50428932_Akt/Siemens_Security_Advisory_SSA-625789.pdf
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-161-01.pdf
Title: Re: Technical
Post by: Asyn on June 16, 2011, 11:55:37 AM
Bitcoin P2P Currency: The Most Dangerous Project We've Ever Seen
http://launch.is/blog/l019-bitcoin-p2p-currency-the-most-dangerous-project-weve-ev.html
http://launch.is/blog/l020-is-bitcoin-the-wikileaks-of-monetary-policy.html
http://forum.bitcoin.org/index.php?topic=16457.msg214423#msg214423
Title: Re: Technical
Post by: Asyn on June 16, 2011, 11:12:02 PM
WPScan - WordPress Security Scanner
http://www.ethicalhack3r.co.uk/security/introducing-wpscan-wordpress-security-scanner/
http://code.google.com/p/wpscan/
Title: Re: Technical
Post by: Asyn on June 17, 2011, 10:13:29 AM
WebGL - A New Dimension for Browser Exploitation
http://www.contextis.com/resources/blog/webgl/
http://www.contextis.com/resources/blog/webgl/poc/index.html
http://www.contextis.com/resources/blog/webgl/webgl.avi

WebGL – More WebGL Security Flaws
http://www.contextis.com/resources/blog/webgl2/
Title: Re: Technical
Post by: Asyn on June 18, 2011, 08:55:29 AM
NSA allies with Internet carriers to thwart cyber attacks against defense firms
http://www.washingtonpost.com/national/major-internet-service-providers-cooperating-with-nsa-on-monitoring-traffic/2011/06/07/AG2dukXH_story.html
Title: Re: Technical
Post by: Asyn on June 18, 2011, 10:43:58 AM
WebGL - A New Dimension for Browser Exploitation
http://www.contextis.com/resources/blog/webgl/
http://www.contextis.com/resources/blog/webgl/poc/index.html
http://www.contextis.com/resources/blog/webgl/webgl.avi

WebGL – More WebGL Security Flaws
http://www.contextis.com/resources/blog/webgl2/

WebGL Considered Harmful
http://blogs.technet.com/b/srd/archive/2011/06/16/webgl-considered-harmful.aspx
Title: Re: Technical
Post by: Asyn on June 18, 2011, 04:55:12 PM
Chrome - Trying to end mixed scripting vulnerabilities
http://googleonlinesecurity.blogspot.com/2011/06/trying-to-end-mixed-scripting.html
Title: Re: Technical
Post by: Asyn on June 19, 2011, 11:57:36 AM
Metasploit offers bounty for exploits
https://community.rapid7.com/community/metasploit/blog/2011/06/14/metasploit-exploit-bounty-30-exploits-500000-in-5-weeks
https://community.rapid7.com/docs/DOC-1467
Title: Re: Technical
Post by: Asyn on June 19, 2011, 02:48:37 PM
Hackers steal quantum code
http://physicsworld.com/cws/article/news/46305
Title: Re: Technical
Post by: Asyn on June 20, 2011, 12:43:15 PM
Storing passwords in uncrackable form
http://www.h-online.com/security/features/Storing-passwords-in-uncrackable-form-1255576.html
Title: Re: Technical
Post by: Asyn on June 21, 2011, 10:18:31 AM
WebGL - A New Dimension for Browser Exploitation
http://www.contextis.com/resources/blog/webgl/
http://www.contextis.com/resources/blog/webgl/poc/index.html
http://www.contextis.com/resources/blog/webgl/webgl.avi

WebGL – More WebGL Security Flaws
http://www.contextis.com/resources/blog/webgl2/

WebGL Considered Harmful
http://blogs.technet.com/b/srd/archive/2011/06/16/webgl-considered-harmful.aspx

Mozilla rejects Microsoft's WebGL criticism
http://www.h-online.com/security/news/item/Mozilla-rejects-Microsoft-s-WebGL-criticism-1263986.html
http://shaver.off.net/diary/2011/06/17/a-three-dimensional-platform/

Why Microsoft and Internet Explorer need WebGL (and vice-versa)
http://www.realityprime.com/articles/why-microsoft-and-internet-explorer-need-webgl
Title: Re: Technical
Post by: Asyn on June 21, 2011, 01:05:47 PM
Bitcoin P2P Currency: The Most Dangerous Project We've Ever Seen
http://launch.is/blog/l019-bitcoin-p2p-currency-the-most-dangerous-project-weve-ev.html
http://launch.is/blog/l020-is-bitcoin-the-wikileaks-of-monetary-policy.html
http://forum.bitcoin.org/index.php?topic=16457.msg214423#msg214423

Bitcoin exchange closed after attack
http://www.h-online.com/security/news/item/Bitcoin-exchange-closed-after-attack-1263448.html
Title: Re: Technical
Post by: Asyn on June 23, 2011, 09:39:14 AM
Metasploit Framework 3.7.2
https://community.rapid7.com/community/metasploit/blog/2011/06/21/metasploit-framework-372-released
https://dev.metasploit.com/redmine/projects/framework/wiki/Release_Notes_372
Title: Re: Technical
Post by: Asyn on June 23, 2011, 01:54:21 PM
Chrome extension shows up bad JavaScript
http://googleonlinesecurity.blogspot.com/2011/06/introducing-dom-snitch-our-passive-in.html
https://code.google.com/p/domsnitch/
Title: Re: Technical
Post by: bob3160 on June 24, 2011, 01:32:31 PM
Chrome extension shows up bad JavaScript
http://googleonlinesecurity.blogspot.com/2011/06/introducing-dom-snitch-our-passive-in.html
https://code.google.com/p/domsnitch/
I wouldn't exactly run out and get this. It's an experimental Chrome extension designed for developers and testers.
Title: Re: Technical
Post by: Asyn on June 25, 2011, 06:21:17 PM
Firefox Rapid Release Process
http://mike.kaply.com/2011/06/21/firefox-rapid-release-process/
http://www.glazman.org/weblog/dotclear/index.php?post/2011/06/21/The-faster-release-process-of-Firefox
http://mozilla.github.com/process-releases/draft/development_overview/
Title: Re: Technical
Post by: Lisandro on June 25, 2011, 07:48:49 PM
Firefox Rapid Release Process
http://mike.kaply.com/2011/06/21/firefox-rapid-release-process/
http://www.glazman.org/weblog/dotclear/index.php?post/2011/06/21/The-faster-release-process-of-Firefox
http://mozilla.github.com/process-releases/draft/development_overview/
I see everybody complaining about fast release process of Firefox.
It would be a pain to have it integrated.
If addons developers can't follow the speed, I will be very upset with the lack of support.
For corporate deployments and for users that cannot use Firefox with specific addons, there has to be a stable branch that includes security updates.
Title: Re: Technical
Post by: Asyn on June 25, 2011, 07:57:30 PM
I see everybody complaining about fast release process of Firefox.
It would be a pain to have it integrated.
If addons developers can't follow the speed, I will be very upset with the lack of support.
For corporate deployments and for users that cannot use Firefox with specific addons, there has to be a stable branch that includes security updates.

As long as they keep the 3.6 branch alive, I've no problem.
Else, it would be a real PITA. :-\
Title: Re: Technical
Post by: Asyn on June 28, 2011, 12:06:20 PM
Common Weakness Scoring System (CWSS)
http://cwe.mitre.org/cwss/index.html

Common Weakness Risk Analysis Framework (CWRAF)
http://cwe.mitre.org/cwraf/index.html
Title: Re: Technical
Post by: Asyn on June 30, 2011, 09:28:41 AM
Netragard’s Hacker Interface Device (HID)
http://pentest.snosoft.com/2011/06/24/netragards-hacker-interface-device-hid/
Title: Re: Technical
Post by: Asyn on June 30, 2011, 08:08:19 PM
2011 CWE/SANS Top 25 Most Dangerous Software Errors
http://cwe.mitre.org/top25/index.html
http://cwe.mitre.org/top25/archive/2011/2011_cwe_sans_top25.pdf
Title: Re: Technical
Post by: Asyn on July 06, 2011, 03:52:04 PM
No more Googling for .co.cc domains
http://www.h-online.com/security/news/item/No-more-Googling-for-co-cc-domains-1274332.html
Title: Re: Technical
Post by: Asyn on July 07, 2011, 03:43:46 PM
Using Cross-domain images in WebGL and Chrome 13
http://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
Title: Re: Technical
Post by: Asyn on July 11, 2011, 06:55:11 PM
Binary Planting Goes "Any File Type"
http://blog.acrossecurity.com/2011/07/binary-planting-goes-any-file-type.html
Title: Re: Technical
Post by: Asyn on July 13, 2011, 10:17:02 AM
On-screen Keyboards Considered Harmful
http://blog.thinkst.com/2011/07/on-screen-keyboards-considered-harmful.html
http://thinkst.com/stuff/ocv/
http://thinkst.com/stuff/ocv/osk-thinkst.pdf
Title: Re: Technical
Post by: Asyn on July 17, 2011, 01:23:35 PM
Mozilla's BrowserID offered as an alternative to OpenID
http://www.h-online.com/security/news/item/Mozilla-s-BrowserID-offered-as-an-alternative-to-OpenID-1280136.html
http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in
http://identity.mozilla.com/post/7669886219/how-browserid-differs-from-openid
https://browserid.org/
Title: Re: Technical
Post by: Asyn on July 19, 2011, 11:58:55 AM
Process Explorer v15.0
http://technet.microsoft.com/en-us/sysinternals/bb896653
Title: Re: Technical
Post by: Asyn on July 20, 2011, 01:04:23 AM
Analysis of the jailbreakme v3 font exploit
http://esec-lab.sogeti.com/post/Analysis-of-the-jailbreakme-v3-font-exploit
Title: Re: Technical
Post by: Asyn on July 24, 2011, 07:16:12 PM
Apple Laptops Vulnerable To Hack That Kills Or Corrupts Batteries
http://blogs.forbes.com/andygreenberg/2011/07/22/apple-laptops-vulnerable-to-hack-that-kills-or-corrupts-batteries/
Title: Re: Technical
Post by: Asyn on July 26, 2011, 01:15:42 PM
Nominations for the 2011 Pwnie Awards announced
http://pwnies.com/nominations/
Title: Re: Technical
Post by: Asyn on July 31, 2011, 02:12:48 PM
Researchers Expose Cunning Online Tracking Service That Can’t Be Dodged
http://www.wired.com/epicenter/2011/07/undeletable-cookie/
http://ssrn.com/abstract=1898390
Title: Re: Technical
Post by: Asyn on August 02, 2011, 11:11:04 AM
A Security Analysis of Next Generation Web Standards
http://www.enisa.europa.eu/act/application-security/web-security/a-security-analysis-of-next-generation-web-standards/
http://www.enisa.europa.eu/act/application-security/web-security/a-security-analysis-of-next-generation-web-standards/at_download/fullReport
Title: Re: Technical
Post by: Asyn on August 03, 2011, 01:01:08 PM
Revealed: Operation Shady RAT
http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat
http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf
Title: Re: Technical
Post by: Asyn on August 04, 2011, 11:32:28 AM
Metasploit Framework 4.0 Released
https://community.rapid7.com/community/metasploit/blog/2011/08/01/metasploit-40-released
https://dev.metasploit.com/redmine/projects/framework/wiki/Release_Notes_400
http://www.metasploit.com/download/
Title: Re: Technical
Post by: Asyn on August 05, 2011, 04:54:32 PM
Volatility 2.0 Released
http://volatility.tumblr.com/
https://www.volatilesystems.com/default/volatility
Title: Re: Technical
Post by: Asyn on August 06, 2011, 10:00:28 AM
Nominations for the 2011 Pwnie Awards announced
http://pwnies.com/nominations/

The Winners
http://pwnies.com/winners/
Title: Re: Technical
Post by: Asyn on August 08, 2011, 11:40:16 AM
Microsoft BlueHat Prize
http://www.microsoft.com/security/bluehatprize/
http://www.microsoft.com/security/bluehatprize/rules.aspx
Title: Re: Technical
Post by: Asyn on August 09, 2011, 12:01:45 AM
When Advanced Persistent Threats Go Mainstream
http://www.rsa.com/innovation/docs/SBIC_RPT_0711.pdf
Title: Re: Technical
Post by: Asyn on August 13, 2011, 05:18:51 PM
CSI:Internet - Living in SYN
http://www.h-online.com/security/features/CSI-Internet-Living-in-SYN-1288568.html
Title: Re: Technical
Post by: Asyn on August 15, 2011, 01:28:11 PM
Firefox - Strengthening User Control of Add-ons
https://blog.mozilla.com/addons/2011/08/11/strengthening-user-control-of-add-ons/
Title: Re: Technical
Post by: Asyn on August 17, 2011, 09:36:46 AM
Researchers Expose Cunning Online Tracking Service That Can’t Be Dodged
http://www.wired.com/epicenter/2011/07/undeletable-cookie/
http://ssrn.com/abstract=1898390

Legal dispute over "eternal" cookies
http://www.h-online.com/security/news/item/Legal-dispute-over-eternal-cookies-1323818.html
Title: Re: Technical
Post by: Asyn on August 17, 2011, 12:24:43 PM
IT Threat Evolution: Q2 2011
http://www.securelist.com/en/analysis/204792186/IT_Threat_Evolution_Q2_2011
Title: Re: Technical
Post by: Asyn on August 18, 2011, 12:06:29 PM
Bitcoin mining with Trojan.Badminer
http://www.symantec.com/connect/blogs/bitcoin-mining-trojanbadminer
Title: Re: Technical
Post by: Asyn on August 19, 2011, 10:23:44 AM
Revealed: Operation Shady RAT
http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat
http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf

Shady RAT: Shoddy RAT
http://eugene.kaspersky.com/2011/08/18/shady-rat-shoddy-rat/
Title: Re: Technical
Post by: Asyn on August 20, 2011, 08:51:13 AM
Trends in Circumventing Web-Malware Detection
http://googleonlinesecurity.blogspot.com/2011/08/four-years-of-web-malware.html
http://research.google.com/archive/papers/rajab-2011a.pdf
Title: Re: Technical
Post by: Asyn on August 20, 2011, 07:37:48 PM
Biclique cryptanalysis of the full AES
https://research.microsoft.com/en-us/projects/cryptanalysis/aes.aspx
https://research.microsoft.com/en-us/projects/cryptanalysis/aesbc.pdf
Title: Re: Technical
Post by: Asyn on August 22, 2011, 10:07:06 AM
CSI:Internet - Controlled from the beyond
http://www.h-online.com/security/features/CSI-Internet-Controlled-from-the-beyond-1322313.html
Title: Re: Technical
Post by: Asyn on August 25, 2011, 02:53:04 PM
McAfee Q2 2011 Threats Report
http://www.mcafee.com/us/about/news/2011/q3/20110823-01.aspx
http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2011.pdf
Title: Re: Technical
Post by: Asyn on August 27, 2011, 09:44:14 PM
Updated SDL Tools Available
http://blogs.msdn.com/b/sdl/archive/2011/08/25/updates-to-sdl-tools-are-now-available.aspx

Threat Modeling Tool v3.1.8: http://go.microsoft.com/?linkid=9706808
MiniFuzz Tool v1.5.5: http://go.microsoft.com/?linkid=9757781
RegExFuzz Tool v1.1.0: http://go.microsoft.com/?linkid=9751929
Title: Re: Technical
Post by: Asyn on September 03, 2011, 09:11:33 PM
Snort 2.9.1 has been released
http://blog.snort.org/2011/08/snort-291-has-been-released-including.html
http://www.snort.org/snort-downloads/
http://manual.snort.org/
http://www.snort.org/docs
Title: Re: Technical
Post by: Asyn on September 05, 2011, 09:05:54 AM
Free tool for testing net neutrality (N00ter)
http://www.h-online.com/security/news/item/Free-tool-for-testing-net-neutrality-1335031.html
http://dankaminsky.com/2011/08/05/bo2k11/
Title: Re: Technical
Post by: Asyn on September 06, 2011, 09:30:25 AM
BackBox Linux 2 released!
http://www.backbox.org/content/backbox-linux-2-released
http://www.backbox.org/content/download
Title: Re: Technical
Post by: Pondus on September 06, 2011, 12:29:58 PM
So do you need a big backup system...got lots of movie and music files  ?....well IBM got what you need   ;D

IBM Builds Biggest Data Drive Ever
http://www.technologyreview.com/computing/38440/page1/
Title: Re: Technical
Post by: Asyn on September 08, 2011, 01:58:00 PM
Shooting the Messenger
http://www.andreas-kurtz.de/2011/09/shooting-messenger.html
Title: Re: Technical
Post by: Asyn on September 10, 2011, 12:09:15 AM
Mozilla asks all CAs to carry out security audits
http://www.h-online.com/security/news/item/Mozilla-asks-all-CAs-to-carry-out-security-audits-1340351.html
https://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/bf2deb09824418fb
Title: Re: Technical
Post by: disPlay on September 10, 2011, 02:04:47 AM
Mozilla asks all CAs to carry out security audits
http://www.h-online.com/security/news/item/Mozilla-asks-all-CAs-to-carry-out-security-audits-1340351.html
https://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/bf2deb09824418fb

Thanks for this information, let's see what will be response of the CAs.
Title: Re: Technical
Post by: Asyn on September 10, 2011, 05:48:45 PM
Mozilla asks all CAs to carry out security audits
http://www.h-online.com/security/news/item/Mozilla-asks-all-CAs-to-carry-out-security-audits-1340351.html
https://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/bf2deb09824418fb

Thanks for this information, let's see what will be response of the CAs.

NP disPlay..!
But more interesting will be, what happens with the ones not replying..!!?? ;)
Title: Re: Technical
Post by: Asyn on September 14, 2011, 10:35:37 AM
Rent-a-Bot Networks Tied to TDSS Botnet
http://krebsonsecurity.com/2011/09/rent-a-bot-networks-tied-to-tdss-botnet/
http://krebsonsecurity.com/2011/09/whos-behind-the-tdss-botnet/
Title: Re: Technical
Post by: Asyn on September 15, 2011, 09:47:20 AM
CSI:Internet - A trip into RAM
http://www.h-online.com/security/features/CSI-Internet-A-trip-into-RAM-1339479.html
Title: Re: Technical
Post by: Asyn on September 16, 2011, 11:20:32 PM
Iran blocks Tor - Tor releases same-day fix
https://blog.torproject.org/blog/iran-blocks-tor-tor-releases-same-day-fix
http://archives.seul.org/tor/talk/Sep-2011/msg00187.html
https://metrics.torproject.org/users.html?graph=direct-users&start=2011-07-01&end=2011-09-16&country=ir&events=on&dpi=72#direct-users
Title: Re: Technical
Post by: Asyn on September 19, 2011, 01:47:58 PM
Cracking OS X Lion Passwords
http://www.defenceindepth.net/2011/09/cracking-os-x-lion-passwords.html
Title: Re: Technical
Post by: Asyn on September 20, 2011, 01:40:19 PM
Open source tool enables security tests for chip cards
http://www.h-online.com/security/news/item/Open-source-tool-enables-security-tests-for-chip-cards-1344245.html
http://www.degate.org/
http://www.degate.org/documentation/
Title: Re: Technical
Post by: Asyn on September 26, 2011, 08:43:03 AM
Proposal to Provide an Extended Support Release of Firefox for Managed Deployments
https://groups.google.com/forum/#!topic/mozilla.dev.planning/19O8ODZnmPo (https://groups.google.com/forum/#!topic/mozilla.dev.planning/19O8ODZnmPo)
https://wiki.mozilla.org/Enterprise/Firefox/ExtendedSupport:Proposal
Title: Re: Technical
Post by: Asyn on September 28, 2011, 05:00:07 PM
Microsoft Neutralizes Kelihos Botnet
http://blogs.technet.com/b/microsoft_blog/archive/2011/09/27/microsoft-neutralizes-kelihos-botnet-names-defendant-in-case.aspx
Title: Re: Technical
Post by: Asyn on October 01, 2011, 05:29:55 PM
Diebold e-voting systems vulnerable to attack
http://www.h-online.com/security/news/item/Diebold-e-voting-systems-vulnerable-to-attack-1352743.html
http://politics.salon.com/2011/09/27/votinghack/
Title: Re: Technical
Post by: Asyn on October 03, 2011, 10:59:21 PM
CSI:Internet - Open heart surgery
http://www.h-online.com/security/features/CSI-Internet-Open-heart-surgery-1350313.html
Title: Re: Technical
Post by: Asyn on October 04, 2011, 07:02:42 PM
Mozilla Firefox and silent updates
http://www.brianbondy.com/blog/id/125/mozilla-firefox-and-silent-updates
Title: Re: Technical
Post by: Asyn on October 06, 2011, 01:41:52 PM
Reverse Proxy Bypass
http://www.contextis.com/research/blog/reverseproxybypass/
Title: Re: Technical
Post by: Asyn on October 07, 2011, 01:47:23 PM
0day Full disclosure: American Express
http://qnrq.se/full-disclosure-american-express/

Note: AE already fixed this.
Title: Re: Technical
Post by: Asyn on October 08, 2011, 04:43:06 PM
ExploitHub Issues Bounty on 12 Client-side Exploits
http://www.nsslabs.com/company/news/press-releases/exploithub-issues-bounty-on-12-client-side-exploits.html
https://www.exploithub.com/request/index/developmentrequests/
Title: Re: Technical
Post by: Asyn on October 11, 2011, 08:45:31 AM
Secret Orders Target Email
http://online.wsj.com/article/SB10001424052970203476804576613284007315072.html
http://news.cnet.com/8301-31921_3-20117919-281/justice-department-ramps-up-wikileaks-e-mail-probe/
Title: Re: Technical
Post by: Asyn on October 11, 2011, 05:50:42 PM
German researchers crack RFID cards
http://www.h-online.com/security/news/item/German-researchers-crack-RFID-cards-1359218.html
http://www.emsec.rub.de/media/crypto/veroeffentlichungen/2011/10/10/desfire_2011_extended_1.pdf
Title: Re: Technical
Post by: Asyn on October 13, 2011, 08:33:54 AM
Microsoft Security Intelligence Report (SIR) #11
http://www.microsoft.com/security/sir/default.aspx
http://download.microsoft.com/download/0/3/3/0331766E-3FC4-44E5-B1CA-2BDEB58211B8/Microsoft_Security_Intelligence_Report_volume_11_English.pdf
http://download.microsoft.com/download/0/3/3/0331766E-3FC4-44E5-B1CA-2BDEB58211B8/Microsoft_Security_Intelligence_Report_volume_11_Worldwide_Threat_Assessment_English.pdf
http://download.microsoft.com/download/0/3/3/0331766E-3FC4-44E5-B1CA-2BDEB58211B8/Microsoft_Security_Intelligence_Report_volume_11_Advanced_Malware_Cleaning_Techniques_for_the_IT_Professional_English.pdf
Title: Re: Technical
Post by: Asyn on October 19, 2011, 10:00:30 AM
US experts concerned about risk to infrastructure posed by Anonymous
http://www.h-online.com/security/news/item/US-experts-concerned-about-risk-to-infrastructure-posed-by-Anonymous-1363015.html
http://info.publicintelligence.net/NCCIC-AnonymousICS.pdf
Title: Re: Technical
Post by: Asyn on October 19, 2011, 12:20:21 PM
Rapid7 Launches New Metasploit Community Edition (for Free and Simple Vulnerability Verification)
http://www.rapid7.com/news-events/press-releases/2011/2011-metasploit-community.jsp
https://community.rapid7.com/community/metasploit/blog/2011/10/18/introducing-metasploit-community-edition
http://www.rapid7.com/products/metasploit-community.jsp
Title: Re: Technical
Post by: Asyn on October 20, 2011, 12:56:03 PM
RUB Researchers break W3C standard
XML Encryption is insecure: Large companies affected
http://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.en
Title: Re: Technical
Post by: Asyn on October 21, 2011, 10:35:56 AM
Georgia Tech Turns iPhone Into spiPhone
http://www.gatech.edu/newsroom/release.html?nid=71506
Title: Re: Technical
Post by: Asyn on October 25, 2011, 06:28:11 PM
RUB Researchers break W3C standard
XML Encryption is insecure: Large companies affected
http://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.en

Analysis of Signature Wrapping Attacks and Countermeasures
http://www.nds.rub.de/media/nds/downloads/mjensen/ICWS09.pdf
Title: Re: Technical
Post by: Asyn on October 26, 2011, 11:05:52 PM
THC SSL DOS
http://thehackerschoice.wordpress.com/2011/10/24/thc-ssl-dos/
http://www.thc.org/thc-ssl-dos/
Title: Re: Technical
Post by: Asyn on October 27, 2011, 02:23:56 PM
Microsoft Neutralizes Kelihos Botnet
http://blogs.technet.com/b/microsoft_blog/archive/2011/09/27/microsoft-neutralizes-kelihos-botnet-names-defendant-in-case.aspx

Microsoft Reaches Settlement with Piatti, dotFREE Group in Kelihos Case
http://blogs.technet.com/b/microsoft_blog/archive/2011/10/26/microsoft-reaches-settlement-with-piatti-dotfree-group-in-kelihos-case.aspx
http://noticeofpleadings.com/images/Botnet_voluntary_dismissal_file-stamped.pdf
Title: Re: Technical - silent updates?
Post by: cliff2 on October 28, 2011, 02:18:14 AM
avast 6, firefox, xp sp2
I have very slow dial up internet and something continues to download.

I put on PCtools 7 firewall, and activity is at Avast!Service.

Is there any way to find out what is downloading??

very frustrating as it makes any other internet even slower.

thanks
Title: Re: Technical - silent updates?
Post by: alpha1 on October 28, 2011, 09:58:13 AM
avast 6, firefox, xp sp2
I have very slow dial up internet and something continues to download.

I put on PCtools 7 firewall, and activity is at Avast!Service.

Is there any way to find out what is downloading??

very frustrating as it makes any other internet even slower.

thanks

you need to start a separate thread about this issue.
Title: Re: Technical
Post by: Asyn on October 28, 2011, 11:24:25 AM
How secure is HTTPS today? How often is it attacked?
https://www.eff.org/deeplinks/2011/10/how-secure-https-today
https://www.eff.org/files/colour_map_of_CAs.pdf
Title: Re: Technical
Post by: Asyn on October 29, 2011, 08:45:25 PM
Making UEFI Secure Boot Work With Open Platforms
https://www.linuxfoundation.org/publications/making-uefi-secure-boot-work-with-open-platforms
https://www.linuxfoundation.org/sites/main/files/lf_uefi_secure_boot_open_platforms.pdf
http://blog.canonical.com/2011/10/28/white-paper-secure-boot-impact-on-linux/
http://ozlabs.org/docs/uefi-secure-boot-impact-on-linux.pdf
Title: Re: Technical
Post by: Asyn on October 30, 2011, 10:04:28 AM
Acoustic cryptanalysis
http://tau.ac.il/~tromer/acoustic/
http://www.lsec.be/upload_directories/documents/AdiShamir.pdf
Title: Re: Technical
Post by: Asyn on October 31, 2011, 02:36:23 PM
Chinese Military Suspected in Hacker Attacks on U.S. Satellites
http://www.bloomberg.com/news/2011-10-27/chinese-military-suspected-in-hacker-attacks-on-u-s-satellites.html
Title: Re: Technical
Post by: Asyn on November 01, 2011, 11:29:12 AM
Defeating Windows 8 ROP Mitigation
http://vulnfactory.org/blog/2011/09/21/defeating-windows-8-rop-mitigation/
http://blog.bkis.com/en/rop-chain-for-windows-8/
Title: Re: Technical
Post by: Asyn on November 01, 2011, 05:39:29 PM
The Nitro Attacks
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf
Title: Re: Technical
Post by: alpha1 on November 01, 2011, 09:50:23 PM
NetMarketShare: XP finally eroded to sub 50 percent level, Chrome closing in on Firefox
http://www.zdnet.com/blog/hardware/netmarketshare-xp-finally-eroded-to-sub-50-percent-level-chrome-closing-in-on-firefox/15959
Title: Re: Technical
Post by: Asyn on November 03, 2011, 12:45:35 PM
The Socialbot Network: When Bots Socialize for Fame and Money
http://lersse-dl.ece.ubc.ca/record/264/files/ACSAC_2011.pdf?version=1
Title: Re: Technical
Post by: Asyn on November 04, 2011, 04:14:40 PM
Text-based CAPTCHA Strengths and Weaknesses
http://cdn.ly.tl/publications/text-based-captcha-strengths-and-weaknesses.pdf
Title: Re: Technical
Post by: Asyn on November 10, 2011, 03:48:11 PM
A Security Analysis of Amazon’s Elastic Compute Cloud Service
http://www.scribd.com/doc/72067914/Secure-Cloud-Long
Title: Re: Technical
Post by: Asyn on November 10, 2011, 10:05:19 PM
Operation Ghost Click
http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
http://www.fbi.gov/newyork/press-releases/2011/remarks-as-prepared-by-assistant-director-in-charge-janice-k.-fedarcyk-on-major-cyber-investigation
http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf
Title: Re: Technical
Post by: Asyn on November 12, 2011, 06:28:49 PM
OAuth 2.0 Playground: Open to Developers
http://googlecode.blogspot.com/2011/11/oauth-20-playground-open-to-developers.html
https://code.google.com/oauthplayground/
Title: Re: Technical
Post by: Asyn on November 13, 2011, 01:31:15 PM
SCADA & PLC Vulnerabilities in Correctional Facilities
http://dl.packetstormsecurity.net/papers/general/PLC_White_Paper_Newman_Rad_Strauchs_July22_2011_Final.pdf
http://blip.tv/pauldotcom/hacking-prisons-john-strauchs-tiffany-rad-teague-newman-5518125
Title: Re: Technical
Post by: jadinolf on November 14, 2011, 02:47:04 AM
IE9 and Privacy: Introducing Tracking Protection
http://blogs.msdn.com/b/ie/archive/2010/12/07/ie9-and-privacy-introducing-tracking-protection-v8.aspx


Enjoy!
Title: Re: Technical
Post by: Asyn on November 14, 2011, 01:33:27 PM
Duqu Detectors
CrySyS Duqu Detector Toolkit: http://www.crysys.hu/duqudetector.html
Duqu Analysis & Detection Tool: http://www.nsslabs.com/blog/2011/11/duqu-analysis-and-detection-tool.html
Title: Re: Technical
Post by: Asyn on November 16, 2011, 05:34:22 PM
Public Key Pinning Extension for HTTP
http://www.ietf.org/id/draft-evans-palmer-key-pinning-00.txt
Title: Re: Technical
Post by: Asyn on November 18, 2011, 12:22:48 PM
Invisible YNK, a Code Signing Conundrum
http://blogs.norman.com/2011/malware-detection-team/invisible-ynk-a-code-signing-conundrum
Title: Re: Technical
Post by: Asyn on November 19, 2011, 06:06:30 PM
Google details location services opt-out for Wi-Fi access point owners
http://www.h-online.com/security/news/item/Google-details-location-services-opt-out-for-Wi-Fi-access-point-owners-1379431.html
http://googlepolicyeurope.blogspot.com/2011/11/greater-choice-for-wireless-access.html
http://maps.google.com/support/bin/answer.py?hl=en&answer=1725632
Title: Re: Technical
Post by: Asyn on November 20, 2011, 10:52:01 AM
W3C Announces First Draft of Standard for Online Privacy
http://www.w3.org/2011/11/dnt-pr.html.en
http://www.w3.org/TR/2011/WD-tracking-dnt-20111114/
http://www.w3.org/TR/2011/WD-tracking-compliance-20111114/
Title: Re: Technical
Post by: Asyn on November 27, 2011, 12:57:19 AM
RUB researchers outsmart HDCP
“Man-in-the-Middle” attack: Intel copy protection circumvented
http://aktuell.ruhr-uni-bochum.de/pm2011/pm00386.html.en
Title: Re: Technical
Post by: Asyn on November 28, 2011, 01:29:51 PM
Preliminary Analysis of Google+'s Privacy
http://arxiv.org/abs/1111.3530
http://arxiv.org/pdf/1111.3530v1 [PDF]
Title: Re: Technical
Post by: Asyn on November 30, 2011, 05:32:33 PM
Java is the largest malware target according to Microsoft
http://www.h-online.com/security/news/item/Java-is-the-largest-malware-target-according-to-Microsoft-1387528.html
http://blogs.technet.com/b/security/archive/2011/11/28/millions-of-java-exploit-attempts-the-importance-of-keeping-all-software-up-to-date.aspx
http://krebsonsecurity.com/2011/11/new-java-attack-rolled-into-exploit-kits/
Title: Re: Technical
Post by: YoKenny on November 30, 2011, 10:31:02 PM
Java is the largest malware target according to Microsoft
http://krebsonsecurity.com/2011/11/new-java-attack-rolled-into-exploit-kits/
From KrebsOnSecurity
Quote
The exploit attacks a vulnerability that exists in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier. If you are using Java 6 Update 29, or Java 7 Update 1, then you have the latest version that is patched against this and 19 other security threats.
Title: Re: Technical
Post by: Asyn on December 02, 2011, 01:25:44 PM
The Spyfiles
http://wikileaks.org/the-spyfiles.html
http://www.washingtonpost.com/world/national-security/trade-in-surveillance-technology-raises-worries/2011/11/22/gIQAFFZOGO_story.html?hpid=z1
Title: Re: Technical
Post by: Asyn on December 10, 2011, 08:38:44 AM
Windows Defender Offline Beta
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
http://windows.microsoft.com/en-US/windows/windows-defender-offline-faq
http://www.winsupersite.com/article/windows-7/windows-defender-offline-beta-141535
Title: Re: Technical
Post by: Asyn on December 10, 2011, 05:38:15 PM
DNSCrypt
http://blog.opendns.com/2011/12/06/dnscrypt-%E2%80%93-critical-fundamental-and-about-time/
http://www.opendns.com/technology/dnscrypt/
Title: Re: Technical
Post by: YoKenny on December 10, 2011, 06:59:13 PM
DNSCrypt
http://www.opendns.com/technology/dnscrypt/
It says it is  (mac only at the moment)
Title: Re: Technical
Post by: Asyn on December 10, 2011, 07:06:26 PM
DNSCrypt
http://www.opendns.com/technology/dnscrypt/
It says it is  (mac only at the moment)

Yes, the windows version follows shortly.

Quote
We expect a Windows version in the near future.
Title: Re: Technical
Post by: Asyn on December 13, 2011, 12:34:38 PM
U.S. Homes In on China Spying
http://online.wsj.com/article_email/SB10001424052970204336104577094690893528130-lMyQjAxMTAxMDEwMjExNDIyWj.html
Title: Re: Technical
Post by: Asyn on December 16, 2011, 01:37:31 PM
IE to Start Automatic Upgrades across Windows XP, Windows Vista, and Windows 7
http://windowsteamblog.com/ie/b/ie/archive/2011/12/15/ie-to-start-automatic-upgrades-across-windows-xp-windows-vista-and-windows-7.aspx
Title: Re: Technical
Post by: Lisandro on December 17, 2011, 06:28:07 PM
IE to Start Automatic Upgrades across Windows XP, Windows Vista, and Windows 7
http://windowsteamblog.com/ie/b/ie/archive/2011/12/15/ie-to-start-automatic-upgrades-across-windows-xp-windows-vista-and-windows-7.aspx
Thanks. Brazil will be in the beginning of the list :)
Title: Re: Technical
Post by: bob3160 on December 17, 2011, 06:30:45 PM
http://forum.avast.com/index.php?topic=19387.msg720292#msg720292 (http://forum.avast.com/index.php?topic=19387.msg720292#msg720292)
Title: Re: Technical
Post by: Asyn on December 17, 2011, 06:36:23 PM
IE to Start Automatic Upgrades across Windows XP, Windows Vista, and Windows 7
http://windowsteamblog.com/ie/b/ie/archive/2011/12/15/ie-to-start-automatic-upgrades-across-windows-xp-windows-vista-and-windows-7.aspx
Thanks. Brazil will be in the beginning of the list :)

NP Tech..!

@Bob: You were almost 2 hours late. ;) But you're right, that any discussion (if needed) should continue there or in a new topic.
Title: Re: Technical
Post by: Asyn on December 17, 2011, 08:52:53 PM
Resurrection: sniffing tool Ettercap has returned
http://www.h-online.com/open/news/item/Resurrection-sniffing-tool-Ettercap-has-returned-1397037.html
http://ettercap.sourceforge.net/index.php
Title: Re: Technical
Post by: Asyn on December 18, 2011, 09:07:55 AM
Protecting your digital identity [Windows 8]
http://blogs.msdn.com/b/b8/archive/2011/12/14/protecting-your-digital-identity.aspx
Title: Re: Technical
Post by: Asyn on December 21, 2011, 08:17:17 AM
Disorderly conduct: localized malware impersonates the police
http://blogs.technet.com/b/mmpc/archive/2011/12/19/disorderly-conduct-localized-malware-impersonates-the-police.aspx
Title: Re: Technical
Post by: Asyn on January 03, 2012, 08:06:25 PM
Wi-Fi Protected Setup PIN brute force vulnerability
http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/
http://www.kb.cert.org/vuls/id/723755
http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf
Title: Re: Technical
Post by: Asyn on January 03, 2012, 10:39:28 PM
Pharma Wars: ‘Google,’ the Cutwail Botmaster
https://krebsonsecurity.com/2012/01/pharma-wars-google-the-cutwail-botmaster/
https://www.m86security.com/labs/spam_statistics.asp
Title: Re: Technical
Post by: Asyn on January 05, 2012, 08:59:20 AM
EFF Raises Concerns About the New AOL Instant Messenger
https://www.eff.org/deeplinks/2011/12/effs-raises-concerns-about-new-aol-instant-messenger-0
Title: Re: Technical
Post by: Asyn on January 06, 2012, 10:59:24 AM
28C3: Denial-of-Service attacks on web applications made easy
http://www.h-online.com/security/news/item/28C3-Denial-of-Service-attacks-on-web-applications-made-easy-1401863.html
http://www.nruns.com/_downloads/advisory28122011.pdf
Title: Re: Technical
Post by: Asyn on January 10, 2012, 09:41:18 AM
Tails 0.10 (The Amnesic Incognito Live System)
http://tails.boum.org/index.en.html
http://tails.boum.org/news/version_0.10/
http://tails.boum.org/download/index.en.html
Title: Re: Technical
Post by: Asyn on January 17, 2012, 10:30:37 AM
Sykipot variant hijacks DOD and Windows smart cards
http://labs.alienvault.com/labs/index.php/2012/when-the-apt-owns-your-smart-cards-and-certs/
Title: Re: Technical
Post by: Asyn on January 17, 2012, 03:14:40 PM
SE Android (Security Enhanced Android)
http://selinuxproject.org/page/SEAndroid
http://selinuxproject.org/~jmorris/lss2011_slides/caseforseandroid.pdf
Title: Re: Technical
Post by: Asyn on January 17, 2012, 06:11:02 PM
The Koobface malware gang - exposed!
http://nakedsecurity.sophos.com/koobface/
Title: Re: Technical
Post by: Asyn on January 22, 2012, 10:12:05 AM
Hoping to Teach a Lesson, Researchers Release Exploits for Critical Infrastructure Software
http://www.wired.com/threatlevel/2012/01/scada-exploits/
Title: Re: Technical
Post by: Asyn on January 22, 2012, 03:09:47 PM
The Koobface malware gang - exposed!
http://nakedsecurity.sophos.com/koobface/

Koobface C&C goes silent after alleged controllers exposed
http://www.h-online.com/security/news/item/Koobface-C-C-goes-silent-after-alleged-controllers-exposed-1416869.html
Title: Re: Technical
Post by: Asyn on January 22, 2012, 04:09:07 PM
The Impact of Mobile Devices on Information Security
http://www.checkpoint.com/press/2012/011812-check-point-businesses-admit-increase-security.html
http://www.checkpoint.com/downloads/products/check-point-mobile-security-survey-report.pdf
Title: Re: Technical
Post by: Asyn on January 24, 2012, 10:02:34 AM
Mozilla's BrowserID offered as an alternative to OpenID
http://www.h-online.com/security/news/item/Mozilla-s-BrowserID-offered-as-an-alternative-to-OpenID-1280136.html
http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in
http://identity.mozilla.com/post/7669886219/how-browserid-differs-from-openid
https://browserid.org/

Mozilla's BrowserID moves forward
http://www.h-online.com/security/news/item/Mozilla-s-BrowserID-moves-forward-1419193.html
Title: Re: Technical
Post by: Asyn on January 24, 2012, 01:14:26 PM
Microsoft Names New Defendant in Kelihos Case
http://blogs.technet.com/b/microsoft_blog/archive/2012/01/23/microsoft-names-new-defendant-in-kelihos-case.aspx
http://blogs.technet.com/cfs-file.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-80-54/6180.Kelihos-Botnet-_2D00_-Amended-Complaint.pdf
Title: Re: Technical
Post by: Asyn on January 25, 2012, 10:50:53 AM
Board Room Spying for Fun and Profit
https://community.rapid7.com/community/solutions/metasploit/blog/2012/01/23/video-conferencing-and-self-selecting-targets
Title: Re: Technical
Post by: Asyn on January 28, 2012, 08:03:05 AM
A different breed of downloader
http://blogs.technet.com/b/mmpc/archive/2012/01/24/a-different-breed-of-downloader.aspx
Title: Re: Technical
Post by: Asyn on February 01, 2012, 08:13:36 AM
Hacker's Demo Shows How Easily Credit Cards Can Be Read Through Clothes And Wallets
http://www.forbes.com/sites/andygreenberg/2012/01/30/hackers-demo-shows-how-easily-credit-cards-can-be-read-through-clothes-and-wallets/
Title: Re: Technical
Post by: Asyn on February 02, 2012, 02:08:00 PM
Kelihos/Hlux botnet returns with new techniques
http://www.securelist.com/en/blog/655/Kelihos_Hlux_botnet_returns_with_new_techniques
Title: Re: Technical
Post by: Asyn on February 07, 2012, 08:21:39 AM
Trendnet Cameras - I always feel like somebody's watching me.
http://console-cowboys.blogspot.com/2012/01/trendnet-cameras-i-always-feel-like.html
Title: Re: Technical
Post by: Asyn on February 11, 2012, 09:34:25 AM
Satellite telephony is unsafe
RUB scientists break security standards - Encryption algorithms have security gaps
http://gmr.crypto.rub.de/
http://gmr.crypto.rub.de/paper/paper-1.pdf
Title: Re: Technical
Post by: Asyn on February 12, 2012, 10:00:22 AM
Iran partially blocks encrypted network traffic
https://blog.torproject.org/blog/iran-partially-blocks-encrypted-network-traffic
https://lists.torproject.org/pipermail/tor-talk/2012-February/023070.html
Title: Re: Technical
Post by: Pondus on February 13, 2012, 12:16:24 AM
Introducing DNSCrypt (Preview Release)
http://www.opendns.com/technology/dnscrypt?utm_source=n012012&utm_medium=em&utm_campaign=home
Title: Re: Technical
Post by: Asyn on February 14, 2012, 07:31:32 AM
Android.Bmaster: A Million-Dollar Mobile Botnet
http://www.symantec.com/connect/blogs/androidbmaster-million-dollar-mobile-botnet
http://www.cs.ncsu.edu/faculty/jiang/RootSmart/
Title: Re: Technical
Post by: Asyn on February 17, 2012, 11:00:53 AM
RSA keys not as random as they should be
http://www.h-online.com/security/news/item/RSA-keys-not-as-random-as-they-should-be-1435474.html
http://eprint.iacr.org/2012/064.pdf
https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs
Title: Re: Technical
Post by: Asyn on February 19, 2012, 01:32:00 PM
Mozilla: Remove Trustwave Certificate(s) from trusted root certificates
https://bugzilla.mozilla.org/show_bug.cgi?id=724929
https://wiki.mozilla.org/CA%3ACommunications#February_17.2C_2012
https://bugzilla.mozilla.org/attachment.cgi?id=598527
Title: Re: Technical
Post by: Asyn on February 21, 2012, 01:34:33 PM
Google Bypassing User Privacy Settings
http://blogs.msdn.com/b/ie/archive/2012/02/20/google-bypassing-user-privacy-settings.aspx
Title: Re: Technical
Post by: bob3160 on February 21, 2012, 01:50:38 PM
Google Bypassing User Privacy Settings
http://blogs.msdn.com/b/ie/archive/2012/02/20/google-bypassing-user-privacy-settings.aspx (http://blogs.msdn.com/b/ie/archive/2012/02/20/google-bypassing-user-privacy-settings.aspx)
This can also be rephrased as Apple and Microsoft aren't protecting their users privacy.  ;D
Title: Re: Technical
Post by: Asyn on February 22, 2012, 06:51:35 AM
Google Bypassing User Privacy Settings
http://blogs.msdn.com/b/ie/archive/2012/02/20/google-bypassing-user-privacy-settings.aspx (http://blogs.msdn.com/b/ie/archive/2012/02/20/google-bypassing-user-privacy-settings.aspx)
This can also be rephrased as Apple and Microsoft aren't protecting their users privacy.  ;D

Well, Rachel Whetstone (Senior Vice President of Communications and Policy, Google) thinks similar... ;D
http://parislemon.com/post/17998654387/google-microsoft-is-full-of-shit
Title: Re: Technical
Post by: ady4um on February 22, 2012, 11:14:11 AM
No intention to open a discussion in this topic, but to end one...

The article is about 2 different things, depending on how you look at it.

1_ Google said it will follow a certain recognized standard, and it didn't follow that standard. If the standard were to be followed, then no "extra" track down of users would had happened.

2_ For those sites not following that standard (whether they declare it in their privacy policy or not), the user can be tracked down, and certain web browsers will not protect your privacy using their standard methods (while the user thinks it is enough to protect his privacy, but it isn't).
Title: Re: Technical
Post by: Asyn on February 22, 2012, 11:22:58 AM
1_ Google said it will follow a certain recognized standard, and it didn't follow that standard. If the standard were to be followed, then no "extra" track down of users would had happened.

2_ For those sites not following that standard (whether they declare it in their privacy policy or not), the user can be tracked down, and certain web browsers will not protect your privacy using their standard methods (while the user thinks it is enough to protect his privacy, but it isn't).

1. Which article are you refering to..? (http://support.google.com/accounts/bin/answer.py?hl=en&answer=151657)
2. Well, there's also Firefox... ;)
Title: Re: Technical
Post by: ady4um on February 22, 2012, 01:16:29 PM
1_ Google said it will follow a certain recognized standard, and it didn't follow that standard. If the standard were to be followed, then no "extra" track down of users would had happened.

2_ For those sites not following that standard (whether they declare it in their privacy policy or not), the user can be tracked down, and certain web browsers will not protect your privacy using their standard methods (while the user thinks it is enough to protect his privacy, but it isn't).

1. Which article are you refering to..? (http://support.google.com/accounts/bin/answer.py?hl=en&answer=151657)
2. Well, there's also Firefox... ;)

1. Both. The final point is not about one company or the other are not exactly telling the truth. Is about sites' "real" privacy policy.
2. Yes, or IE9 (as MS "now" recommends) but the user needs to find the exact add-on to protect his privacy, and then know about all those new "tricks" popping out every day, and keep searching for new solutions... Just as with other security related issues, it never ends and no solution is permanently safe.
Title: Re: Technical
Post by: Asyn on February 23, 2012, 06:59:30 AM
A look at ASLR in Android Ice Cream Sandwich 4.0
http://blog.duosecurity.com/2012/02/a-look-at-aslr-in-android-ice-cream-sandwich-4-0/
Title: Re: Technical
Post by: Asyn on February 27, 2012, 12:23:19 PM
ASLR to be mandatory for binary Firefox extensions
http://www.h-online.com/security/news/item/ASLR-to-be-mandatory-for-binary-Firefox-extensions-1443131.html
Title: Re: Technical
Post by: Asyn on March 03, 2012, 04:22:20 PM
How we broke the NuCaptcha video scheme and what we propose to fix it
http://elie.im/blog/security/how-we-broke-the-nucaptcha-video-scheme-and-what-we-propose-to-fix-it/
Title: Re: Technical
Post by: Asyn on March 06, 2012, 07:55:45 AM
Anonymous Supporters Tricked into Installing Zeus Trojan
http://www.symantec.com/connect/blogs/anonymous-supporters-tricked-installing-zeus-trojan
Title: Re: Technical
Post by: Asyn on March 07, 2012, 12:44:58 PM
Mozilla introduces Collusion, a new tracking mapper add-on
http://www.h-online.com/security/news/item/Mozilla-introduces-Collusion-a-new-tracking-mapper-add-on-1445357.html
https://www.mozilla.org/en-US/collusion/
https://www.mozilla.org/en-US/collusion/demo/
Title: Re: Technical
Post by: Asyn on March 07, 2012, 02:51:48 PM
Attacking the Washington, D.C. Internet Voting System
https://jhalderm.com/pub/papers/dcvoting-fc12.pdf
Title: Re: Technical
Post by: Asyn on March 08, 2012, 04:33:03 PM
Adobe SWF Investigator
http://labs.adobe.com/technologies/swfinvestigator/
Title: Re: Technical
Post by: Asyn on March 12, 2012, 01:38:44 PM
The Symantec Smartphone Honey Stick Project
http://www.symantec.com/connect/blogs/introducing-symantec-smartphone-honey-stick-project
http://www.symantec.com/content/en/us/about/presskits/b-symantec-smartphone-honey-stick-project.en-us.pdf?om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2012Mar_worldwide_honeystick
Title: Re: Technical
Post by: Asyn on March 14, 2012, 04:41:20 PM
Framesniffing against SharePoint and LinkedIn
http://www.contextis.com/research/blog/framesniffing/
Title: Re: Technical
Post by: Asyn on March 16, 2012, 02:09:32 PM
Android Malware Pairs Man-in-the-Middle With Remote-Controlled Banking Trojan
http://blogs.mcafee.com/mcafee-labs/android-malware-pairs-man-in-the-middle-with-remote-controlled-banking-trojan
Title: Re: Technical
Post by: Asyn on March 19, 2012, 01:35:15 PM
CyanogenMod 9 to ship without default root access
http://www.h-online.com/security/news/item/CyanogenMod-9-to-ship-without-default-root-access-1474741.html
http://www.cyanogenmod.com/blog/security-and-you
Title: Re: Technical
Post by: Asyn on March 20, 2012, 12:52:26 PM
Twitter Bots Target Tibetan Protests
http://krebsonsecurity.com/2012/03/twitter-bots-target-tibetan-protests/
Title: Re: Technical
Post by: Asyn on March 22, 2012, 03:10:33 PM
Firefox To Use Google Secure Search By Default
http://searchengineland.com/firefox-to-use-google-secure-search-by-default-116231
Title: Re: Technical
Post by: Asyn on March 23, 2012, 06:02:20 AM
2012 Data Breach Investigations Report
http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
Title: Re: Technical
Post by: Asyn on March 26, 2012, 12:59:00 PM
Firefox 3.6.x approaches end of life
http://www.h-online.com/security/news/item/Firefox-3-6-x-approaches-end-of-life-1479643.html
http://blog.mozilla.com/futurereleases/2012/03/23/upcoming-firefox-support-changes/
http://weblogs.mozillazine.org/asa/archives/2012/03/the-end-of-support-f.html
Title: Re: Technical
Post by: Asyn on March 27, 2012, 09:11:30 AM
Microsoft and Financial Services Industry Leaders Target Cybercriminal Operations from Zeus Botnets
http://blogs.technet.com/b/microsoft_blog/archive/2012/03/25/microsoft-and-financial-services-industry-leaders-target-cybercriminal-operations-from-zeus-botnets.aspx
http://www.microsoft.com/presspass/presskits/dcu/
http://www.microsoft.com/Presspass/press/2012/mar12/03-25CybercrimePR.mspx
http://www.zeuslegalnotice.com/images/Complaint_w_Appendices.pdf
https://zeustracker.abuse.ch/statistic.php
https://zeustracker.abuse.ch/monitor.php
Title: Re: Technical
Post by: Asyn on March 28, 2012, 03:50:22 PM
Mozilla calls for tighter controls on sub-CAs
http://www.h-online.com/security/news/item/Mozilla-calls-for-tighter-controls-on-sub-CAs-1484643.html
https://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/d239c42ef880c71a
Title: Re: Technical
Post by: Asyn on March 30, 2012, 07:51:38 AM
Twitter Bots Target Tibetan Protests
http://krebsonsecurity.com/2012/03/twitter-bots-target-tibetan-protests/

http://labs.alienvault.com/labs/index.php/2012/alienvault-research-used-as-lure-in-targeted-attacks/
http://labs.alienvault.com/labs/index.php/2012/targeted-attacks-against-tibet-organizations/
Title: Re: Technical
Post by: Asyn on March 31, 2012, 10:34:16 AM
Doubts over necessity of SHA-3 cryptography standard
http://www.h-online.com/security/news/item/Doubts-over-necessity-of-SHA-3-cryptography-standard-1498071.html
Title: Re: Technical
Post by: Asyn on April 03, 2012, 09:36:52 AM
Pastebin to hire staff to tackle hackers' 'sensitive' posts
http://www.bbc.com/news/technology-17544311
http://www.bbc.com/news/technology-17524822
Title: Re: Technical
Post by: Asyn on April 04, 2012, 04:41:13 PM
Adobe “Malware Classifier” Tool
http://blogs.adobe.com/asset/2012/03/presenting-malware-classifier-tool.html
https://sourceforge.net/adobe/malclassifier
http://sourceforge.net/projects/malclassifier.adobe/files/
Title: Re: Technical
Post by: Asyn on April 05, 2012, 07:38:53 AM
Mozilla is Blocklisting Older Versions of Java
http://blog.mozilla.com/addons/2012/04/02/blocking-java/
https://addons.mozilla.org/en-US/firefox/blocked/p80
Title: Re: Technical
Post by: Asyn on April 10, 2012, 07:17:32 AM
Hotel Wifi JavaScript Injection
http://justinsomnia.org/2012/04/hotel-wifi-javascript-injection/
Title: Re: Technical
Post by: Asyn on April 11, 2012, 09:55:42 AM
Draconian cyber security bill could lead to Internet surveillance and censorship
http://en.rsf.org/etats-unis-draconian-cyber-security-bill-06-04-2012,42283.html
Title: Re: Technical
Post by: DavidR on April 11, 2012, 12:33:03 PM
Draconian cyber security bill could lead to Internet surveillance and censorship
http://en.rsf.org/etats-unis-draconian-cyber-security-bill-06-04-2012,42283.html

They are talking of the very same things in the UK, estimated to cost business £2BN to implement the measures. But there are very hostile reactions about it, from the various privacy groups, the public and a lot of opposition in Parliament and the Lords.
Title: Re: Technical
Post by: Asyn on April 12, 2012, 05:33:27 AM
Draconian cyber security bill could lead to Internet surveillance and censorship
http://en.rsf.org/etats-unis-draconian-cyber-security-bill-06-04-2012,42283.html

They are talking of the very same things in the UK, estimated to cost business £2BN to implement the measures. But there are very hostile reactions about it, from the various privacy groups, the public and a lot of opposition in Parliament and the Lords.

Hope it can be stopped in the UK...!! :(
Against the US law we can sign this...

CISPA Petition: https://secure.avaaz.org/en/stop_cispa/
Title: Re: Technical
Post by: Asyn on April 13, 2012, 08:30:24 AM
Discovering a Major Security Hole in Facebook's Android SDK
http://blog.parse.com/2012/04/10/discovering-a-major-security-hole-in-facebooks-android-sdk/
Title: Re: Technical
Post by: Asyn on April 14, 2012, 08:52:17 AM
Stuxnet Loaded by Iran Double Agents
http://www.isssource.com/stuxnet-loaded-by-iran-double-agents/
Title: Re: Technical
Post by: Asyn on April 14, 2012, 06:15:13 PM
Firefox gets click-to-play option for plugins
http://www.h-online.com/security/news/item/Firefox-gets-click-to-play-option-for-plugins-1520514.html
https://msujaws.wordpress.com/2012/04/11/opting-in-to-plugins-in-firefox/
https://wiki.mozilla.org/Opt-in_activation_for_plugins
Title: Re: Technical
Post by: Asyn on April 18, 2012, 06:22:51 PM
Draconian cyber security bill could lead to Internet surveillance and censorship
http://en.rsf.org/etats-unis-draconian-cyber-security-bill-06-04-2012,42283.html

Week of Action On CISPA Preceding "Cybersecurity Week" in the House
https://www.cdt.org/pr_statement/week-action-cispa-preceding-cybersecurity-week-house

Administration pushes against bipartisan House cybersecurity legislation
http://thehill.com/blogs/hillicon-valley/technology/222143-white-house-criticizes-cybersecurity-bill-cispa
Title: Re: Technical
Post by: Asyn on April 20, 2012, 06:16:30 PM
Anonymous deploys Zerobin to create AnonPaste
http://www.h-online.com/security/news/item/Anonymous-deploys-Zerobin-to-create-AnonPaste-1544706.html
Title: Re: Technical
Post by: Asyn on April 22, 2012, 10:12:20 AM
Adventures with iOS UIWebviews
http://labs.mwrinfosecurity.com/blog/2012/04/16/adventures-with-ios-uiwebviews/
Title: Re: Technical
Post by: Asyn.B on April 22, 2012, 03:05:28 PM
The anatomy of Flashback/Flashfake
http://www.securelist.com/en/analysis/204792227/The_anatomy_of_Flashfake_Part_1
Title: Re: Technical
Post by: bob3160 on April 22, 2012, 03:39:54 PM
A little strange to see an Asyn  and an Asyn.B ???



Confusion Reigns ???
Title: Re: Technical
Post by: Asyn.B on April 22, 2012, 03:41:56 PM
A little strange to see an Asyn  and an Asyn.B ???
Confusion Reigns ???

Don't worry Bob, the one with the ".B" is just my test account. ;)
Have a nice sunday,
Asyn
Title: Re: Technical
Post by: Pondus on April 22, 2012, 03:58:20 PM
A little strange to see an Asyn  and an Asyn.B ???
Confusion Reigns ???

Don't worry Bob, the one with the ".B" is just my test account. ;)
Have a nice sunday,
Asyn
Testing what.......to see if we get confused?

 it worked   ;D

Title: Re: Technical
Post by: Asyn.B on April 22, 2012, 04:09:28 PM
Testing what.......to see if we get confused?

 it worked   ;D

Well, not really. ;)
Sorry, that it worked, though.... ;D
Title: Re: Technical
Post by: Pondus on April 22, 2012, 04:14:08 PM
i thought it was your brother   ;D
Title: Re: Technical
Post by: Asyn.B on April 22, 2012, 04:38:21 PM
i thought it was your brother   ;D

Because of the ".B"..??
Well, no brother here, I'm not t*** i***** ;D
Title: Re: Technical
Post by: bob10000 on April 22, 2012, 05:02:50 PM
i thought it was your brother   ;D

Because of the ".B"..??
Well, no brother here, I'm not t*** i***** ;D
My alter ego very seldom makes an appearance....
So what is yours testing ???
Title: Re: Technical
Post by: Asyn.B on April 22, 2012, 05:19:34 PM
My alter ego very seldom makes an appearance....
So what is yours testing ???

I'll send you a PM shortly.
We're getting OT here. ;)
Title: Re: Technical
Post by: Asyn on April 25, 2012, 09:42:36 AM
Draconian cyber security bill could lead to Internet surveillance and censorship
http://en.rsf.org/etats-unis-draconian-cyber-security-bill-06-04-2012,42283.html

Week of Action On CISPA Preceding "Cybersecurity Week" in the House
https://www.cdt.org/pr_statement/week-action-cispa-preceding-cybersecurity-week-house

Administration pushes against bipartisan House cybersecurity legislation
http://thehill.com/blogs/hillicon-valley/technology/222143-white-house-criticizes-cybersecurity-bill-cispa

Resistance against US cyber security act is growing
http://www.h-online.com/security/news/item/Resistance-against-US-cyber-security-act-is-growing-1557861.html
Title: Re: Technical
Post by: Asyn on April 29, 2012, 09:52:47 AM
TVs and Blu-ray players vulnerable to DoS attacks
http://www.h-online.com/security/news/item/TVs-and-Blu-ray-players-vulnerable-to-DoS-attacks-1558245.html
http://aluigi.org/adv/samsux_1-adv.txt
Title: Re: Technical
Post by: Asyn on April 30, 2012, 10:46:20 AM
Microsoft Security Intelligence Report (SIR) #12
http://www.microsoft.com/security/sir/default.aspx
http://download.microsoft.com/download/C/9/A/C9A544AD-4150-43D3-80F7-4F1641EF910A/Microsoft_Security_Intelligence_Report_Volume_12_English.pdf
http://download.microsoft.com/download/C/9/A/C9A544AD-4150-43D3-80F7-4F1641EF910A/Microsoft_Security_Intelligence_Report_Volume_12_Key_Findings_Summary_English.pdf
http://download.microsoft.com/download/C/9/A/C9A544AD-4150-43D3-80F7-4F1641EF910A/Microsoft_Security_Intelligence_Report_Volume_12_Worldwide_Threat_Assessment_English.pdf
Title: Re: Technical
Post by: Asyn on May 05, 2012, 05:41:40 PM
SSL Pulse - To Make SSL More Secure and Pervasive
https://www.trustworthyinternet.org/blog/2012/4/25/ssl-pulse-to-make-ssl-more-secure-and-pervasive.html
https://www.trustworthyinternet.org/ssl-pulse/
Title: Re: Technical
Post by: Asyn on May 06, 2012, 08:47:29 AM
The Tor Project's New Tool Aims To Map Out Internet Censorship
http://www.forbes.com/sites/andygreenberg/2012/04/30/the-tor-projects-new-tool-aims-to-map-out-internet-censorship/
http://ooni.nu/
Title: Re: Technical
Post by: Asyn on May 06, 2012, 12:00:33 PM
Draconian cyber security bill could lead to Internet surveillance and censorship
http://en.rsf.org/etats-unis-draconian-cyber-security-bill-06-04-2012,42283.html

Week of Action On CISPA Preceding "Cybersecurity Week" in the House
https://www.cdt.org/pr_statement/week-action-cispa-preceding-cybersecurity-week-house

Administration pushes against bipartisan House cybersecurity legislation
http://thehill.com/blogs/hillicon-valley/technology/222143-white-house-criticizes-cybersecurity-bill-cispa

Resistance against US cyber security act is growing
http://www.h-online.com/security/news/item/Resistance-against-US-cyber-security-act-is-growing-1557861.html

Mozilla Slams CISPA, Breaking Silicon Valley's Silence On Cybersecurity Bill
http://www.forbes.com/sites/andygreenberg/2012/05/01/mozilla-slams-cispa-breaking-silicon-valleys-silence-on-cybersecurity-bill/
Title: Re: Technical
Post by: Asyn on May 08, 2012, 08:06:05 AM
Flash 11.3 to bring protected mode for Firefox
http://www.h-online.com/security/news/item/Flash-11-3-to-bring-protected-mode-for-Firefox-1569608.html
Title: Re: Technical
Post by: Asyn on May 08, 2012, 11:19:51 AM
OpenX Promises Fix for Rogue Ads Bug
http://krebsonsecurity.com/2012/05/openx-promises-fix-for-rogue-ads-bug/
Title: Re: Technical
Post by: Asyn on May 09, 2012, 07:09:06 AM
Sigrok: open source framework for logic analysers
http://www.h-online.com/security/news/item/Sigrok-open-source-framework-for-logic-analysers-1567131.html
http://sigrok.org/wiki/Main_Page
Title: Re: Technical
Post by: Asyn on May 13, 2012, 08:23:26 AM
DNSCrypt for Windows has arrived
http://blog.opendns.com/2012/05/08/dnscrypt-for-windows-has-arrived/
http://www.opendns.com/technology/dnscrypt/
Title: Re: Technical
Post by: Asyn on May 14, 2012, 01:43:26 PM
OpenVAS-5 released: New Asset-Management, Delta-Reports and embedded SCAP-Data
http://www.openvas.org/news_archive.html#openvas5
http://www.openvas.org/download.html
Title: Re: Technical
Post by: Asyn on May 18, 2012, 06:17:34 AM
Fraunhofer SIT Study: On the Security of Cloud Storage Services
Providers don't meet security requirements
http://www.sit.fraunhofer.de/en/cloudstudy.html
http://www.sit.fraunhofer.de/content/dam/sit/en/studies/Cloud-Storage-Security_a4.pdf
http://www.sit.fraunhofer.de/content/dam/sit/en/studies/Addendum.pdf
Title: Re: Technical
Post by: Asyn on May 19, 2012, 09:09:07 AM
Worth Reading: Confessions of a botnet operator
http://www.h-online.com/security/news/item/Worth-Reading-Confessions-of-a-botnet-operator-1574453.html
Title: Re: Technical
Post by: Asyn on May 19, 2012, 05:30:15 PM
.secure domains require proof of security
http://www.h-online.com/security/news/item/secure-domains-require-proof-of-security-1577683.html
https://www.artemis.net/who-should-get-secure.html
https://www.artemis.net/ncc-group.html
Title: Re: Technical
Post by: Asyn on May 22, 2012, 05:57:33 PM
Twitter refines tracking, adds Do Not Track support
http://www.h-online.com/security/news/item/Twitter-refines-tracking-adds-Do-Not-Track-support-1579020.html
Title: Re: Technical
Post by: Asyn on May 23, 2012, 11:09:21 AM
A closer look into the RSA SecureID software token
http://www.sensepost.com/blog/7045.html
http://arstechnica.com/security/2012/05/rsa-securid-software-token-cloning-attack/
Title: Re: Technical
Post by: Asyn on May 24, 2012, 09:42:24 AM
Big Brother (SpyEye films you)
https://www.securelist.com/en/blog/208193513/Big_Brother
Title: Re: Technical
Post by: Asyn on May 25, 2012, 10:22:52 AM
A Tale of Two Pwnies (Part 1)
http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html
Title: Re: Technical
Post by: Asyn on May 26, 2012, 08:46:31 PM
Off-Path TCP Sequence Number Inference Attack, enabled by Sequence-Number-Checking Firewall Middleboxes
http://web.eecs.umich.edu/~zhiyunq/tcp_sequence_number_inference/
http://web.eecs.umich.edu/~zhiyunq/pub/oakland12_TCP_sequence_number_inference.pdf
http://arstechnica.com/security/2012/05/smartphone-hijacking-on-att-47-other-carriers/
Title: Re: Technical
Post by: Asyn on May 27, 2012, 02:21:13 PM
McAfee Q1 Threats Report Finds Significant Malware Increase Across All Platforms
http://www.mcafee.com/us/about/news/2012/q2/20120523-01.aspx
http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2012.pdf
Title: Re: Technical
Post by: Asyn on May 27, 2012, 10:01:32 PM
Android Malware Genome Project launched
http://www.h-online.com/security/news/item/Android-Malware-Genome-Project-launched-1583915.html
http://web.ncsu.edu/abstract/technology/wms-android-genome/
http://www.csc.ncsu.edu/faculty/jiang/pubs/OAKLAND12.pdf
Title: Re: Technical
Post by: Asyn on May 28, 2012, 10:36:07 AM
The quest to replace passwords
http://www.lightbluetouchpaper.org/2012/05/22/the-quest-to-replace-passwords/
http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-817.html
http://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf
Title: Re: Technical
Post by: Asyn on June 01, 2012, 02:29:12 PM
Say hello to Tinba: World’s smallest trojan-banker
http://www.csis.dk/en/csis/news/3566/
Title: Re: Technical
Post by: Asyn on June 02, 2012, 05:52:39 PM
The science of password guessing
http://www.lightbluetouchpaper.org/2012/05/24/the-science-of-password-guessing/
http://www.cl.cam.ac.uk/~jcb82/doc/B12-IEEESP-analyzing_70M_anonymized_passwords.pdf
Title: Re: Technical
Post by: Asyn on June 03, 2012, 11:53:57 AM
Worth Reading: Apple explains iOS security
http://www.h-online.com/security/news/item/Worth-Reading-Apple-explains-iOS-security-1589183.html
http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf
Title: Re: Technical
Post by: Asyn on June 04, 2012, 12:15:16 PM
Do Not Track: It’s the user’s voice that matters
http://blog.mozilla.org/privacy/2012/05/31/do-not-track-its-the-users-voice-that-matters/
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2012/05/31/advancing-consumer-trust-and-privacy-internet-explorer-in-windows-8.aspx
Title: Re: Technical
Post by: Asyn on June 09, 2012, 06:46:31 PM
Md5crypt Password scrambler is no longer considered safe by author
http://phk.freebsd.dk/sagas/md5crypt_eol.html?highlight=md5#md5crypt-password-scrambler-is-no-longer-considered-safe-by-author
Title: Re: Technical
Post by: Asyn on June 11, 2012, 11:40:00 AM
Simple authentication bypass for MySQL root revealed
http://www.h-online.com/security/news/item/Simple-authentication-bypass-for-MySQL-root-revealed-1614990.html
http://seclists.org/oss-sec/2012/q2/493
https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql
Title: Re: Technical
Post by: Asyn on June 15, 2012, 09:05:08 AM
Ghost USB honeypot released
http://www.honeynet.org/node/871
https://honeynet.org/hpsoc/slot1
http://code.google.com/p/ghost-usb-honeypot/
Title: Re: Technical
Post by: Asyn on June 17, 2012, 08:13:05 AM
Malware Hunting with the Sysinternals Tools
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/SIA302
http://video.ch9.ms/teched/2012/na/SIA302.mp4
http://video.ch9.ms/teched/2012/na/SIA302.wmv
Title: Re: Technical
Post by: Asyn on June 23, 2012, 09:57:04 AM
Why Do Nigerian Scammers Say They are From Nigeria?
http://research.microsoft.com/apps/pubs/default.aspx?id=167713
http://research.microsoft.com/pubs/167713/WhyFromNigeria.pdf
Title: Re: Technical
Post by: Asyn on June 25, 2012, 04:42:00 PM
Bypassing ASLR and DEP on Adobe Reader X
http://esec-lab.sogeti.com/post/Bypassing-ASLR-and-DEP-on-Adobe-Reader-X
Title: Re: Technical
Post by: Asyn on June 28, 2012, 08:34:17 AM
ACAD/Medre.A – 10000′s Of AutoCAD Files Leaked in Suspected Industrial Espionage
http://www.eset.com/about/blog/blog/article/acadmedre-10000s-of-autocad-files-leaked-in-suspected-industrial-espionage/
Title: Re: Technical
Post by: Asyn on June 28, 2012, 03:59:21 PM
The page at accounts.google.com says:
This is the story of how one temporarily made $1566.85 an hour with Google’s vulnerability rewards program
http://www.talesofacoldadmin.com/2012/06/18/the-page-at-accounts-google-com-says/
http://www.slideshare.net/goldshlager19/nir-goldshlager-killing-a-bug-bounty-program-twice-hack-in-the-box-2012
Title: Re: Technical
Post by: Asyn on July 01, 2012, 01:42:15 PM
Operation High Roller: online banking fraud on a grand scale
http://www.h-online.com/security/news/item/Operation-High-Roller-online-banking-fraud-on-a-grand-scale-1626663.html
http://www.mcafee.com/us/resources/reports/rp-operation-high-roller.pdf
Title: Re: Technical
Post by: Asyn on July 04, 2012, 12:12:08 PM
John the Ripper 1.7.9-jumbo-6
http://www.openwall.com/lists/john-users/2012/06/29/1
http://www.openwall.com/john/
Title: Re: Technical
Post by: Asyn on July 07, 2012, 07:17:04 PM
Source code for the Zemra crimeware bot released
http://www.h-online.com/security/news/item/Source-code-for-the-Zemra-crimeware-bot-released-1631420.html
http://www.symantec.com/connect/blogs/ddos-attacks-zemra-bot
Title: Re: Technical
Post by: Asyn on July 08, 2012, 01:06:10 PM
Trojan.Milicenso: Infection through .htaccess Redirection
http://www.symantec.com/connect/blogs/trojanmilicenso-infection-through-htaccess-redirection
http://www.symantec.com/connect/blogs/trojanmilicenso-paper-salesman-s-dream-come-true
Title: Re: Technical
Post by: Asyn on July 10, 2012, 10:08:33 AM
Operation High Roller: online banking fraud on a grand scale
http://www.h-online.com/security/news/item/Operation-High-Roller-online-banking-fraud-on-a-grand-scale-1626663.html
http://www.mcafee.com/us/resources/reports/rp-operation-high-roller.pdf

“High Roller” online bank robberies reveal security gaps
http://www.enisa.europa.eu/media/press-releases/eu-cyber-security-agency-enisa-201chigh-roller201d-online-bank-robberies-reveal-security-gaps
Title: Re: Technical
Post by: Asyn on July 18, 2012, 12:18:45 PM
Android Security Overview
http://source.android.com/tech/security/
Title: Re: Technical
Post by: Asyn on July 20, 2012, 12:31:08 PM
Exploit Mitigations in Android Jelly Bean 4.1
https://blog.duosecurity.com/2012/07/exploit-mitigations-in-android-jelly-bean-4-1/
Title: Re: Technical
Post by: Asyn on July 21, 2012, 05:59:21 PM
Researchers criticise the iPhone's PIN storing practice
http://www.h-online.com/security/news/item/Researchers-criticise-the-iPhone-s-PIN-storing-practice-1644874.html
http://sit.sit.fraunhofer.de/studies/en/sc-iphone-passwords-faq.pdf
Title: Re: Technical
Post by: pamelaoakes on July 21, 2012, 06:23:43 PM
when i updated my license tha is to expire next month i never got my new license/ how do i  fiud it so i can insert it
Title: Re: Technical
Post by: Asyn on July 21, 2012, 06:28:28 PM
when i updated my license tha is to expire next month i never got my new license/ how do i  fiud it so i can insert it

Sorry, but you're OT here. ;)
Click this link to open a new topic in the right section: http://forum.avast.com/index.php?action=post;board=2.0
Thanks.
Title: Re: Technical
Post by: Asyn on July 22, 2012, 10:31:27 AM
Grum, World's Third-Largest Botnet, Knocked Down
http://blog.fireeye.com/research/2012/07/grum-botnet-no-longer-safe-havens.html
http://blog.fireeye.com/research/2012/07/grum-cncs-just-a-few-more-to-go.html
http://blog.fireeye.com/research/2012/07/killing-the-beast-part-5.html
Title: Re: Technical
Post by: Asyn on July 23, 2012, 11:01:59 AM
Nominations for Pwnie Awards 2012
http://pwnies.com/nominations/
Title: Re: Technical
Post by: Asyn on July 25, 2012, 09:38:35 AM
VirusTotal += Behavioural Information
http://blog.virustotal.com/2012/07/virustotal-behavioural-information.html
Title: Re: Technical
Post by: Asyn on July 28, 2012, 10:01:06 PM
Web Application Attack Report For The Second Quarter of 2012
http://www.firehost.com/company/newsroom/web-application-attack-report-second-quarter-2012
Title: Re: Technical
Post by: Asyn on August 01, 2012, 01:51:40 PM
My Arduino can beat up your hotel room lock
http://demoseen.com/bhpaper.html
Title: Re: Technical
Post by: Asyn on August 02, 2012, 11:51:39 AM
From Bahrain With Love: FinFisher’s Spy Kit Exposed?
https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/3/
https://citizenlab.org/wp-content/uploads/2012/07/09-2012-frombahrainwithlove.pdf
Title: Re: Technical
Post by: Asyn on August 05, 2012, 02:31:58 PM
EFI rootkit for Macs demonstrated
http://www.h-online.com/security/news/item/EFI-rootkit-for-Macs-demonstrated-1655108.html
http://ho.ax/De_Mysteriis_Dom_Jobsivs_Black_Hat_Paper.pdf
Title: Re: Technical
Post by: Asyn on August 06, 2012, 08:35:03 AM
Technical Analysis of the Top BlueHat Prize Submissions
http://blogs.technet.com/b/srd/archive/2012/07/26/technical-analysis-of-the-top-bluehat-prize-submissions.aspx
Title: Re: Technical
Post by: Asyn on August 11, 2012, 08:07:05 PM
Attack Surface Analyzer 1.0 Released
http://blogs.msdn.com/b/sdl/archive/2012/08/02/attack-surface-analyzer-1-0-released.aspx
http://www.microsoft.com/en-us/download/details.aspx?id=24487
Title: Re: Technical
Post by: Asyn on August 12, 2012, 02:36:12 PM
How Apple and Amazon Security Flaws Led to My Epic Hacking
http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/
Title: Re: Technical
Post by: Asyn on August 13, 2012, 05:55:55 PM
New Burp Proxy cracks Android SSL
http://www.h-online.com/security/news/item/New-Burp-Proxy-cracks-Android-SSL-1663112.html
http://releases.portswigger.net/2012/08/v1412.html
http://portswigger.net/burp/download.html
Title: Re: Technical
Post by: Asyn on August 14, 2012, 12:35:09 PM
Locating the Source of Diffusion in Large-Scale Networks
http://www.pedropinto.org.s3.amazonaws.com/publications/locating_source_diffusion_networks.pdf
Title: Re: Technical
Post by: Asyn on August 15, 2012, 11:59:38 AM
The Mystery of the Encrypted Gauss Payload
http://www.securelist.com/en/blog/208193781/The_Mystery_of_the_Encrypted_Gauss_Payload
Title: Re: Technical
Post by: CharleyO on August 16, 2012, 08:33:48 PM
***

webOS GBU to become quasi-independent cloud and UX company: meet GRAM

Quote
If you've been wondering where HP's webOS Global Business Unit was going under the leadership of HP Chief of Staff Martin Risau, you're not alone. For a while now we've been wondering what the next steps would be for the webOS group after finishing out the roadmap to Open webOS 1.0 next month. Coming soon will be a new page in the saga of Palm, with a new rebranding and product focus as GRAM.


Read more at :
http://www.webosnation.com/webos-gbu-become-quasi-independent-company-focused-user-experience-and-cloud-meet-gram


***
Title: Re: Technical
Post by: CharleyO on August 16, 2012, 09:13:36 PM
***

HP Says Its Windows 8 Tablet Will Include 'Unique' Technology

Quote
Despite last year's epic failure of the TouchPad, Hewlett-Packard still believes it can knock Apple's iPad off its lofty perch in the enterprise tablet market.

 HP has been teasing its forthcoming Windows 8 tablet in television commercials and will have more information to share about the device "pretty soon," said John Solomon, senior vice president of Americas sales for HP's printing and personal systems division, in an interview last week.

 "We will be very focused on the commercial tablet opportunity, which is completely under penetrated. And, we have some unique intellectual property that we're going to apply," Solomon told CRN.

Solomon declined to elaborate on the unique technology HP's Windows 8 tablet will contain, but he did paint it as a product that is tailor-made for the channel. Judging from his characterization, it appears that HP will target vertical markets in its initial Windows 8 tablet push.


Read more at :
http://www.crn.com/news/mobility/240005447/hp-says-its-windows-8-tablet-will-include-unique-technology.htm?cid=crnbuzz


***
Title: Re: Technical
Post by: CharleyO on August 17, 2012, 09:27:17 PM
***

Microsoft Visual Studio 2012, .NET 4.5 Released to the Web

Quote
Visual Studio 2012 and .NET 4.5 are the tools that form the backbone for developing on Windows 8, and Microsoft has released them more than two months ahead of the Oct. 26 planned release of Windows 8 to give developers a head start on building apps for the platform.

Jason Zander, Microsoft’s vice president of Visual Studio, said MSDN subscribers can download Visual Studio 2012 immediately at the MSDN Subscriber Download Page, and volume licensing customers will be able to download starting Aug. 16 from the Volume Licensing Service Center.

Developers also will be able to find Visual Studio in stores in the next month or so, as well as some availability to purchase it through the Visual Studio product Website in the next few days, Zander said. Moreover, to evaluate the free trial versions or download Microsoft’s free Express products, developers can go to the Visual Studio product Website.


Read more at :
http://www.eweek.com/c/a/Application-Development/Microsoft-Visual-Studio-2012-NET-45-Released-to-the-Web-222177/?kc=EWKNLEDP08172012B


***
Title: Re: Technical
Post by: Asyn on August 21, 2012, 02:45:15 PM
Microsoft's security software modifies HOSTS file
http://www.h-online.com/security/news/item/Microsoft-s-security-software-modifies-HOSTS-file-1670927.html
Title: Re: Technical
Post by: DavidR on August 21, 2012, 03:26:15 PM
Me, that is what I hate about MS, its autocratic attitude that it knows best. Yet again Windows Defender sticks it nose in. I was really hacked off when I found that I could only disable this piece of cr4p and not completely uninstall it in win7.
Title: Re: Technical
Post by: Lisandro on August 21, 2012, 04:02:47 PM
autocratic attitude
+1
It's NOT security related.
Title: Re: Technical
Post by: DavidR on August 21, 2012, 04:12:57 PM
autocratic attitude
+1
It's NOT security related.

Well technically it is security related, as not only can it be used legitimately to block access to sites you don't want to visit and doubleclick would be one of those (that MS removes). It can also be used illegally by redirecting a legit site to a malicious one.

But me, I would rather look after my own security and I don't even use the hosts file for that (AdBlockPlus, RequestPolicy and Firewall rather than the hosts file). It doesn't stop me getting angry about the autocratic attitude and actions though.
Title: Re: Technical
Post by: Asyn on August 22, 2012, 07:50:41 AM
Me, that is what I hate about MS, its autocratic attitude that it knows best. Yet again Windows Defender sticks it nose in.

Dave, I couldn't agree with you more.
Title: Re: Technical
Post by: Asyn on August 22, 2012, 01:39:10 PM
FF: Exposing add-on objects to content safely
https://blog.mozilla.org/addons/2012/08/20/exposing-objects-to-content-safely/
Title: Re: Technical
Post by: CharleyO on August 23, 2012, 04:49:41 AM
***

Foxconn improves worker conditions 'ahead of schedule'

Quote
Foxconn, Apple's main manufacturer in China, has taken steps to improve working hours and conditions, said the US-based Fair Labor Association (FLA).

Health breaks and measures to guard against repetitive stress injury were some of the changes the FLA found after an inspection.

The report said Foxconn was ahead of schedule in implementing the FLA's recommendations.


Foxconn also produces motherboards for PCs.

Read more at :
http://www.bbc.co.uk/news/business-19340128


***
Title: Re: Technical
Post by: CharleyO on August 24, 2012, 03:47:49 AM
***

Inside Intellectual Ventures, the most hated company in tech

Quote
Nathan Myhrvold and other executives at the controversial company say critics simply don't understand what they're doing. CNET went behind the scenes to understand what 40,000 patents and an unapologetic plan to make money from them really means.

To many in the high-tech business, a troll plots his schemes in a white office building on a hill in this leafy suburb of Seattle.

This is the home of Intellectual Ventures, which, depending on whom you ask, is either the biggest, most aggressive patent troll on the planet or a pioneering company that's helping inventors get their fair share.


Read more at :
http://news.cnet.com/8301-13578_3-57496641-38/inside-intellectual-ventures-the-most-hated-company-in-tech/


***
Title: Re: Technical
Post by: Asyn on August 26, 2012, 10:09:42 AM
Security Analysis and Decryption of Lion Full Disk Encryption
http://eprint.iacr.org/2012/374.pdf
Title: Re: Technical
Post by: Pondus on August 26, 2012, 09:11:19 PM
this may have been posted already ?

Firefox OS for mobile    http://www.mozilla.org/en-US/b2g/
Title: Re: Technical
Post by: Pondus on August 26, 2012, 09:13:25 PM
Microsoft analyzes over a million PC failures, results shatter enthusiast myths
http://www.extremetech.com/gaming/131739-microsoft-analyzes-over-a-million-pc-failures-results-shatter-enthusiast-myths
Title: Re: Technical
Post by: Asyn on August 27, 2012, 01:27:21 PM
Java 7 0-Day vulnerability information and mitigation
http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html
Title: Re: Technical
Post by: CharleyO on August 28, 2012, 01:58:17 AM
***

Inside Huawei, the Chinese tech giant that's rattling nerves in DC

Quote
Chen Lifang is a board member and senior vice president at Huawei, the giant telecommunications gear maker based here. She's digesting news that broke a day earlier that the U.S. House Intelligence Committee has increased the pressure it's putting on the company to disclose details about its ties to the Chinese government. The bombshell came in the form of a letter, released to the media, from the committee's chairman and the ranking Democrat to Huawei founder and Chairman Ren Zhengfei.

Really, the letter was more of an 11-page laundry list of accusations, wrapped around questions about everything from funding the company has allegedly received from the Chinese government to queries about how board members got their posts. In the letter, Congressmen Mike Rogers (R-Mich.) and C.A. Dutch Ruppersberger (D-Md.) said they were investigating "the threat posed to our critical infrastructure and counter-intelligence posture by companies with potential ties to the Chinese government."

In June and July, CNET visited Huawei's headquarters here, as well as its giant research and development operation in Shanghai and a research facility in Santa Clara, Calif. Huawei provided an in-depth look a company that's a rare breed -- a Chinese tech giant that's not merely cheap, outsourced manufacturing for Western electronics customers.

 Huawei is the second largest telecommunications equipment maker in the world, behind only Sweden's Ericsson. It generated $32 billion in revenue last year, selling its networking technology to such global giants as Vodafone, Bell Canada and Telekom Malaysia, though only smaller U.S. carriers Leap and Clearwire use the company's gear. Huawei's heft has allowed it to pour resources into adjacent markets, such as mobile handset development and data center technology that's already paying off with new customers and billions more in revenue. This (past) winter's Mobile World Congress in Barcelona was something of a coming out party for Huawei's consumer business, where it unveiled what it claims is the world's fastest mobile phone, the Ascend D Quad.


See & read more at :
http://news.cnet.com/8301-1035_3-57484472-94/inside-huawei-the-chinese-tech-giant-thats-rattling-nerves-in-dc/


***
Title: Re: Technical
Post by: Asyn on August 28, 2012, 09:57:53 AM
Dropbox tests two-factor authentication
http://www.h-online.com/security/news/item/Dropbox-tests-two-factor-authentication-1676276.html
Title: Re: Technical
Post by: CharleyO on August 30, 2012, 02:42:04 AM
***

Motorola will unveil Intel-powered smartphone on September 18th in London

Quote
Earlier in the year, Motorola announced a partnership with Intel in which they would utilize their chips for select smartphones. We haven’t heard a peep until now. Motorola is sending out invites for an event in London on September 18th.


See & read more at :
http://www.talkandroid.com/129983-motorola-will-unveil-intel-powered-smartphone-on-september-18th-in-london/

I posted this in Technical as it is unusual for Intel chips to be in smart phones these days ... a technical oddity.
And who owns Motorola these days? It's Google.


***
Title: Re: Technical
Post by: CharleyO on August 30, 2012, 02:58:44 AM
***

AMD Targets Servers, Virtualization With New FirePro GPUs

Quote
What AMD is referring to as its most powerful dual- and single-slot server graphics cards to date, the new S9000 and S7000 are said to reduce server power consumption by up to 95 percent at idle, yielding overall data center cost savings and more efficient management for compute-intensive workloads, such as those demanded of computer-aided design (CAD) and media and entertainment apps.


Read more at :
http://www.crn.com/news/components-peripherals/240006416/amd-targets-servers-virtualization-with-new-firepro-gpus.htm?cid=nl_crn


***
Title: Re: Technical
Post by: CharleyO on August 30, 2012, 03:07:08 AM
***

VMware Unveils Bundle For Managing Mobile Desktops, Devices

Quote
A day after unveiling a cloud infrastructure bundle, VMware on Tuesday unveiled a bundle that aims to solve thorny IT issues arising from the flooding of personal devices into the workplace.

 VMware's Horizon Suite, currently in alpha and slated to enter beta by the end of the year, lets IT departments manage and set policies for the data and apps that end users access from notebooks, tablets and smartphones while they're outside the firewall. Using a Web console, IT managers can build a service catalog for all of its data and applications.

Horizon Suite can now manage Android and iOS apps, and it can also keep personal and corporate apps separated on a device. IT can set policies for corporate data, preventing corporate data from being copied onto the personal side.


Read more at :
http://www.crn.com/news/mobility/240006421/vmworld-vmware-unveils-bundle-for-managing-mobile-desktops-devices.htm?cid=nl_crn


***
Title: Re: Technical
Post by: CharleyO on August 30, 2012, 08:38:28 PM
***

The 30 Hottest Tech Releases In August

Tech Releases Continue To Heat Up

Quote
From high-profile releases, including the Samsung Galaxy Note 10.1 and the latest version of Apple's Mac OS X, to more niche plays such as AMD's new FirePro APUs and Toshiba's PX-series SSDs, there was something for everyone.

 For solution providers, identifying the potential for new business opportunities that accompany releases can be the key to getting ahead of the curve in various market trends


See & read more at :
http://www.crn.com/slide-shows/channel-programs/240006441/the-30-hottest-tech-releases-in-august.htm?pgno=1


***
Title: Re: Technical
Post by: CharleyO on August 31, 2012, 06:07:56 PM
***

Multi-screen mania: how our devices work together

Quote
It turns out that 90 percent of people move between devices to accomplish a task, with virtually all of those people completing their task in one day. The most popular starting point is the smartphone, which is used to gather information, shop online and engage in social networking. In most cases, the tasks are continued on a PC though tablets are also becoming a popular option for continuing social networking and watching videos. Shopping, for example, is a popular task, with 67 percent of respondents moving from screen to screen to complete a purchase.


Read more at :
http://gigaom.com/2012/08/29/multi-screen-mania-how-our-devices-work-together/


***
Title: Re: Technical
Post by: CharleyO on August 31, 2012, 09:36:46 PM
***

The pros and cons of cloud storage

Quote
Storage requirements are growing exponentially and, as a result, companies are looking for alternatives to traditional tape-based solutions. The cloud can provide a cost-effective storage alternative, but it may not be the right solution for every case.


Read more at :
http://www.continuitycentral.com/feature0998.html


***
Title: Re: Technical
Post by: CharleyO on August 31, 2012, 09:52:22 PM
***

Most Americans Confused By Cloud Computing According to National Survey

Quote
The survey of more than 1,000 American adults was conducted in August 2012 by Wakefield Research and shows that while the cloud is widely used, it is still misunderstood. For example, 51 percent of respondents, including a majority of Millennials, believe stormy weather can interfere with cloud computing. Nearly one third see the cloud as a thing of the future, yet 97 percent are actually using cloud services today via online shopping, banking, social networking and file sharing. Despite this confusion, three in five (59 percent) believe the “workplace of the future” will exist entirely in the cloud, which indicates people feel it’s time to figure out the cloud or risk being left behind in their professional lives.


Read much more at :
http://www.citrix.com/English/NE/news/news.asp?newsID=2328309


***
Title: Re: Technical
Post by: CharleyO on September 01, 2012, 07:25:01 PM
***

HP Targets Apple IT Consumerization With Windows 8 Blitz

Quote
Hewlett-Packard (NYSE:HPQ) is poised to mount a massive product and sales offensive around Windows 8 aimed at taking the wind out of rival Apple (NSDQ:AAPL)’s momentum, which is being driven in large part by the consumerization of IT.

 This fall, HP will launch a massive product and channel sales offensive around Windows 8 aimed at challenging Apple on a number of fronts, HP Director of Americas Channel Marketing Matt Smith told CRN Tuesday.


Read more at :
http://www.crn.com/news/applications-os/240005925/hp-targets-apple-it-consumerization-with-windows-8-blitz.htm


***
Title: Re: Technical
Post by: CharleyO on September 07, 2012, 12:26:24 AM
***

Amazon refreshes Kindles, including cheaper Fire

Quote
Amazon.com Inc. refreshed its Kindle line of gadgets on Thursday. It updated its Kindle Fire tablet computer and announced new stand-alone e-reader models. The Fire will be an effort to take a larger share of a tablet computer market dominated by Apple's iPad. It could help Amazon boost sales of digital goods such as e-books and movies.

Consumer electronics makers are trying to generate interest in their products now, before Apple announces a new iPhone and possibly a mini iPad next week.


Read more at :
http://my.earthlink.net/article/tec?guid=20120906/86c84e1f-75dc-4b0a-bd75-37882cd82e98


***
Title: Re: Technical
Post by: CharleyO on September 07, 2012, 09:40:07 PM
***

Microsoft’s September Patch Tuesday Easy; October, Not So Much

Quote
Page 1
September's Microsoft Patch Tuesday preview is shaping up to be a fairly simple one with only two bulletins in a list that is usually much longer. Both are rated as "important" and relate to privilege escalation vulnerabilities, which usually imply that the attacker already has some malware on the system in order to conduct the exploit.

Page 2
While the September Patch Tuesday is being characterized as a "walk in the park," the upcoming October counterpart is likely to be a completely different story.


Read more at :
http://www.crn.com/news/security/240006892/microsoft-8217-s-september-patch-tuesday-easy-october-not-so-much.htm?cid=nl_sec


***
Title: Re: Technical
Post by: CharleyO on September 07, 2012, 10:07:14 PM
***

Microsoft Bing to Google: Our Search Is Better Than Your Search

Quote
Microsoft is asking millions of Web searchers to break their longtime Google search habits and give the software giant's Bing search engine a new try in a catchy "Bing It On Challenge" that is aimed at growing Bing's market share in the search wars.

The "Bing It On" campaign was born out of a recent search study commissioned by Microsoft that looked at user opinions on the search engines they were using and the accuracy of the results they were getting, according to a post by Mike Nichols, chief marketing officer for Bing, on the Bing Search Blog.


Read both pages at :
http://www.eweek.com/c/a/Search-Engines/Microsoft-Bing-to-Google-Our-Search-Is-Better-Than-Your-Search-148401/?kc=EWKNLEDP09072012B

( After a year of using both search engines, I have to agree in that Bing gives me results that are more of what I'm looking for with less of the 'crap' results I get in Google which have almost nothing, and in many cases, nothing  at all to do with what I'm looking for.)


***
Title: Re: Technical
Post by: CharleyO on September 09, 2012, 01:38:08 AM
***

Lexmark To Lay Off 1,700 & Exits Inkjet Business

Quote
Lexmark International plans to lay off 1,700 people and exit the inkjet printer business, part of a major restructuring for the Lexington, Ky.-based company.

 The company said it will continue to service and support its existing inkjet customer base.


Read more at :
http://www.crn.com/news/components-peripherals/240006338/lexmark-to-lay-off-1-700-exits-inkjet-business.htm


***
Title: Re: Technical
Post by: CraigB on September 09, 2012, 08:46:05 AM

( After a year of using both search engines, I have to agree in that Bing gives me results that are more of what I'm looking for with less of the 'crap' results I get in Google which have almost nothing, and in many cases, nothing  at all to do with what I'm looking for.)

Totally agree, iv converted myself plus all my friends and family over to Bing these days and it's a much better search engine, i really dont touch anything that google ( not even android devices ) :)
Title: Re: Technical
Post by: Jesant13 on September 10, 2012, 01:15:14 AM
According to PCWorld, Google bought VirusTotal. They said that VirusTotal said it will continue to operate independently of Google. According to PC Magazine, VirusTotal announced the purchase in a blog post on Friday. They also said that VirusTotal said that the two companies had been partners for some time.
Title: Re: Technical
Post by: bob3160 on September 10, 2012, 01:32:15 AM
http://www.pcworld.com/article/262047/google_buys_browserbased_malware_scanner_virustotal.html (http://www.pcworld.com/article/262047/google_buys_browserbased_malware_scanner_virustotal.html)
Title: Re: Technical
Post by: bob3160 on September 10, 2012, 09:52:05 PM
GoDaddy suffers major outage (http://www.geek.com/articles/geek-cetera/godaddy-suffers-major-outage-20120910/)
Title: Re: Technical
Post by: CharleyO on September 12, 2012, 02:25:57 AM
***

Intel Dabbles In Science Fiction

Quote
Computers that simply do the sames things faster and faster are becoming boring. Been there, done that. But a device that can detect and interpret your emotions? Or intelligently organize a meeting, knowing that one of the participants is jogging at the time? That’s a more interesting proposition. Intel, perhaps surprisingly, is working on both.


Read more at :
http://www.readwriteweb.com/enterprise/2012/09/intel-dabbles-in-science-fiction.php


***
Title: Re: Technical
Post by: CharleyO on September 12, 2012, 08:14:39 PM
***

Public, Private Cloud Markets Set to Soar as Enterprise Adoption Grows


Quote
With enterprises continuing to adopt cloud computing, analysts see continued growth in both public and private cloud investment—with worldwide spending on public IT cloud services set to exceed $40 billion in 2012 and reach nearly $100 billion by 2016, according to IDC.

The research firm forecasts that from 2012 to 2016, public IT cloud services will see gains at a compound annual growth rate (CAGR) of 26.4 percent—five times that of the IT industry overall, as companies accelerate their shift to the cloud services model for IT consumption.


Read more at :
http://www.eweek.com/c/a/Cloud-Computing/Public-Private-Cloud-Markets-Set-to-Soar-as-Enterprise-Adoption-Grows-586161/?kc=EWKNLEDP09122012E


***
Title: Re: Technical
Post by: CharleyO on September 12, 2012, 08:44:18 PM
***

GoDaddy: Outage Caused By Network Failure, Not Anonymous Hack

Quote
Web hosting and email services company GoDaddy said Tuesday the outage that disrupted its operations for several hours Monday was caused by a networking issue and not by an attack from Anonymous, as the hacker group claimed.

 GoDaddy experienced intermittent service interruptions from 10 a.m. PST to 4 p.m. PST Monday, affecting an undetermined number of its 10.5 million customers.  Scott Wagner, CEO of GoDaddy, issued a statement Tuesday, denying the outage was caused by an outside attack and apologizing for the event.

"The service outage was not caused by external influences," Wagner said in a statement posted on GoDaddy's website. "It was not a 'hack' and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables."

 Wagner said customer data was not at risk. "We have let our customers down and we know it," he said.


Read more at :
http://www.crn.com/news/networking/240007163/godaddy-outage-caused-by-network-failure-not-anonymous-hack.htm?cid=nl_crn&elq=ecadb80cf8844f0a9d2076808386f115&elqCampaignId=


***
Title: Re: Technical
Post by: wayneking on September 13, 2012, 04:41:35 PM
well, I have to type my message all over again because the verification I typed in didn't work and it deleted my message rather than hold it and ask for another code. Thanks jerks.

This is the worst security company I have dealt with and I will never pay for another round. My avast service was deleted from my computer and it is HELL trying to get it back. I am not a technical user and their system is not user friendly. So I lost my money just like my friend who bought the security system but it would not load and it was impossible to get help from avast. So they just kept her money. No wonder avast has been hacked so many times. Obviously from users they have cheated. Does 'crooked company' ring a bell?
Title: Re: Technical
Post by: DavidR on September 13, 2012, 04:54:20 PM
Well I guess you haven't come for help or you would have asked.

If you want help - Please start a New Topic of your own here http://forum.avast.com/index.php?board=2.0 (http://forum.avast.com/index.php?board=2.0) (click the New topic button at the top of the page) as this is unrelated and will just confuse the topic and we will try to help.

If it is virus related then start a new topic, here http://forum.avast.com/index.php?board=4.0 (http://forum.avast.com/index.php?board=4.0) in the viruses and worms forum.

If you are within the first 30 days there is nothing to stop you asking for a refund at sales (at) avast (dot) com. Avast aren't crooks.
Title: Re: Technical
Post by: CharleyO on September 14, 2012, 12:39:12 AM
***

Neither did you tell us where you & your friend got your copies of Avast from.

Did both of you get them from some other site rather than from the official Avast site?

And, as David mentioned above, this is the wrong thread in which to be posting this subject.


***
Title: Re: Technical
Post by: CharleyO on September 14, 2012, 09:44:13 PM
***

GoDaddy Offers Users One-Month Credit Following Outage


Quote
Website hoster and email service provider GoDaddy says it will give customers a free month of service following an outage that took the company offline for six hours Monday.

 The credit will be applicable for each website owned by a customer, GoDaddy CEO Scott Wagner wrote in a letter to customers.

 Wagner also apologized for the outage. "We let you down and we know it. We take our responsibilities -- and the trust you place in us -- very seriously," Wagner wrote in the letter, published by The Los Angeles Times. "I can not express how sorry I am to those of you who were inconvenienced."


Read more at :
http://www.crn.com/news/cloud/240007323/godaddy-offers-users-one-month-credit-following-outage.htm?cid=nl_crn&elq=f5bd5135c38a42468180e88b4c3b98ca&elqCampaignId=1165


***
Title: Re: Technical
Post by: CharleyO on September 18, 2012, 02:10:59 AM
***

Coders Behind the Flame Malware Left Incriminating Clues on Control Servers


Quote
The attackers behind the nation-state espionage tool known as Flame accidentally left behind tantalizing clues that provide information about their identities and that suggest the attack began earlier and was more widespread than previously believed.

Researchers have also uncovered evidence that the attackers may have produced at least three other pieces of malware or variants of Flame that are still undiscovered.

The information comes from clues, including four programmers’ nicknames, that the attackers inadvertently left behind on two command-and-control servers they used to communicate with infected machines and steal gigabytes of data from them. The new details about the operation were left behind despite obvious efforts the attackers made to wipe the servers of forensic evidence ......


Read much more at :
http://www.wired.com/threatlevel/2012/09/flame-coders-left-fingerprints


***
Title: Re: Technical
Post by: CharleyO on September 18, 2012, 10:58:48 PM
***

Application Development: Microsoft Visual Studio 2012: 9 Hot New Things for Developers


Quote
Microsoft has formally launched its flagship Visual Studio 2012 tools suite and has already announced an update for the product, Visual Studio 2012 Update 1. At a Sept. 12 launch event in Seattle, Microsoft announced VS2012 before an audience of hundreds of developers in person and thousands more via Webcast. Visual Studio 2012 and .NET 4.5 are the tools that form the backbone for developing not only on Windows 8, but all of Microsoft’s platforms, company officials said. Meanwhile, Microsoft will be delivering VS2012 Update 1 by the end of this year as part of a new strategy to update its developer tools on a more rapid cadence, Microsoft said. “Visual Studio 2012 is the best development tool to enable developers to build ‘modern apps’ for connected devices,” Soma Somasegar, corporate vice president of Microsoft’s developer division, said in an interview with eWEEK. VS2012 supports development on Windows 8, Windows Server, Windows Azure and Windows Phone.


See & read more at :
http://www.eweek.com/c/a/Application-Development/Microsoft-Visual-Studio-2012-9-Hot-New-Things-for-Developers-844879/?kc=EWKNLEDP09182012A


***
Title: Re: Technical
Post by: CharleyO on September 18, 2012, 11:13:21 PM
***

Google Apps Dropping Support for Microsoft Internet Explorer 8


Quote
Google Apps users who are still using Microsoft's older Internet Explorer 8 (IE8) browser won't be able to continue to use Google services starting Nov. 15 until they upgrade to a newer browser.

Google detailed the move in a Sept. 14 post on the Google Apps Blog as part of its continuing strategy to keep its products up to date and working seamlessly with the latest evolving features in newer Web browsers.


Read more at :
http://www.eweek.com/c/a/Search-Engines/Google-Apps-Dropping-Support-for-Microsoft-Internet-Explorer-8-696356/?kc=EWKNLEDP09182012D


***
Title: Re: Technical
Post by: CharleyO on September 18, 2012, 11:19:20 PM
***

iPhone 5 Lightning Dock Could Drive Medical Devices to Bluetooth


Quote
Apple's switch to an 8-pin Lightning dock in the iPhone 5 could push the health care industry toward adopting Bluetooth technology, despite the security risks of wireless technology.

The Apple iPhone 5's smaller dock could lead to a greater transition toward Bluetooth connectivity in medical device peripherals. During Apple’s Sept. 12 announcement, company executives detailed how the new iPhone, iPod Touch and iPod Nano would connect to an eight-pin connector called Lightning instead of a 30-pin connector.

Users of remote medical devices that connect to the iPhone may have to switch to Bluetooth Smart, MobiHealthNews reported. Medical devices that connect to the iPhone include glucometers, heart rate monitors and fitness sensors.


Read more at :
http://www.eweek.com/c/a/Health-Care-IT/iPhone-5-Lightning-Dock-Could-Drive-Medical-Devices-to-Bluetooth-192179/?kc=EWKNLEDP09182012E


***
Title: Re: Technical
Post by: CharleyO on September 22, 2012, 12:12:08 AM
***

Unwired Planet Sues Apple and Google Over Patents


Quote
Unwired Planet today announced that it has filed separate lawsuits against Apple and Google for violating its intellectual property. The company alleges that each company is violating 10 patents, for a total of 20 patent complaints.

The lawsuit against Apple names devices such as the iPhone, iPad, and iPod; applications such as iTunes and the App Store; and services such as Siri, Apple Maps, Safari, and iAd. The patents themselves cover a wide range of technologies, including detecting and connecting to wireless data networks, server-based speech recognition, and offering location data to mobile devices, among others.

In its case against Google, Unwired Planet names a large selection of Google services, such as the Google Play Store, Google AdWords, Google Search, Google Maps, Google Wallet, and many others. The patents it accuses Google of violating incude those that cover providing graphical location data to mobile devices, method and apparatus for protecting identities of mobile devices on a wireless network, and the systems and methods necessary to connect devices via NFC. The lawsuits were file in the U.S. District Court for the District of Nevada.


Read more at :
http://www.phonescoop.com/articles/article.php?a=11187


***
Title: Re: Technical
Post by: CharleyO on September 22, 2012, 12:30:21 AM
***

Benchmarking mobile maps


Quote
For all the needs that begin with a “where” question, we have developed a compelling suite of applications that delivers the best location-based experiences – helping you to discover the world around you and navigate your life. Not only is this possible because the location business is strategic to Nokia, but because these apps are running on the world’s most advanced location platform.

Unlike our competitors, which are financing their location assets  with advertising or licensing mapping content from third parties, we completely own, build and distribute mapping content, platform and apps.

In other words, we truly understand that maps and location-based apps must be accurate, provide the best quality and be accessible basically anywhere. That’s been standard practice at Nokia for the past six years, and we also understand that “pretty” isn’t enough. You expect excellence in your smartphone mapping experience.


See & read much more at :
http://conversations.nokia.com/2012/09/20/benchmarking-mobile-maps/


***
Title: Re: Technical
Post by: CharleyO on September 22, 2012, 12:53:33 AM
***

Phony Facebook application security tests? Say it ain't so, Zuckerberg


Quote
How else can we explain the report from the Federal Trade Commission (FTC) this week that disclosed that, for close to a year, Facebook operated a for-profit application security testing service that was little more than a sham: taking money from hopeful application developers with false promises to vet their creations for security holes. Instead, the FTC concluded, the company banked the money and put a "Facebook Verified App" logo next to the application, without bothering to do any additional auditing of the submitted application. The program, the FTC said, was "false and misleading" -- a hollow show that, all the same, netted Facebook between $50,000 and $95,000 for "verifying" 254 applications between May and December, 2009.

Mind you, at the time the Facebook Verified App program was bilking developers with empty promises of security audits, the then-privately-held company had revenues of around $777 million. In other words: the Verified Apps scam was chump change, revenue wise: about 1/100th of a percent of Facebook's overall revenue. It was small, especially compared to the money Facebook was making selling information on its hundreds of millions of users to advertisers and application developers.


Read more at :
http://news.idg.no/cw/art.cfm?id=1CE06AD9-9EA6-16A5-80F24DABA08016D7


***
Title: Re: Technical
Post by: CharleyO on September 22, 2012, 01:48:23 AM
***

5 things you need to know about cloud in Europe


Quote
Most of what we hear about cloud computing in Europe tends to fixate on the notion that cloud adoption there lags that in the US by one to three years.

That may be generally true, but it’s still a simplistic analysis. Despite the economic mess over there, IDC predicts a 30 percent compound annual growth rate for cloud deployments between 2011 and 2016 compared to an 18.5 percent CAGR for the US during that period. Not too shabby. (The researcher said it is monitoring economic developments in Western Europe  and could adjust its predictions as needed.)

Here’s some of what you need to know about how cloud is rolling out in Europe, gleaned from researchers, vendor executives, and other experts.


Read more at :
http://gigaom.com/cloud/5-things-you-need-to-know-about-cloud-in-europe/


***
Title: Re: Technical
Post by: CharleyO on September 25, 2012, 02:15:44 AM
***

Samsung Unveils 840 Series At Global SSD Summit


Quote
Before an audience of about 70 tech media reporters and editors from around the world, Samsung Electronics Company near its headquarters in Seoul, Korea, Monday unveiled the company's latest series of fast-performing, low cost solid-state drives.

The 840 Series of 2.5-inch, 6-Gbps drives includes models for consumers as well as a Pro line for mobile professionals, enthusiasts and other power users seeking a fast-performing SSD at the lowest possible price.

 The announcement was part of the Samsung Global SSD Summit, a full-day event held at the Shilla hotel in Seoul, where editors were given a chance to work directly with the company to experience the new drives, which are rated to deliver sustained transactional performance of 100,000 input/output operations per second (IOps) for random transactions.


Read more at :
http://www.crn.com/news/mobility/240007799/samsung-unveils-840-series-at-global-ssd-summit.htm?cid=nl_stor&elqTrack=true


***
Title: Re: Technical
Post by: CharleyO on September 25, 2012, 04:27:02 AM
***

IPv6: What You Need to Know About the Move From IPv4


Quote
The Number Resource Organization said the world officially ran out of IPv4 addresses in February 2011, and according to the Internet Society, the reasons for moving to IPv6 vary from community to community. For example, IPv6 will unlock a range of opportunities for network operators in terms of service provision continuity, growth and innovation. In addition, it will result in network management efficiencies and savings. For hardware manufacturers, IPv6 is a key enabler of smart grids, intelligent buildings, sensor networks, and other hardware—and application-dependent innovations.


See & read more at :
http://www.eweek.com/c/a/Enterprise-Networking/IPv6-What-You-Need-to-Know-About-the-Move-From-IPv4-214871/?kc=EWKNLEDP09242012A


***
Title: Re: Technical
Post by: CharleyO on September 26, 2012, 02:25:35 AM
***

Programming, Database Are Top Skills for IT Pros on Wall Street


Quote
If you are looking for a job on Wall Street, IT skills are the way to go, particularly programming and database expertise, according to a recent study conducted by a leading career site network for the financial services industry. eFinancialCareers, a global career site network for professionals working in the investment banking, asset management and securities industries, recently released its top 10 skills searches on Wall Street, and programming and databases skills come out on top.


See & read more at :
http://www.eweek.com/developer/slideshows/programming-database-are-top-skills-for-it-pros-on-wall-street/?kc=EWKNLEDP09252012A


***
Title: Re: Technical
Post by: CharleyO on September 26, 2012, 09:08:11 PM
***

5 Ways Cloud Computing is Disrupting Everyone's Job


Quote
Ironically, as cloud sweeps through with new ways of running businesses, we’ll be calling it “cloud” less and less. It will simply be the way information is delivered and processed, without the need to think whether it comes from an outside service or from internal systems.  Here are five key ways cloud computing is reshaping the way business is conducted:


Read more at :
http://www.forbes.com/sites/joemckendrick/2012/09/25/5-ways-cloud-computing-is-disrupting-everyones-job/


***
Title: Re: Technical
Post by: CharleyO on September 26, 2012, 09:32:43 PM
***

The 10 Most Disruptive Enterprise Tech Companies


Quote
Enterprise technology is in the middle of a massive transformation caused by major technological shifts:

- Mobile cell phone networks are getting faster.
- Cloud computing has put unlimited computing power into the hands of everyone at very low costs.
- Software-as-a-service has become a safe and reliable alternative to on-premises software.
- Social networking is changing how companies interact with each other and customers.
- Employees are more tech savvy, bringing their own devices to work and supplementing enterprise software with their own hand-picked cloud-based services.

All of that means that there's an enormous opportunity for tech companies to disrupt the status quo.


See & read much more at :
http://www.businessinsider.com/10-disruptive-enterprise-tech-companies-2012-9?op=1


***
Title: Re: Technical
Post by: CharleyO on September 26, 2012, 09:42:03 PM
***

Hitachi unveils glass slivers that store data forever


Quote
TOKYO: As Bob Dylan and the Rolling Stones prove, good music lasts a long time; now Japanese hi-tech giant Hitachi says it can last even longer -- a few hundred million years at least. The company on Monday unveiled a method of storing digital information on slivers of quartz glass that can endure extreme temperatures and hostile conditions without degrading, almost forever.

"The volume of data being created every day is exploding, but in terms of keeping it for later generations, we haven't necessarily improved since the days we inscribed things on stones," Hitachi researcher Kazuyoshi Torii said. "The possibility of losing information may actually have increased," he said, noting the life of digital media currently available -- CDs and hard drives -- is limited to a few decades or a century at most.


Read more at :
http://www.channelnewsasia.com/stories/afp_world_business/view/1227752/1/.html


***
Title: Re: Technical
Post by: Asyn on September 27, 2012, 10:39:52 AM
A death blow for PPTP
http://www.h-online.com/security/features/A-death-blow-for-PPTP-1716768.html
Title: Re: Technical
Post by: CharleyO on September 28, 2012, 07:31:33 AM
***

AMD Targets Intel's i5 Processors With New Trinity APUs


Quote

AMD Thursday lifted the curtain on its latest lineup of accelerated processing units (APUs) for desktops, which the chip maker says are both budget-friendly and capable of outperforming Intel's i5 Core processors.

 Pricing details for AMD's new Trinity-based and quad-core A10-5800K and the A8-5600K chips won't be revealed until Oct. 2, which is when they will be available. But Adam Kozak, desktop product marketing manager at AMD, Sunnyvale, Calif., said they will be targeted primarily at system builders within the entry-level or "mainstream" desktop market.

 "These A series accelerated processors fit within that mainstream segment where our customers are looking at building systems and are looking to prepare these with graphics cards for $100 or less, all the way down to the free graphics that come inside that accelerated processor."


Read more at :
http://www.crn.com/news/components-peripherals/240008051/amd-targets-intels-i5-processors-with-new-trinity-apus.htm?cid=nl_vi


***
Title: Re: Technical
Post by: CharleyO on September 29, 2012, 06:27:31 AM
***

Intel Readies New 'Clover Trail' Atom Processors For Tablet Blitz


Quote

Intel on Thursday revealed new details regarding its upcoming Atom Z2760 processors, code-named "Clover Trail," which are set to usher in the first generation of Intel-powered tablets.

 A dual-core chip specifically designed for Windows 8 tablets and convertible notebooks, the Atom Z2760 can reach processing speeds up to 1.8GHz, arm devices with up to 10 hours of HD video playback and support the latest high-speed 4G wireless networks.


Read more at :
http://www.crn.com/news/components-peripherals/240008101/intel-readies-new-clover-trail-atom-processors-for-tablet-blitz.htm?cid=nl_crn&elqTrack=true


***
Title: Re: Technical
Post by: CharleyO on September 29, 2012, 06:34:43 AM
***

New DDR4 Standards Pave Way Toward Faster, More Efficient PCs


Quote
JEDEC Solid State Technology Association, the group that spearheads standards development for the microelectronics industry, has unveiled a new set of standards for DDR4, the next-generation DRAM memory that will give way to faster and less power-hungry PCs.

 According to JEDEC, the new DDR4 memory will boost the performance of servers, laptops and desktop PCs, allowing for ultra-fast data transfer speeds that weren't possible with existing DRAM technologies like DDR3 and DDR2. Specifically, DDR4 boasts a per-pin data rate of at least 1.6 giga transfers per second -- which was the initial maxed-out speed of DDR3 -- and can reach speeds as high as 3.2 giga transfers per second.

Read more at :
http://www.crn.com/news/components-peripherals/240008092/new-ddr4-standards-pave-way-toward-faster-more-efficient-pcs.htm?cid=nl_crn&elqTrack=true


***
Title: Re: Technical
Post by: Asyn on September 29, 2012, 08:51:06 AM
How to install silently malicious extensions for Firefox
http://research.zscaler.com/2012/09/how-to-install-silently-malicious.html
Title: Re: Technical
Post by: CharleyO on October 03, 2012, 04:42:08 AM
***

Google House Cleaning Efforts Continue

Among the changes, Google users will no longer be able to select their own images to use as personalized backgrounds on Google.com, and Google Storage in Picasa and Drive will be consolidated.


Quote

Google's year-long project to cut out little-used services so the company can focus on its most popular offerings to customers continues with a new round of features that are on the chopping block.

The latest upcoming service cuts includes a myriad of Google ideas that just didn't catch on with enough users, from AdSense for Feeds to Spreadsheet Gadgets to the Places Directory Android app, according to a Sept. 28 post by Yossi Matias, Google's senior engineering director, on the Google Official Blog.

Since June 2011, Google has been paring down services that are not getting enough user traction to make them sustainable.


Read more at :
http://www.eweek.com/search-engines/google-house-cleaning-efforts-continue/?kc=EWKNLEDP10022012E


***
Title: Re: Technical
Post by: CharleyO on October 03, 2012, 07:30:30 AM
***

8 Tech Companies That Had It All And Lost It


Quote
Whether it's mobility, networking or traditional desktop PCs, the tech industry moves pretty quickly. So quickly, in fact, that it can be easy for even the biggest tech giants to fall behind, losing market share and risking being nothing more than a chapter in high-tech history.

Over the past 10 years, tech companies big and small have tasted the sweetness of success, only to have it stolen away by some of their biggest competitors. Here is a recap of some the tech industry's most notable -- and most heart-wrenching -- declines.


See and read more at :
http://www.crn.com/slide-shows/mobility/240008012/8-tech-companies-that-had-it-all-and-lost-it.htm


***
Title: Re: Technical
Post by: Lisandro on October 03, 2012, 02:14:09 PM
See and read more at :
http://www.crn.com/slide-shows/mobility/240008012/8-tech-companies-that-had-it-all-and-lost-it.htm
Hall of failure... Or you update and keep yourself up-to-date, or you can follow the same way...
Title: Re: Technical
Post by: CharleyO on October 03, 2012, 10:35:24 PM
***

GoDaddy To Close Cloud Computing Service


Quote

GoDaddy plans to close its cloud computing business, telling its SMB customers it will try to integrate the business into other services.

 GoDaddy CIO Auguste Goldman issued an email outlining the company's plans:

 "We are focused on SMBs and SMBs don't use our Cloud Server product the way we are offering it now," Goldman wrote in the email that GoDaddy provided to CRN Tuesday. "So, in the weeks ahead, it won't be a stand-alone product in and of itself. However, we plan to continue developing cloud technology into our other hosted products.

 "We will continue to support existing Cloud Server customers in a variety of ways," Goldman added.


Read more at :
http://www.crn.com/news/cloud/240008343/godaddy-to-close-cloud-computing-service.htm?cid=nl_vi&elqTrack=true


***
Title: Re: Technical
Post by: CharleyO on October 05, 2012, 09:42:48 AM
***

Technically Speaking: What DDR4 Memory Means For Computing


Quote

The PC industry hasn't seen an updated memory spec in a while, and it was long past due. That upgrade came last week, as the memory standards group JEDEC revealed that it had published a spec for DDR4 SDRAM, defining "features, functionalities, AC and DC characteristics, packages and ball/signal assignments," that builds on the DDR3 spec, first published in 2007. The DDR4 spec applies to SDRAM devices from 2 GB through 16 GB for x4, x8 and x16 buses. Here's a look at some of the particulars.


See & read more at :
http://www.crn.com/slide-shows/components-peripherals/240008422/technically-speaking-what-ddr4-memory-means-for-computing.htm


***
Title: Re: Technical
Post by: Asyn on October 05, 2012, 06:26:35 PM
The tale of one thousand and one DSL modems
https://www.securelist.com/en/blog/208193852/The_tale_of_one_thousand_and_one_DSL_modems
Title: Re: Technical
Post by: CharleyO on October 10, 2012, 05:07:11 AM
***

Qualcomm Joins AMD, ARM, Samsung on HSA Foundation


Quote

The group is working toward a single architecture spec for chips that run in heterogeneous environments, which leverage both compute and graphics.

Qualcomm is the latest member of the Heterogeneous System Architecture Foundation, joining the likes of Advanced Micro Devices, ARM and Samsung Electronics in creating a single architecture spec for chips that leverage both compute and graphics capabilities.
Other members of the foundation, which was announced in June, include Texas Instruments, Imagination Technologies and MediaTek.


Read more at :
http://www.eweek.com/mobile/qualcomm-joins-amd-arm-samsung-on-hsa-foundation/?kc=EWKNLEDP10082012E


***
Title: Re: Technical
Post by: Asyn on October 11, 2012, 09:34:02 AM
Microsoft Security Intelligence Report (SIR) #13
http://www.microsoft.com/security/sir/default.aspx

http://download.microsoft.com/download/C/1/F/C1F6A2B2-F45F-45F7-B788-32D2CCA48D29/Microsoft_Security_Intelligence_Report_Volume_13_English.pdf
http://download.microsoft.com/download/C/1/F/C1F6A2B2-F45F-45F7-B788-32D2CCA48D29/Microsoft_Security_Intelligence_Report_Volume_13_Key_Findings_Summary_English.pdf
http://download.microsoft.com/download/C/1/F/C1F6A2B2-F45F-45F7-B788-32D2CCA48D29/Microsoft_Security_Intelligence_Report_Volume_13_Worldwide_Threat_Assessment_English.pdf
Title: Re: Technical
Post by: CharleyO on October 13, 2012, 10:06:37 PM
***

US regulators move closer to suing Google


Quote
Federal regulators are moving closer to suing Google over allegations that the company has abused its dominance of Internet search to stifle competition and drive up online advertising prices, news reports said Friday.

Several news outlets reported that staff members at the Federal Trade Commission are preparing to recommend that the agency file an antitrust lawsuit against the search giant. A majority of the five FTC commissioners would have to approve a suit before legal action could proceed.


Read more at :
http://my.earthlink.net/article/tec?guid=20121012/f300f1f5-6381-4170-864c-8684e8549473


***
Title: Re: Technical
Post by: CharleyO on October 16, 2012, 10:49:25 PM
***

HP Shows Why It Remains No. 1 in the World Workstation Market


Quote

Hewlett-Packard's Fort Collins, Colo., facility was built in the mid-'70s when David Packard and Bill Hewlett, both being enthusiastic outdoorsmen, decided they wanted to build a company plant near: a) an excellent engineering school (Colorado State University); and b) one of their favorite hunting, fishing, skiing and vacation places, the Rocky Mountains.

 It has since morphed into the workstation headquarters for the company and thus, the world. HP leads the mobile workstation market worldwide with 41.8 percent share and leads the combined workstation category with 46.2 percent share, according to the Q2'12 IDC Worldwide Workstation Tracker released in August.

At the beginning of the 21st century, four major players manufactured high-end computer workstations: Silicon Graphics, Sun, IBM and HP. Today, HP is the only surviving and thriving workstation vendor of those four. This slide show illustrates a tour of the HP facility taken on Oct. 11, 2012.


See & read more at :
http://www.eweek.com/networking/slideshows/hp-shows-why-it-remains-no.-1-in-the-world-workstation-market/?kc=EWKNLEDP10152012A


***
Title: Re: Technical
Post by: CharleyO on October 16, 2012, 11:30:16 PM
***

10 Hot Technical Skills for 2013


Quote

Are you looking to possibly switch jobs as 2012 winds down and we enter 2013? Or, are you looking to increase your salary by adding a skill to your resume? Well, CyberCoders has a bead on the 10 hottest tech skills for the coming year. CyberCoders is a worldwide recruiting firm that uses technology and experienced recruiters in its passionate pursuit to match great people with great companies.


See & read more at :
http://www.eweek.com/developer/slideshows/json-html5-ios-10-hot-technical-skills-for-2013/?kc=EWKNLEDP10162012A


***
Title: Re: Technical
Post by: CharleyO on October 18, 2012, 08:04:38 PM
***

IT Horror Story: A World Without COBOL


Quote

With Halloween just around the corner, a real-life horror story is all around us, just waiting to be unleashed. We’re referring to our widespread dependence on COBOL, one of our oldest programming languages. Because it was designed to ensure longevity for enterprise applications, COBOL still runs some of the world's most basic and critical applications, but it has been increasingly dismissed as an over-the-hill programming language that today's developers don't want to work with. That presents the possibility that a severe shortage of COBOL programmers could contribute to a doomsday scenario in which many of the critical services we depend on are unavailable. It's the specter of such a disaster that motivated software-maker Micro Focus to develop a visual COBOL tool that lets companies run their COBOL applications on .Net, Java Virtual Machine and the cloud. "COBOL is the most prominent and reliable programming language, designed for today's mission-critical business applications," said Ed Airey, Micro Focus' product manager for COBOL. Here's a look at 12 applications that depend on COBOL—and what might happen in a widespread COBOL crash.


See & read more at :
http://www.baselinemag.com/enterprise-apps/slideshows/it-horror-story-a-world-without-cobol/?kc=EWKNLEDP10182012C


***
Title: Re: Technical
Post by: Asyn on October 20, 2012, 09:36:06 PM
New IPv6 tools from "The Hacker's Choice"
http://www.h-online.com/security/news/item/New-IPv6-tools-from-The-Hacker-s-Choice-1727876.html
http://www.thc.org/thc-ipv6/README
Title: Re: Technical
Post by: Asyn on October 21, 2012, 12:06:45 PM
ENISA Annual Incident Report 2011
http://www.enisa.europa.eu/activities/Resilience-and-CIIP/Incidents-reporting/annual-reports/annual-incident-reports-2011
http://www.enisa.europa.eu/activities/Resilience-and-CIIP/Incidents-reporting/annual-reports/annual-incident-reports-2011/at_download/fullReport
Title: Re: Technical
Post by: Asyn on October 22, 2012, 09:58:27 AM
Steam Browser Protocol Insecurity
http://revuln.com/files/ReVuln_Steam_Browser_Protocol_Insecurity.pdf
Title: Re: Technical
Post by: CharleyO on October 23, 2012, 07:19:11 AM
***

IT Job Market Holds Firm In US


Quote

Given what Americans have endured over the last several years, it's safe to say that any news that isn't particularly bad is actually pretty good. Which is probably the best way to interpret the latest IT jobs availability report from Dice.com, an IT employment career site. The overall number of tech positions has inched up ever so slightly from a year ago, which is obviously better than a decline


See & read more at :
http://www.baselinemag.com/careers/slideshows/it-job-market-holds-firm/?kc=EWKNLEDP10222012C


***
Title: Re: Technical
Post by: Asyn on October 24, 2012, 11:55:10 PM
miniFlame aka SPE: "Elvis and his friends"
http://www.securelist.com/en/blog/763/analysis/204792247/miniFlame_aka_SPE_Elvis_and_his_friends
http://www.securelist.com/en/analysis/204792247/miniFlame_aka_SPE_Elvis_and_his_friends
Title: Re: Technical
Post by: Asyn on October 25, 2012, 05:55:55 PM
The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software.
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
Title: Re: Technical
Post by: CharleyO on October 25, 2012, 08:07:14 PM
***

Smartphones, Tablets, Enterprise Apps Among Top Tech in 2013

Apple, Google and others will battle it out for mobile device market share in 2013, one of Gartner's 10 predicted tech trends for 2013.


Quote

Big data, mobile device battles and the rise of the personal cloud were among the top 10 technologies and trends that will be strategic for most organizations in 2013, research firm Gartner announced  at the ITxpo in Orlando Oct. 23. Gartner Vice President David Cearley noted that while enterprises may not have to adopt and invest in all of the listed technologies, they should make deliberate decisions about how these trends fit in with the organization’s expected needs in the near future.


Read more at :
http://www.eweek.com/mobile/smartphones-tablets-enterprise-apps-among-top-tech-in-2013-gartner/?kc=EWKNLEDP10252012E


***
Title: Re: Technical
Post by: CharleyO on October 27, 2012, 06:41:42 AM
***

Microsoft Windows 8: 10 Things You Need to Know About the OS


Quote

On Oct. 25, Microsoft's Windows 8 operating system finally made its official debut after almost a whole year of different releases, updates and a lot of hype. Beginning Friday, Oct. 26, consumers and businesses worldwide will be able to experience all that Windows 8 has to offer, including a beautiful new user interface and a wide range of applications with the grand opening of the Windows Store. As a result of close work with hardware partners, more than 1,000 certified PCs and tablets, including Microsoft Surface, will be available for the launch of Windows 8—making it one of the largest lineups of PCs ever across the Windows ecosystem.


See & read more at :
http://www.eweek.com/enterprise-apps/slideshows/microsoft-windows-8-10-things-you-need-to-know-about-the-os/?kc=EWKNLEDP10262012A


***
Title: Re: Technical
Post by: CharleyO on October 27, 2012, 07:00:41 AM
***

IT Must Deal With Real-Life Horror Shows


Quote

Slashers, ghosts and zombies ... Oh, my! With an onslaught of hackers, meddlesome internal users and malware-laden applications out there, IT departments may feel as if they’re dealing with a real-life horror show every day. So, with tongue-in-cheek, the folks at Bomgar speculated about which fright films would best represent the most common tech problems.


See & read more at :
http://www.baselinemag.com/security/slideshows/it-must-deal-with-real-life-horror-shows/?kc=EWKNLEDP10262012C


***
Title: Re: Technical
Post by: Asyn on October 28, 2012, 11:47:38 AM
Security researcher experiments with patching Java
http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html
Title: Re: Technical
Post by: bob3160 on October 28, 2012, 02:03:18 PM
Security researcher experiments with patching Java
http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html (http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html)
It's hard to patch a hole when the foundation is so rotten !!!
Title: Re: Technical
Post by: SpeedyPC on October 28, 2012, 02:07:46 PM
Security researcher experiments with patching Java
http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html (http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html)
It's hard to patch a hole when the foundation is so rotten !!!

+1 it true because it starting to smell like a dead corpse see to many lying around in the compound which is not a great job cleaning it up :-\

Edit: link remove sorry
Title: Re: Technical
Post by: bob3160 on October 28, 2012, 02:38:23 PM
Sorry Speedy but that's not exactly what I was talking about and not something to my liking!!!!!  :o
Title: Re: Technical
Post by: SpeedyPC on October 28, 2012, 02:59:36 PM
Sorry Speedy but that's not exactly what I was talking about and not something to my liking!!!!!  :o

Sorry Bob I do understand what you're saying when Java is hard to patch a hole no matter what security companies are involved, when Adam Gowdiak decided to take matters into his own hands by developing a patch for a critical security vulnerability he had discovered in Java. Java starting to smell like a dead corpse see to many lying around in the compound which is not a great job patching up Java, Java will always be a critical security vulnerability.
Title: Re: Technical
Post by: bob3160 on October 28, 2012, 03:01:27 PM
Speedy,
It's the link you posted that I find offensive. :o
Title: Re: Technical
Post by: Asyn on October 29, 2012, 08:38:04 AM
Security researcher experiments with patching Java
http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html (http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html)
It's hard to patch a hole when the foundation is so rotten !!!

Yes, I strongly recommend to uninstall Java, if not unconditionally needed.
Title: Re: Technical
Post by: CharleyO on October 30, 2012, 06:31:20 AM
***

IBM Researchers Making Carbon Nanotube Production a Reality


Carbon nanotubes, the next big thing when it comes to making faster computer chips, are beginning to leave the realm of fantasy and are starting to approach the possibility of commercial production, according to IBM researchers.


Quote

Carbon nanotubes are beginning to head out of the laboratory and into the edges of reality, according to a team of IBM researchers who have been hard at work creating carbon nanotubes that will be the basis for the next generation of computer chips.

The latest breakthrough as scientists continue to refine the handling and construction of the carbon nanotubes is that 10,000 of the tiny structures have been manipulated to fit and operate on a single chip using standard semiconductor processes, according to IBM. This is reportedly the first time that such an accomplishment has been possible.


Read more at :
http://www.eweek.com/it-management/ibm-researchers-making-carbon-nanotube-production-a-reality/


***
Title: Re: Technical
Post by: Asyn on October 31, 2012, 08:53:39 AM
Scary Logins: Worst Passwords of 2012 — and How to Fix Them
http://www.prweb.com/releases/2012/10/prweb10046001.htm
Title: Re: Technical
Post by: CharleyO on November 01, 2012, 06:55:27 AM
***

Microsoft Sued Over Windows 8 Tiles

Microsoft's new Windows 8 tiling feature is being challenged in a patent-infringement lawsuit filed by a Maine-based company that doesn't sell any products or services.

Quote
The lawsuit, filed Oct. 30 by Portland, Maine-based SurfCast, alleges that Microsoft infringes on its U.S. Patent No. 6,724,403 dating back to the 1990s for the "tiling" concepts used in the new Windows 8 operating system that is now being used in PCs, Surface tablets, laptops and smartphones.

"We developed the concept of Tiles in the 1990s, which was ahead of its time," Ovid Santoro, CEO of SurfCast, said in a statement on the company's Website. "Microsoft’s Live Tiles are the centerpiece of Microsoft’s new Operating Systems and are covered by our patent."

Patent-infringement lawsuits, when filed by companies that don't sell their own products or services, typically are referred to as "patent troll" cases involving businesses set up to acquire patents that can later be pursued in legal cases against larger companies with deep pockets.


Read more at :
http://www.eweek.com/enterprise-apps/microsoft-sued-over-windows-8-tiles/


***
Title: Re: Technical
Post by: Asyn on November 01, 2012, 11:10:09 AM
How a Google Headhunter’s E-Mail Unraveled a Massive Net Security Hole
http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread/all/
http://www.kb.cert.org/vuls/id/268267
Title: Re: Technical
Post by: CharleyO on November 03, 2012, 05:46:12 AM
***

  IBM, Cleveland Clinic Put Watson to Work on Medical Training


Quote

IBM's Watson is headed to medical school. IBM and Cleveland Clinic are collaborating to use Watson's deep question-answer technology to help train students on how to come up with proper diagnoses and treatments for patients.

Founded in 1921, Cleveland Clinic is a nonprofit academic medical center that integrates research and education.

Watson's ability to understand natural language and generate hypotheses will help medical professionals make clinical decisions, IBM reported.

IBM researchers and Cleveland clinicians, faculty and medical students will work together to apply Watson's deep question-answer technology to medicine.


Read more at :
http://www.eweek.com/servers/ibm-cleveland-clinic-put-watson-to-work-on-medical-training/


***
Title: Re: Technical
Post by: Asyn on November 03, 2012, 06:06:51 PM
Demystifying Dot NET Reverse Engineering, Part 1: Big Introduction
http://resources.infosecinstitute.com/demystifying-dot-net-reverse-engineering-part-1-big-introduction/

Demystifying dot NET reverse engineering – PART 2: Introducing Byte Patching
http://resources.infosecinstitute.com/dot-net-reverse-engineering-part-2/
Title: Re: Technical
Post by: Asyn on November 05, 2012, 09:55:07 AM
State of Secure Boot detailed
http://www.h-online.com/security/news/item/State-of-Secure-Boot-detailed-1741460.html
http://mjg59.dreamwidth.org/18945.html
http://mjg59.dreamwidth.org/19448.html
Title: Re: Technical
Post by: Asyn on November 06, 2012, 09:25:16 AM
Black Tulip (Report of the investigation into the DigiNotar Certificate Authority breach)
http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2012/08/13/black-tulip-update/black-tulip-update.pdf
Title: Re: Technical
Post by: jalzuma15 on November 07, 2012, 11:54:09 PM
Hi. I need to know how the web shield activer??? my avast indicates service stopped
Title: Re: Technical
Post by: Asyn on November 08, 2012, 05:46:53 AM
Hi. I need to know how the web shield activer??? my avast indicates service stopped

Please ask here: http://forum.avast.com/index.php?board=2.0
Title: Re: Technical
Post by: CharleyO on November 08, 2012, 08:40:41 PM
***

IT Staff and Leaders at Odds Over Job Performance

Quote
There's a considerable difference of opinion between IT professionals and their bosses with respect to employee performance management, according to a recent survey from TEKsystems. Supervisors overlook poor performance for far too long, some IT pros say. And while managers generally do a decent job at clarifying expectations, they fall far short when it comes to evaluating staffers for advancement and aligning individual achievement with company strategies.


See & read more at :
http://www.baselinemag.com/it-management/slideshows/it-staff-and-leaders-at-odds-over-job-performance/?kc=EWKNLEDP11082012C


***
Title: Re: Technical
Post by: Asyn on November 15, 2012, 12:00:46 PM
Smishing Vulnerability in Multiple Android Platforms
http://www.csc.ncsu.edu/faculty/jiang/smishing.html
Title: Re: Technical
Post by: Asyn on November 15, 2012, 03:39:40 PM
Firefox to make life harder for HTTPS snoopers
http://www.h-online.com/security/news/item/Firefox-to-make-life-harder-for-HTTPS-snoopers-1746127.html
https://blog.mozilla.org/security/2012/11/01/preloading-hsts/
Title: Re: Technical
Post by: CharleyO on November 17, 2012, 06:47:45 AM
***

Cray Titan Supercomputer Now the World’s Fastest; IBM's Sequoia No. 2

Quote
IBM's Sequoia supercomputer in June became the first U.S.-based system to reach No. 1 on the Top500 list of the world's fastest supercomputers. Six months later, the system—at Lawrence Livermore Laboratory—was moved to No. 2, displaced by Cray's huge Titan supercomputer, housed at the Oak Ridge National Laboratory in Tennessee. Titan, a massive XK7 system powered by Opteron processors from Advanced Micro Devices and GPU accelerators from Nvidia, hit a performance of 17.59 petaflops—or quadrillions of calculations per second—outdistancing Sequoia's 16.32 petaflops.


See & read more at :
http://www.eweek.com/servers/slideshows/cray-titan-supercomputer-now-the-worlds-fastest-ibms-sequoia-no.-2?kc=EWKNLEDP11142012A


***
Title: Re: Technical
Post by: Charyb on November 18, 2012, 04:22:12 AM
This is interesting. Early launch anti-malware. (downloadable ms word file)

http://msdn.microsoft.com/library/windows/hardware/br259096
Title: Re: Technical
Post by: Asyn on November 18, 2012, 02:09:44 PM
M³AAWG Best Practices for Implementing DKIM To Avoid Key Length Vulnerability
https://www.maawg.org/sites/maawg/files/news/M3AAWG_Key_Implementation_BP-2012-11.pdf
Title: Re: Technical
Post by: Asyn on November 19, 2012, 12:32:11 PM
A critical Analysis of Dropbox Software Security
http://archive.hack.lu/2012/Dropbox%20security.pdf
Title: Re: Technical
Post by: Asyn on November 23, 2012, 10:37:48 AM
HTTP Strict Transport Security becomes Internet Standard
http://www.h-online.com/security/news/item/HTTP-Strict-Transport-Security-becomes-Internet-Standard-1754549.html
Title: Re: Technical
Post by: Asyn on November 26, 2012, 10:02:58 AM
Homeland Security spent $430M on radios its employees don't know how to use
http://arstechnica.com/tech-policy/2012/11/homeland-security-spent-430m-on-radios-its-employees-dont-know-how-to-use/
http://www.oig.dhs.gov/assets/Mgmt/2013/OIG_13-06_Nov12.pdf
Title: Re: Technical
Post by: Asyn on November 29, 2012, 09:37:40 AM
An Overview of Exploit Packs (Update 17) October 12, 2012
http://contagiodump.blogspot.de/2010/06/overview-of-exploit-packs-update.html
Title: Re: Technical
Post by: Asyn on December 02, 2012, 02:08:29 PM
Surveillance software: Gamma Group's offshore companies uncovered
http://www.h-online.com/security/news/item/Surveillance-software-Gamma-Group-s-offshore-companies-uncovered-1759834.html
http://www.guardian.co.uk/uk/2012/nov/28/offshore-company-directors-military-intelligence
http://linuxch.org/poc2012/Tora,%20Devirtualizing%20FinSpy.pdf
Title: Re: Technical
Post by: Asyn on December 04, 2012, 01:03:15 PM
The Email that Hacks You
http://www.acunetix.com/blog/web-security-zone/the-email-that-hacks-you/
Title: Re: Technical
Post by: Asyn on December 05, 2012, 08:28:28 AM
New DARPA Program Seeks to Reveal Backdoors and Other Hidden Malicious Functionality in Commercial IT Devices
http://www.darpa.mil/NewsEvents/Releases/2012/11/30.aspx
https://www.fbo.gov/utils/view?id=14741b368fcfda0fcf22e361e0b34bd2
Title: Re: Technical
Post by: Asyn on December 08, 2012, 07:48:25 AM
Windows 8 ASLR Internals
http://blog.ptsecurity.com/2012/12/windows-8-aslr-internals.html
Title: Re: Technical
Post by: Asyn on December 10, 2012, 08:44:45 AM
Security Threat Report 2013 (Sophos)
http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report.aspx
http://www.sophos.com/en-us/medialibrary/PDFs/other/sophossecuritythreatreport2013.pdf
Title: Re: Technical
Post by: Asyn on December 12, 2012, 02:53:25 PM
Skynet, a Tor-powered botnet straight from Reddit
https://community.rapid7.com/community/infosec/blog/2012/12/06/skynet-a-tor-powered-botnet-straight-from-reddit
Title: Re: Technical
Post by: Asyn on December 13, 2012, 05:51:22 AM
An Evaluation of the Application ("App") Verification Service in Android 4.2
http://www.cs.ncsu.edu/faculty/jiang/appverify/
Title: Re: Technical
Post by: Asyn on December 13, 2012, 11:51:32 AM
Internet Explorer Data Leakage
http://spider.io/blog/2012/12/internet-explorer-data-leakage/
http://iedataleak.spider.io/demo
Title: Re: Technical
Post by: Lisandro on December 13, 2012, 12:12:11 PM
An Evaluation of the Application ("App") Verification Service in Android 4.2
http://www.cs.ncsu.edu/faculty/jiang/appverify/
I can only show credits of this research (or, in other words, I can only get interested in the results) if I can see the name of the antimalware x results table.
What I can see is that Google Service is not being able to scan not even half of the malware... Poor.
Title: Re: Technical
Post by: Asyn on December 13, 2012, 12:37:39 PM
An Evaluation of the Application ("App") Verification Service in Android 4.2
http://www.cs.ncsu.edu/faculty/jiang/appverify/
1. I can only show credits of this research (or, in other words, I can only get interested in the results) if I can see the name of the antimalware x results table.
2. What I can see is that Google Service is not being able to scan not even half of the malware... Poor.

1. Not sure why, as it's not really important for the final verdict, but OK, here you go. ;)
-> In Table 2, we show the comparison with ten representative anti-virus engines from VirusTotal (i.e., Avast, AVG, TrendMicro, Symantec, BitDefender, ClamAV, F-Secure, Fortinet, Kaspersky, and Kingsoft).
2. It's even worse, as the detection rate is under 25%. :o :(
Title: Re: Technical
Post by: Lisandro on December 13, 2012, 12:40:21 PM
But we can't associate the result with the particular AV engine...
Title: Re: Technical
Post by: Asyn on December 13, 2012, 12:48:09 PM
But we can't associate the result with the particular AV engine...

Why..?? It's quite obvious that avast! is AV1, isn't it..!?
Title: Re: Technical
Post by: bob3160 on December 13, 2012, 12:54:43 PM
But we can't associate the result with the particular AV engine...

Why..?? It's quite obvious that avast! is AV1, isn't it..!?
avast! is indeed #1 since it also scored 100%
Title: Re: Technical
Post by: Lisandro on December 13, 2012, 12:58:45 PM
Why..?? It's quite obvious that avast! is AV1, isn't it..!?
My fault. It did not see the correlation between the text and the AV1, AV2...
Thanks for pointing me out this :)
Title: Re: Technical
Post by: Asyn on December 13, 2012, 12:59:53 PM
Why..?? It's quite obvious that avast! is AV1, isn't it..!?
My fault. It did not see the correlation between the text and the AV1, AV2...
Thanks for pointing me out this :)

NP pal. :)
Title: Re: Technical
Post by: bob3160 on December 13, 2012, 01:14:07 PM
More on this subject:
https://blog.avast.com/2012/12/13/is-google-protecting-me-after-all/ (https://blog.avast.com/2012/12/13/is-google-protecting-me-after-all/)
Title: Re: Technical
Post by: Asyn on December 14, 2012, 08:05:48 AM
More on this subject:
https://blog.avast.com/2012/12/13/is-google-protecting-me-after-all/ (https://blog.avast.com/2012/12/13/is-google-protecting-me-after-all/)

Thanks Bob. :)
Title: Re: Technical
Post by: Asyn on December 16, 2012, 03:22:50 PM
Metasploit Pro 4.5.0 Release
https://community.rapid7.com/docs/DOC-2108
https://community.rapid7.com/community/metasploit/blog/2012/12/07/go-phishing-how-to-manage-phishing-exposure-with-metasploit
https://community.rapid7.com/community/metasploit/blog/2012/12/07/metasploit-hits-1000-exploits
Title: Re: Technical
Post by: Asyn on December 22, 2012, 06:23:01 PM
How to explain Hash DoS to your parents by using cats
http://www.anchor.com.au/blog/2012/12/how-to-explain-hash-dos-to-your-parents-by-using-cats/
http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/
Title: Re: Technical
Post by: Asyn on December 23, 2012, 02:47:22 PM
Dirty note on Samsung Smart TV Security
http://grayhash.com/2012/12/20/samsung_smart_tv_security/
Title: Re: Technical
Post by: DavidR on December 23, 2012, 04:17:26 PM
Dirty note on Samsung Smart TV Security
http://grayhash.com/2012/12/20/samsung_smart_tv_security/

I was pretty slow in getting on-board with smart phones as security was my biggest concern. But now then have many security applications including the avast! Mobile Security app for Android.

My concerns about Smart TV are very much the same as smart phones and possibly worse, how the hell do you clean an infected smart TV. I have a Samsung LED TV and although an earlier version it has the ability to be networked and get Internet, but I rather doubt I would ever connect it.
Title: Re: Technical
Post by: Asyn on December 23, 2012, 04:48:40 PM
My concerns about Smart TV are very much the same as smart phones and possibly worse, how the hell do you clean an infected smart TV. I have a Samsung LED TV and although an earlier version it has the ability to be networked and get Internet, but I rather doubt I would ever connect it.

Yes, let's better wait until avast! for Smart TV is available. ;)
Title: Re: Technical
Post by: Asyn on January 05, 2013, 06:16:48 PM
Happy New Year Analysis of CVE-2012-4792
http://blog.exodusintel.com/2013/01/02/happy-new-year-analysis-of-cve-2012-4792/
Title: Re: Technical
Post by: Asyn on January 08, 2013, 09:22:23 AM
UI Redressing Mayhem: Identification Attacks and UI Redressing on Google Chrome
http://blog.nibblesec.org/2012/12/ui-redressing-mayhem-identification.html
Title: Re: Technical
Post by: Asyn on January 11, 2013, 01:44:04 PM
Nokia phone forcing traffic through proxy
http://gaurangkp.wordpress.com/2012/12/05/nokia-proxy/

Nokia’s MITM on HTTPS traffic from their phone
http://gaurangkp.wordpress.com/2013/01/09/nokia-https-mitm/
Title: Re: Technical
Post by: Asyn on January 15, 2013, 01:45:44 PM
The "Red October" Campaign
An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies
http://www.securelist.com/en/blog/785/The_Red_October_Campaign_An_Advanced_Cyber_Espionage_Network_Targeting_Diplomatic_and_Government_Agencies
http://www.securelist.com/en/analysis/204792262/Red_October_Diplomatic_Cyber_Attacks_Investigation
Title: Re: Technical
Post by: Asyn on January 16, 2013, 11:21:28 AM
Watering hole attacks continue (with a twist)
http://blog.avast.com/2013/01/15/watering-hole-attacks-continue-with-a-twist/
Title: Re: Technical
Post by: Asyn on January 18, 2013, 09:29:48 AM
Mozilla Minion: What, Why, and How
https://wiki.mozilla.org/Security/Projects/Minion
http://yboily.tumblr.com/post/35078757244/minion-what-why-and-how
Title: Re: Technical
Post by: Asyn on January 19, 2013, 11:14:29 AM
Silent installs of add-ons still possible in Firefox
http://www.h-online.com/open/news/item/Silent-installs-of-add-ons-still-possible-in-Firefox-1787297.html
http://research.zscaler.com/2012/09/how-to-install-silently-malicious.html
Title: Re: Technical
Post by: logos on January 19, 2013, 02:12:45 PM
Silent installs of add-ons still possible in Firefox
http://www.h-online.com/open/news/item/Silent-installs-of-add-ons-still-possible-in-Firefox-1787297.html
http://research.zscaler.com/2012/09/how-to-install-silently-malicious.html

not good at all ... I guess they already know it for ages (Mozilla) ... I'll try to report that anyway.

edit: reported on their user's feedback page as well as on the bug tracker.
Title: Re: Technical
Post by: Asyn on January 19, 2013, 05:34:48 PM
The "Red October" Campaign
An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies
http://www.securelist.com/en/blog/785/The_Red_October_Campaign_An_Advanced_Cyber_Espionage_Network_Targeting_Diplomatic_and_Government_Agencies
http://www.securelist.com/en/analysis/204792262/Red_October_Diplomatic_Cyber_Attacks_Investigation


"Red October" - part two, the modules
http://www.securelist.com/en/blog/208194091/Red_October_part_two_the_modules
Title: Re: Technical
Post by: Asyn on January 21, 2013, 11:53:57 AM
Google Declares War on the Password
http://www.wired.com/wiredenterprise/2013/01/google-password/all/
Title: Re: Technical
Post by: Asyn on January 21, 2013, 01:42:01 PM
Hiding in Plain Sight: The FAKEM Remote Access Trojan
http://blog.trendmicro.com/trendlabs-security-intelligence/hiding-in-plain-sight-the-fakem-remote-access-trojan/
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf
Title: Re: Technical
Post by: Asyn on January 22, 2013, 08:55:32 AM
The "Red October" Campaign
An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies
http://www.securelist.com/en/blog/785/The_Red_October_Campaign_An_Advanced_Cyber_Espionage_Network_Targeting_Diplomatic_and_Government_Agencies
http://www.securelist.com/en/analysis/204792262/Red_October_Diplomatic_Cyber_Attacks_Investigation


"Red October" - part two, the modules
http://www.securelist.com/en/blog/208194091/Red_October_part_two_the_modules

Red October Attackers Shutting Down C&C Infrastructure
http://threatpost.com/en_us/blogs/red-october-attackers-shutting-down-cc-infrastructure-011813
Title: Re: Technical
Post by: Asyn on January 23, 2013, 10:14:03 AM
Watering hole attacks continue (with a twist)
http://blog.avast.com/2013/01/15/watering-hole-attacks-continue-with-a-twist/

‘Reporters without Borders’ website misused in wateringhole attack
http://blog.avast.com/2013/01/22/reporters-without-borders-website-misused-in-wateringhole-attack/
Title: Re: Technical
Post by: Asyn on January 23, 2013, 11:35:44 PM
Pwn2Own 2013
http://dvlabs.tippingpoint.com/blog/2013/01/17/pwn2own-2013
Title: Re: Technical
Post by: Asyn on January 24, 2013, 01:02:17 PM
Megafail
http://fail0verflow.com/blog/2013/megafail.html
Title: Re: Technical
Post by: Asyn on January 25, 2013, 09:20:08 AM
Attacking the Windows 7/8 Address Space Randomization
http://kingcope.wordpress.com/2013/01/24/attacking-the-windows-78-address-space-randomization/
Title: Re: Technical
Post by: Asyn on January 27, 2013, 09:34:06 AM
Laser Precision Phishing — Are You on the Bouncer’s List Today?
http://blogs.rsa.com/laser-precision-phishing-are-you-on-the-bouncers-list-today/
Title: Re: Technical
Post by: Asyn on January 28, 2013, 01:42:28 PM
Memory Errors: The Past, the Present, and the Future
http://www.isg.rhul.ac.uk/sullivan/pubs/tr/technicalreport-ir-cs-73.pdf
Title: Re: Technical
Post by: Asyn on January 31, 2013, 02:46:40 PM
Security Flaws in Universal Plug and Play: Unplug, Don't Play
https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play
https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf
Title: Re: Technical
Post by: Asyn on February 02, 2013, 05:14:19 PM
Mozilla pulling plug on auto-running nearly all plugins
http://www.h-online.com/security/news/item/Mozilla-pulling-plug-on-auto-running-nearly-all-plugins-1794162.html
https://blog.mozilla.org/security/2013/01/29/putting-users-in-control-of-plugins/
Title: Re: Technical
Post by: Asyn on February 04, 2013, 03:37:16 PM
Effect of Grammar on Security of Long Passwords
https://www.cs.cmu.edu/~agrao/paper/Effect_of_Grammar_on_Security_of_Long_Passwords.pdf
Title: Re: Technical
Post by: Asyn on February 06, 2013, 10:06:16 AM
Lucky Thirteen: Breaking the TLS and DTLS Record Protocols
http://www.isg.rhul.ac.uk/tls/
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
Title: Re: Technical
Post by: Asyn on February 11, 2013, 01:18:20 PM
Packets of Death
http://blog.krisk.org/2013/02/packets-of-death.html
http://communities.intel.com/community/wired/blog/2013/02/07/intel-82574l-gigabit-ethernet-controller-statement
http://www.wired.com/wiredenterprise/2013/02/packet-of-death/
http://blog.krisk.org/2013/02/packets-of-death-update.html
Title: Re: Technical
Post by: Asyn on February 15, 2013, 08:52:12 AM
Malware: Dollar Equals Tilde Square Brackets
http://blog.avast.com/2013/02/14/malware-dollar-equals-tilde-square-brackets/

Quote
To deobfuscate the payload, you can use our in-house developed deobfuscator (http://dollar.zikin.cz/)
Title: Re: Technical
Post by: Asyn on February 16, 2013, 09:47:50 AM
FROST: Forensic Recovery Of Scrambled Telephones
https://www1.informatik.uni-erlangen.de/frost
http://www1.cs.fau.de/filepool/projects/frost/frost.pdf
Title: Re: Technical
Post by: Asyn on February 24, 2013, 01:12:31 PM
Digging Into the Sandbox-Escape Technique of the Recent PDF Exploit
http://blogs.mcafee.com/mcafee-labs/digging-into-the-sandbox-escape-technique-of-the-recent-pdf-exploit
Title: Re: Technical
Post by: Asyn on February 26, 2013, 07:41:46 AM
Vulnerabilities served up
http://www.h-online.com/security/news/item/Vulnerabilities-served-up-1810524.html
http://www.theregister.co.uk/2013/02/21/punkspider/
http://punkspider.hyperiongray.com/
Title: Re: Technical
Post by: Asyn on February 27, 2013, 12:10:34 PM
Bypassing Google’s Two-Factor Authentication
https://blog.duosecurity.com/2013/02/bypassing-googles-two-factor-authentication/
Title: Re: Technical
Post by: Asyn on March 06, 2013, 10:21:29 AM
Stuxnet 0.5: The sabotage worm is older than previously thought
http://www.h-online.com/security/news/item/Stuxnet-0-5-The-sabotage-worm-is-older-than-previously-thought-1812496.html
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/stuxnet_0_5_the_missing_link.pdf
Title: Re: Technical
Post by: Asyn on March 14, 2013, 07:43:34 AM
Mobile Drive-By Malware example
http://blog.avast.com/2013/03/11/mobile-drive-by-malware-example/
Title: Re: Technical
Post by: Asyn on March 16, 2013, 08:02:03 PM
Mobile Threat Report Q4 2012
http://www.f-secure.com/static/doc/labs_global/Research/Mobile%20Threat%20Report%20Q4%202012.pdf
Title: Re: Technical
Post by: Asyn on March 17, 2013, 10:42:12 AM
Attack of the week: RC4 is kind of broken in TLS
http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html
Title: Re: Technical
Post by: Asyn on March 19, 2013, 10:38:41 AM
Analysis of Chinese attack against Korean banks
http://blog.avast.com/2013/03/19/analysis-of-chinese-attack-against-korean-banks/
Title: Re: Technical
Post by: Asyn on March 20, 2013, 01:23:25 PM
Banker Omnia Vincit – A tale of signed Brazilian bankers
http://blog.avast.com/2013/03/20/banker-omnia-vincit-a-tale-of-signed-brazilian-bankers/
http://files.avast.com/files/viruslab/banker-omnia-vincit.pdf
Title: Re: Technical
Post by: Asyn on March 22, 2013, 09:30:06 AM
Owning Samsung phones for fun (...but with no profit :-))
http://randomthoughts.greyhats.it/2013/03/owning-samsung-phones-for-fun-but-with.html
Title: Re: Technical
Post by: Asyn on March 23, 2013, 10:21:00 PM
Hacking the <a> tag in 100 characters
http://bilaw.al/2013/03/17/hacking-the-a-tag-in-100-characters.html
Title: Re: Technical
Post by: DavidR on March 23, 2013, 10:30:50 PM
Hacking the <a> tag in 100 characters
http://bilaw.al/2013/03/17/hacking-the-a-tag-in-100-characters.html

The NoScript puts a crimp in this little hack, so whilst it shouldn't have to if the browser prevents it, if you aren't already running NoScript then now is the time to start.
Title: Re: Technical
Post by: Asyn on March 24, 2013, 03:10:12 PM
2012 Law Enforcement Requests Report
http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
Title: Re: Technical
Post by: Asyn on March 27, 2013, 06:42:39 AM
Fake Facebook login pages spreading by Facebook applications
http://blog.avast.com/2013/03/25/fake-facebook-login-pages-spreading-by-facebook-applications/
http://www.techgainer.com/what-is-fake-facebook-login-page-and-how-it-is-used-to-hack-facebook-account/
Title: Re: Technical
Post by: bob3160 on March 28, 2013, 01:25:10 PM

(https://blog.avast.com/wp-content/uploads/2013/03/UI-big-smiley.png)
The avast! 8 User Interface: A study of change (https://blog.avast.com/2013/03/28/the-avast-8-user-interface/)
Title: Re: Technical
Post by: Asyn on April 06, 2013, 08:08:51 PM
Backdoor Uses Evernote as Command-and-Control Server
http://blog.trendmicro.com/trendlabs-security-intelligence/backdoor-uses-evernote-as-command-and-control-server/
Title: Re: Technical
Post by: Asyn on April 07, 2013, 12:59:37 AM
Security Done Wrong: Leaky FTP Server
http://adamcaudill.com/2013/04/04/security-done-wrong-leaky-ftp-server/
Title: Re: Technical
Post by: Asyn on April 07, 2013, 04:45:58 PM
Hackersh 0.1 Release Announcement
http://blog.ikotler.org/2013/04/hackersh-01-release-announcement.html
Title: Re: Technical
Post by: Asyn on April 09, 2013, 08:56:42 AM
Stels Android Trojan Malware Analysis
http://www.secureworks.com/cyber-threat-intelligence/threats/stels-android-trojan-malware-analysis/

PS: We're protected: https://www.virustotal.com/en/file/03c1b44c94c86c3137862c20f9f745e0f89ce2cdb778dc6466a06a65b7a591ae/analysis/
Title: Re: Technical
Post by: Asyn on April 13, 2013, 10:21:44 AM
Why we love specifications (not)! Part II
http://blog.avast.com/2013/04/12/why-we-love-specifications-not-part2/
Title: Re: Technical
Post by: Asyn on April 13, 2013, 06:56:10 PM
Persona Beta 2 launch
https://hacks.mozilla.org/2013/04/persona-beta-2-launch/
http://identity.mozilla.com/post/47541633049/persona-beta-2/
http://blog.mozilla.org/beyond-the-code/2013/04/09/persona-beta2/
Title: Re: Technical
Post by: Asyn on April 14, 2013, 10:59:24 AM
WordPress Plugin Social Media Widget Hiding Spam – Remove it now
http://blog.sucuri.net/2013/04/wordpress-plugin-social-media-widget.html
Title: Re: Technical
Post by: CraigB on April 14, 2013, 07:38:09 PM
Hijacking airplanes with an Android phone

https://www.net-security.org/secworld.php?id=14733
Title: Re: Technical
Post by: Asyn on April 15, 2013, 10:34:18 AM
Hijacking airplanes with an Android phone
https://www.net-security.org/secworld.php?id=14733

More here: http://conference.hitb.org/hitbsecconf2013ams/materials/D1T1%20-%20Hugo%20Teso%20-%20Aircraft%20Hacking%20-%20Practical%20Aero%20Series.pdf
Title: Re: Technical
Post by: Asyn on April 20, 2013, 04:52:16 PM
Cuckoo Sandbox 0.6
http://cuckoosandbox.org/2013-04-15-cuckoo-sandbox-06.html
Title: Re: Technical
Post by: Asyn on April 24, 2013, 01:53:06 PM
VirusTotal += PCAP Analyzer
http://blog.virustotal.com/2013/04/virustotal-pcap-analyzer.html
Title: Re: Technical
Post by: Asyn on April 26, 2013, 09:48:17 AM
Serial Offenders: Widespread Flaws in Serial Port Servers
https://community.rapid7.com/community/metasploit/blog/2013/04/23/serial-offenders-widespread-flaws-in-serial-port-servers
Title: Re: Technical
Post by: Asyn on April 27, 2013, 10:17:01 AM
The Mutter Backdoor: Operation Beebus with New Targets
http://www.fireeye.com/blog/technical/malware-research/2013/04/the-mutter-backdoor-operation-beebus-with-new-targets.html
Title: Re: Technical
Post by: Asyn on April 28, 2013, 01:28:21 PM
State of the Internet Report (Q4 2012)
http://www.akamai.com/dl/akamai/akamai_soti_q412_exec_summary.pdf
Title: Re: Technical
Post by: Asyn on April 30, 2013, 09:30:01 AM
Mozilla: the Next 15 Years
http://www.h-online.com/open/features/Mozilla-the-Next-15-Years-1837073.html
Title: Re: Technical
Post by: Asyn on May 04, 2013, 05:42:46 PM
Regents of Louisiana spreading Sirefef malware
http://blog.avast.com/2013/05/03/regents-of-louisiana-spreading-sirefef-malware/
Title: Re: Technical
Post by: CraigB on May 07, 2013, 08:21:52 PM
Windows 8 at 6 months
http://blogs.windows.com/windows/b/bloggingwindows/archive/2013/05/06/windows-8-at-6-months-q-amp-a-with-tami-reller.aspx
Title: Re: Technical
Post by: Asyn on May 09, 2013, 08:11:43 AM
"Honeywords" plan to snare password thieves
http://www.h-online.com/security/news/item/Honeywords-plan-to-snare-password-thieves-1858488.html
http://people.csail.mit.edu/rivest/pubs/JR13.pdf
Title: Re: Technical
Post by: Asyn on May 11, 2013, 09:57:19 AM
Common OAuth issue you can use to take over accounts
http://webstersprodigy.net/2013/05/09/common-oauth-issue-you-can-use-to-take-over-accounts/
Title: Re: Technical
Post by: Asyn on May 12, 2013, 10:13:39 AM
Untangling the Web: A Guide to Internet Research
http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf
Title: Re: Technical
Post by: Asyn on May 16, 2013, 11:43:32 AM
Fraunhofer FOKUS institute releases Fuzzino fuzzing library
http://www.h-online.com/security/news/item/Fraunhofer-FOKUS-institute-releases-Fuzzino-fuzzing-library-1863924.html
Title: Re: Technical
Post by: Asyn on May 19, 2013, 09:43:37 AM
Firmware Hacking: The Samsung smart TV turn
http://marcoramilli.blogspot.it/2013/05/firmware-hacking-samsung-smart-tv-turn.html
Title: Re: Technical
Post by: Asyn on May 20, 2013, 08:25:07 AM
Vaccinating systems against VM-aware malware
https://community.rapid7.com/community/infosec/blog/2013/05/13/vaccinating-systems-against-vm-aware-malware
Title: Re: Technical
Post by: Asyn on May 24, 2013, 11:32:10 AM
Ragebooter: ‘Legit’ DDoS Service, or Fed Backdoor?
https://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/
Title: Re: Technical
Post by: Asyn on May 25, 2013, 10:43:08 AM
Grum lives!
http://blog.avast.com/2013/05/22/grum-lives/
Title: Re: Technical
Post by: Asyn on May 26, 2013, 01:26:07 PM
Exploiting Samsung Galaxy S4 Secure Boot
http://blog.azimuthsecurity.com/2013/05/exploiting-samsung-galaxy-s4-secure-boot.html
Title: Re: Technical
Post by: Asyn on May 28, 2013, 10:10:02 AM
Blackberry Z10 research primer – An initial analysis (by A. Antukh)
https://www.sec-consult.com/fxdata/seccons/prod/downloads/sec_consult_vulnerability_lab_blackberry_z10_initial_analysis_v10.pdf
Title: Re: Technical
Post by: Asyn on May 29, 2013, 11:03:49 AM
Analysis of a self-debugging Sirefef cryptor
http://blog.avast.com/2013/05/29/analysis-of-a-self-debugging-sirefef-cryptor/
Title: Re: Technical
Post by: Asyn on May 30, 2013, 02:11:23 PM
Improving the security of your SSH private key files
http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html
Title: Re: Technical
Post by: Asyn on May 31, 2013, 10:46:31 AM
Would you knowingly trust an irrevocable SSL certificate?
http://news.netcraft.com/archives/2013/05/23/would-you-knowingly-trust-an-irrevocable-ssl-certificate.html
Title: Re: Technical
Post by: bob3160 on June 01, 2013, 03:17:47 PM

(https://www.evernote.com/shard/s20/sh/395df95b-8466-4abf-8fa9-4ddd3ee93fe4/4201d5f307259e50d6b4f3b0aff61498/res/48fe9f7f-0dcc-44db-91ba-7150d0380ee7.jpg?resizeSmall&width=832)
Malware similarity and clustering made easy (http://www.simseer.com/)
Title: Re: Technical
Post by: Asyn on June 02, 2013, 12:39:03 PM
Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices
http://students.cis.uab.edu/zawoad/paper/asia03-hasan.pdf
Title: Re: Technical
Post by: Johnny4745 on June 02, 2013, 05:13:08 PM
Sick of Typing Passwords? Get an Electronic Tattoo or Ingest a Pill

By Joanna Stern
May 31, 2013 12:25pm

Cut!

Dugan showed off a small pill. Inside that pill wasn’t medication but a tiny computer chip. “It also has what amounts to an inside-out potato battery. The acids in your stomach serve as an electrolyte and power it up,” she explained.

That creates a signal in your body and your body becomes the password. You can touch your phone, car or door and be “authenticated in.” Sounds crazy, yes, but this is not just “science fiction” Dugan said. Made by Proteus Digital Health, the pill was approved by the FDA in August 2012...

http://abcnews.go.com/blogs/technology/2013/05/sick-of-typing-passwords-get-an-electronic-tattoo-or-ingest-a-pill/
Title: Re: Technical
Post by: bob3160 on June 03, 2013, 02:56:25 PM
Android antivirus apps are less-than-stellar (http://www.tgdaily.com/security-features/71937-report-android-antivirus-apps-are-less-than-stellar)
If you're interested in reading the actual report,
you'll find it at:
http://list.cs.northwestern.edu/mobile/droidchameleon_nu_eecs_13_01.pdf (http://list.cs.northwestern.edu/mobile/droidchameleon_nu_eecs_13_01.pdf)


I wonder how avast! Mobile Security would have been rated in this test ???

Title: Re: Technical
Post by: essexboy on June 03, 2013, 03:32:25 PM
Yes it does appear to be missing from there
Title: Re: Technical
Post by: Johnny4745 on June 03, 2013, 10:37:45 PM
Forget .com: Get ready for .google and .apple

By Julianne Pepitone June 3, 2013: 3:57 AM ET

ICANN received 1,930 applications for new top-level domains.
NEW YORK (CNNMoney)
The largest-ever expansion of the Internet's naming system, beyond trusty old .com and .org, is almost here: Hundreds of dot-anything websites are slated to roll out this year, starting as early as this summer.

The list of proposed new domains includes .google, .apple, .nyc and .book. It's the first major expansion in more than a decade, and it's a complicated process -- one that has suffered through both technical delays and critics' concerns...

http://money.cnn.com/2013/06/03/technology/enterprise/icann-domain-expansion/index.html?hpt=hp_t3
Title: Re: Technical
Post by: Asyn on June 04, 2013, 01:29:31 PM
Social engineering attacks using DRM protected ASF files
http://blog.virustotal.com/2013/06/social-engineering-attacks-using-drm.html
Title: Re: Technical
Post by: Johnny4745 on June 04, 2013, 09:23:51 PM
Command Prompt - Fix Issues with your Boot Records

By Maximilian on 12/01/2010

If your Windows 7 is having trouble booting properly and Startup Repair didn't fix the problem, it's worth trying the Bootrec.exe tool by running in the Command Prompt. This utility was designed to troubleshoot and repair startup issues in Windows 7.

http://www.7tutorials.com/command-prompt-fix-issues-your-boot-records
Title: Re: Technical
Post by: mchain on June 05, 2013, 08:07:55 AM
New safe test suite for checking for proper a/v operation (ATMSO) from PC Mag dot com:  http://securitywatch.pcmag.com/security-software/312184-is-your-antivirus-working (http://securitywatch.pcmag.com/security-software/312184-is-your-antivirus-working)

ATMSO website test link:  http://www.amtso.org/ (http://www.amtso.org/)
Title: Re: Technical
Post by: Asyn on June 05, 2013, 07:24:55 PM
For Your Satisfaction – Android:Satfi-A [Trj]
http://blog.avast.com/2013/06/04/for-your-satisfaction/
Title: Re: Technical
Post by: Asyn on June 07, 2013, 11:33:45 AM
1,462 botnets shut down by Microsoft, FBI and financial sector
http://www.h-online.com/security/news/item/1-462-botnets-shut-down-by-Microsoft-FBI-and-financial-sector-1884174.html
http://www.microsoft.com/en-us/news/Press/2013/Jun13/06-05DCUPR.aspx
Title: Re: Technical
Post by: Asyn on June 12, 2013, 06:03:59 PM
1,462 botnets shut down by Microsoft, FBI and financial sector
http://www.h-online.com/security/news/item/1-462-botnets-shut-down-by-Microsoft-FBI-and-financial-sector-1884174.html
http://www.microsoft.com/en-us/news/Press/2013/Jun13/06-05DCUPR.aspx

Citadel takedown took down security researchers too
http://www.h-online.com/security/news/item/Citadel-takedown-took-down-security-researchers-too-1887328.html
http://www.abuse.ch/?p=5362
http://nakedsecurity.sophos.com/2013/06/12/microsoft-citadel-takedown/
Title: Re: Technical
Post by: Asyn on June 14, 2013, 12:09:47 PM
OWASP Top 10 for 2013
https://www.owasp.org/index.php/Top10#OWASP_Top_10_for_2013
http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf
Title: Re: Technical
Post by: Asyn on June 19, 2013, 11:24:11 AM
Your Facebook connection is now secured! Thank you for your support!
http://blog.avast.com/2013/06/18/your-facebook-connection-is-now-secured/
Title: Re: Technical
Post by: DavidR on June 19, 2013, 02:50:32 PM
Your Facebook connection is now secured! Thank you for your support!
http://blog.avast.com/2013/06/18/your-facebook-connection-is-now-secured/

A variation on an old theme brought up to date a little by saying it is facebook.

This was frequently used to say your email account or bank account was blocked, mainly to try and get your logon details and passwords, etc.
Title: Re: Technical
Post by: Asyn on June 20, 2013, 12:12:32 PM
Microsoft Security Bounty Programs
http://www.microsoft.com/security/msrc/report/bountyprograms.aspx
http://blogs.technet.com/b/srd/archive/2013/06/17/new-bounty-program-details.aspx
http://www.microsoft.com/security/msrc/report/guidelines.aspx
Title: Re: Technical
Post by: Asyn on June 23, 2013, 10:02:27 AM
Content Security Policy halts XSS in its tracks
http://www.h-online.com/security/features/Content-Security-Policy-halts-XSS-in-its-tracks-1892346.html
Title: Re: Technical
Post by: Asyn on June 26, 2013, 10:01:03 AM
Story of the Cutwail/Pushdo hidden C&C server
http://blog.avast.com/2013/06/25/15507/
Title: Re: Technical
Post by: Asyn on June 29, 2013, 08:22:29 PM
Mixed Content Blocker hits Firefox Beta!
https://blog.mozilla.org/security/2013/06/27/mixed-content-blocker-hits-firefox-beta/
https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/
https://quality.mozilla.org/2013/06/mixed-content-blocking-test-day-july-1s
Title: Re: Technical
Post by: Asyn on July 04, 2013, 11:28:11 AM
Fake Flash Player installer spreads via Twitter and Facebook
http://blog.avast.com/2013/07/03/fake-flash-player-installer/
Title: Re: Technical
Post by: Asyn on July 05, 2013, 11:36:30 AM
A Penetration Tester's Guide to IPMI and BMCs
https://community.rapid7.com/community/metasploit/blog/2013/06/23/a-penetration-testers-guide-to-ipmi
Title: Re: Technical
Post by: Asyn on July 08, 2013, 10:33:52 AM
Uncovering Android Master Key That Makes 99% of Devices Vulnerable
http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/
Title: Re: Technical
Post by: Asyn on July 09, 2013, 11:42:52 AM
Anatomy of a browser trick - you've heard of "clickjacking", now meet "keyjacking"...
http://nakedsecurity.sophos.com/2013/06/29/anatomy-of-a-browser-trick-youve-heard-of-clickjacking-now-meet-keyjacking/
Title: Re: Technical
Post by: Asyn on July 10, 2013, 12:13:45 PM
Hijacking a Facebook Account with SMS
http://blog.fin1te.net/post/53949849983/hijacking-a-facebook-account-with-sms
Title: Re: Technical
Post by: Asyn on July 12, 2013, 03:49:34 PM
Forensic Analysis of the Tor Browser Bundle on OS X, Linux, and Windows
https://research.torproject.org/techreports/tbb-forensic-analysis-2013-06-28.pdf
Title: Re: Technical
Post by: Asyn on July 18, 2013, 10:24:50 AM
NSS 3.15.1 brings TLS 1.2 support to Firefox
http://www.h-online.com/security/news/item/NSS-3-15-1-brings-TLS-1-2-support-to-Firefox-1918133.html
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.1_release_notes
Title: Re: Technical
Post by: Asyn on July 20, 2013, 09:27:00 AM
Use Google as a Proxy Server to Bypass Paywalls, Download Files
http://www.labnol.org/internet/google-proxy-server/28112/
Title: Re: Technical
Post by: Asyn on July 22, 2013, 12:14:37 PM
Web proxy detection and real IP address disclosure
https://zorrovpn.com/articles/web-proxy-detection
Title: Re: Technical
Post by: Asyn on July 23, 2013, 08:27:33 AM
Multisystem Trojan Janicab attacks Windows and MacOSX via scripts
http://blog.avast.com/2013/07/22/multisystem-trojan-janicab-attacks-windows-and-macosx-via-scripts/
Title: Re: Technical
Post by: Asyn on July 25, 2013, 11:37:51 AM
Urausy Lockscreen: Your computer will remain locked for 3 days, 11 hours and 20 minutes!
http://blog.avast.com/2013/07/24/urausy-lockscreen-your-computer-will-remain-locked-for-3-days-11-hours-and-20-minutes/
Title: Re: Technical
Post by: bob3160 on July 25, 2013, 01:46:31 PM
Urausy Lockscreen: Your computer will remain locked for 3 days, 11 hours and 20 minutes!
http://blog.avast.com/2013/07/24/urausy-lockscreen-your-computer-will-remain-locked-for-3-days-11-hours-and-20-minutes/ (http://blog.avast.com/2013/07/24/urausy-lockscreen-your-computer-will-remain-locked-for-3-days-11-hours-and-20-minutes/)
I guess you didn't like it here ???  :)
http://forum.avast.com/index.php?topic=52252.msg967901#msg967901 (http://forum.avast.com/index.php?topic=52252.msg967901#msg967901)
Title: Re: Technical
Post by: Asyn on July 25, 2013, 02:36:24 PM
I guess you didn't like it here ???  :)
http://forum.avast.com/index.php?topic=52252.msg967901#msg967901 (http://forum.avast.com/index.php?topic=52252.msg967901#msg967901)

That's right Bob. It's no security warning (per se), but a technical analysis. ;)
Title: Re: Technical
Post by: Asyn on July 26, 2013, 02:18:08 PM
Exploit (& Fix) Android "Master Key"
http://www.saurik.com/id/17
Title: Re: Technical
Post by: Asyn on July 27, 2013, 07:15:19 PM
Advanced Exploitation of Windows Kernel Privilege Escalation (CVE-2013-3660 / MS13-053)
http://www.vupen.com/blog/20130723.Advanced_Exploitation_Windows_Kernel_Win32k_EoP_MS13-053.php
Title: Re: Technical
Post by: Asyn on July 30, 2013, 04:41:21 PM
How Browsers Store Your Passwords (and Why You Shouldn't Let Them)
http://raidersec.blogspot.in/2013/06/how-browsers-store-your-passwords-and.html
Title: Re: Technical
Post by: Asyn on July 31, 2013, 11:11:51 AM
Phishing Google Wallet and Paypal by abusing WhatsApp
https://cureblog.de/2013/07/phishing-google-wallet-and-paypal-by-abusing-whatsapp/
Title: Re: Technical
Post by: Asyn on August 03, 2013, 08:25:44 AM
Malicious Bitcoin Miners target Czech Republic
http://blog.avast.com/2013/08/01/malicious-bitcoin-miners-target-czech-republic/
Title: Re: Technical
Post by: Asyn on August 03, 2013, 05:04:31 PM
Password Algorithms: Internet Explorer 10 (Windows Vault)
http://insecurety.net/?p=933
Title: Re: Technical
Post by: Asyn on August 08, 2013, 11:11:22 AM
The Public-Private Surveillance Partnership
http://www.bloomberg.com/news/2013-07-31/the-public-private-surveillance-partnership.html
Title: Re: Technical
Post by: Asyn on August 09, 2013, 11:58:17 AM
Black-Hat USA 2013 - Archives
https://www.blackhat.com/us-13/archives.html
Title: Re: Technical
Post by: Asyn on August 11, 2013, 09:42:25 AM
BREACH vulnerability in compressed HTTPS
http://www.kb.cert.org/vuls/id/987798
http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf
https://community.qualys.com/blogs/securitylabs/2013/08/07/defending-against-the-breach-attack
Title: Re: Technical
Post by: RealNature on August 11, 2013, 10:31:33 AM
How Browsers Store Your Passwords (and Why You Shouldn't Let Them)
http://raidersec.blogspot.in/2013/06/how-browsers-store-your-passwords-and.html
Hmm man that is serious. Thank you for posting this, this is why a firewall with outbound protection is needed, and why not a HIPS, but I know that many hate HIPS because is too intrusive, but for advanced users HIPS become handy(but hey don't judge me is just my opinion).
Title: Re: Technical
Post by: Asyn on August 13, 2013, 08:07:23 AM
Your documents are corrupted: From image to an information stealing trojan
http://blog.avast.com/2013/08/12/your-documents-are-corrupted-from-image-to-an-information-stealing-trojan/
Title: Re: Technical
Post by: Asyn on August 16, 2013, 11:38:12 AM
IT Threat Evolution: Q2 2013
https://www.securelist.com/en/analysis/204792299/IT_Threat_Evolution_Q2_2013
Title: Re: Technical
Post by: Asyn on August 17, 2013, 08:59:56 PM
Open Source Backdoor – Copyrighted Under GNU GPL
http://blog.sucuri.net/2013/08/open-source-backdoor-copyrighted-under-gnu-gpl.html
Title: Re: Technical
Post by: Asyn on August 18, 2013, 01:51:18 PM
Hacking Lightbulbs
http://www.dhanjani.com/docs/Hacking%20Lighbulbs%20Hue%20Dhanjani%202013.pdf
Title: Re: Technical
Post by: Asyn on August 19, 2013, 09:33:14 AM
Software Vulnerability Exploitation Trends
http://www.microsoft.com/en-us/download/details.aspx?id=39680
Title: Re: Technical
Post by: Asyn on August 20, 2013, 10:16:10 AM
How We Found Every Single Vulnerable Website
http://blog.nerdydata.com/post/57544050832/how-we-found-every-single-vulnerable-website
Title: Re: Technical
Post by: Asyn on August 21, 2013, 08:50:29 AM
No problem bro – ransom decryption service
http://blog.avast.com/2013/08/20/no-problem-bro-ransom-decryption-service/
Title: Re: Technical
Post by: Asyn on August 22, 2013, 08:15:53 AM
Remote Code Execution on Wired-side Servers over Unauthenticated Wireless
http://blog.opensecurityresearch.com/2013/08/remote-code-execution-on-wired-side.html
Title: Re: Technical
Post by: Asyn on August 23, 2013, 08:53:09 AM
Introducing FuzzDB
https://blog.mozilla.org/security/2013/08/16/introducing-fuzzdb/
Title: Re: Technical
Post by: Asyn on August 24, 2013, 04:54:50 PM
Jekyll on iOS: When Benign Apps Become Evil
https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_wang_2.pdf
Title: Re: Technical
Post by: Asyn on August 24, 2013, 09:26:12 PM
Nmap 6.40 Released! New scripts, new signatures, better performance!
http://seclists.org/nmap-announce/2013/1
Title: Re: Technical
Post by: Asyn on August 25, 2013, 01:41:26 PM
Plug-n-Hack
https://blog.mozilla.org/security/2013/08/22/plug-n-hack/
Title: Re: Technical
Post by: Asyn on August 26, 2013, 10:56:00 AM
The backdoor you didn’t grep
http://rileykidd.com/2013/08/21/the-backdoor-you-didnt-grep/
Title: Re: Technical
Post by: bob3160 on August 27, 2013, 01:38:47 PM
Turbo-charged cracking comes to long passwords
http://arstechnica.com/security/2013/08/thereisnofatebutwhatwemake-turbo-charged-cracking-comes-to-long-passwords/ (http://arstechnica.com/security/2013/08/thereisnofatebutwhatwemake-turbo-charged-cracking-comes-to-long-passwords/)
Title: Re: Technical
Post by: Asyn on August 28, 2013, 10:25:00 AM
Linux Trojan “Hand of Thief” ungloved
http://blog.avast.com/2013/08/27/linux-trojan-hand-of-thief-ungloved/
Title: Re: Technical
Post by: Asyn on September 01, 2013, 09:01:33 AM
Looking inside the (Drop)box
https://www.usenix.org/system/files/conference/woot13/woot13-kholia.pdf
Title: Re: Technical
Post by: Asyn on September 04, 2013, 01:11:23 PM
The Best (and Worst) Browsers to Test With
http://sauceio.com/index.php/2013/08/the-surprising-worst-browser-the-reboot/
Title: Re: Technical
Post by: bob3160 on September 04, 2013, 02:44:18 PM
The Best (and Worst) Browsers to Test With
http://sauceio.com/index.php/2013/08/the-surprising-worst-browser-the-reboot/ (http://sauceio.com/index.php/2013/08/the-surprising-worst-browser-the-reboot/)
Another obvious statistical magic trick. Numbers don't lie it's just how they're applied that
makes the outcome suspect.  ;)
Title: Re: Technical
Post by: DavidR on September 04, 2013, 03:17:31 PM
The Best (and Worst) Browsers to Test With
http://sauceio.com/index.php/2013/08/the-surprising-worst-browser-the-reboot/ (http://sauceio.com/index.php/2013/08/the-surprising-worst-browser-the-reboot/)
Another obvious statistical magic trick. Numbers don't lie it's just how they're applied that
makes the outcome suspect.  ;)

As they say - Lies, damn lies & Statistics ;D
Title: Re: Technical
Post by: Asyn on September 05, 2013, 10:53:33 AM
Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries
http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
Title: Re: Technical
Post by: Asyn on September 22, 2013, 04:18:20 PM
Stealthy Dopant-Level Hardware Trojans
http://people.umass.edu/gbecker/BeckerChes13.pdf
Title: Re: Technical
Post by: Asyn on September 25, 2013, 11:34:05 AM
Browser fuzzing: introducing bamboo.js
http://0xffe4.org/browser-fuzzing-bamboo/
Title: Re: Technical
Post by: Asyn on September 25, 2013, 06:23:31 PM
Win32/64:Napolar: New Trojan shines on the cyber crime-scene
http://blog.avast.com/2013/09/25/win3264napolar-new-trojan-shines-on-the-cyber-crime-scene/
Title: Re: Technical
Post by: Asyn on September 28, 2013, 05:56:05 PM
Analysis of the FBI Tor Malware
http://oweng.myweb.port.ac.uk/fbi-tor-malware-analysis/
Title: Re: Technical
Post by: Asyn on September 30, 2013, 12:24:39 PM
Masscan: the entire Internet in 3 minutes
http://blog.erratasec.com/2013/09/masscan-entire-internet-in-3-minutes.html#.UkPtz4agadg
Title: Re: Technical
Post by: Asyn on October 01, 2013, 01:54:39 PM
Grappling with the ZeroAccess Botnet
http://www.symantec.com/connect/blogs/grappling-zeroaccess-botnet
Title: Re: Technical
Post by: Asyn on October 03, 2013, 11:26:19 AM
Big bang theory of CVE-2012-4792
http://public.avast.com/~chytry/AVAST_vb2013.pdf
Title: Re: Technical
Post by: Asyn on October 05, 2013, 06:57:48 PM
NSA and GCHQ target Tor network that protects anonymity of web users
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption
Title: Re: Technical
Post by: bob3160 on October 06, 2013, 05:26:57 PM
NSA and GCHQ target Tor network that protects anonymity of web users
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption (http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption)
It was only a matter of time. Tor was working too well.  :'(
Title: Re: Technical
Post by: Asyn on October 07, 2013, 04:21:16 PM
Beware of poisoned apples
http://blog.avast.com/2013/10/07/beware-of-poisoned-apples/
Title: Re: Technical
Post by: bob3160 on October 07, 2013, 04:37:52 PM
Beware of poisoned apples
http://blog.avast.com/2013/10/07/beware-of-poisoned-apples/ (http://blog.avast.com/2013/10/07/beware-of-poisoned-apples/)
You're safe from this one if you eat apples like I do but don't use them. :)
Title: Re: Technical
Post by: mchain on October 08, 2013, 06:49:05 AM
Blackhole exploit kit author arrested:
http://blog.malwarebytes.org/whats-in-the-news/2013/10/blackhole-exploit-kit-author-reportedly-arrested-changes-already-noticeable/ (http://blog.malwarebytes.org/whats-in-the-news/2013/10/blackhole-exploit-kit-author-reportedly-arrested-changes-already-noticeable/)

Schneier on Security blog re NSA exploit details:
https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html (https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html)

and finally:

PureVPN WAS Hacked, But is NOT Closing:
http://www.infosecurity-magazine.com/view/34909/purevpn-was-hacked-but-is-not-closing/ (http://www.infosecurity-magazine.com/view/34909/purevpn-was-hacked-but-is-not-closing/)
Title: Re: Technical
Post by: Asyn on October 10, 2013, 09:47:59 AM
Piercing Through WhatsApp’s Encryption
https://blog.thijsalkema.de/blog/2013/10/08/piercing-through-whatsapp-s-encryption/
https://blog.thijsalkema.de/blog/2013/10/08/piercing-through-whatsapps-encryption-2/
Title: Re: Technical
Post by: Asyn on October 11, 2013, 02:05:46 PM
Ad Vulna: A Vulnaggressive (Vulnerable & Aggressive) Adware Threatening Millions
http://www.fireeye.com/blog/technical/2013/10/ad-vulna-a-vulnaggressive-vulnerable-aggressive-adware-threatening-millions.html
Title: Re: Technical
Post by: Asyn on October 12, 2013, 06:52:44 PM
Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day (Part 1)
http://nakedsecurity.sophos.com/2013/10/11/anatomy-of-an-exploit-ie-zero-day-part-1/
Title: Re: Technical
Post by: Asyn on October 15, 2013, 12:19:35 PM
Steam UAC bypass via code execution
http://codeinsecurity.wordpress.com/2013/10/11/steam-uac-bypass-via-code-execution/
http://codeinsecurity.wordpress.com/2013/10/11/steam-code-execution-privilege-escalation-to-system/
Title: Re: Technical
Post by: Asyn on October 17, 2013, 09:41:46 AM
Vulnerabilities Discovered in Global Vessel Tracking Systems
http://blog.trendmicro.com/trendlabs-security-intelligence/vulnerabilities-discovered-in-global-vessel-tracking-systems/
Title: Re: Technical
Post by: Asyn on October 19, 2013, 10:28:51 AM
Win32/KanKan – Chinese drama
http://www.welivesecurity.com/2013/10/11/win32kankan-chinese-drama/
Title: Re: Technical
Post by: Asyn on October 20, 2013, 09:57:54 AM
Destructive malware "CryptoLocker" on the loose - here's what to do
http://nakedsecurity.sophos.com/2013/10/12/destructive-malware-cryptolocker-on-the-loose/
Title: Re: Technical
Post by: bob3160 on October 20, 2013, 04:41:39 PM
Destructive malware "CryptoLocker" on the loose - here's what to do
http://nakedsecurity.sophos.com/2013/10/12/destructive-malware-cryptolocker-on-the-loose/ (http://nakedsecurity.sophos.com/2013/10/12/destructive-malware-cryptolocker-on-the-loose/)
There isn't anything you can do once you've been infected.
You need to be prepared before the infection happens through regular image backups.
After infection, without the Key or a restore point, you're screwed..... 


How is this being detected by avast! ???
Title: Re: Technical
Post by: Asyn on October 21, 2013, 12:40:10 PM
There isn't anything you can do once you've been infected.
You need to be prepared before the infection happens through regular image backups.
After infection, without the Key or a restore point, you're screwed..... 

Yes, you're right Bob, it's really bad malware. :(
Title: Re: Technical
Post by: Lisandro on October 22, 2013, 02:03:59 AM
Does avast detect *all* these nasties? It's a job for full restore...
Title: Re: Technical
Post by: mchain on October 22, 2013, 06:15:42 AM
There isn't anything you can do once you've been infected.
You need to be prepared before the infection happens through regular image backups.
After infection, without the Key or a restore point, you're screwed..... 

Yes, you're right Bob, it's really bad malware. :(
At least one version disables/encrypts .tib files used by Acronis backup software.  Russian roulette, is what it is.
Title: Re: Technical
Post by: Asyn on October 22, 2013, 11:58:51 AM
Win32:Reveton-XY [Trj] saves hundreds of computers worldwide and cybercriminals know it!!!
http://blog.avast.com/2013/10/22/win32reveton-xy-trj-saves-hundreds-of-computers-worldwide-and-cybercriminals-know-it/
Title: Re: Technical
Post by: bob3160 on October 22, 2013, 01:51:36 PM
Win32:Reveton-XY [Trj] saves hundreds of computers worldwide and cybercriminals know it!!!
http://blog.avast.com/2013/10/22/win32reveton-xy-trj-saves-hundreds-of-computers-worldwide-and-cybercriminals-know-it/ (http://blog.avast.com/2013/10/22/win32reveton-xy-trj-saves-hundreds-of-computers-worldwide-and-cybercriminals-know-it/)
There is a big difference between Reveton and CryptoLocker.
Reveton is relatively simple to prevent and/or recover from.
CryptoLocker without a good Image backup, means the end of all your files.
Title: Re: Technical
Post by: Asyn on October 22, 2013, 02:05:26 PM
There is a big difference between Reveton and CryptoLocker.
Reveton is relatively simple to prevent and/or recover from.
CryptoLocker without a good Image backup, means the end of all your files.

Yes Bob. That's just a new post in the topic, not related to anything posted before. ;)
Title: Re: Technical
Post by: Pondus on October 23, 2013, 01:10:20 AM
Why you don't need a firewall
http://www.infoworld.com/d/security/why-you-dont-need-firewall-193153

Title: Re: Technical
Post by: bob3160 on October 23, 2013, 01:17:58 AM
Why you don't need a firewall
http://www.infoworld.com/d/security/why-you-dont-need-firewall-193153 (http://www.infoworld.com/d/security/why-you-dont-need-firewall-193153)
You are free to follow his advice.
I'll continue to use a firewall. :)
Title: Re: Technical
Post by: DavidR on October 23, 2013, 01:21:46 AM
Excuse me if i don't rush to uninstall my firewall ;)
Title: Re: Technical
Post by: Pondus on October 23, 2013, 01:36:43 AM
Quote
You are free to follow his advice
thanks....just wanted to check first.   ;)

however i use win firewall, and router firewall

Title: Re: Technical
Post by: Asyn on October 23, 2013, 07:56:34 AM
Why you don't need a firewall
http://www.infoworld.com/d/security/why-you-dont-need-firewall-193153

1. I don't agree with Roger.
2. The article is from May 2012... ;)
Title: Re: Technical
Post by: Asyn on October 23, 2013, 12:13:08 PM
GOTCHA Password Hackers!
http://arxiv.org/abs/1310.1137
http://arxiv.org/pdf/1310.1137v1
Title: Re: Technical
Post by: Asyn on October 25, 2013, 10:47:32 AM
Google flagged PHP.net as suspicious website
http://blog.avast.com/2013/10/25/google-flagged-php-net-as-suspicious-website/
Title: Re: Technical
Post by: Asyn on October 27, 2013, 08:45:27 AM
Analysis of a Malware ROP Chain
http://blog.opensecurityresearch.com/2013/10/analysis-of-malware-rop-chain.html
Title: Re: Technical
Post by: Asyn on October 28, 2013, 09:01:31 AM
Facebook Clickjacking: Will You Like Me?
http://blog.avast.com/2013/10/28/facebook-clickjacking-will-you-like-me/
Title: Re: Technical
Post by: Asyn on October 29, 2013, 10:24:08 AM
How I compiled TrueCrypt 7.1a for Win32 and matched the official binaries
https://madiba.encs.concordia.ca/~x_decarn/truecrypt-binaries-analysis/
Title: Re: Technical
Post by: Lisandro on October 29, 2013, 01:43:58 PM
How I compiled TrueCrypt 7.1a for Win32 and matched the official binaries
https://madiba.encs.concordia.ca/~x_decarn/truecrypt-binaries-analysis/
Shortly: "Now we know version v7.1a is not backdoored", i.e., you can trust on TrueCrypt encryption.
Sadly, it's becoming incompatible with newer Windows versions. It could work, indeed with Windows 8 and 8.1, but the boot time will be affected.
Title: Re: Technical
Post by: Asyn on October 31, 2013, 10:25:18 AM
Microsoft Security Intelligence Report (SIR) #15
http://www.microsoft.com/security/sir/default.aspx
Title: Re: Technical
Post by: Asyn on November 03, 2013, 12:13:07 PM
BadBIOS
http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
http://blog.erratasec.com/2013/10/badbios-features-explained.html
http://www.rootwyrm.com/2013/11/the-badbios-analysis-is-wrong/
http://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/
Title: Re: Technical
Post by: Asyn on November 09, 2013, 07:11:24 AM
Google Bots Doing SQL Injection Attacks
http://blog.sucuri.net/2013/11/google-bots-doing-sql-injection-attacks.html
Title: Re: Technical
Post by: Asyn on November 11, 2013, 09:51:15 AM
BadBIOS
http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
http://blog.erratasec.com/2013/10/badbios-features-explained.html
http://www.rootwyrm.com/2013/11/the-badbios-analysis-is-wrong/
http://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/

https://plus.google.com/103470457057356043365/posts/Sm2nkvemuUX
http://www.greebo.net/2013/11/06/stop-just-stop/
Title: Re: Technical
Post by: Asyn on November 13, 2013, 07:14:29 AM
Top 3 types of hacks against small websites
http://blog.avast.com/2013/11/12/top-3-types-of-hacks-against-small-websites/
Title: Re: Technical
Post by: Asyn on November 15, 2013, 08:21:05 AM
Malvertising and OpenX servers
http://blog.avast.com/2013/11/14/malvertising-and-openx-servers/
Title: Re: Technical
Post by: Asyn on November 17, 2013, 06:29:05 AM
Microsoft unveils state-of-the-art Cybercrime Center
http://www.microsoft.com/en-us/news/press/2013/nov13/11-14cybercrimecenterpr.aspx
http://www.microsoft.com/en-us/news/stories/cybercrime/index.html
Title: Re: Technical
Post by: DavidR on November 17, 2013, 12:57:28 PM
Microsoft unveils state-of-the-art Cybercrime Center
http://www.microsoft.com/en-us/news/press/2013/nov13/11-14cybercrimecenterpr.aspx
http://www.microsoft.com/en-us/news/stories/cybercrime/index.html

They really should be concentrating on making their OSes and browsers less vulnerable to cybercriminals :P
Title: Re: Technical
Post by: Asyn on December 16, 2013, 03:53:11 PM
Microsoft DCU — Strike Three. Now What?
https://blog.damballa.com/archives/2221
Title: Re: Technical
Post by: Asyn on December 17, 2013, 12:19:04 PM
Botnet Enlists Firefox Users to Hack Web Sites
http://krebsonsecurity.com/2013/12/botnet-enlists-firefox-users-to-hack-web-sites/
https://addons.mozilla.org/en-US/firefox/blocked/i508
Title: Re: Technical
Post by: Asyn on December 18, 2013, 10:45:36 AM
Browser Ransomware tricks revealed
http://blog.avast.com/2013/12/11/browser-ransomware-tricks-revealed/
Title: Re: Technical
Post by: Asyn on December 20, 2013, 09:19:40 AM
Be a real security pro - Keep your private keys private
http://blogs.technet.com/b/mmpc/archive/2013/12/15/be-a-real-security-pro-keep-your-private-keys-private.aspx
Title: Re: Technical
Post by: Asyn on December 21, 2013, 08:21:07 AM
Microsoft DCU — Strike Three. Now What?
https://blog.damballa.com/archives/2221

ZeroAccess criminals wave white flag: The impact of partnerships on cybercrime
http://blogs.technet.com/b/microsoft_blog/archive/2013/12/19/zeroaccess-criminals-wave-white-flag-the-impact-of-partnerships-on-cybercrime.aspx
Title: Re: Technical
Post by: Asyn on December 21, 2013, 06:20:41 PM
Exclusive: Secret contract tied NSA and security industry pioneer
http://www.reuters.com/article/2013/12/21/us-usa-security-rsa-idUSBRE9BJ1C220131221
Title: Re: Technical
Post by: Asyn on December 23, 2013, 12:11:54 PM
Exclusive: Secret contract tied NSA and security industry pioneer
http://www.reuters.com/article/2013/12/21/us-usa-security-rsa-idUSBRE9BJ1C220131221

RSA Response to Media Claims Regarding NSA Relationship
https://blogs.rsa.com/news-media-2/rsa-response/
Title: Re: Technical
Post by: Asyn on December 26, 2013, 08:44:23 AM
How to disable webcam light on Windows
http://blog.erratasec.com/2013/12/how-to-disable-webcam-light-on-windows.html
Title: Re: Technical
Post by: Asyn on December 27, 2013, 12:48:10 PM
Practical malleability attack against CBC-Encrypted LUKS partitions
http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/
Title: Re: Technical
Post by: Asyn on January 09, 2014, 07:37:05 AM
Comparison of Adware in Windows and OS X: Linkular and Genieo
http://blog.avast.com/2014/01/09/comparison-of-adware-in-windows-and-os-x-linkular-and-genieo/
Title: Re: Technical
Post by: Asyn on January 10, 2014, 10:19:35 AM
WordPress Plugins Exploitation Through the Big Data Prism
https://blogs.akamai.com/2014/01/wordpress-plugins-exploitation-through-the-big-data-prism.html
Title: Re: Technical
Post by: Asyn on January 12, 2014, 07:59:34 AM
Metasploit Now Supports Malware Analysis via VirusTotal
https://community.rapid7.com/community/metasploit/blog/2014/01/10/metasploit-now-supports-malware-analysis-via-virustotal
Title: Re: Technical
Post by: Asyn on January 13, 2014, 08:15:17 AM
A Cat and Mouse Game Between Exploits and Antivirus
https://community.rapid7.com/community/metasploit/blog/2014/01/05/a-cat-and-mouse-game-between-exploits-and-antivirus
Title: Re: Technical
Post by: Asyn on January 16, 2014, 08:01:12 AM
Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 1
http://blog.avast.com/2014/01/15/win3264blackbeard-pigeon-stealthiness-techniques-in-64-bit-windows-part-1/
Title: Re: Technical
Post by: essexboy on January 16, 2014, 03:02:38 PM
Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 1
http://blog.avast.com/2014/01/15/win3264blackbeard-pigeon-stealthiness-techniques-in-64-bit-windows-part-1/
We have had several of these .. SVCHOST malware in the virus forum
Title: Re: Technical
Post by: Asyn on January 18, 2014, 05:16:03 PM
Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 1
http://blog.avast.com/2014/01/15/win3264blackbeard-pigeon-stealthiness-techniques-in-64-bit-windows-part-1/
We have had several of these .. SVCHOST malware in the virus forum

Good that the guys at the VL are at it and great that you provide additional info.
Let's see what new insights Part 2 brings...
Title: Re: Technical
Post by: Asyn on January 18, 2014, 06:33:41 PM
Oldboot: the first bootkit on Android
http://blogs.360.cn/360mobile/2014/01/17/oldboot-the-first-bootkit-on-android/
Title: Re: Technical
Post by: Asyn on January 19, 2014, 11:52:41 AM
Personal banking apps leak info through phone
http://blog.ioactive.com/2014/01/personal-banking-apps-leak-info-through.html
Title: Re: Technical
Post by: Asyn on January 19, 2014, 04:49:21 PM
ATMs Face Deadline to Upgrade From Windows XP
http://www.businessweek.com/articles/2014-01-16/atms-face-deadline-to-upgrade-from-windows-xp
Title: Re: Technical
Post by: Asyn on January 20, 2014, 10:57:35 AM
TrueCrypt Master Key Extraction And Volume Identification
http://volatility-labs.blogspot.de/2014/01/truecrypt-master-key-extraction-and.html
Title: Re: Technical
Post by: bob3160 on January 22, 2014, 02:37:33 PM

Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 2
https://blog.avast.com/2014/01/22/win3264blackbeard-pigeon-stealthiness-techniques-in-64-bit-windows-part-2/ (https://blog.avast.com/2014/01/22/win3264blackbeard-pigeon-stealthiness-techniques-in-64-bit-windows-part-2/)

Title: Re: Technical
Post by: Asyn on January 24, 2014, 01:03:41 PM
Spoiled Onions: Exposing Malicious Tor Exit Relays
http://www.cs.kau.se/philwint/spoiled_onions/techreport.pdf
Title: Re: Technical
Post by: Asyn on January 26, 2014, 11:23:08 AM
XXE in OpenID: one bug to rule them all, or how I found a Remote Code Execution flaw affecting Facebook's servers
http://www.ubercomp.com/posts/2014-01-16_facebook_remote_code_execution
Title: Re: Technical
Post by: Asyn on January 27, 2014, 09:51:23 AM
blackarchlinux
http://www.blackarch.org/

BlackArch Linux is an Arch-based GNU/Linux distribution for pentesters and security researchers.
Title: Re: Technical
Post by: Asyn on January 27, 2014, 04:29:03 PM
Malformed FileZilla FTP client with login stealer
http://blog.avast.com/2014/01/27/malformed-filezilla-ftp-client-with-login-stealer/
Title: Re: Technical
Post by: Asyn on January 28, 2014, 11:03:14 AM
Show off your security skills: announcing Pwnium 4 targeting Chrome OS
http://blog.chromium.org/2014/01/show-off-your-security-skills.html
Title: Re: Technical
Post by: Asyn on January 30, 2014, 07:38:15 AM
Angry Birds and 'leaky' phone apps targeted by NSA and GCHQ for user data
http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartphone-app-angry-birds-personal-data?CMP=fb_us
Title: Re: Technical
Post by: Asyn on January 31, 2014, 12:26:48 PM
Avatar - A free and open-source operating system for the Internet with privacy built-in
http://sneakpeek.avatar.ai/
http://sneakpeek.avatar.ai/technology.html
Title: Re: Technical
Post by: Asyn on February 01, 2014, 05:38:46 PM
RSA Uncovers New POS Malware Operation Stealing Payment Card & Personal Information
https://blogs.rsa.com/rsa-uncovers-new-pos-malware-operation-stealing-payment-card-personal-information/
Title: Re: Technical
Post by: Asyn on February 09, 2014, 09:07:02 AM
Research buzz: Undercover technology
http://blog.avast.com/2014/02/07/research-buzz-undercover-technology/
Title: Re: Technical
Post by: Asyn on February 09, 2014, 04:06:07 PM
Snowden Used Low-Cost Tool to Best N.S.A.
http://www.nytimes.com/2014/02/09/us/snowden-used-low-cost-tool-to-best-nsa.html
Title: Re: Technical
Post by: Asyn on February 11, 2014, 10:44:46 AM
Kaspersky Lab Uncovers “The Mask”: One of the Most Advanced Global Cyber-espionage Operations to Date Due to the Complexity of the Toolset Used by the Attackers
http://www.kaspersky.com/about/news/virus/2014/Kaspersky-Lab-Uncovers-The-Mask-One-of-the-Most-Advanced-Global-Cyber-espionage-Operations-to-Date-Due-to-the-Complexity-of-the-Toolset-Used-by-the-Attackers
http://www.securelist.com/en/downloads/vlpdfs/unveilingthemask_v1.0.pdf
Title: Re: Technical
Post by: Asyn on February 14, 2014, 11:34:51 AM
Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website
http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html
Title: Re: Technical
Post by: Asyn on February 15, 2014, 05:50:59 PM
Hackers circulate thousands of FTP credentials, New York Times among those hit
http://www.pcworld.com/article/2098020/hackers-circulate-thousands-of-ftp-credentials-new-york-times-among-those-hit.html
Title: Re: Technical
Post by: Asyn on February 17, 2014, 12:48:19 PM
Fake Korean bank applications for Android – PT 1
http://blog.avast.com/2014/02/17/fake-korean-bank-applications-for-android-pt-1/
Title: Re: Technical
Post by: Asyn on February 20, 2014, 06:40:54 AM
Dear Asus router user: You’ve been pwned, thanks to easily exploited flaw
http://arstechnica.com/security/2014/02/dear-asus-router-user-youve-been-pwned-thanks-to-easily-exploited-flaw/
Title: Re: Technical
Post by: Asyn on February 21, 2014, 01:28:46 PM
Fake SSL certificates deployed across the internet
http://news.netcraft.com/archives/2014/02/12/fake-ssl-certificates-deployed-across-the-internet.html
Title: Re: Technical
Post by: Asyn on February 22, 2014, 07:51:44 AM
Bitcrypt broken
http://blog.cassidiancybersecurity.com/post/2014/02/Bitcrypt-broken
Title: Re: Technical
Post by: Asyn on February 23, 2014, 01:06:07 PM
German Telekom Bug Bounty – 3x Remote Vulnerabilities
http://www.vulnerability-db.com/dev/index.php/2014/02/06/german-telekom-bug-bounty-3x-remote-vulnerabilities/
Title: Re: Technical
Post by: Asyn on February 24, 2014, 12:28:15 PM
Price and Feature Comparison of Web Application Scanners
http://www.sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.html
Title: Re: Technical
Post by: Asyn on February 26, 2014, 07:10:09 AM
New iOS flaw makes devices susceptible to covert keylogging, researchers say
http://arstechnica.com/security/2014/02/new-ios-flaw-makes-devices-susceptible-to-covert-keylogging-researchers-say/
http://www.fireeye.com/blog/technical/2014/02/background-monitoring-on-non-jailbroken-ios-7-devices-and-a-mitigation.html
Title: Re: Technical
Post by: AdrianH on February 26, 2014, 02:46:49 PM
http://www.bbc.co.uk/news/technology-26352439

'Contagious' wi-fi virus created by Liverpool researchers
Title: Re: Technical
Post by: Asyn on February 27, 2014, 08:23:40 AM
The Wild Wild Web: YouTube ads serving malware
http://labs.bromium.com/2014/02/21/the-wild-wild-web-youtube-ads-serving-malware/
Title: Re: Technical
Post by: Asyn on February 28, 2014, 06:03:22 AM
The OpenID Foundation Launches the OpenID Connect Standard
http://openid.net/2014/02/26/the-openid-foundation-launches-the-openid-connect-standard/
http://openid.net/connect/faq/
Title: Re: Technical
Post by: Asyn on March 01, 2014, 07:39:27 AM
Detection and analysis of the Chameleon WiFi access point virus
http://jis.eurasipjournals.com/content/2013/1/2#
http://jis.eurasipjournals.com/content/pdf/1687-417X-2013-2.pdf
Title: Re: Technical
Post by: Asyn on March 01, 2014, 05:26:33 PM
testssl.sh: Testing TLS/SSL encryption
http://testssl.sh/
http://testssl.sh/CHANGELOG.txt
Title: Re: Technical
Post by: Asyn on March 01, 2014, 07:32:11 PM
Bypassing EMET 4.1
http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/
http://bromiumlabs.files.wordpress.com/2014/02/bypassing-emet-4-1.pdf
Title: Re: Technical
Post by: Asyn on March 02, 2014, 07:45:21 AM
Secunia Vulnerability Review 2014
http://secunia.com/vulnerability-review/
Title: Re: Technical
Post by: Asyn on March 03, 2014, 08:16:07 AM
Dissecting the newest IE10 0-day exploit (CVE-2014-0322)
http://labs.bromium.com/2014/02/25/dissecting-the-newest-ie10-0-day-exploit-cve-2014-0322/
Title: Re: Technical
Post by: Asyn on March 03, 2014, 03:06:04 PM
Uroburos - highly complex espionage software with Russian roots
http://blog.gdatasoftware.com/blog/article/uroburos-highly-complex-espionage-software-with-russian-roots.html
https://www.gdata.de/rdk/dl-en-rp-Uroburos [PDF]
Title: Re: Technical
Post by: bob3160 on March 03, 2014, 07:27:53 PM
Fake Korean bank applications for Android – part 2 (https://blog.avast.com/2014/03/03/fake-korean-bank-applications-for-android-part-2/)
Title: Re: Technical
Post by: Asyn on March 04, 2014, 08:02:59 AM
VMDE (Virtual Machines Detection Enhanced)
http://www.heise.de/security/downloads/07/1/1/8/3/5/5/9/vmde.pdf
Title: Re: Technical
Post by: Asyn on March 05, 2014, 07:02:30 AM
Triple Handshakes Considered Harmful
Breaking and Fixing Authentication over TLS
https://secure-resumption.com/
https://secure-resumption.com/tlsauth.pdf
Title: Re: Technical
Post by: mchain on March 05, 2014, 09:22:48 PM
Android 64-bit ARM computing is coming:
http://www.networkworld.com/news/2014/030314-linux-group-could-hasten-64-bit-279350.html (http://www.networkworld.com/news/2014/030314-linux-group-could-hasten-64-bit-279350.html)
Title: Re: Technical
Post by: mchain on March 05, 2014, 11:00:22 PM
Open Source Cloud Operating System 'OpenStack'
https://www.openstack.org/ (https://www.openstack.org/)
Title: Re: Technical
Post by: Asyn on March 09, 2014, 08:59:59 AM
Yahoo's Pet Show of Horrors: Leaking a User's Emails Crossdomain
http://blog.saynotolinux.com/2014/03/01/yahoos-pet-show-of-horrors-abusing-a-crossdomain-proxy-to-leak-a-users-email/
Title: Re: Technical
Post by: Asyn on March 11, 2014, 11:46:44 AM
You Won't Be Needing These Any More: On Removing Unused Certi cates From Trust Stores
https://www2.dcsec.uni-hannover.de/files/fc14_unused_cas.pdf
Title: Re: Technical
Post by: mchain on March 12, 2014, 08:20:43 PM
Physicist Proposes New Type of Computing Without Transistors
http://gigaom.com/2014/03/10/physicist-proposes-a-new-type-of-computing-at-sxsw-check-out-orbital-computing/ (http://gigaom.com/2014/03/10/physicist-proposes-a-new-type-of-computing-at-sxsw-check-out-orbital-computing/)
Title: Re: Technical
Post by: Asyn on March 15, 2014, 04:58:17 PM
More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack
http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html
Title: Re: Technical
Post by: bob3160 on March 18, 2014, 12:50:42 PM
Fake Korean bank applications for Android – Pt 3 (https://blog.avast.com/2014/03/18/fake-korean-bank-applications-for-android-pt-3/)
(http://www.screencast-o-matic.com/screenshots/u/Lh/1395143424136-78667.png)
Title: Re: Technical
Post by: Asyn on March 19, 2014, 08:11:21 AM
OPERATION WINDIGO: Malware Used To Attack Over 500,000 Computers Daily After 25,000 UNIX Servers Hijacked By Backdoor Trojan
http://blog.eset.ie/2014/03/18/operation-windigo-malware-used-to-attack-over-500000-computers-daily-after-25000-unix-servers-hijacked-by-backdoor-trojan/
http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf
Title: Re: Technical
Post by: Asyn on March 20, 2014, 04:08:58 PM
Threat Advisory: PHP-CGI At Your Command
http://blog.imperva.com/2014/03/threat-advisory-php-cgi-at-your-command.html
Title: Re: Technical
Post by: mchain on March 21, 2014, 06:59:18 AM
Meet Cyclosa, the Gang Behind 2013's Biggest Data Thefts
http://www.symantec.com/connect/blogs/meet-cyclosa-gang-behind-2013s-biggest-data-thefts (http://www.symantec.com/connect/blogs/meet-cyclosa-gang-behind-2013s-biggest-data-thefts)
Hacker identity known/confirmed and history to present day.
Title: Re: Technical
Post by: Asyn on March 22, 2014, 08:48:41 AM
Researchers' Google Glass Spyware Sees What You See
http://www.forbes.com/sites/andygreenberg/2014/03/18/researchers-google-glass-spyware-sees-what-you-see/
Title: Re: Technical
Post by: Asyn on March 24, 2014, 09:17:21 AM
Framing Signals — A Return to Portable Shellcode
http://www.cs.vu.nl/~herbertb/papers/srop_sp14.pdf
Title: Re: Technical
Post by: Asyn on March 26, 2014, 08:09:52 AM
WordPress hosting: Do not try this at home!
http://news.netcraft.com/archives/2014/03/24/wordpress-hosting-do-not-try-this-at-home.html
Title: Re: Technical
Post by: Asyn on March 27, 2014, 07:40:02 AM
Pretty women. Which one will infect you?
http://blog.avast.com/2014/03/27/pretty-women-which-one-will-infect-you/
Title: Re: Technical
Post by: bob3160 on March 27, 2014, 01:32:33 PM
Pretty women. Which one will infect you?
http://blog.avast.com/2014/03/27/pretty-women-which-one-will-infect-you/ (http://blog.avast.com/2014/03/27/pretty-women-which-one-will-infect-you/)
I got infected by a pretty woman 54 years ago and still haven't been able to get rid of the infection. :)
Title: Re: Technical
Post by: Secondmineboy on March 27, 2014, 01:35:13 PM
LOL ;D
Title: Re: Technical
Post by: mchain on March 28, 2014, 04:56:03 PM
Founders aim to accelerate IoT interoperability
http://www.eetimes.com/document.asp?doc_id=1321667& (http://www.eetimes.com/document.asp?doc_id=1321667&)
Title: Re: Technical
Post by: Asyn on March 29, 2014, 06:03:27 PM
Why Your Twitter Account May Be More Valuable Than Your Credit Card
http://forums.juniper.net/t5/Security-Mobility-Now/Why-Your-Twitter-Account-May-Be-More-Valuable-Than-Your-Credit/ba-p/234270
Title: Re: Technical
Post by: Asyn on March 30, 2014, 09:33:34 AM
New Vulnerabilities in Firefox for Android: Overtaking Firefox Profiles
http://securityintelligence.com/vulnerabilities-firefox-android-overtaking-firefox-profiles/
Title: Re: Technical
Post by: Asyn on March 31, 2014, 10:13:31 AM
We may have witnessed a NSA "Shotgiant" TAO-like action
http://blog.erratasec.com/2014/03/we-may-have-witnessed-nsa-shotgiant-tao.html
http://www.nytimes.com/2014/03/23/world/asia/nsa-breached-chinese-servers-seen-as-spy-peril.html
Title: Re: Technical
Post by: Asyn on April 01, 2014, 06:30:51 AM
The Gray-zone of malware detection in Android OS
http://blog.avast.com/2014/03/31/the-gray-zone-of-malware-detection-in-android-os/
Title: Re: Technical
Post by: Asyn on April 02, 2014, 07:57:23 AM
Email with subject “FW:Bank docs” leads to information theft
http://blog.avast.com/2014/04/01/email-with-subject-fwbank-docs-leads-to-information-theft/
Title: Re: Technical
Post by: mchain on April 03, 2014, 07:37:48 PM
U.S. regulators warn banks about rise in cyber-attacks
http://in.reuters.com/article/2014/04/02/banks-fraud-idINDEEA310GT20140402 (http://in.reuters.com/article/2014/04/02/banks-fraud-idINDEEA310GT20140402)
Title: Re: Technical
Post by: mchain on April 03, 2014, 07:40:13 PM
NSA sniffing prompts Yahoo encrypt to traffic between its data centers
Users must, however, manually flip the switch for some sites like Yahoo News and Yahoo Sports
http://www.computerworld.com/s/article/9247410/NSA_sniffing_prompts_Yahoo_encrypt_to_traffic_between_its_data_centers (http://www.computerworld.com/s/article/9247410/NSA_sniffing_prompts_Yahoo_encrypt_to_traffic_between_its_data_centers)
Title: Re: Technical
Post by: Asyn on April 05, 2014, 08:06:03 AM
Oldboot.B: the hiding tricks used by bootkit on Android
http://blogs.360.cn/360mobile/2014/04/02/analysis_of_oldboot_b_en/
Title: Re: Technical
Post by: Asyn on April 06, 2014, 09:06:47 AM
WinRar File extension spoofing
http://an7isec.blogspot.co.il/2014/03/winrar-file-extension-spoofing-0day.html
Title: Re: Technical
Post by: Asyn on April 07, 2014, 05:00:22 PM
One of World’s Largest Websites Hacked: Turns Visitors into “DDoS Zombies”
http://www.incapsula.com/blog/world-largest-site-xss-ddos-zombies.html
Title: Re: Technical
Post by: bob3160 on April 07, 2014, 05:02:39 PM
One of World’s Largest Websites Hacked: Turns Visitors into “DDoS Zombies”
http://www.incapsula.com/blog/world-largest-site-xss-ddos-zombies.html (http://www.incapsula.com/blog/world-largest-site-xss-ddos-zombies.html)
I guess we'll need to wait till they fix the sites problem before we find out if we're a Zombie.  :'(
Title: Re: Technical
Post by: Asyn on April 07, 2014, 05:11:44 PM
I guess we'll need to wait till they fix the sites problem before we find out if we're a Zombie.  :'(

What do you mean Bob, can't you reach the site..?
Title: Re: Technical
Post by: bob3160 on April 07, 2014, 08:21:36 PM
I guess we'll need to wait till they fix the sites problem before we find out if we're a Zombie.  :'(

What do you mean Bob, can't you reach the site..?
The article states that they can't name the site that was attacked. (Didn't you read the article ??? )  :)
Title: Re: Technical
Post by: Asyn on April 07, 2014, 09:02:22 PM
The article states that they can't name the site that was attacked. (Didn't you read the article ??? )  :)

I read it, else I wouldn't have posted it. A misunderstanding, thought you couldn't reach the article. :)
Title: Re: Technical
Post by: AdrianH on April 09, 2014, 12:45:38 PM
http://www.iol.co.za/scitech/technology/news/eu-scraps-data-collection-law-1.1673317

EU scraps data collection law

 April 9 2014 at 10:18am
 By SAPA

Quote
Luxembourg - Europe's top court on Tuesday struck down an EU law forcing telecoms operators to store private phone and email data for up to two years, judging it too invasive, despite its usefulness in combating terrorism...............
Title: Re: Technical
Post by: Asyn on April 12, 2014, 09:02:12 AM
Technical Analysis of CVE-2014-1761 RTF Vulnerability
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Technical-Analysis-of-CVE-2014-1761-RTF-Vulnerability/ba-p/6440048
Title: Re: Technical
Post by: Asyn on April 12, 2014, 10:01:41 PM
Cuckoo Sandbox 1.1
http://cuckoosandbox.org/2014-04-07-cuckoo-sandbox-11.html
Title: Re: Technical
Post by: Asyn on April 13, 2014, 11:51:38 AM
How we got read access on Google’s production servers
http://blog.detectify.com/post/82370846588/how-we-got-read-access-on-googles-production-servers
Title: Re: Technical
Post by: Asyn on April 16, 2014, 08:48:31 AM
iSEC Completes TrueCrypt Audit
https://isecpartners.github.io/news/2014/04/14/iSEC-Completes-Truecrypt-Audit.html
https://opencryptoaudit.org/reports [PDF]
Title: Re: Technical
Post by: Lisandro on April 18, 2014, 03:53:42 AM
iSEC Completes TrueCrypt Audit
https://isecpartners.github.io/news/2014/04/14/iSEC-Completes-Truecrypt-Audit.html
https://opencryptoaudit.org/reports [PDF]
Worth reading... It's a pity that the code "stop" being developed after Windows 7...
Title: Re: Technical
Post by: Asyn on April 18, 2014, 08:04:15 AM
TOR Bleed
http://www.mulliner.org/blog/blosxom.cgi/security/torbleed.html
https://lists.torproject.org/pipermail/tor-relays/2014-April/004336.html
Title: Re: Technical
Post by: Asyn on April 19, 2014, 08:11:16 AM
Exploiting CSRF under NoScript Conditions
https://community.rapid7.com/community/metasploit/blog/2014/04/15/exploiting-csrf-without-javascript
Title: Re: Technical
Post by: Asyn on April 19, 2014, 08:18:19 PM
Cracking Cloudflare's heartbleed challenge
https://blog.indutny.com/9.heartbleed
Title: Re: Technical
Post by: Asyn on April 20, 2014, 08:07:48 AM
A Boring Article About a Check of the OpenSSL Project
http://www.viva64.com/en/b/0250/
Title: Re: Technical
Post by: bob3160 on April 20, 2014, 03:29:26 PM
A Boring Article About a Check of the OpenSSL Project
http://www.viva64.com/en/b/0250/ (http://www.viva64.com/en/b/0250/)
Polonus might find it interesting.... :)
Title: Re: Technical
Post by: Asyn on April 21, 2014, 08:04:33 AM
Crossdomain.xml Proof of Concept Tool
http://thehackerblog.com/crossdomain-xml-proof-of-concept-tool/
Title: Re: Technical
Post by: donnaF on April 23, 2014, 11:10:37 PM
Today I purchased Avast Internet Security for my computers. One PC is 14 years old and operates on XP. I needed a cheap solution to the problem of no more security updates for the OS. So I purchased the standard protection 3-pc's for a year and upgraded the one that is for my XP pc. Everything went smoothly for the old XP pc. But when I went to install it on my laptop (Windows 7) Microsoft could not open the license file --- strange I thought --- so I called Avast tech support --- the tech remotely checked out my computer and discovered all these crazy files, errors and just plain CRAP on my computer --- she says "No problem, we have Microsoft experts here that will fix it for a charge." --- WELL they wanted $179.00 for a YEAR or $119.00 for the quick-fix!! HOLY CRAP!!! Not exactly the kind of fix I had in mind LOL -- so I went and searched for a registry & malware cleaner --- FREE --- ran it (ccCleaner) 2X --- went to my 30-day trial installation on my desktop opened it --- went to the license file in my downloads --- right clicked and chose to open in the Avast program --- VIOLA!!! DONE!!! :-D
Title: Re: Technical
Post by: essexboy on April 23, 2014, 11:18:59 PM
Never trust 3rd party vendors they appear to do minimal work and then find lots of non-existent problems.  If you need help ask here it is better and free :)
Title: Re: Technical
Post by: Pondus on April 23, 2014, 11:22:23 PM
@donnaF    something for you   ;)

avast FAQ section  http://www.avast.com/en-eu/faq.php

how to do stuff, videos  http://www.avast.com/en-eu/faq.php?q=video#searchForm

Title: Re: Technical
Post by: donnaF on April 25, 2014, 12:33:09 AM
Thanks Pondus, but I was all over that yesterday.  :o LOL  I actually sorted it out on my own and so it is up and running fine. Saved myself some $$ too! --- and that's always a good thing!

:-D onna
Title: Re: Technical
Post by: donnaF on April 25, 2014, 12:41:56 AM
essexboy thanks for the tip! But the help was AVAST CC tech support not another vendor --- if I understand your statement and there's always the chance that I don't LOL

:-D onna
Title: Re: Technical
Post by: bob3160 on April 25, 2014, 12:47:48 AM
essexboy thanks for the tip! But the help was AVAST CC tech support not another vendor --- if I understand your statement and there's always the chance that I don't LOL

:-D onna
Hopefully not the following:
(http://www.screencast-o-matic.com/screenshots/u/Lh/1398379600789-29158.png)
That's a third party support #.  :'(
Title: Re: Technical
Post by: Asyn on April 25, 2014, 08:21:48 AM
Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation Form New Initiative to Support Critical Open Source Projects
http://www.linuxfoundation.org/news-media/announcements/2014/04/amazon-web-services-cisco-dell-facebook-fujitsu-google-ibm-intel
Title: Re: Technical
Post by: Asyn on April 27, 2014, 08:16:27 AM
Akamais "State of the Internet"-Report Q4 2013
http://www.akamai.com/dl/akamai/akamai-soti-q413.pdf?WT.mc_id=soti_Q413 [PDF]
Title: Re: Technical
Post by: Asyn on April 27, 2014, 12:01:10 PM
New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks
http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html
Title: Re: Technical
Post by: Asyn on April 28, 2014, 09:06:54 AM
Exciting Updates to Certificate Verification in Gecko
https://blog.mozilla.org/security/2014/04/24/exciting-updates-to-certificate-verification-in-gecko/
Title: Re: Technical
Post by: Asyn on May 02, 2014, 07:33:46 AM
Tails 1.0 is out
https://tails.boum.org/news/version_1.0/index.en.html
Title: Re: Technical
Post by: Asyn on May 03, 2014, 07:40:47 AM
Using Facebook Notes to DDoS any website
http://chr13.com/2014/04/20/using-facebook-notes-to-ddos-any-website/
Title: Re: Technical
Post by: Asyn on May 04, 2014, 06:34:09 AM
Skype and Data Exfiltration
http://www.sans.org/reading-room/whitepapers/covert/skype-data-exfiltration-34560 [PDF]
Title: Re: Technical
Post by: Asyn on May 08, 2014, 07:20:53 AM
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations
https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf
Title: Re: Technical
Post by: Asyn on May 09, 2014, 10:16:11 AM
Hacking the Samsung NX300 'Smart' Camera
http://op-co.de/blog/posts/hacking_the_nx300/
Title: Re: Technical
Post by: Asyn on May 11, 2014, 08:43:08 AM
An empirical study of passive 802.11 Device Fingerprinting
http://arxiv.org/abs/1404.6457
http://arxiv.org/pdf/1404.6457v1 [PDF]
Title: Re: Technical
Post by: Asyn on May 12, 2014, 07:40:22 AM
SHA-2: Very cryptographic. So secure. Such growth. Wow.
http://news.netcraft.com/archives/2014/05/05/sha-2-very-cryptographic-so-secure-such-growth-wow.html
Title: Re: Technical
Post by: Asyn on May 13, 2014, 05:56:48 AM
Browser Ransomware Attacks are Massive in Scale
http://blog.avast.com/2014/05/12/browser-ransomware/
Title: Re: Technical
Post by: Asyn on May 17, 2014, 04:30:17 PM
SHA-256 certificates are coming
https://www.imperialviolet.org/2014/05/14/sha256.html
Title: Re: Technical
Post by: Asyn on May 18, 2014, 08:08:33 AM
Introducing Mozilla Winter of Security 2014
https://blog.mozilla.org/security/2014/05/15/introducing-mozilla-winter-of-security-2014/
https://wiki.mozilla.org/Security/Automation/WinterOfSecurity2014
Title: Re: Technical
Post by: Asyn on May 19, 2014, 06:08:01 AM
What Did Microsoft Just Break with KB2871997 and KB2928120
http://www.pwnag3.com/2014/05/what-did-microsoft-just-break-with.html
Title: Re: Technical
Post by: mchain on May 20, 2014, 04:37:50 AM
FBI:  International Blackshades Malware Takedown  http://www.fbi.gov/news/stories/2014/may/international-blackshades-malware-takedown/international-blackshades-malware-takedown (http://www.fbi.gov/news/stories/2014/may/international-blackshades-malware-takedown/international-blackshades-malware-takedown)

Second link to manually see if you are infected:  http://www.fbi.gov/news/stories/2014/may/international-blackshades-malware-takedown/could-your-computer-be-infected-by-blackshades (http://www.fbi.gov/news/stories/2014/may/international-blackshades-malware-takedown/could-your-computer-be-infected-by-blackshades)

For step one, a faster way to search is to use a wildcard expression, e.g., *.bss, in the Search field.
Title: Re: Technical
Post by: Asyn on May 20, 2014, 07:08:49 AM
IT threat evolution Q1 2014
http://www.securelist.com/en/analysis/204792332/IT_threat_evolution_Q1_2014
Title: Re: Technical
Post by: Asyn on May 22, 2014, 07:59:25 AM
iBanking: Exploiting the Full Potential of Android Malware
http://www.symantec.com/connect/blogs/ibanking-exploiting-full-potential-android-malware
Title: Re: Technical
Post by: mchain on May 22, 2014, 10:26:38 AM
KrebsonSecurity blog:  Blackshades’ Trojan Users Had It Coming  http://krebsonsecurity.com/2014/05/blackshades-trojan-users-had-it-coming/ (http://krebsonsecurity.com/2014/05/blackshades-trojan-users-had-it-coming/)

Images of posts made by caught users at the end of the blog.
Title: Re: Technical
Post by: Asyn on May 24, 2014, 08:19:22 AM
Advanced Exploitation of Mozilla Firefox Use-After-Free Vulnerability (Pwn2Own 2014)
http://www.vupen.com/blog/20140520.Advanced_Exploitation_Firefox_UaF_Pwn2Own_2014.php
Title: Re: Technical
Post by: Asyn on June 14, 2014, 10:14:52 PM
Microsoft helps FBI in GameOver Zeus botnet cleanup
http://blogs.technet.com/b/microsoft_blog/archive/2014/06/02/microsoft-helps-fbi-in-gameover-zeus-botnet-cleanup.aspx
http://www.crowdstrike.com/blog/gameover/index.html
Title: Re: Technical
Post by: Asyn on June 16, 2014, 08:37:52 AM
One Token to Rule Them All - The Tale of the Leaked Gmail Addresses
http://www.orenh.com/2014/06/one-token-to-rule-them-all-tale-of.html
Title: Re: Technical
Post by: Asyn on June 16, 2014, 02:16:57 PM
Black marketed Windows banking & POS Trojan Minerva turns in-the-wild
http://blog.avast.com/2014/06/04/black-marketed-windows-banking-pos-trojan-minerva-turns-in-the-wild/
Title: Re: Technical
Post by: Asyn on June 20, 2014, 09:33:03 AM
A Measurement Study of Google Play
http://www.cs.columbia.edu/~nieh/pubs/sigmetrics2014_playdrone.pdf
Title: Re: Technical
Post by: Asyn on June 22, 2014, 11:56:19 AM
Mobile Threat Report (F-Secure) Q1 2014
http://www.f-secure.com/static/doc/labs_global/Research/Mobile_Threat_Report_Q1_2014.pdf
Title: Re: Technical
Post by: Asyn on June 25, 2014, 09:42:24 AM
HackingTeam 2.0: The Story Goes Mobile
https://www.securelist.com/en/blog/8231/HackingTeam_2_0_The_Story_Goes_Mobile
Title: Re: Technical
Post by: Asyn on June 28, 2014, 08:09:10 AM
2014: The Year Extortion Went Mainstream
http://krebsonsecurity.com/2014/06/2014-the-year-extortion-went-mainstream/
Title: Re: Technical
Post by: Asyn on June 29, 2014, 10:47:47 AM
Havex Hunts for ICS/SCADA Systems
http://www.f-secure.com/weblog/archives/00002718.html
Title: Re: Technical
Post by: Asyn on June 29, 2014, 12:10:59 PM
Raising Lazarus - The 20 Year Old Bug that Went to Mars
http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
http://blog.securitymouse.com/2014/06/understanding-lz4-memory-corruption.html
http://www.openwall.com/lists/oss-security/2014/06/26/31
Title: Re: Technical
Post by: Asyn on June 30, 2014, 03:59:14 PM
HackingTeam 2.0: The Story Goes Mobile
https://www.securelist.com/en/blog/8231/HackingTeam_2_0_The_Story_Goes_Mobile
Police Story: Hacking Team’s Government Surveillance Malware
https://citizenlab.org/2014/06/backdoor-hacking-teams-tradecraft-android-implant/
Title: Re: Technical
Post by: Asyn on July 01, 2014, 03:36:03 PM
Dragonfly: Western Energy Companies Under Sabotage Threat
http://www.symantec.com/connect/blogs/dragonfly-western-energy-companies-under-sabotage-threat
Title: Re: Technical
Post by: mchain on July 02, 2014, 07:56:23 PM
IBM: Commercial Nanotube Transistors Are Coming Soon
http://www.technologyreview.com/news/528601/ibm-commercial-nanotube-transistors-are-coming-soon/ (http://www.technologyreview.com/news/528601/ibm-commercial-nanotube-transistors-are-coming-soon/)
Title: Re: Technical
Post by: Asyn on July 05, 2014, 08:07:30 AM
Snake In The Grass: Python-based Malware Used For Targeted Attacks
https://www.bluecoat.com/security-blog/2014-06-10/snake-grass-python-based-malware-used-targeted-attacks
Title: Re: Technical
Post by: Asyn on July 05, 2014, 06:50:38 PM
RSA Uncovers Boleto Fraud Ring in Brazil
https://blogs.rsa.com/rsa-uncovers-boleto-fraud-ring-brazil/
http://www.emc.com/collateral/white-papers/h13282-report-rsa-discovers-boleto-fraud-ring.pdf
Title: Re: Technical
Post by: Asyn on July 06, 2014, 08:59:05 AM
Bypassing Windows 8.1 Mitigations using Unsafe COM Objects
http://contextis.co.uk/blog/windows-mitigaton-bypass/
Title: Re: Technical
Post by: Asyn on July 07, 2014, 08:01:20 AM
Reading the XKeyScore-rules source
http://blog.erratasec.com/2014/07/reading-xkeyscore-rules-source.html

PS: Jamming XKeyScore: http://blog.erratasec.com/2014/07/jamming-xkeyscore_4.html ;)
Title: Re: Technical
Post by: Asyn on July 10, 2014, 06:48:40 AM
Android Forensics, Part 1: How we recovered (supposedly) erased data
http://blog.avast.com/2014/07/09/android-foreniscs-pt-2-how-we-recovered-erased-data/
Title: Re: Technical
Post by: Asyn on July 10, 2014, 03:27:48 PM
Taking Down the Lecpetex Botnet
https://www.facebook.com/notes/protect-the-graph/taking-down-the-lecpetex-botnet/1477464749160338
Title: Re: Technical
Post by: Asyn on July 12, 2014, 05:18:04 PM
Androguard
Reverse engineering, Malware and goodware analysis of Android applications
https://code.google.com/p/androguard/
Title: Re: Technical
Post by: Asyn on July 13, 2014, 08:32:19 AM
Versatile DDoS Trojan for Linux
https://securelist.com/analysis/publications/64361/versatile-ddos-trojan-for-linux/
Title: Re: Technical
Post by: Asyn on July 14, 2014, 08:28:43 AM
The Ultra-Simple App That Lets Anyone Encrypt Anything
http://www.wired.com/2014/07/minilock-simple-encryption
Title: Re: Technical
Post by: Asyn on July 16, 2014, 09:13:46 AM
Meet ‘Project Zero,’ Google’s Secret Team of Bug-Hunting Hackers
http://www.wired.com/2014/07/google-project-zero/
http://googleprojectzero.blogspot.com/2014/07/announcing-project-zero.html
Title: Re: Technical
Post by: Asyn on July 18, 2014, 07:18:37 AM
Tinybanker Trojan targets banking customers
http://blog.avast.com/2014/07/17/tinybanker-trojan-targets-banking-customers/
Title: Re: Technical
Post by: Asyn on July 20, 2014, 08:33:50 AM
Viper 1.0
Viper is a binary management and analysis framework dedicated to malware and exploit researchers.
http://viper.li/
http://viper-framework.readthedocs.org/en/latest/
Title: Re: Technical
Post by: Asyn on July 21, 2014, 10:56:56 AM
AFD.SYS Dangling Pointer Vulnerability
http://www.siberas.de/papers/Pwn2Own_2014_AFD.sys_privilege_escalation.pdf
Title: Re: Technical
Post by: Asyn on July 22, 2014, 09:10:57 AM
Blind Return Oriented Programming (BROP)
http://www.scs.stanford.edu/brop/
http://www.scs.stanford.edu/brop/bittau-brop.pdf
Title: Re: Technical
Post by: Asyn on July 23, 2014, 07:31:41 AM
The Web never forgets: Persistent tracking mechanisms in the wild
https://securehomes.esat.kuleuven.be/~gacar/persistent/index.html
https://securehomes.esat.kuleuven.be/~gacar/persistent/the_web_never_forgets.pdf
Title: Re: Technical
Post by: mchain on July 25, 2014, 08:00:46 AM
Microsoft explains quantum computing in a way we can all understand
http://www.engadget.com/2014/07/24/microsoft-explains-quantum-computing-in-a-way-we-can-all-underst/?ncid=rss_truncated (http://www.engadget.com/2014/07/24/microsoft-explains-quantum-computing-in-a-way-we-can-all-underst/?ncid=rss_truncated)
STATION Q  Where Microsoft does the work of qubit theory and computer science development:
http://www.microsoft.com/en-us/news/stories/stationq/index.html (http://www.microsoft.com/en-us/news/stories/stationq/index.html)
Watch the video embedded here to understand what is being done and what the potentials are:  It is a bit of a read.
Title: Re: Technical
Post by: DavidR on July 25, 2014, 12:11:03 PM
Microsoft explains quantum computing in a way we can all understand
http://www.engadget.com/2014/07/24/microsoft-explains-quantum-computing-in-a-way-we-can-all-underst/?ncid=rss_truncated (http://www.engadget.com/2014/07/24/microsoft-explains-quantum-computing-in-a-way-we-can-all-underst/?ncid=rss_truncated)
STATION Q  Where Microsoft does the work of qubit theory and computer science development:
http://www.microsoft.com/en-us/news/stories/stationq/index.html (http://www.microsoft.com/en-us/news/stories/stationq/index.html)
Watch the video embedded here to understand what is being done and what the potentials are:  It is a bit of a read.

Wouldn't it be great if MS got on with what it should be doing, sorting their OS mess out. And explaining that in a language we can all understand ;D
Title: Re: Technical
Post by: Asyn on July 26, 2014, 08:06:09 AM
Wouldn't it be great if MS got on with what it should be doing, sorting their OS mess out. And explaining that in a language we can all understand ;D
Maybe minimum requirement for W9/10 is a quantum computer. ;D
Title: Re: Technical
Post by: Asyn on July 27, 2014, 07:30:52 AM
pwn4fun Spring 2014 - Safari - Part I
http://googleprojectzero.blogspot.com/2014/07/pwn4fun-spring-2014-safari-part-i_24.html
Title: Re: Technical
Post by: Asyn on July 28, 2014, 03:12:28 PM
Silver Bullets and Fairy Tails
http://blog.exodusintel.com/2014/07/23/silverbullets_and_fairytails/
https://tails.boum.org/security/Security_hole_in_I2P_0.9.13/index.en.html
Title: Re: Technical
Post by: Asyn on July 29, 2014, 12:22:45 PM
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
https://krebsonsecurity.com/2014/07/hackers-plundered-israeli-defense-firms-that-built-iron-dome-missile-defense-system/
Title: Re: Technical
Post by: mchain on August 01, 2014, 08:20:14 AM
Malvertisements on DeviantART lead to Optimum Installer
http://stopmalvertising.com/malvertisements/malvertisements-on-deviantart-lead-to-optimum-installer.html (http://stopmalvertising.com/malvertisements/malvertisements-on-deviantart-lead-to-optimum-installer.html)
Project Zero
http://googleprojectzero.blogspot.com/ (http://googleprojectzero.blogspot.com/)
Title: Re: Technical
Post by: Asyn on August 02, 2014, 07:18:40 AM
Announcing EMET 5.0
http://blogs.technet.com/b/srd/archive/2014/07/31/announcing-emet-v5.aspx
http://www.microsoft.com/en-us/download/details.aspx?id=43714
Title: Re: Technical
Post by: Asyn on August 03, 2014, 10:50:17 AM
Poweliks: the persistent malware without a file
https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-without-a-file.html
Title: Re: Technical
Post by: essexboy on August 03, 2014, 11:54:27 AM
Poweliks: the persistent malware without a file
https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-without-a-file.html
There is a registry entry with this that has the malware script crafted into it
Quote
HKEY_USERS\S-1-5-21-1264667008-2504301194-1484543345-4784_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32\ ----> invisible invalid characters
 LocalServer32 subkey has an additional subkey locked by invalid characters, which prevent a whole CLSID key deletion:

We have had one here
Title: Re: Technical
Post by: bob3160 on August 03, 2014, 12:12:44 PM
Poweliks: the persistent malware without a file
https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-without-a-file.html (https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-without-a-file.html)
There is a registry entry with this that has the malware script crafted into it
Quote
HKEY_USERS\S-1-5-21-1264667008-2504301194-1484543345-4784_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32\ ----> invisible invalid characters
 LocalServer32 subkey has an additional subkey locked by invalid characters, which prevent a whole CLSID key deletion:

We have had one here
Detection by avast! ???

Title: Re: Technical
Post by: essexboy on August 03, 2014, 12:16:56 PM
No apart from blocking it from calling home.  I believe the latest TDSSKiller can locate and fix the registry entry 
Title: Re: Technical
Post by: Asyn on August 05, 2014, 11:15:53 AM
No apart from blocking it from calling home.  I believe the latest TDSSKiller can locate and fix the registry entry
Seems we've detection now (thanks Pondus): https://forum.avast.com/index.php?msg=1112992
Title: Re: Technical
Post by: Asyn on August 07, 2014, 12:56:25 PM
WordPress and Drupal Denial Of Service Vulnerability Full Disclosure - Break Security
http://www.breaksec.com/?p=6362
Title: Re: Technical
Post by: Asyn on August 09, 2014, 06:36:04 AM
How to bypass Zeus Trojan’s self protection mechanism
http://int0xcc.svbtle.com/how-to-bypass-zeus-trojans-self-protection-mechanism
Title: Re: Technical
Post by: Asyn on August 09, 2014, 04:56:28 PM
BadUSB - On accessories that turn evil
https://srlabs.de/blog/wp-content/uploads/2014/07/SRLabs-BadUSB-BlackHat-v1.pdf
Title: Re: Technical
Post by: Asyn on August 10, 2014, 08:53:34 AM
Sysmon v1.0
System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log.
http://technet.microsoft.com/sysinternals/dn798348
http://download.sysinternals.com/files/Sysmon.zip
Title: Re: Technical
Post by: Asyn on August 11, 2014, 09:03:06 AM
Malicious SHA-1
http://malicioussha1.github.io/
Title: Re: Technical
Post by: Asyn on August 14, 2014, 07:46:01 AM
Multiple Vulnerabilities in Disqus WordPress Plugin
http://www.nikcub.com/posts/multiple-vulnerabilities-in-disqus-wordpress-plugin/
Title: Re: Technical
Post by: Asyn on August 14, 2014, 02:21:11 PM
Torbundlebrowser.org
The website is an almost perfect copy of the original website, except for the download link, and also the donation one, replaced by a bitcoin address.
http://dustri.org/b/torbundlebrowserorg.html
Title: Re: Technical
Post by: Para-Noid on August 14, 2014, 02:48:52 PM
Torbundlebrowser.org
The website is an almost perfect copy of the original website, except for the download link, and also the donation one, replaced by a bitcoin address.
http://dustri.org/b/torbundlebrowserorg.html

This might be a little OT but I had to look really close to see the difference...but it's there.
Subtle but it's there.
Title: Re: Technical
Post by: Asyn on August 15, 2014, 10:51:29 AM
This might be a little OT but I had to look really close to see the difference...but it's there.
Subtle but it's there.
Well, that's the trick. If you wouldn't have known before, you (probably) might have missed it.
Title: Re: Technical
Post by: Asyn on August 16, 2014, 09:07:45 AM
NSA/GCHQ: The HACIENDA Program for Internet Colonization
http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html
Title: Re: Technical
Post by: Asyn on August 16, 2014, 10:08:45 PM
Black Hat 2014 on YT
https://www.youtube.com/user/BlackHatOfficialYT/feed
Title: Re: Technical
Post by: Asyn on August 17, 2014, 10:11:07 AM
What's the matter with PGP?
http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html
Title: Re: Technical
Post by: Asyn on August 18, 2014, 08:10:26 AM
Schrodinger’s Cat Video and the Death of Clear-Text
https://citizenlab.org/2014/08/cat-video-and-the-death-of-clear-text/
Title: Re: Technical
Post by: Asyn on August 19, 2014, 08:01:02 AM
Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On PCs
http://www.tau.ac.il/~tromer/handsoff/
http://www.cs.tau.ac.il/%7Etromer/papers/handsoff-20140731.pdf
Title: Re: Technical
Post by: Pondus on August 19, 2014, 06:09:08 PM
Microsoft urges customers to uninstall 'Blue Screen of Death' update
http://www.computerworld.com/s/article/9250446/Microsoft_urges_customers_to_uninstall_Blue_Screen_of_Death_update

Uninstall ‘Blue Screen of Death’ error Update: Microsoft to Customers
http://www.wallstreetotc.com/uninstall-blue-screen-of-death-error-update-microsoft-to-customers/27475/

http://www.dslreports.com/forum/r29467120-Microsoft-recommends-removing-update-2982791

Title: Re: Technical
Post by: Asyn on August 20, 2014, 06:24:12 AM
Reveton ransomware has dangerously evolved
http://blog.avast.com/2014/08/19/reveton-ransomware-has-dangerously-evolved/
Title: Re: Technical
Post by: Asyn on August 22, 2014, 06:45:14 AM
iSEC Partners Conducts Tor Browser Hardening Study
https://blog.torproject.org/blog/isec-partners-conducts-tor-browser-hardening-study
https://github.com/iSECPartners/publications/tree/master/reports/Tor%20Browser%20Bundle
Title: Re: Technical
Post by: Asyn on August 23, 2014, 05:05:14 PM
Announcing CERT Tapioca for MITM Analysis
http://www.cert.org/blogs/certcc/post.cfm?EntryID=203
Title: Re: Technical
Post by: Asyn on August 24, 2014, 10:44:14 AM
Lorem Ipsum: Of Good & Evil, Google & China
https://krebsonsecurity.com/2014/08/lorem-ipsum-of-good-evil-google-china/
Title: Re: Technical
Post by: Asyn on August 25, 2014, 06:34:44 AM
2014 Business Password Analysis
https://gsr.trustwave.com/topics/business-password-analysis/2014-business-password-analysis/
Title: Re: Technical
Post by: Asyn on August 26, 2014, 07:46:56 AM
OpenPhish - Free Phishing Feed
http://www.openphish.com/
Title: Re: Technical
Post by: Asyn on August 28, 2014, 07:24:38 AM
Self-propagating ransomware written in Windows batch hits Russian-speaking countries
http://blog.avast.com/2014/08/27/self-propagating-ransomware-written-in-windows-batch-hits-russian-speaking-countries/
Title: Re: Technical
Post by: Asyn on August 29, 2014, 08:55:37 AM
Microsoft urges customers to uninstall 'Blue Screen of Death' update
http://www.computerworld.com/s/article/9250446/Microsoft_urges_customers_to_uninstall_Blue_Screen_of_Death_update

Uninstall ‘Blue Screen of Death’ error Update: Microsoft to Customers
http://www.wallstreetotc.com/uninstall-blue-screen-of-death-error-update-microsoft-to-customers/27475/

http://www.dslreports.com/forum/r29467120-Microsoft-recommends-removing-update-2982791
-> https://technet.microsoft.com/en-us/library/security/ms14-045.aspx

To address known issues with security update 2982791, Microsoft rereleased MS14-045 to replace the 2982791 update with the 2993651 update for all supported releases of Microsoft Windows. Microsoft expired update 2982791 on August 15, 2014. All customers should apply the 2993651 update, which replaces the expired 2982791 update. Microsoft strongly recommends that customers who have not uninstalled the 2982791 update do so prior to applying the 2993651 update.
Title: Re: Technical
Post by: polonus on August 29, 2014, 12:40:42 PM
Unofficial Service Pack 4 for Windows Experiece (XP): http://www.ryanvm.net/forum/viewtopic.php?t=10321
Better mitigate away from XP altogether, but something for those that cannot upgrade their old machines for some reason or other.

polonus
Title: Re: Technical
Post by: bob3160 on August 29, 2014, 02:15:11 PM
Unofficial Service Pack 4 for Windows Experiece (XP): http://www.ryanvm.net/forum/viewtopic.php?t=10321 (http://www.ryanvm.net/forum/viewtopic.php?t=10321)
Better mitigate away from XP altogether, but something for those that cannot upgrade their old machines for some reason or other.

polonus
You're not reading your forum. :)
https://forum.avast.com/index.php?topic=19387.msg1120012#msg1120012 (https://forum.avast.com/index.php?topic=19387.msg1120012#msg1120012)
Title: Re: Technical
Post by: Asyn on August 30, 2014, 09:26:25 AM
Malvertising: Not all Java from java.com is legitimate
http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/
Title: Re: Technical
Post by: bob3160 on August 30, 2014, 04:46:31 PM
Malvertising: Not all Java from java.com is legitimate
http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/ (http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/)
Nice but how will this directly help the average computer user ???
Title: Re: Technical
Post by: Asyn on August 30, 2014, 05:06:24 PM
Malvertising: Not all Java from java.com is legitimate
http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/ (http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/)
Nice but how will this directly help the average computer user ???
Bob, this thread (basically) isn't conceived for average users. ;)
Anyway, see the section under "Advice" in the linked article.
Title: Re: Technical
Post by: bob3160 on August 30, 2014, 05:33:03 PM
Malvertising: Not all Java from java.com is legitimate
http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/ (http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is-legitimate/)
Nice but how will this directly help the average computer user<$1alt="" title="" onresizestart="return false;" id="smiley__$2" style="padding: 0 3px 0 3px;" />
Bob, this thread (basically) isn't conceived for average users.<$1alt="" title="" onresizestart="return false;" id="smiley__$2" style="padding: 0 3px 0 3px;" />
Anyway, see the section under "Advice" in the linked article.
Precisely why I asked this question. :)

Advice:
There is no silver bullet to protect yourself from malvertising.
Title: Re: Technical
Post by: Asyn on August 30, 2014, 05:39:49 PM
Advice:
There is no silver bullet to protect yourself from malvertising.
You forgot to quote the rest..!! ;)

At a minimum:
- Enable click-to-play in your browser. This prevents 3rd party plugins from executing automatically.
- Keep all plugins running in the browser up-to-date using tools like Secunia PSI.
- Consider turning off unneeded plugins if you don’t use them. For example, Java can be installed without the web-plugin component lowering the risk of exploitation and infection.
Title: Re: Technical
Post by: Asyn on August 31, 2014, 09:45:28 AM
Announcing Scumblr and Sketchy - Search, Screenshot, and Reclaim the Internet
http://techblog.netflix.com/2014/08/announcing-scumblr-and-sketchy-search.html
Title: Re: Technical
Post by: Asyn on September 01, 2014, 09:31:13 AM
The poisoned NUL byte, 2014 edition
http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
Title: Re: Technical
Post by: bob3160 on September 05, 2014, 02:09:40 PM
The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud (http://www.wired.com/2014/09/eppb-icloud/)
Right now, those affected wish they had decided to use an Android Phone.  :'(
Title: Re: Technical
Post by: Lisandro on September 05, 2014, 03:19:55 PM
The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud (http://www.wired.com/2014/09/eppb-icloud/)
Right now, those affected wish they had decided to use an Android Phone.  :'(
Well, at least Android is more secure in this field :) Hello iPhone users!
Better is not taking these pictures in any phone: http://blog.avast.com/2014/07/08/tens-of-thousands-of-americans-sell-themselves-online-every-day/
Title: Re: Technical
Post by: bob3160 on September 05, 2014, 04:12:03 PM
The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud (http://www.wired.com/2014/09/eppb-icloud/)
Right now, those affected wish they had decided to use an Android Phone. <$1alt="" title="" onresizestart="return false;" id="smiley__$2" style="padding: 0 3px 0 3px;" />
Well, at least Android is more secure in this field<$1alt="" title="" onresizestart="return false;" id="smiley__$2" style="padding: 0 3px 0 3px;" /> Hello iPhone users!
Better is not taking these pictures in any phone: http://blog.avast.com/2014/07/08/tens-of-thousands-of-americans-sell-themselves-online-every-day/ (http://blog.avast.com/2014/07/08/tens-of-thousands-of-americans-sell-themselves-online-every-day/)
You are correct Lisandro. Some of these poses would have been much more exciting to watch in person. :)
Maybe some day people will realize that anything posted on the net is or, will eventually become everyone's business.
Title: Re: Technical
Post by: CraigB on September 05, 2014, 04:34:50 PM
Well, at least Android is more secure in this field :) Hello iPhone users!
How would android protect you better when it was a cloud service that was infiltrated "not a phone" plus icloud itself wasn't attacked or corrupted in any way as it was illegally gained passwords that was the issue.

Most celebrities passwords can be worked out just by the amount of information given on Wikipedia... mother - father - favourite pet etc etc.
Title: Re: Technical
Post by: DavidR on September 05, 2014, 05:05:00 PM
The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud (http://www.wired.com/2014/09/eppb-icloud/)
Right now, those affected wish they had decided to use an Android Phone.  :'(

For me it doesn't matter what OS/phone you use, stick it on the cloud and you risk it being hacked into. If you wouldn't want anyone to see/steal/hack it, then don't upload it in the first place.
Title: Re: Technical
Post by: Asyn on September 21, 2014, 11:07:57 AM
Tiny Banker Trojan targets customers of major banks worldwide
http://blog.avast.com/2014/09/15/tiny-banker-trojan-targets-customers-of-major-banks-worldwide/
Title: Re: Technical
Post by: RealNature on September 21, 2014, 12:54:05 PM
The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud (http://www.wired.com/2014/09/eppb-icloud/)
Right now, those affected wish they had decided to use an Android Phone.  :'(

For me it doesn't matter what OS/phone you use, stick it on the cloud and you risk it being hacked into. If you wouldn't want anyone to see/steal/hack it, then don't upload it in the first place.
100% true. Or if you plan to use one don't upload sensitive data ;)
Title: Re: Technical
Post by: Asyn on September 22, 2014, 10:32:33 AM
Evading anti-virus's script emulator
http://blog.tempest.com.br/breno-cunha/evading-anti-viruss-script-emulator.html
Title: Re: Technical
Post by: Asyn on September 24, 2014, 11:08:19 AM
Phasing Out Certificates with SHA-1 based Signature Algorithms
https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/
Title: Re: Technical
Post by: Asyn on September 26, 2014, 07:06:27 AM
What is the Bash bug, and how do I prevent my systems from being Shellshocked?
http://blog.avast.com/2014/09/26/what-is-the-bash-bug-and-how-do-i-prevent-my-systems-from-being-shellshocked/

Bash 'shellshock' bug is wormable
http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html
Title: Re: Technical
Post by: polonus on September 26, 2014, 12:15:13 PM
First blacklist for Tor domains launched by Kleissner & Associates: http://dev.virustracker.info/lists/tor%20blacklist.txt
Infested macines will no longer communicate with C&C servers.
The Vienna Security Expert, Peter Kleissner, is also the man behind this service: http://www.kleissner.org/virustracker.html

polonus
Title: Re: Technical
Post by: Asyn on September 27, 2014, 06:05:25 AM
What is the Bash bug, and how do I prevent my systems from being Shellshocked?
http://blog.avast.com/2014/09/26/what-is-the-bash-bug-and-how-do-i-prevent-my-systems-from-being-shellshocked/

Bash 'shellshock' bug is wormable
http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html
Bashbug (shellshock): What is it? How to Remediate?
http://www.rapid7.com/resources/bashbug.jsp
Title: Re: Technical
Post by: Asyn on September 27, 2014, 09:54:22 AM
A Decoy Computer Was Set Up Online. See Which Countries Attacked It the Most
http://www.bloomberg.com/news/2014-09-23/a-decoy-computer-was-set-up-online-see-which-countries-attacked-it-the-most.html
Title: Re: Technical
Post by: bob3160 on September 27, 2014, 02:44:41 PM
A Decoy Computer Was Set Up Online. See Which Countries Attacked It the Most
http://www.bloomberg.com/news/2014-09-23/a-decoy-computer-was-set-up-online-see-which-countries-attacked-it-the-most.html
People that live in glass houses (I'm in that glass house), shouldn't throw stones.......
Title: Re: Technical
Post by: Asyn on September 27, 2014, 05:16:46 PM
People that live in glass houses (I'm in that glass house), shouldn't throw stones.......
Well Bob, as it really isn't your fault, I'd say feel free to throw one... ;D
Title: Re: Technical
Post by: Asyn on September 28, 2014, 06:39:01 AM
A look into LastPass
http://www.martinvigo.com/a-look-into-lastpass/
Title: Re: Technical
Post by: Asyn on September 29, 2014, 07:09:16 AM
FinFisher Malware Dropper Analysis
https://www.codeandsec.com/FinFisher-Malware-Dropper-Analysis
Title: Re: Technical
Post by: Asyn on September 30, 2014, 08:39:58 AM
Malicious iOS Apps
A comparison before and after iOS 8 was released
http://www.andreas-kurtz.de/2014/09/malicious-apps-ios8.html
Title: Re: Technical
Post by: Asyn on October 01, 2014, 07:03:15 AM
FBI to Open Up Malware Investigator Portal to External Researchers
https://threatpost.com/fbi-to-open-up-malware-investigator-portal-to-external-researchers/108590
http://malwareinvestigator.gov/
Title: Re: Technical
Post by: Asyn on October 02, 2014, 07:05:43 AM
LibreSSL: More Than 30 Days Later
http://www.openbsd.org/papers/eurobsdcon2014-libressl.html
Title: Re: Technical
Post by: Asyn on October 03, 2014, 07:36:40 PM
More Mac OS X and iPhone sandbox escapes and kernel bugs
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
Title: Re: Technical
Post by: Asyn on October 04, 2014, 08:02:00 AM
ComputerCOP: The Dubious 'Internet Safety Software' That Hundreds of Police Agencies Have Distributed to Families
https://www.eff.org/deeplinks/2014/09/computercop-dangerous-internet-safety-software-hundreds-police-agencies
Title: Re: Technical
Post by: Asyn on October 05, 2014, 10:53:20 AM
What is the Bash bug, and how do I prevent my systems from being Shellshocked?
http://blog.avast.com/2014/09/26/what-is-the-bash-bug-and-how-do-i-prevent-my-systems-from-being-shellshocked/

Bash 'shellshock' bug is wormable
http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html
Bashbug (shellshock): What is it? How to Remediate?
http://www.rapid7.com/resources/bashbug.jsp
[FD] the other bash RCEs (CVE-2014-6277 and CVE-2014-6278)
http://article.gmane.org/gmane.comp.security.fulldisclosure/1038
Title: Re: Technical
Post by: Asyn on October 06, 2014, 06:53:13 AM
WPScan Vulnerability Database
https://wpvulndb.com/
Title: Re: Technical
Post by: Asyn on October 07, 2014, 07:06:45 AM
The Mac.BackDoor.iWorm threat in detail
http://news.drweb.com/show/?i=5977&c=5&lng=en&p=0

iWorm method of infection found!
http://www.thesafemac.com/iworm-method-of-infection-found/
Title: Re: Technical
Post by: Asyn on October 08, 2014, 06:43:46 AM
Adobe is Spying on Users, Collecting Data on Their eBook Libraries
http://the-digital-reader.com/2014/10/06/adobe-spying-users-collecting-data-ebook-libraries/
http://arstechnica.com/security/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/
Title: Re: Technical
Post by: Para-Noid on October 08, 2014, 03:13:35 PM
No news there. It's a given that software vendors track users habits.
Privacy no longer exists on the world wide web and hasn't for quite some time.
Title: Re: Technical
Post by: Asyn on October 10, 2014, 03:53:36 PM
DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket
http://user.informatik.uni-goettingen.de/~krieck/docs/2014-ndss.pdf
Title: Re: Technical
Post by: Asyn on October 11, 2014, 09:38:21 AM
Why can't Apple decrypt your iPhone?
http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html

A (not so) quick primer on iOS encryption
http://www.darthnull.org/2014/10/06/ios-encryption
Title: Re: Technical
Post by: Asyn on October 12, 2014, 06:37:18 AM
New Class of Vulnerability in Perl Web Applications
http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications/
Title: Re: Technical
Post by: Asyn on October 13, 2014, 06:16:33 AM
What is the Bash bug, and how do I prevent my systems from being Shellshocked?
http://blog.avast.com/2014/09/26/what-is-the-bash-bug-and-how-do-i-prevent-my-systems-from-being-shellshocked/

Bash 'shellshock' bug is wormable
http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html
Bashbug (shellshock): What is it? How to Remediate?
http://www.rapid7.com/resources/bashbug.jsp
[FD] the other bash RCEs (CVE-2014-6277 and CVE-2014-6278)
http://article.gmane.org/gmane.comp.security.fulldisclosure/1038
Shellshock
http://www.dwheeler.com/essays/shellshock.html
Title: Re: Technical
Post by: Asyn on October 15, 2014, 07:44:51 AM
iSIGHT discovers zero-day vulnerability CVE-2014-4114 used in Russian cyber-espionage campaign
http://www.isightpartners.com/2014/10/cve-2014-4114/
Title: Re: Technical
Post by: mchain on October 15, 2014, 11:05:05 AM
iSIGHT discovers zero-day vulnerability CVE-2014-4114 used in Russian cyber-espionage campaign
http://www.isightpartners.com/2014/10/cve-2014-4114/
Listed as Security Update for Windows (OS version) (KB3000869).  If you have this successfully installed, then Microsoft has covered it.

If you don't have it, or have had problems getting it to install properly, a link to the fix and file is here:  https://technet.microsoft.com/library/security/ms14-060 (https://technet.microsoft.com/library/security/ms14-060)  Click the blue url link under Affected Systems for your exact operating system version and you will be taken to a page where you can download the security fix directly.  Double-click (with admin permissions) that file to run it and reboot after the fix completes.  Exploit has been used for targeted attacks per Asyn's link, but home users should install this update if they have not done so already.
Title: Re: Technical
Post by: Asyn on October 15, 2014, 01:40:27 PM
This POODLE Bites: Exploiting The SSL 3.0 Fallback
https://www.openssl.org/~bodo/ssl-poodle.pdf
Title: Re: Technical
Post by: Asyn on October 16, 2014, 07:32:42 AM
This POODLE Bites: Exploiting The SSL 3.0 Fallback
https://www.openssl.org/~bodo/ssl-poodle.pdf
-> http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
-> https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
-> https://technet.microsoft.com/library/security/3009008.aspx
Title: Re: Technical
Post by: bob3160 on October 16, 2014, 03:31:38 PM
This POODLE Bites: Exploiting The SSL 3.0 Fallback
https://www.openssl.org/~bodo/ssl-poodle.pdf (https://www.openssl.org/~bodo/ssl-poodle.pdf)
-> http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html (http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html)
-> https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ (https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/)
-> https://technet.microsoft.com/library/security/3009008.aspx (https://technet.microsoft.com/library/security/3009008.aspx)
For IE, disable SSL3 in the browser settings under Advanced and scroll down to Security. Save your settings.
Firefox plans to implement changes by version 4 and Chrome may already have made changes with their latest updates.
(Especially if you're using the Developers or beta build of Chrome)
It's important to note that the Websites also need to implement changes on their end for this all to work.
Disabling SSL3 may result in some websites not opening or not opening properly.
If that happens, you need to decide if security is more important than the need to see the website. It is your system that's at risk! (Not mine.)
Title: Re: Technical
Post by: Asyn on October 18, 2014, 09:44:33 PM
Revealed: how Whisper app tracks ‘anonymous’ users
http://www.theguardian.com/world/2014/oct/16/-sp-revealed-whisper-app-tracking-users
Title: Re: Technical
Post by: Asyn on October 19, 2014, 09:35:30 AM
Tor Browser 4.0 is released
https://blog.torproject.org/blog/tor-browser-40-released
https://www.torproject.org/download/download-easy.html
Title: Re: Technical
Post by: Asyn on October 20, 2014, 07:50:29 AM
New FrameworkPOS variant exfiltrates data via DNS requests
https://blog.gdatasoftware.com/blog/article/new-frameworkpos-variant-exfiltrates-data-via-dns-requests.html
Title: Re: Technical
Post by: Asyn on October 21, 2014, 01:56:53 PM
Apple’s Mac computers can automatically collect your location information
http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/20/apples-mac-computers-can-automatically-collect-your-location-information/
Title: Re: Technical
Post by: Asyn on October 23, 2014, 12:23:23 PM
Extreme Privilege Escalation On Windows 8/UEFI Systems
https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation.pdf
http://www.kb.cert.org/vuls/id/552286
Title: Re: Technical
Post by: Asyn on October 25, 2014, 06:37:40 PM
The Case of the Modified Binaries
http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/
Title: Re: Technical
Post by: Asyn on October 27, 2014, 02:02:24 PM
Adobe is Spying on Users, Collecting Data on Their eBook Libraries
http://the-digital-reader.com/2014/10/06/adobe-spying-users-collecting-data-ebook-libraries/
http://arstechnica.com/security/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text/
Adobe Updates Digital Edition, Stops Sharing User Info With the Internet
http://the-digital-reader.com/2014/10/23/adobe-updates-digital-edition-stops-sharing-user-info-internet/
Title: Re: Technical
Post by: Asyn on October 28, 2014, 07:00:40 AM
Pony stealer spread vicious malware using email campaign
http://blog.avast.com/2014/10/27/pony-stealer-spread-vicious-malware-using-email-campaign/
Title: Re: Technical
Post by: Asyn on October 29, 2014, 07:02:42 AM
iCloud Uploads Local Data Outside of iCloud Drive
https://datavibe.net/~sneak/20141023/wtf-icloud/
Title: Re: Technical
Post by: Asyn on October 30, 2014, 07:34:33 AM
How Verizon’s Advertising Header Works
http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works/
Title: Re: Technical
Post by: Asyn on November 01, 2014, 07:38:21 AM
Why Samsung Knox isn't really a Fort Knox
http://mobilesecurityares.blogspot.co.uk/2014/10/why-samsung-knox-isnt-really-fort-knox.html
Title: Re: Technical
Post by: Asyn on November 02, 2014, 09:06:56 AM
Mac OS X local privilege escalation (IOBluetoothFamily)
http://randomthoughts.greyhats.it/2014/10/osx-local-privilege-escalation.html
Title: Re: Technical
Post by: Asyn on November 03, 2014, 06:03:40 AM
Microsoft EMET - Armor against zero-days bypassed again
http://blog.sec-consult.com/2014/10/microsoft-emet-armor-against-zero-days.html
Title: Re: Technical
Post by: Asyn on November 04, 2014, 07:59:22 AM
A Lesson In Security
http://blog.ircmaxell.com/2014/10/a-lesson-in-security.html
Title: Re: Technical
Post by: Asyn on November 05, 2014, 07:47:24 AM
Announcing the 2014 Volatility Plugin Contest Results!
http://volatility-labs.blogspot.com/2014/10/announcing-2014-volatility-plugin.html
Title: Re: Technical
Post by: Asyn on November 07, 2014, 06:43:04 AM
Secure Messaging Scorecard
https://www.eff.org/secure-messaging-scorecard
Title: Re: Technical
Post by: Asyn on November 08, 2014, 05:10:52 AM
WireLurker: A New Era in OS X and iOS Malware
http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-new-era-os-x-ios-malware/
http://www.zdziarski.com/blog/?p=4140
Title: Re: Technical
Post by: mchain on November 08, 2014, 08:24:52 AM
When tech support scams meet Ransomlock
A technical-support phone scam uses Trojan.Ransomlock.AM to lock the user’s computer and trick them into calling a technical help phone number to resolve the issue.

http://www.symantec.com/connect/blogs/when-tech-support-scams-meet-ransomlock (http://www.symantec.com/connect/blogs/when-tech-support-scams-meet-ransomlock)
Scroll to the bottom of the page for steps to fix this infection.  Note the infectious agent comes with adware and other grayware programs one may install inadvertently via freeware.
Title: Re: Technical
Post by: Asyn on November 09, 2014, 08:53:44 AM
How I Reverse Engineered Google Docs To Play Back Any Document’s Keystrokes
http://features.jsomers.net/how-i-reverse-engineered-google-docs/
Title: Re: Technical
Post by: Asyn on November 10, 2014, 06:17:02 AM
WireLurker: A New Era in OS X and iOS Malware
http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-new-era-os-x-ios-malware/
http://www.zdziarski.com/blog/?p=4140

WireLurker for Windows
http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-windows/
Title: Re: Technical
Post by: Asyn on November 11, 2014, 08:23:13 AM
The Darkhotel APT - A Story of Unusual Hospitality
http://securelist.com/blog/research/66779/the-darkhotel-apt/
Title: Re: Technical
Post by: Asyn on November 12, 2014, 06:01:32 AM
Masque Attack: All Your iOS Apps Belong to Us
http://www.fireeye.com/blog/technical/cyber-exploits/2014/11/masque-attack-all-your-ios-apps-belong-to-us.html
Title: Re: Technical
Post by: Asyn on November 13, 2014, 07:05:48 AM
Batch NFS
http://cr.yp.to/factorization/batchnfs-20141109.pdf
Title: Re: Technical
Post by: Asyn on November 14, 2014, 07:04:00 AM
BadUSB Exposure
https://opensource.srlabs.de/projects/badusb
Title: Re: Technical
Post by: Asyn on November 15, 2014, 06:46:08 AM
Bypassing Microsoft’s Patch for the Sandworm Zero Day: a Detailed Look at the Root Cause
http://blogs.mcafee.com/mcafee-labs/bypassing-microsofts-patch-sandworm-zero-day-root-cause
Title: Re: Technical
Post by: Para-Noid on November 17, 2014, 07:24:44 PM
Interesting article about browser fingerprinting!

https://panopticlick.eff.org/browser-uniqueness.pdf

Article from panopticlick (https://panopticlick.eff.org)
Title: Re: Technical
Post by: Asyn on November 19, 2014, 06:09:02 AM
Triggering MS14-066
http://blog.beyondtrust.com/triggering-ms14-066
Title: Re: Technical
Post by: Asyn on November 20, 2014, 06:59:24 AM
On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records
https://mice.cs.columbia.edu/getTechreport.php?techreportID=1545 [PDF]
https://blog.torproject.org/blog/traffic-correlation-using-netflows
Title: Re: Technical
Post by: Asyn on November 21, 2014, 07:36:59 AM
BitTorrentsync security & privacy analysis – Hackito Session results
http://2014.hackitoergosum.org/bittorrentsync-security-privacy-analysis-hackito-session-results/
Title: Re: Technical
Post by: bob3160 on November 21, 2014, 09:51:25 AM
BitTorrentsync security & privacy analysis – Hackito Session results
http://2014.hackitoergosum.org/bittorrentsync-security-privacy-analysis-hackito-session-results/ (http://2014.hackitoergosum.org/bittorrentsync-security-privacy-analysis-hackito-session-results/)
BitTorrent dismisses Sync security concerns (http://www.pcworld.com/article/2849892/bittorrent-dismisses-security-concerns-raised-about-its-sync-app.html)
Title: Re: Technical
Post by: Asyn on November 22, 2014, 05:40:26 PM
Let’s Encrypt: Delivering SSL/TLS Everywhere
https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html
https://letsencrypt.org/howitworks/technology/
Title: Re: Technical
Post by: Asyn on November 23, 2014, 08:18:35 AM
WordPress 3 Persistent Script Injection
http://klikki.fi/adv/wordpress.html
https://wordpress.org/news/2014/11/wordpress-4-0-1/
Title: Re: Technical
Post by: Asyn on November 24, 2014, 11:43:32 AM
Regin: Top-tier espionage tool enables stealthy surveillance
http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
Title: Re: Technical
Post by: Asyn on November 25, 2014, 12:03:03 PM
on Linux, 'less' can probably get you owned
http://seclists.org/fulldisclosure/2014/Nov/74
Title: Re: Technical
Post by: Asyn on November 26, 2014, 07:07:18 AM
Regin: Top-tier espionage tool enables stealthy surveillance
http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
Regin: Nation-state ownage of GSM networks
https://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/
https://securelist.com/files/2014/11/Kaspersky_Lab_whitepaper_Regin_platform_eng.pdf
Title: Re: Technical
Post by: Asyn on November 28, 2014, 08:35:42 AM
Regin: Top-tier espionage tool enables stealthy surveillance
http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
Regin: Nation-state ownage of GSM networks
https://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/
https://securelist.com/files/2014/11/Kaspersky_Lab_whitepaper_Regin_platform_eng.pdf
Secret Malware in European Union Attack Linked to U.S. and British Intelligence
https://firstlook.org/theintercept/2014/11/24/secret-regin-malware-belgacom-nsa-gchq/
Title: Re: Technical
Post by: Asyn on November 29, 2014, 06:06:17 AM
CryptoPHP: Analysis of a hidden threat inside popular content management systems
http://blog.fox-it.com/2014/11/18/cryptophp-analysis-of-a-hidden-threat-inside-popular-content-management-systems/
http://blog.fox-it.com/2014/11/26/cryptophp-a-week-later-more-than-23-000-sites-affected/
https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf
Title: Re: Technical
Post by: Asyn on November 29, 2014, 04:41:53 PM
Regin: Top-tier espionage tool enables stealthy surveillance
http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
Regin: Nation-state ownage of GSM networks
https://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/
https://securelist.com/files/2014/11/Kaspersky_Lab_whitepaper_Regin_platform_eng.pdf
Secret Malware in European Union Attack Linked to U.S. and British Intelligence
https://firstlook.org/theintercept/2014/11/24/secret-regin-malware-belgacom-nsa-gchq/
Regin, an old but sophisticated cyber espionage toolkit platform
https://blog.gdatasoftware.com/blog/article/regin-an-old-but-sophisticated-cyber-espionage-toolkit-platform.html
Title: Re: Technical
Post by: Asyn on November 30, 2014, 06:45:32 AM
Best Web Application Vulnerability Scanners
http://n0where.net/best-web-application-vulnerability-scanners/
Title: Re: Technical
Post by: Asyn on December 01, 2014, 09:34:02 AM
Regin: Top-tier espionage tool enables stealthy surveillance
http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
Regin: Nation-state ownage of GSM networks
https://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/
https://securelist.com/files/2014/11/Kaspersky_Lab_whitepaper_Regin_platform_eng.pdf
Secret Malware in European Union Attack Linked to U.S. and British Intelligence
https://firstlook.org/theintercept/2014/11/24/secret-regin-malware-belgacom-nsa-gchq/
Regin, an old but sophisticated cyber espionage toolkit platform
https://blog.gdatasoftware.com/blog/article/regin-an-old-but-sophisticated-cyber-espionage-toolkit-platform.html
ReginScanner
https://github.com/Neo23x0/ReginScanner
Title: Re: Technical
Post by: Asyn on December 03, 2014, 06:39:38 AM
FIN4: Stealing Insider Information for an Advantage in Stock Trading?
https://www.fireeye.com/blog/threat-research/2014/11/fin4_stealing_insid.html
https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-fin4.pdf
Title: Re: Technical
Post by: Asyn on December 04, 2014, 02:59:09 PM
Operation Cleaver
http://www.cylance.com/operation-cleaver/
http://www.cylance.com/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf
Title: Re: Technical
Post by: Asyn on December 06, 2014, 06:25:32 AM
Operation Auroragold - How the NSA Hacks Cellphone Networks Worldwide
https://firstlook.org/theintercept/2014/12/04/nsa-auroragold-hack-cellphones/
Title: Re: Technical
Post by: Asyn on December 09, 2014, 07:17:41 AM
Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals
http://securitee.org/files/seals_ccs2014.pdf
Title: Re: Technical
Post by: Asyn on December 10, 2014, 06:52:06 AM
The dark side of Apple’s two-factor authentication
http://thenextweb.com/apple/2014/12/08/lost-apple-id-learnt-hard-way-careful-two-factor-authentication/
Title: Re: Technical
Post by: Asyn on December 11, 2014, 09:35:37 AM
Not out of the woods yet: There are more POODLEs
https://vivaldi.net/blogs/entry/not-out-of-the-woods-yet-there-are-more-poodles
Title: Re: Technical
Post by: Asyn on December 12, 2014, 05:55:27 AM
The 'Penquin' Turla
https://securelist.com/blog/research/67962/the-penquin-turla-2/
Title: Re: Technical
Post by: Asyn on December 12, 2014, 02:00:29 PM
Mobile advertising firms spread malware by posing as official Google Play apps
https://blog.avast.com/2014/12/12/mobile-advertising-firms-spread-malware-by-posing-as-official-google-play-apps/
Title: Re: Technical
Post by: Asyn on December 13, 2014, 06:11:44 AM
The 'Penquin' Turla
https://securelist.com/blog/research/67962/the-penquin-turla-2/
Mysterious Turla Linux Backdoor Also For Solaris?
https://www.f-secure.com/weblog/archives/00002775.html
Title: Re: Technical
Post by: Asyn on December 15, 2014, 06:29:27 AM
Operation Socialist - The Inside Story of How British Spies Hacked Belgium’s Largest Telco
https://firstlook.org/theintercept/2014/12/13/belgacom-hack-gchq-inside-story/
Title: Re: Technical
Post by: Asyn on December 17, 2014, 08:25:38 AM
The FBI Used the Web’s Favorite Hacking Tool to Unmask Tor Users
http://www.wired.com/2014/12/fbi-metasploit-tor/
Title: Re: Technical
Post by: Asyn on December 18, 2014, 05:57:54 AM
South Korea hit with banking malware using VPN connection
https://blog.avast.com/2014/12/17/south-korea-hit-with-banking-malware-using-vpn-connection/
Title: Re: Technical
Post by: Asyn on December 21, 2014, 09:20:32 AM
Wiper Malware – A Detection Deep Dive
http://blogs.cisco.com/security/talos/wiper-malware
Title: Re: Technical
Post by: Asyn on December 22, 2014, 06:54:35 AM
Zero Knowledge Proofs: An illustrated primer
http://blog.cryptographyengineering.com/2014/11/zero-knowledge-proofs-illustrated-primer.html
Title: Re: Technical
Post by: Asyn on December 23, 2014, 07:23:18 AM
Tens of millions of dollars, credit cards and intellectual property stolen by a new group of cyber criminals
https://www.fox-it.com/en/press-releases/anunak/
https://www.fox-it.com/en/files/2014/12/Anunak_APT-against-financial-institutions2.pdf
Title: Re: Technical
Post by: Asyn on December 28, 2014, 08:49:53 AM
Thunderstrike
https://trmm.net/Thunderstrike
Title: Re: Technical
Post by: Asyn on January 07, 2015, 06:15:53 AM
Linux DDoS Trojan hiding itself with an embedded rootkit
https://blog.avast.com/2015/01/06/linux-ddos-trojan-hiding-itself-with-an-embedded-rootkit/
Title: Re: Technical
Post by: Asyn on January 08, 2015, 06:42:22 AM
Secure Secure Shell
https://stribika.github.io/2015/01/04/secure-secure-shell.html
Title: Re: Technical
Post by: Asyn on January 09, 2015, 06:02:13 AM
31C3: a new dawn - Videos
http://media.ccc.de/browse/congress/2014/
Title: Re: Technical
Post by: Asyn on January 11, 2015, 08:01:34 AM
HSTS Super Cookies
http://www.radicalresearch.co.uk/lab/hstssupercookies/
Title: Re: Technical
Post by: polonus on January 11, 2015, 06:08:27 PM
New security layer coming to Firefox and Google Chrome browsers based on MAC -mandatory access control.
JS won't share data any longer where data should not be shared, because of inherent insecurity that becomes shared also!
A public draft will be set up for COWL to be generally implemented in adapted browsers within the year.
Read about "A Confinement System for the Web": http://cowl.ws/
Test: http://cowl.ws/examples/checker/

polonus
Title: Re: Technical
Post by: bob3160 on January 11, 2015, 06:20:37 PM
New security layer coming to Firefox and Google Chrome browsers based on MAC -mandatory access control.
JS won't share data any longer where data should not be shared, because of inherent insecurity that becomes shared also!
A public draft will be set up for COWL to be generally implemented in adapted browsers within the year.
Read about "A Confinement System for the Web": http://cowl.ws/ (http://cowl.ws/)
Test: http://cowl.ws/examples/checker/ (http://cowl.ws/examples/checker/)

polonus
All this added protection may be nice but eventually it will bring the internet to it's knees.
Between the scanning of you AV and all the other security programs and browser add-ons,
browsing is getting slower by the day.
It's time to center the attack against the actual source that makes this additional scanning necessary .  (Just my 2 cents) :)
Title: Re: Technical
Post by: Asyn on January 12, 2015, 08:48:54 AM
Lizard Stresser Runs on Hacked Home Routers
http://krebsonsecurity.com/2015/01/lizard-stresser-runs-on-hacked-home-routers/
Title: Re: Technical
Post by: bob3160 on January 12, 2015, 06:00:05 PM
Inside CryptoWall 2.0 (http://arstechnica.com/information-technology/2015/01/inside-cryptowall-2-0-ransomware-professional-edition/)
Not something you want to run into


Title: Re: Technical
Post by: Secondmineboy on January 12, 2015, 06:01:49 PM
In a few years AVs will be useless for such malwares and the OS developers need to work hard on security now.

Microsoft is heading in a good direction already.

Theres also a virus for OSX (mostly MacBooks), which you cannot get rid of even by replacing the Harddrive.
Title: Re: Technical
Post by: Asyn on January 14, 2015, 05:42:23 AM
Skeleton Key Malware Analysis
http://www.secureworks.com/cyber-threat-intelligence/threats/skeleton-key-malware-analysis/
Title: Re: Technical
Post by: Asyn on January 16, 2015, 08:00:49 AM
Fobus, the sneaky little thief that could
https://blog.avast.com/2015/01/15/fobus-the-sneaky-little-thief-that-could/
Title: Re: Technical
Post by: Pondus on January 16, 2015, 12:36:26 PM
Joe Sandbox  for those who want to play  http://www.joesecurity.org/

Title: Re: Technical
Post by: Asyn on January 17, 2015, 06:45:20 AM
The Turn-Verizon Zombie Cookie
http://webpolicy.org/2015/01/14/turn-verizon-zombie-cookie/
Title: Re: Technical
Post by: Asyn on January 18, 2015, 06:36:18 AM
Meet KeySweeper, the $10 USB charger that steals MS keyboard strokes
http://arstechnica.com/security/2015/01/meet-keysweeper-the-10-usb-charger-that-steals-ms-keyboard-strokes/
Title: Re: Technical
Post by: Asyn on January 22, 2015, 06:32:52 AM
Cisco Annual Security Report Reveals Widening Gulf Between Perception and Reality of Cybersecurity Readiness
http://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1576007
Title: Re: Technical
Post by: Asyn on January 28, 2015, 08:03:53 AM
Comparing the Regin module 50251 and the "Qwerty" keylogger
https://securelist.com/blog/research/68525/comparing-the-regin-module-50251-and-the-qwerty-keylogger/
Title: Re: Technical
Post by: Asyn on January 30, 2015, 06:28:16 AM
Deploying tor relays (Mozilla Polaris Privacy Initiative)
https://blog.mozilla.org/it/2015/01/28/deploying-tor-relays/
Title: Re: Technical
Post by: Asyn on February 01, 2015, 10:43:58 AM
Seven Months’ Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse
https://lirias.kuleuven.be/bitstream/123456789/471369/3/typos-final.pdf
Title: Re: Technical
Post by: Asyn on February 03, 2015, 07:20:53 AM
Autoruns v13.0
http://blogs.technet.com/b/sysinternals/archive/2015/01/29/update-autoruns-v13-0.aspx
https://technet.microsoft.com/en-us/sysinternals/bb963902

This major update to Autoruns, an autostart execution point (ASEP) manager, now has integration with Virustotal.com to show the status of entries with respect to scans by over four dozen antimalware engines.
Title: Re: Technical
Post by: Asyn on February 04, 2015, 06:50:20 AM
RansomWeb: emerging website threat that may outshine DDoS, data theft and defacements?
https://www.htbridge.com/blog/ransomweb_emerging_website_threat.html
Title: Re: Technical
Post by: Asyn on February 07, 2015, 10:23:29 AM
Beemer, Open Thyself! – Security vulnerabilities in BMW's ConnectedDrive
http://www.heise.de/ct/artikel/Beemer-Open-Thyself-Security-vulnerabilities-in-BMW-s-ConnectedDrive-2540957.html
Title: Re: Technical
Post by: Asyn on February 08, 2015, 08:21:09 AM
Anatomy of a Brute Force Campaign: The Story of Hee Thai Limited
https://www.fireeye.com/blog/threat-research/2015/02/anatomy_of_a_brutef.html
Title: Re: Technical
Post by: Asyn on February 10, 2015, 11:39:08 AM
MongoDB databases at risk
http://cispa.saarland/wp-content/uploads/2015/02/MongoDB_documentation.pdf
Title: Re: Technical
Post by: Asyn on February 11, 2015, 08:57:34 AM
Mobile Crypto-Ransomware Simplocker now on Steroids
https://blog.avast.com/2015/02/10/mobile-crypto-ransomware-simplocker-now-on-steroids/
Title: Re: Technical
Post by: Asyn on February 11, 2015, 03:07:55 PM
Cyber Espionage Campaign Compromises Web Properties to Target US Financial Services and Defense Companies and Chinese Dissidents in Watering Hole Style Attack
http://www.isightpartners.com/2015/02/codoso/
Title: Re: Technical
Post by: Asyn on February 15, 2015, 11:18:42 AM
Combating Dormant Malware Apps with Harvester
http://sseblog.ec-spride.de/2015/02/introducing-harvester/
http://www.bodden.de/pubs/TUD-CS-2015-0031.pdf
Title: Re: Technical
Post by: Asyn on February 16, 2015, 09:38:47 AM
MS15-011 & MS15-014: Hardening Group Policy
http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx
Title: Re: Technical
Post by: Asyn on February 17, 2015, 11:12:26 AM
Bad Browser Plug-ins Gone Wild: Malvertising, Data Exfiltration, and Malware, Oh my!
http://blogs.cisco.com/security/talos/bad-browser-plug-ins
Title: Re: Technical
Post by: Asyn on February 18, 2015, 07:49:13 AM
Angry Android hacker hides Xbot malware in popular application icons
https://blog.avast.com/2015/02/17/angry-android-hacker-hides-xbot-malware-in-popular-application-icons/
Title: Re: Technical
Post by: Asyn on February 18, 2015, 12:19:12 PM
The Great Bank Robbery: the Carbanak APT
https://securelist.com/blog/research/68732/the-great-bank-robbery-the-carbanak-apt/
https://securelist.com/files/2015/02/Carbanak_APT_eng.pdf
Title: Re: Technical
Post by: Asyn on February 19, 2015, 07:01:12 AM
Introducing Extension Signing: A Safer Add-on Experience
https://blog.mozilla.org/addons/2015/02/10/extension-signing-safer-experience/
https://developer.mozilla.org/en-US/Add-ons/Add-on_guidelines
Title: Re: Technical
Post by: Asyn on February 20, 2015, 06:22:30 AM
Babar: Suspected Nation State Spyware In The Spotlight
http://www.cyphort.com/babar-suspected-nation-state-spyware-spotlight/
Title: Re: Technical
Post by: Asyn on February 21, 2015, 09:05:33 AM
The Great SIM Heist - How Spies Stole the Keys to the Encryption Castle
https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
Title: Re: Technical
Post by: Asyn on February 22, 2015, 08:20:18 AM
Malware Is Still Spying On You Even When Your Mobile Is Off
http://now.avg.com/malware-is-still-spying-on-you-after-your-mobile-is-off/
Title: Re: Technical
Post by: Asyn on February 23, 2015, 07:57:12 AM
Using Google Cloud Platform for Security Scanning
http://googlecloudplatform.blogspot.com/2015/02/using-google-cloud-platform-for.html
https://cloud.google.com/tools/security-scanner/
Title: Re: Technical
Post by: Asyn on February 26, 2015, 09:37:56 AM
GPG And Me
http://www.thoughtcrime.org/blog/gpg-and-me/
Title: Re: Technical
Post by: Asyn on March 01, 2015, 09:46:25 AM
Spam Uses Default Passwords to Hack Routers
http://krebsonsecurity.com/2015/02/spam-uses-default-passwords-to-hack-routers/
http://www.proofpoint.com/us/threat-insight/post/Phish-Pharm
Title: Re: Technical
Post by: Asyn on March 03, 2015, 01:55:47 PM
Abusing Blu-ray Players Pt. 1 – Sandbox Escapes
https://www.nccgroup.com/en/blog/2015/02/abusing-blu-ray-players-pt-1-sandbox-escapes/
Title: Re: Technical
Post by: Asyn on March 04, 2015, 08:44:03 AM
The Tricky World of Securing Firmware
https://blogs.intel.com/evangelists/2015/02/20/tricky-world-securing-firmware/
Title: Re: Technical
Post by: Asyn on March 05, 2015, 08:12:48 AM
Tracking the FREAK Attack
https://freakattack.com/
Title: Re: Technical
Post by: Asyn on March 06, 2015, 09:35:32 AM
Casper Malware: After Babar and Bunny, Another Espionage Cartoon
http://www.welivesecurity.com/2015/03/05/casper-malware-babar-bunny-another-espionage-cartoon/
Title: Re: Technical
Post by: Asyn on March 08, 2015, 09:12:16 AM
Cuckoo Sandbox 1.2
http://cuckoosandbox.org/2015-03-04-cuckoo-sandbox-12.html
Title: Re: Technical
Post by: Asyn on March 09, 2015, 10:00:27 AM
PowerSpy: Location Tracking using Mobile Device Power Analysis
http://arxiv.org/abs/1502.03182
http://arxiv.org/pdf/1502.03182v2 [PDF]
Title: Re: Technical
Post by: mchain on March 10, 2015, 07:27:08 AM
Project Zero
News and updates from the Project Zero team at Google

Exploiting the DRAM rowhammer bug to gain kernel privileges
http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html (http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html)
Title: Re: Technical
Post by: Asyn on March 11, 2015, 10:51:45 AM
Proving that Android’s, Java’s and Python’s sorting algorithm is broken (and showing how to fix it)
http://www.envisage-project.eu/proving-android-java-and-python-sorting-algorithm-is-broken-and-how-to-fix-it
Title: Re: Technical
Post by: Asyn on March 12, 2015, 09:19:16 AM
iSpy: The CIA Campaign to Steal Apple’s Secrets
https://firstlook.org/theintercept/2015/03/10/ispy-cia-campaign-steal-apples-secrets/
Title: Re: Technical
Post by: Asyn on March 14, 2015, 06:51:40 PM
Inside the EquationDrug Espionage Platform
http://securelist.com/blog/research/69203/inside-the-equationdrug-espionage-platform/
Title: Re: Technical
Post by: Asyn on March 16, 2015, 08:03:31 AM
Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed
http://blogs.cisco.com/security/talos/whoisdisclosure
Title: Re: Technical
Post by: Asyn on March 18, 2015, 08:01:04 AM
How "../sms" could bypass Authy 2 Factor Authentication
http://sakurity.com/blog/2015/03/15/authy_bypass.html
Title: Re: Technical
Post by: Asyn on March 19, 2015, 09:01:56 AM
Apple iOS Hardware Assisted Screenlock Bruteforce
http://blog.mdsec.co.uk/2015/03/bruteforcing-ios-screenlock.html
Title: Re: Technical
Post by: polonus on March 19, 2015, 03:30:34 PM
Pirate Bay cleverly circumvents UK ISP restrictions:
http://torrentfreak.com/secure-pirate-bay-unblocked-by-most-uk-isps-150316/

pol
Title: Re: Technical
Post by: mchain on March 20, 2015, 06:01:46 AM
New OpenSSL vulnerability could facilitate DoS attacks
http://www.symantec.com/connect/blogs/new-openssl-vulnerability-could-facilitate-dos-attacks (http://www.symantec.com/connect/blogs/new-openssl-vulnerability-could-facilitate-dos-attacks)
Title: Re: Technical
Post by: Asyn on March 20, 2015, 08:39:07 AM
New OpenSSL vulnerability could facilitate DoS attacks
http://www.symantec.com/connect/blogs/new-openssl-vulnerability-could-facilitate-dos-attacks (http://www.symantec.com/connect/blogs/new-openssl-vulnerability-could-facilitate-dos-attacks)
OpenSSL Update available
https://www.openssl.org/news/secadv_20150319.txt
https://www.openssl.org/source/
Title: Re: Technical
Post by: Asyn on March 23, 2015, 08:50:52 AM
Cisco posts kit to empty houses to dodge NSA chop shops
http://www.theregister.co.uk/2015/03/18/want_to_dodge_nsa_supply_chain_taps_ask_cisco_for_a_dead_drop/
Title: Re: Technical
Post by: Asyn on March 23, 2015, 08:55:35 AM
FREAK Out on Mobile
https://www.fireeye.com/blog/threat-research/2015/03/freak_out_on_mobile.html
Title: Re: Technical
Post by: Asyn on March 25, 2015, 07:52:18 AM
How Many Million BIOSes Would you Like to Infect?
http://legbacore.com/Research_files/HowManyMillionBIOSWouldYouLikeToInfect_Full.pdf
Title: Re: Technical
Post by: Asyn on March 26, 2015, 07:26:26 AM
Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware
http://blogs.cisco.com/security/talos/POSeidon
Title: Re: Technical
Post by: Asyn on March 27, 2015, 07:11:52 AM
The old is new, again. CVE-2011-2461 is back!
http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html
Title: Re: Technical
Post by: Asyn on March 28, 2015, 11:10:57 AM
Stealing Data From Computers Using Heat
http://www.wired.com/2015/03/stealing-data-computers-using-heat/
Title: Re: Technical
Post by: Asyn on March 28, 2015, 04:52:44 PM
A better debugger? System to find a common programming bug significantly outperforms predecessors
http://www.csail.mit.edu/node/2457
http://dl.acm.org/citation.cfm?id=2694389 [PDF]
Title: Re: Technical
Post by: Asyn on March 29, 2015, 10:15:27 AM
Breaking SSL with a 13-year-old RC4 Weakness
http://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf
Title: Re: Technical
Post by: Asyn on March 30, 2015, 05:57:10 AM
The Palinopsia Bug
https://hsmr.cc/palinopsia/
Title: Re: Technical
Post by: Asyn on March 31, 2015, 09:38:31 AM
Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS
http://www.isg.rhul.ac.uk/tls/RC4passwords.pdf
Title: Re: Technical
Post by: Asyn on April 02, 2015, 08:03:43 AM
Opportunistic Encryption For Firefox
http://bitsup.blogspot.com/2015/03/opportunistic-encryption-for-firefox.html
Title: Re: Technical
Post by: Asyn on April 04, 2015, 09:09:48 AM
Open Crypto Audit Project - Phase II analysis is completed
https://opencryptoaudit.org/reports/TrueCrypt_Phase_II_NCC_OCAP_final.pdf
Title: Re: Technical
Post by: Asyn on April 07, 2015, 03:42:14 PM
Google Android Security Report 2014
https://static.googleusercontent.com/media/source.android.com/en/us/devices/tech/security/reports/Google_Android_Security_2014_Report_Final.pdf
Title: Re: Technical
Post by: Asyn on April 08, 2015, 11:20:50 AM
Liveblog: Malvertising from Google advertisements via possibly compromised reseller
http://blog.fox-it.com/2015/04/07/liveblog-malvertising-from-google-advertisements-via-possibly-compromised-reseller/
Title: Re: Technical
Post by: Asyn on April 10, 2015, 08:04:57 AM
International police operation targets polymorphic Beebone botnet
https://www.europol.europa.eu/content/international-police-operation-targets-polymorphic-beebone-botnet
https://www.us-cert.gov/ncas/alerts/TA15-098A
Title: Re: Technical
Post by: Asyn on April 11, 2015, 05:22:49 PM
Hidden backdoor API to root privileges in Apple OS X
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/
Title: Re: Technical
Post by: Asyn on April 13, 2015, 11:55:34 AM
China’s Great Cannon
https://citizenlab.org/2015/04/chinas-great-cannon/
Title: Re: Technical
Post by: Asyn on April 14, 2015, 08:42:58 AM
APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation
https://www.fireeye.com/blog/threat-research/2015/04/apt_30_and_the_mecha.html
Title: Re: Technical
Post by: Asyn on April 15, 2015, 08:35:34 AM
SPEAR - Redirect to SMB
http://blog.cylance.com/redirect-to-smb
Title: Re: Technical
Post by: Asyn on April 16, 2015, 10:14:35 AM
Simda's Hide and Seek: Grown-up Games
http://securelist.com/blog/69580/simdas-hide-and-seek-grown-up-games/
http://blogs.technet.com/b/mmpc/archive/2015/04/12/microsoft-partners-with-interpol-industry-to-disrupt-global-malware-attack-affecting-more-than-770-000-pcs-in-past-six-months-39-simda-at-39-designed-to-divert-internet-traffic-to-disseminate-other-types-of-malware.aspx
Title: Re: Technical
Post by: Asyn on April 17, 2015, 09:06:32 AM
The Chronicles of the Hellsing APT: the Empire Strikes Back
http://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/
Title: Re: Technical
Post by: Asyn on April 19, 2015, 10:30:02 AM
IBM X-Force Exchange
https://exchange.xforce.ibmcloud.com/
Title: Re: Technical
Post by: Asyn on April 21, 2015, 08:47:12 AM
Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack
https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
Title: Re: Technical
Post by: Asyn on April 22, 2015, 10:20:30 AM
Clarification of Tor's involvement with DARPA's Memex
https://lists.torproject.org/pipermail/tor-talk/2015-April/037538.html
Title: Re: Technical
Post by: Asyn on April 23, 2015, 06:55:30 AM
Analyzing the Magento Vulnerability
http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/
Title: Re: Technical
Post by: Asyn on April 25, 2015, 06:16:55 AM
Porn clicker app slipped into Google Play imitating popular Dubsmash app
https://blog.avast.com/2015/04/24/porn-clicker-app-slipped-into-google-play-imitating-popular-dubsmash-app/
Title: Re: Technical
Post by: Asyn on April 27, 2015, 08:09:47 AM
“No iOS Zone” – A New Vulnerability Allows DoS Attacks on iOS Devices
https://www.skycure.com/blog/ios-shield-allows-dos-attacks-on-ios-devices/
Title: Re: Technical
Post by: mchain on April 28, 2015, 01:14:27 AM
Don’t count on people to prevent data breaches
http://www.cio.com/article/2913889/data-breach/don-t-count-on-people-to-prevent-data-breaches.html (http://www.cio.com/article/2913889/data-breach/don-t-count-on-people-to-prevent-data-breaches.html)
Title: Re: Technical
Post by: Asyn on April 28, 2015, 07:05:44 AM
Malware authors go a step further to access bank accounts
https://blog.avast.com/2015/04/27/malware-authors-go-a-step-further-to-access-bank-accounts/
Title: Re: Technical
Post by: Pondus on April 28, 2015, 07:46:32 PM
Bugs like this you have never seen   ;D
http://www.theverge.com/2015/4/27/8502421/robots-pull-100-times-their-own-weight

Title: Re: Technical
Post by: Asyn on April 30, 2015, 07:17:28 AM
Analyzing the Magento Vulnerability
http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/
Magento Shoplift (SUPEE-5344) Exploits in the Wild
https://blog.sucuri.net/2015/04/magento-shoplift-supee-5344-exploits-in-the-wild.html
Title: Re: Technical
Post by: Cast on May 01, 2015, 07:56:53 AM
Antivirus Company Qihoo Censured for Cheating in Lab Tests
http://www.pcmag.com/article2/0,2817,2483498,00.asp
Title: Re: Technical
Post by: Asyn on May 01, 2015, 08:06:31 AM
Antivirus Company Qihoo Censured for Cheating in Lab Tests
http://www.pcmag.com/article2/0,2817,2483498,00.asp
I started a topic here: https://forum.avast.com/index.php?topic=170408.0
Title: Re: Technical
Post by: Asyn on May 01, 2015, 01:48:02 PM
Unboxing Linux/Mumblehard: Muttering spam from your servers
http://www.welivesecurity.com/2015/04/29/unboxing-linuxmumblehard-muttering-spam-servers/
http://www.welivesecurity.com/wp-content/uploads/2015/04/mumblehard.pdf
Title: Re: Technical
Post by: Asyn on May 03, 2015, 08:10:45 AM
Keeping Tabs on WhatsApp's Encryption
http://www.heise.de/ct/artikel/Keeping-Tabs-on-WhatsApp-s-Encryption-2630361.html
Title: Re: Technical
Post by: Asyn on May 05, 2015, 12:20:15 PM
Announcing Windows Update for Business
http://blogs.windows.com/bloggingwindows/2015/05/04/announcing-windows-update-for-business/
Title: Re: Technical
Post by: Asyn on May 06, 2015, 07:12:03 AM
Threat Spotlight: Rombertik – Gazing Past the Smoke, Mirrors, and Trapdoors
http://blogs.cisco.com/security/talos/rombertik
Title: Re: Technical
Post by: Asyn on May 07, 2015, 08:23:47 AM
New Research: The Ad Injection Economy
http://googleonlinesecurity.blogspot.com/2015/05/new-research-ad-injection-economy.html
https://cdn3.vox-cdn.com/uploads/chorus_asset/file/3673260/ad_injector_paper.0.pdf
Title: Re: Technical
Post by: Asyn on May 08, 2015, 09:09:25 AM
JetPack and TwentyFifteen Vulnerable to DOM-based XSS
https://blog.sucuri.net/2015/05/jetpack-and-twentyfifteen-vulnerable-to-dom-based-xss.html
Title: Re: Technical
Post by: Asyn on May 10, 2015, 01:00:57 PM
CVE-2014-3440 – Symantec Critical System Protection Remote Code Execution
http://blog.silentsignal.eu/2015/05/07/cve-2014-3440-symantec-critical-system-protection-remote-code-execution/
http://blog.silentsignal.eu/wp-content/uploads/2015/05/S2_SCSP_BulkLog_CVE-2014-3440.txt
Title: Re: Technical
Post by: polonus on May 11, 2015, 12:32:51 AM
Create bootable USB sticks the easy way: https://rufus.akeo.ie/

polonus
Title: Re: Technical
Post by: bob3160 on May 11, 2015, 04:05:05 PM
Create bootable USB sticks the easy way: https://rufus.akeo.ie/ (https://rufus.akeo.ie/)

polonus
https://forum.avast.com/index.php?topic=19387.msg952936#msg952936 (https://forum.avast.com/index.php?topic=19387.msg952936#msg952936)
Title: Re: Technical
Post by: Asyn on May 12, 2015, 09:57:14 AM
Tor Cloud project has been discontinued
https://cloud.torproject.org/
Title: Re: Technical
Post by: Asyn on May 13, 2015, 09:58:43 AM
Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
https://www.rfc-editor.org/rfc/rfc7525.txt
Title: Re: Technical
Post by: Asyn on May 14, 2015, 10:25:56 AM
VENOM - Virtualized Environment Neglected Operations Manipulation
http://venom.crowdstrike.com/
Title: Re: Technical
Post by: Asyn on May 16, 2015, 09:57:38 AM
Encrypto: Encrypt the files you send
http://blog.macpaw.com/post/118774289073/encrypto-encrypt-the-files-you-send
http://macpaw.com/encrypto
Title: Re: Technical
Post by: Asyn on May 18, 2015, 09:42:30 AM
McAfee Stinger Removed From App Directory Due to Malware-Like Behavior
http://portableapps.com/news/2015-05-08--mcafee-stinger-removed-for-malware-like-behavior
Title: Re: Technical
Post by: Asyn on May 19, 2015, 08:50:38 AM
Hiding in Plain Sight: FireEye and Microsoft Expose Chinese APT Group’s Obfuscation Tactic
https://www.fireeye.com/blog/threat-research/2015/05/hiding_in_plain_sigh.html
https://www2.fireeye.com/WEB-2015RPTAPT17.html
Title: Re: Technical
Post by: Asyn on May 20, 2015, 11:15:05 AM
[SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine
http://seclists.org/fulldisclosure/2015/May/61
http://www.security-explorations.com/en/SE-2014-02-details.html
Title: Re: Technical
Post by: Asyn on May 21, 2015, 09:51:28 AM
KCodes NetUSB: How a Small Taiwanese Software Company Can Impact the Security of Millions of Devices Worldwide
http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt
Title: Re: Technical
Post by: Asyn on May 22, 2015, 08:05:12 AM
Tech giants don’t want Obama to give police access to encrypted phone data
http://www.washingtonpost.com/world/national-security/tech-giants-urge-obama-to-resist-backdoors-into-encrypted-communications/2015/05/18/11781b4a-fd69-11e4-833c-a2de05b6b2a4_story.html
Title: Re: Technical
Post by: Asyn on May 23, 2015, 07:59:50 AM
NSA Planned to Hijack Google App Store to Hack Smartphones
https://firstlook.org/theintercept/2015/05/21/nsa-five-eyes-google-samsung-app-stores-spyware/
Title: Re: Technical
Post by: Asyn on May 24, 2015, 10:40:22 AM
Ransomware Response Kit
https://bitbucket.org/jadacyrus/ransomwareremovalkit
Title: Re: Technical
Post by: Asyn on May 25, 2015, 11:04:30 AM
Security Analysis of Android Factory Resets
http://www.cl.cam.ac.uk/~rja14/Papers/fr_most15.pdf
Title: Re: Technical
Post by: Asyn on May 27, 2015, 08:38:27 AM
Measuring and mitigating AS-level adversaries against Tor
http://arxiv.org/abs/1505.05173
http://arxiv.org/pdf/1505.05173v3 [PDF]
Title: Re: Technical
Post by: Asyn on May 28, 2015, 09:16:22 AM
Meet ‘Tox': Ransomware for the Rest of Us
https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Title: Re: Technical
Post by: Asyn on May 29, 2015, 08:32:07 AM
Moose – the router worm with an appetite for social networks
http://www.welivesecurity.com/2015/05/26/moose-router-worm/
http://www.welivesecurity.com/wp-content/uploads/2015/05/Dissecting-LinuxMoose.pdf
Title: Re: Technical
Post by: Asyn on May 31, 2015, 10:05:38 AM
Mozilla - Update on Extension Signing and New Developer Agreement
https://blog.mozilla.org/addons/2015/05/27/update-signing-new-developer-agreement/
https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Agreement
https://wiki.mozilla.org/Addons/Extension_Signing
Title: Re: Technical
Post by: Asyn on June 01, 2015, 10:21:55 AM
More than fifty vulnerabilities in D-Link NAS and NVR devices
http://www.search-lab.hu/advisories/secadv-20150527
http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf
Title: Re: Technical
Post by: Asyn on June 02, 2015, 08:00:43 AM
The Empire Strikes Back Apple – how your Mac firmware security is completely broken
https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/
Title: Re: Technical
Post by: Asyn on June 03, 2015, 09:17:49 AM
Adios, Hola! Or: Why You Should Immediately Uninstall Hola
http://adios-hola.org/
http://adios-hola.org/advisory.txt
Title: Re: Technical
Post by: Asyn on June 04, 2015, 07:53:23 AM
Hackers Scan All Tor Hidden Services To Find Weaknesses In The 'Dark Web'
http://www.forbes.com/sites/thomasbrewster/2015/06/01/dark-web-vulnerability-scan/
Title: Re: Technical
Post by: Asyn on June 05, 2015, 07:18:11 AM
Auditing GitHub users’ SSH key quality
https://blog.benjojo.co.uk/post/auditing-github-users-keys
Title: Re: Technical
Post by: Asyn on June 06, 2015, 04:51:41 PM
This Hacked Kids’ Toy Opens Garage Doors in Seconds
http://www.wired.com/2015/06/hacked-kids-toy-opens-garage-doors-seconds/
Title: Re: Technical
Post by: Asyn on June 07, 2015, 09:30:59 AM
Let's Encrypt Root and Intermediate Certificates
https://letsencrypt.org/2015/06/04/isrg-ca-certs.html
Title: Re: Technical
Post by: Asyn on June 08, 2015, 10:37:58 AM
Turn It On (2FA)
https://www.turnon2fa.com/
Title: Re: Technical
Post by: Asyn on June 09, 2015, 07:55:33 AM
Trend Micro Discovers MalumPoS; Targets Hotels and other US Industries
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-malumpos-targets-hotels-and-other-us-industries/
http://documents.trendmicro.com/images/tex/pdf/MalumPOS%20Technical%20Brief.pdf
Title: Re: Technical
Post by: Asyn on June 10, 2015, 08:57:16 AM
Brain's reaction to certain words could replace passwords
http://www.eurekalert.org/pub_releases/2015-06/bu-brt060215.php
Title: Re: Technical
Post by: Asyn on June 11, 2015, 08:21:09 AM
The Mystery of Duqu 2.0: a sophisticated cyberespionage actor returns
https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/
https://securelist.com/files/2015/06/The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns.pdf
http://blog.crysys.hu/2015/06/duqu-2-0/
http://www.crysys.hu/duqu2/duqu2.pdf
Title: Re: Technical
Post by: Asyn on June 14, 2015, 08:02:12 AM
Securing access to Wikimedia sites with HTTPS
https://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https/
Title: Re: Technical
Post by: Asyn on June 21, 2015, 10:23:07 AM
FIRST announces availability of new Common Vulnerability Scoring System (CVSS) release
https://www.first.org/newsroom/releases/20150610
https://www.first.org/cvss
Title: Re: Technical
Post by: Asyn on June 21, 2015, 10:25:40 AM
Windows 10 to offer application developers new malware defenses
http://blogs.technet.com/b/mmpc/archive/2015/06/09/windows-10-to-offer-application-developers-new-malware-defenses.aspx
Title: Re: Technical
Post by: Asyn on June 22, 2015, 09:31:05 AM
The Mystery of Duqu 2.0: a sophisticated cyberespionage actor returns
https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/
https://securelist.com/files/2015/06/The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns.pdf
http://blog.crysys.hu/2015/06/duqu-2-0/
http://www.crysys.hu/duqu2/duqu2.pdf
The Duqu 2.0 persistence module
https://securelist.com/blog/research/70641/the-duqu-2-0-persistence-module/
Title: Re: Technical
Post by: Asyn on June 23, 2015, 02:00:49 PM
Let's Encrypt Root and Intermediate Certificates
https://letsencrypt.org/2015/06/04/isrg-ca-certs.html
Let's Encrypt Launch Schedule
https://letsencrypt.org/2015/06/16/lets-encrypt-launch-schedule.html
Title: Re: Technical
Post by: Asyn on June 24, 2015, 10:16:07 AM
IBM 2015 Cyber Security Intelligence Index
http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&htmlfid=SEW03073USEN&attachment=SEW03073USEN.PDF

IBM X-Force Threat Intelligence Quarterly, 2Q 2015
http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&htmlfid=WGL03076USEN&attachment=WGL03076USEN.PDF
Title: Re: Technical
Post by: Asyn on June 25, 2015, 03:00:19 PM
Escaping VMware Workstation through COM1
https://docs.google.com/document/d/1sIYgqrytPK-CFWfqDntraA_Fwi2Ov-YBgMtl5hdrYd4/mobilebasic?pli=1
http://www.vmware.com/security/advisories/VMSA-2015-0004.html
Title: Re: Technical
Post by: Asyn on June 26, 2015, 09:43:59 AM
Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
http://www.tau.ac.il/~tromer/radioexp/index.html
http://www.cs.tau.ac.il/%7Etromer/papers/radioexp.pdf
Title: Re: Technical
Post by: Asyn on July 01, 2015, 08:14:07 AM
Operation Clandestine Wolf – Adobe Flash Zero-Day in APT3 Phishing Campaign
https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
Title: Re: Technical
Post by: Asyn on July 02, 2015, 12:32:32 PM
Introducing s2n, a New Open Source TLS Implementation
https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a
https://github.com/awslabs/s2n
Title: Re: Technical
Post by: Asyn on July 05, 2015, 10:15:27 AM
Automatic bug repair
System fixes bugs by importing functionality from other programs — without access to source code
http://newsoffice.mit.edu/2015/automatic-code-bug-repair-0629
Title: Re: Technical
Post by: bob3160 on July 05, 2015, 02:39:55 PM
Automatic bug repair
System fixes bugs by importing functionality from other programs — without access to source code
http://newsoffice.mit.edu/2015/automatic-code-bug-repair-0629 (http://newsoffice.mit.edu/2015/automatic-code-bug-repair-0629)
Sounds like a pipe dream. :)
Unfortunately if this is able to fix things, it's also capable of breaking things.
All depends on who uses it.
Title: Re: Technical
Post by: Asyn on July 09, 2015, 09:40:11 AM
Unpatched Flash Player Flaw, More POCs Found in Hacking Team Leak
http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
https://krebsonsecurity.com/2015/07/adobe-to-patch-hacking-teams-flash-zero-day/
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
Title: Re: Technical
Post by: Asyn on July 11, 2015, 07:15:08 PM
Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications
http://dspace.mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf?sequence=6
Title: Re: Technical
Post by: Asyn on July 13, 2015, 03:23:41 PM
Hacking Team [WL]
https://wikileaks.org/hackingteam/emails/
Title: Re: Technical
Post by: Asyn on July 14, 2015, 03:31:12 PM
Building reliable SMM backdoor for UEFI based platforms
http://blog.cr4.sh/2015/07/building-reliable-smm-backdoor-for-uefi.html
Title: Re: Technical
Post by: Para-Noid on July 14, 2015, 11:15:58 PM
WP-CLI Guide: Connect to WordPress via SSH Intro

https://blog.sucuri.net/2015/07/wp-cli-guide-connect-to-wordpress-via-ssh-intro.html?utm_campaign=WordPress&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on July 15, 2015, 12:23:15 PM
EICAR introduces a Minimum Standard for Anti-Malware Products
http://newsroom.kaspersky.eu/nl/nieuws/detail/article/eicar-introduces-a-minimum-standard-for-anti-malware-products/
Title: Re: Technical
Post by: Asyn on July 16, 2015, 07:56:13 AM
More than one in 10 American mobile users is the target of mobile malware
https://blog.avast.com/2015/07/15/more-than-one-in-10-american-mobile-users-is-the-target-of-mobile-malware/
http://files.avast.com/files/marketing/security-reports/2015/avast-q1-2015-security-report.pdf

(https://blog.avast.com/wp-content/uploads/2015/07/Avast-Virus-Lab-Blog.jpg)
Title: Re: Technical
Post by: Asyn on July 17, 2015, 01:43:14 PM
Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems
http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems/
Title: Re: Technical
Post by: bob3160 on July 17, 2015, 03:50:41 PM
Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems
http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems/ (http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems/)
This simply means that even a New Harddrive isn't going to get rid of your breach.  :'(
Title: Re: Technical
Post by: Asyn on July 19, 2015, 09:49:49 AM
Major Computer Hacking Forum Dismantled
https://www.fbi.gov/pittsburgh/press-releases/2015/major-computer-hacking-forum-dismantled
https://www.europol.europa.eu/content/cybercriminal-darkode-forum-taken-down-through-global-action
Title: Re: Technical
Post by: Asyn on July 20, 2015, 12:32:18 PM
MMD-0036-2015 - KINS (or ZeusVM) v2.0.0.0 tookit (builder & panel source code) leaked
http://blog.malwaremustdie.org/2015/07/mmd-0036-2015-kins-or-zeusvm-v2000.html
Title: Re: Technical
Post by: Asyn on July 21, 2015, 01:08:51 PM
OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass)
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/
Title: Re: Technical
Post by: Asyn on July 22, 2015, 07:04:58 AM
Android malware Fobus now targeting users in the U.S., Germany and Spain
https://blog.avast.com/2015/07/21/android-malware-fobus-now-targeting-users-in-the-u-s-germany-and-spain/

(https://blog.avast.com/wp-content/uploads/2015/07/fobus_table1.png)
Title: Re: Technical
Post by: Asyn on July 23, 2015, 12:16:35 PM
OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation Vulnerability
https://www.sektioneins.de/blog/15-07-07-dyld_print_to_file_lpe.html
Title: Re: Technical
Post by: Asyn on July 29, 2015, 06:51:52 PM
Big Brother(s) Could be Watching You Thanks to Stagefright
https://blog.avast.com/2015/07/29/big-brothers-could-be-watching-you-thanks-to-stagefright/
Title: Re: Technical
Post by: Asyn on July 30, 2015, 12:04:12 PM
Trend Micro Discovers Vulnerability That Renders Android Devices Silent
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-vulnerability-that-renders-android-devices-silent/
Title: Re: Technical
Post by: Asyn on July 31, 2015, 12:38:27 PM
An Open Letter to Microsoft’s CEO: Don’t Roll Back the Clock on Choice and Control
https://blog.mozilla.org/blog/2015/07/30/an-open-letter-to-microsofts-ceo-dont-roll-back-the-clock-on-choice-and-control/
Title: Re: Technical
Post by: Asyn on August 03, 2015, 09:48:57 AM
Microsoft Advanced Threat Analytics
http://www.microsoft.com/en-us/server-cloud/products/advanced-threat-analytics/
http://blogs.technet.com/b/ad/archive/2015/07/22/microsoft-advanced-threat-analytics-coming-next-month.aspx
http://download.microsoft.com/download/C/F/6/CF62335F-C46B-4D84-B0C9-363A89B0C5E6/Microsoft_advanced_threat_analytics_datasheet.pdf
Title: Re: Technical
Post by: Asyn on August 03, 2015, 10:36:36 AM
"...no one can hack my mind": Comparing Expert and Non-Expert Security Practices
https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ion.pdf
Title: Re: Technical
Post by: Asyn on August 04, 2015, 11:29:50 AM
Forensiq Projects In-App Ad Fraud Will Surpass $1 Billion In 2015
http://www.prnewswire.com/news-releases/forensiq-projects-in-app-ad-fraud-will-surpass-1-billion-in-2015-300117453.html
http://forensiq.com/mobile-app-fraud-study/
Title: Re: Technical
Post by: Asyn on August 04, 2015, 11:36:07 AM
One in every 600 websites has .git exposed
http://www.jamiembrown.com/blog/one-in-every-600-websites-has-git-exposed/
Title: Re: Technical
Post by: Asyn on August 05, 2015, 12:39:39 PM
Researchers Hack Air-Gapped Computer With Simple Cell Phone
http://www.wired.com/2015/07/researchers-hack-air-gapped-computer-simple-cell-phone/
Title: Re: Technical
Post by: Asyn on August 06, 2015, 11:19:21 AM
Dell Computer Corporation, Inc. Information for VU#577140
BIOS implementations fail to properly set UEFI write protections after waking from sleep mode
http://www.kb.cert.org/vuls/id/BLUU-9XXQ9L
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2890
Title: Re: Technical
Post by: Asyn on August 07, 2015, 01:16:51 PM
Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned
http://blog.checkpoint.com/2015/08/06/certifigate/
http://www.checkpoint.com/resources/certifigate
Title: Re: Technical
Post by: Asyn on August 08, 2015, 06:43:41 PM
Announcing Approval of Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, and Revision of the Applicability Clause of FIPS 180-4, Secure Hash Standard
https://www.federalregister.gov/articles/2015/08/05/2015-19181/announcing-approval-of-federal-information-processing-standard-fips-202-sha-3-standard
Title: Re: Technical
Post by: Asyn on August 09, 2015, 10:07:12 AM
RIG Reloaded - Examining the Architecture of RIG Exploit Kit 3.0
https://www.trustwave.com/Resources/SpiderLabs-Blog/RIG-Reloaded---Examining-the-Architecture-of-RIG-Exploit-Kit-3-0/
Title: Re: Technical
Post by: Asyn on August 11, 2015, 08:45:11 AM
WSUSpect - Compromising the Windows Enterprise via Windows Update
https://www.blackhat.com/docs/us-15/materials/us-15-Stone-WSUSpect-Compromising-Windows-Enterprise-Via-Windows-Update-wp.pdf
Title: Re: Technical
Post by: Asyn on August 12, 2015, 08:20:04 AM
The Memory Sinkhole - Unleashing an x86 Design Flaw Allowing Universal Privilege Escalation
https://www.blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation-wp.pdf
Title: Re: Technical
Post by: Asyn on August 13, 2015, 08:04:05 AM
One Class to Rule Them All: New Android Serialization Vulnerability Gives Underprivileged Apps Super Status
https://securityintelligence.com/one-class-to-rule-them-all-new-android-serialization-vulnerability-gives-underprivileged-apps-super-status
Title: Re: Technical
Post by: Asyn on August 14, 2015, 10:40:32 AM
The Pwnie Awards – 2015 Edition
http://blog.lumension.com/10469/the-pwnie-awards-2015-edition/
Title: Re: Technical
Post by: Asyn on August 15, 2015, 10:52:37 AM
Stagefright: Mission Accomplished?
http://blog.exodusintel.com/2015/08/13/stagefright-mission-accomplished/
Title: Re: Technical
Post by: Asyn on August 16, 2015, 07:59:41 AM
Georgia Tech Finds 11 Security Flaws in Popular Internet Browsers Using New Analysis Method
http://www.news.gatech.edu/2015/08/13/georgia-tech-finds-11-security-flaws-popular-internet-browsers-using-new-analysis-method
https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-lee.pdf
Title: Re: Technical
Post by: Asyn on August 18, 2015, 09:35:08 AM
NSA Spying Relies on AT&T’s ‘Extreme Willingness to Help’
https://www.propublica.org/article/nsa-spying-relies-on-atts-extreme-willingness-to-help
https://www.propublica.org/article/a-trail-of-evidence-leading-to-atts-partnership-with-the-nsa
Title: Re: Technical
Post by: bob3160 on August 18, 2015, 05:26:35 PM
NSA Spying Relies on AT&T’s ‘Extreme Willingness to Help’
https://www.propublica.org/article/nsa-spying-relies-on-atts-extreme-willingness-to-help (https://www.propublica.org/article/nsa-spying-relies-on-atts-extreme-willingness-to-help)
https://www.propublica.org/article/a-trail-of-evidence-leading-to-atts-partnership-with-the-nsa (https://www.propublica.org/article/a-trail-of-evidence-leading-to-atts-partnership-with-the-nsa)
Since AT&T now owns Directv, their customers information will probably also be shared just as freely....  :o
Title: Re: Technical
Post by: Asyn on August 19, 2015, 07:55:38 AM
MediaServer Takes Another Hit with Latest Android Vulnerability
http://blog.trendmicro.com/trendlabs-security-intelligence/mediaserver-takes-another-hit-with-latest-android-vulnerability/
Title: Re: Technical
Post by: Asyn on August 20, 2015, 01:44:26 PM
P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks
https://www.usenix.org/conference/woot15/workshop-program/presentation/p2p-file-sharing-hell-exploiting-bittorrent
https://www.usenix.org/system/files/conference/woot15/woot15-paper-adamsky.pdf
Title: Re: Technical
Post by: Para-Noid on August 20, 2015, 08:14:06 PM
A Little Tale About Website Cross-Contamination

https://blog.sucuri.net/2012/03/a-little-tale-about-website-cross-contamination.html?utm_campaign=A%20Little%20Tale%20About%20Website%20Cross-Contamination%20Blogpost&utm_medium=social&utm_source=googleplus

WP-CLI Guide: Install WordPress via SSH

https://blog.sucuri.net/2015/08/wp-cli-guide-installing-wordpress.html?utm_campaign=WP-CLI%20Guide%3A%20Install%20WordPress%20via%20SSH%20Blogpost&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on August 21, 2015, 12:45:19 PM
Was the Ashley Madison Database Leaked?
http://krebsonsecurity.com/2015/08/was-the-ashley-madison-database-leaked/
http://blog.erratasec.com/2015/08/notes-on-ashley-madison-dump.html
https://www.trustedsec.com/august-2015/ashley-madison-database-dumped/
http://www.hydraze.org/2015/08/ashley-madison-full-dump-has-finally-leaked/
Title: Re: Technical
Post by: Para-Noid on August 22, 2015, 06:13:08 PM
Was the Ashley Madison Database Leaked?
http://krebsonsecurity.com/2015/08/was-the-ashley-madison-database-leaked/
http://blog.erratasec.com/2015/08/notes-on-ashley-madison-dump.html
https://www.trustedsec.com/august-2015/ashley-madison-database-dumped/
http://www.hydraze.org/2015/08/ashley-madison-full-dump-has-finally-leaked/

Yes!

https://www.washingtonpost.com/news/the-intersect/wp/2015/08/19/how-to-see-if-you-or-your-spouse-appear-in-the-ashley-madison-leak/?tid=hybrid_collaborative_1_na
Title: Re: Technical
Post by: Para-Noid on August 22, 2015, 06:13:59 PM
Security and Hosting Environments

http://perezbox.com/2015/08/security-and-hosting-environments/?utm_campaign=Tony%20Perez%20on%3A%20Security%20and%20Hosting%20Environments&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on August 24, 2015, 12:07:04 PM
Multiple Vulnerabilities in Pocket
https://www.gnu.gl/blog/Posts/multiple-vulnerabilities-in-pocket/
Title: Re: Technical
Post by: Asyn on August 25, 2015, 10:54:23 AM
Ongoing abuse problems at Nic.at and DENIC
https://www.spamhaus.org/news/article/724/ongoing-abuse-problems-at-nic.at-and-denic
Title: Re: Technical
Post by: Para-Noid on August 25, 2015, 09:41:36 PM
How To Create a Website Backup Strategy

https://blog.sucuri.net/2015/04/how-to-create-a-website-backup-strategy.html?utm_campaign=How%20To%20Create%20a%20Website%20Backup%20Strategy%20Blogpost&utm_medium=social&utm_source=googleplus

Virtual Patching for Websites with Sucuri CloudProxy

https://blog.sucuri.net/2013/03/virtual-patching-for-websites-with-sucuri-cloudproxy.html?utm_campaign=What%20is%20virtual%20patching%2C%20and%20how%20we%20use%20it%20with%20our%20WAF%20Blogpost&utm_medium=social&utm_source=googleplus

FunWebProducts UserAgent Bloating Traffic  (Note: not sure where to post this.)

https://blog.sucuri.net/2015/08/funwebproducts-useragent-bloating-traffic.html?utm_campaign=FunWebProducts%20UserAgent%20Bloating%20Traffic%20Blogpost&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on August 26, 2015, 07:40:34 AM
New data uncovers the surprising predictability of Android lock patterns
http://arstechnica.com/security/2015/08/new-data-uncovers-the-surprising-predictability-of-android-lock-patterns/
Title: Re: Technical
Post by: Asyn on August 27, 2015, 09:58:45 AM
Quicksand’ – A New Enterprise iOS Vulnerability
https://www.appthority.com/enterprise-mobile-threats/2015/08/19/quicksand-a-new-enterprise-ios-vulnerability/
Title: Re: Technical
Post by: Asyn on August 27, 2015, 10:03:21 AM
Remote Code Execution in Dolphin Browser for Android
http://rotlogix.com/2015/08/22/remote-code-execution-in-dolphin-browser-for-android/

Exploiting the Mercury Browser for Android
http://rotlogix.com/2015/08/23/exploiting-the-mercury-browser-for-android/
Title: Re: Technical
Post by: Asyn on August 28, 2015, 11:58:46 AM
Cryptography Today
https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
Title: Re: Technical
Post by: Para-Noid on August 28, 2015, 04:22:54 PM
Website Malware – Curious .htaccess Conditional Redirect Case

https://blog.sucuri.net/2014/09/website-malware-curious-htaccess-conditional-redirect-case.html?utm_campaign=Website%20Malware%20%E2%80%93%20Curious%20.htaccess%20Conditional%20Redirect%20Case%20Blogpost&utm_medium=social&utm_source=googleplus

Security and Hosting Environments

http://perezbox.com/2015/08/security-and-hosting-environments/?utm_campaign=Tony%20Perez%20on%3A%20Security%20and%20Hosting%20Environments&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on August 29, 2015, 05:06:58 PM
Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned
http://blog.checkpoint.com/2015/08/06/certifigate/
http://www.checkpoint.com/resources/certifigate
Certifi-gate Found in the Wild on Google Play
New Insights on the Extent, Exploitation, and Mitigation of This New Threat
http://blog.checkpoint.com/2015/08/25/certifigate-statistics-exploitation-mitigation/
Title: Re: Technical
Post by: Para-Noid on September 01, 2015, 04:11:43 PM
From an avast news release

https://press.avast.com/avast-builds-threat-detection-based-on-machine-learning-to-protect-users-from-zero-day-attacks-malware-and-privacy-threats
Title: Re: Technical
Post by: bob3160 on September 01, 2015, 05:43:52 PM
From an avast news release

https://press.avast.com/avast-builds-threat-detection-based-on-machine-learning-to-protect-users-from-zero-day-attacks-malware-and-privacy-threats (https://press.avast.com/avast-builds-threat-detection-based-on-machine-learning-to-protect-users-from-zero-day-attacks-malware-and-privacy-threats)
Interesting. Wonder if Intel and AMD are next on the list.
Title: Re: Technical
Post by: Secondmineboy on September 01, 2015, 05:53:19 PM
@bob3160: That would be amazing to see. Also automatically generated Dyna-Gen sigs would be great to see.

They said they are working on it a long time ago, i dont know if its still a thing tho.
Title: Re: Technical
Post by: Asyn on September 02, 2015, 09:28:39 AM
Ins0mnia: Unlimited Background Time and Covert Execution on Non-Jailbroken iOS Devices
https://www.fireeye.com/blog/threat-research/2015/08/ins0mnia_unlimited.html
Title: Re: Technical
Post by: Asyn on September 02, 2015, 09:31:22 AM
London Calling: Two-Factor Authentication Phishing From Iran
https://citizenlab.org/2015/08/iran_two_factor_phishing/
Title: Re: Technical
Post by: Para-Noid on September 02, 2015, 07:29:50 PM
Demystifying File and Folder Permissions

https://blog.sucuri.net/2015/09/demystifying-file-and-folder-permissions.html?utm_campaign=Demystifying%20Folder%20Permissions%20blogpost&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on September 03, 2015, 09:18:55 AM
OWASP Automated Threat Handbook Web Applications
https://www.owasp.org/images/3/33/Automated-threat-handbook.pdf
Title: Re: Technical
Post by: Asyn on September 04, 2015, 06:15:37 AM
Tiny Banker hidden in modified WinObj tool from Sysinternals
https://blog.avast.com/2015/09/03/tiny-banker-hidden-in-modified-winobj-tool-from-sysinternals/
Title: Re: Technical
Post by: bob3160 on September 04, 2015, 04:14:11 PM

(https://blog.malwarebytes.org/wp-content/uploads/2015/08/header.png)
Shopperz - be ware.
https://blog.malwarebytes.org/intelligence/2015/09/shopperz-alters-dnsapi-dll/ (https://blog.malwarebytes.org/intelligence/2015/09/shopperz-alters-dnsapi-dll/)
(Shopperz alters dnsapi.dll)
Title: Re: Technical
Post by: Para-Noid on September 04, 2015, 08:55:10 PM
Analyzing Popular Layer 7 Application DDoS Attacks  (I was thinking of polonus while reading this.)

https://blog.sucuri.net/2015/09/analyzing-popular-layer-7-application-ddos-attacks.html?utm_campaign=Analyzing%20Popular%20Layer%207%20Application%20DDoS%20Attacks%20Blogpost&utm_medium=social&utm_source=googleplus
Title: Re: Technical
Post by: Asyn on September 21, 2015, 08:13:04 AM
The Dukes: 7 Years Of Russian Cyber-Espionage
https://labsblog.f-secure.com/2015/09/17/the-dukes-7-years-of-russian-cyber-espionage/
https://www.f-secure.com/documents/996508/1030745/dukes_whitepaper.pdf
Title: Re: Technical
Post by: Asyn on September 22, 2015, 09:30:15 AM
Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App Store
http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/
http://researchcenter.paloaltonetworks.com/2015/09/malware-xcodeghost-infects-39-ios-apps-including-wechat-affecting-hundreds-of-millions-of-users/
http://researchcenter.paloaltonetworks.com/2015/09/update-xcodeghost-attacker-can-phish-passwords-and-open-urls-though-infected-apps/
http://www.nytimes.com/2015/09/21/business/apple-confirms-discovery-of-malicious-code-in-some-app-store-products.html
Title: Re: Technical
Post by: Secondmineboy on September 22, 2015, 04:58:02 PM
Avasts technology

https://www.avast.com/technology
Title: Re: Technical
Post by: Asyn on September 23, 2015, 09:18:16 AM
BrainTest – A New Level of Sophistication in Mobile Malware
http://blog.checkpoint.com/2015/09/21/braintest-a-new-level-of-sophistication-in-mobile-malware/
Title: Re: Technical
Post by: Asyn on September 23, 2015, 09:29:05 AM
Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App Store
http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/
http://researchcenter.paloaltonetworks.com/2015/09/malware-xcodeghost-infects-39-ios-apps-including-wechat-affecting-hundreds-of-millions-of-users/
http://researchcenter.paloaltonetworks.com/2015/09/update-xcodeghost-attacker-can-phish-passwords-and-open-urls-though-infected-apps/
http://www.nytimes.com/2015/09/21/business/apple-confirms-discovery-of-malicious-code-in-some-app-store-products.html
More Details on the XcodeGhost Malware and Affected iOS Apps
http://researchcenter.paloaltonetworks.com/2015/09/more-details-on-the-xcodeghost-malware-and-affected-ios-apps/
Title: Re: Technical
Post by: Asyn on September 24, 2015, 08:02:20 AM
Kaspersky: Mo Unpackers, Mo Problems
http://googleprojectzero.blogspot.com/2015/09/kaspersky-mo-unpackers-mo-problems.html
Title: Re: Technical
Post by: Asyn on September 25, 2015, 12:32:08 PM
The Deep Sweep (2015) - High-altitude Signal Research
https://criticalengineering.org/projects/deep-sweep/
Title: Re: Technical
Post by: Asyn on September 26, 2015, 08:55:40 AM
Novel Malware XcodeGhost Modifies Xcode, Infects Apple iOS Apps and Hits App Store
http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/
http://researchcenter.paloaltonetworks.com/2015/09/malware-xcodeghost-infects-39-ios-apps-including-wechat-affecting-hundreds-of-millions-of-users/
http://researchcenter.paloaltonetworks.com/2015/09/update-xcodeghost-attacker-can-phish-passwords-and-open-urls-though-infected-apps/
http://www.nytimes.com/2015/09/21/business/apple-confirms-discovery-of-malicious-code-in-some-app-store-products.html
More Details on the XcodeGhost Malware and Affected iOS Apps
http://researchcenter.paloaltonetworks.com/2015/09/more-details-on-the-xcodeghost-malware-and-affected-ios-apps/
XcodeGhost Q&A
https://www.apple.com/cn/xcodeghost/#english
Title: Re: Technical
Post by: Asyn on September 27, 2015, 09:53:37 AM
Bidding for Breaches, Redefining Targeted Attacks
http://krebsonsecurity.com/2015/09/bidding-for-breaches-redefining-targeted-attacks/
Title: Re: Technical
Post by: Asyn on September 30, 2015, 09:38:46 AM
iOS Security Guide
http://images.apple.com/privacy/docs/iOS_Security_Guide.pdf
Title: Re: Technical
Post by: Asyn on October 02, 2015, 10:18:03 AM
Drop-dead simple exploit completely bypasses Mac’s malware Gatekeeper
http://arstechnica.com/security/2015/09/drop-dead-simple-exploit-completely-bypasses-macs-malware-gatekeeper/
Title: Re: Technical
Post by: Asyn on October 03, 2015, 04:51:12 PM
FourQ: four-dimensional decompositions on a Q-curve over the Mersenne prime
http://eprint.iacr.org/2015/565.pdf
http://research.microsoft.com/en-us/downloads/95a0a698-a4a7-4346-a0eb-d4bd3e7241ce/default.aspx
Title: Re: Technical
Post by: Asyn on October 05, 2015, 12:51:03 PM
Threat Advisory: XOR DDoS
https://www.stateoftheinternet.com/downloads/pdfs/2015-threat-advisory-xor-ddos-attacks-linux-botnet-malware-removal-ddos-mitigation-yara-snort.pdf
Title: Re: Technical
Post by: Asyn on October 06, 2015, 12:04:07 PM
YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs
http://researchcenter.paloaltonetworks.com/2015/10/yispecter-first-ios-malware-attacks-non-jailbroken-ios-devices-by-abusing-private-apis/
Title: Re: Technical
Post by: Asyn on October 07, 2015, 05:15:12 PM
Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomware Alone
http://talosintel.com/angler-exposed/
Title: Re: Technical
Post by: Asyn on October 08, 2015, 10:12:59 AM
[Cryptography] OpenPGP SEIP downgrade attack
http://www.metzdowd.com/pipermail/cryptography/2015-October/026685.html
Title: Re: Technical
Post by: Asyn on October 10, 2015, 06:24:22 PM
Virtual Private Keylogging: Cisco Web VPNs Leveraged for Access and Persistence
http://www.volexity.com/blog/?p=179
Title: Re: Technical
Post by: Asyn on October 11, 2015, 11:06:28 AM
Webmail Server APT: A New Persistent Attack Methodology Targeting Microsoft Outlook Web Application (OWA)
http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf
Title: Re: Technical
Post by: Asyn on October 12, 2015, 02:48:24 PM
Authentication Bypass in Netgear WNR1000v4 Router
http://blog.csnc.ch/2015/10/authentication-bypass-in-netgear-wnr1000v4-router/
http://blog.csnc.ch/2015/10/aftermath-of-the-netgear-advisory-disclosure/
http://www.shellshocklabs.com/2015/09/part-1en-hacking-netgear-jwnr2010v5.html
http://www.shellshocklabs.com/2015/09/part-2en-hacking-netgear-jwnr2010v5.html
Title: Re: Technical
Post by: Asyn on October 15, 2015, 10:28:28 AM
87% of Android devices insecure
http://androidvulnerabilities.org/press/2015-10-08
https://www.cl.cam.ac.uk/~drt24/papers/spsm-scoring.pdf
Title: Re: Technical
Post by: Asyn on October 16, 2015, 12:12:57 PM
Certificate authorities issue SSL certificates to fraudsters
http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html
Title: Re: Technical
Post by: DavidR on October 16, 2015, 04:03:12 PM
Certificate authorities issue SSL certificates to fraudsters
http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html

This has been going on for absolutely years - I can remember one AV supplier (who will remain nameless) who also is a SSL Certificate Authorisation body.
Title: Re: Technical
Post by: Asyn on October 17, 2015, 08:47:39 AM
Certificate authorities issue SSL certificates to fraudsters
http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html
This has been going on for absolutely years - I can remember one AV supplier (who will remain nameless) who also is a SSL Certificate Authorisation body.
No need to name them Dave, the pie chart says it all... ;)
Title: Re: Technical
Post by: bob3160 on October 17, 2015, 02:11:16 PM
Certificate authorities issue SSL certificates to fraudsters
http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html (http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html)
This has been going on for absolutely years - I can remember one AV supplier (who will remain nameless) who also is a SSL Certificate Authorisation body.
No need to name them Dave, the pie chart says it all... ;)
None other than our fire  breathing friend, the Comodo Dragon:
(http://www.screencast-o-matic.com/screenshots/u/Lh/1445083825853-88026.png)

Title: Re: Technical
Post by: DavidR on October 17, 2015, 03:40:00 PM
<snip quotes>
None other than our fire  breathing friend, the Comodo Dragon:
(http://www.screencast-o-matic.com/screenshots/u/Lh/1445083825853-88026.png)


Wow (total 76%) I wasn't aware CloudFlare was also the same company, no wonder we are seeing so many CloudFlare invalid or bad SSL certificate or malware alert in the viruses and worms forum.
Title: Re: Technical
Post by: Asyn on October 17, 2015, 07:01:24 PM
The Hidden Data Economy - The Marketplace for Stolen Digital Information
http://www.mcafee.com/us/resources/reports/rp-hidden-data-economy.pdf
Title: Re: Technical
Post by: Asyn on October 18, 2015, 09:47:14 AM
The SHAppening: freestart collisions for SHA-1
https://sites.google.com/site/itstheshappening/
https://eprint.iacr.org/2015/967.pdf
Title: Re: Technical
Post by: Asyn on October 20, 2015, 10:13:55 AM
Massive Magento Guruincsite Infection
https://blog.sucuri.net/2015/10/massive-magento-guruincsite-infection.html
https://blog.malwarebytes.org/exploits-2/2015/10/new-neutrino-ek-campaign-drops-andromeda/
Title: Re: Technical
Post by: Pondus on October 20, 2015, 06:39:13 PM
Turning a crappy old Windows PC into a full-fledged Chromebook with CloudReady
www.arstechnica.com/gadgets/2015/10/turning-a-crappy-old-windows-pc-into-a-full-fledged-chromebook-with-cloudready/

www.neverware.com/free/#freedetails

Title: Re: Technical
Post by: Asyn on October 21, 2015, 08:25:51 AM
Researchers find 256 iOS apps that collect users’ personal info
http://arstechnica.com/security/2015/10/researchers-find-256-ios-apps-that-collect-users-personal-info/
https://sourcedna.com/blog/20151018/ios-apps-using-private-apis.html
Title: Re: Technical
Post by: bob3160 on October 21, 2015, 01:30:02 PM
Researchers find 256 iOS apps that collect users’ personal info
http://arstechnica.com/security/2015/10/researchers-find-256-ios-apps-that-collect-users-personal-info/ (http://arstechnica.com/security/2015/10/researchers-find-256-ios-apps-that-collect-users-personal-info/)
https://sourcedna.com/blog/20151018/ios-apps-using-private-apis.html (https://sourcedna.com/blog/20151018/ios-apps-using-private-apis.html)
Why would it be any different in ios than in Chrome or Windows or Linux ??? :)
Title: Re: Technical
Post by: Asyn on October 22, 2015, 07:20:45 AM
Massive Magento Guruincsite Infection
https://blog.sucuri.net/2015/10/massive-magento-guruincsite-infection.html
https://blog.malwarebytes.org/exploits-2/2015/10/new-neutrino-ek-campaign-drops-andromeda/
-> http://magento.com/security/news/important-security-update
Title: Re: Technical
Post by: Asyn on October 22, 2015, 07:22:02 AM
New Headaches: How The Pawn Storm Zero-Day Evaded Java’s Click-to-Play Protection
http://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/
Title: Re: Technical
Post by: Asyn on October 24, 2015, 05:19:22 PM
Attacking the Network Time Protocol
http://www.cs.bu.edu/~goldbe/NTPattack.html
https://eprint.iacr.org/2015/1020.pdf
Title: Re: Technical
Post by: Asyn on October 26, 2015, 08:59:55 AM
got HW crypto? On the (in)security of a Self-Encrypting Drive series
https://eprint.iacr.org/2015/1002.pdf
Title: Re: Technical
Post by: Asyn on October 27, 2015, 09:52:59 AM
1Password Leaks Your Data
http://myers.io/2015/10/22/1password-leaks-your-data/
https://blog.agilebits.com/2015/10/19/when-a-leak-isnt-a-leak/
Title: Re: Technical
Post by: Asyn on October 28, 2015, 11:19:16 AM
FBI’s Advice on Ransomware? Just Pay The Ransom.
https://securityledger.com/2015/10/fbis-advice-on-cryptolocker-just-pay-the-ransom/
Title: Re: Technical
Post by: Lisandro on October 28, 2015, 01:07:59 PM
1Password Leaks Your Data
http://myers.io/2015/10/22/1password-leaks-your-data/
https://blog.agilebits.com/2015/10/19/when-a-leak-isnt-a-leak/
Unbelievable! When you're on security, you need to take it seriously.
Title: Re: Technical
Post by: Asyn on October 29, 2015, 08:21:03 AM
Chinese Taomike Monetization Library Steals SMS Messages
http://researchcenter.paloaltonetworks.com/2015/10/chinese-taomike-monetization-library-steals-sms-messages/
Title: Re: Technical
Post by: Asyn on October 30, 2015, 09:45:01 AM
Sustaining Digital Certificate Security
https://googleonlinesecurity.blogspot.com/2015/10/sustaining-digital-certificate-security.html
Title: Re: Technical
Post by: Asyn on October 31, 2015, 04:56:07 PM
Breaches, traders, plain text passwords, ethical disclosure and 000webhost
http://www.troyhunt.com/2015/10/breaches-traders-plain-text-passwords.html
Title: Re: Technical
Post by: Asyn on November 01, 2015, 08:25:15 AM
Tor Messenger Beta: Chat over Tor, Easily
https://blog.torproject.org/blog/tor-messenger-beta-chat-over-tor-easily
Title: Re: Technical
Post by: Asyn on November 02, 2015, 10:50:58 AM
When Organized Crime Applies Academic Results
A Forensic Analysis of an In-Card Listening Device
http://eprint.iacr.org/2015/963.pdf
Title: Re: Technical
Post by: Asyn on November 03, 2015, 09:32:27 AM
Ransomware Decryptor
October 28 update: ALL Coinvault and Bitcryptor keys (14k+) added to the database
https://noransom.kaspersky.com/
https://noransom.kaspersky.com/static/CoinVaultDecryptor.zip
https://noransom.kaspersky.com/static/CoinVault-decrypt-howto.pdf
Title: Re: Technical
Post by: Asyn on November 03, 2015, 03:42:46 PM
Setting the Record Straight on Moplus SDK and the Wormhole Vulnerability
http://blog.trendmicro.com/trendlabs-security-intelligence/setting-the-record-straight-on-moplus-sdk-and-the-wormhole-vulnerability/
Title: Re: Technical
Post by: Asyn on November 04, 2015, 10:56:13 AM
Cryptographic Libraries
The same libraries that secure iOS and OS X are available to third‑party developers to help them build advanced security features.
https://developer.apple.com/cryptography/
Title: Re: Technical
Post by: Asyn on November 05, 2015, 11:12:25 AM
Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge
http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html
Title: Re: Technical
Post by: Asyn on November 06, 2015, 07:13:52 AM
DroidJack isn’t the only spying software out there: Avast discovers that OmniRat is currently being used and spread by criminals to gain full remote control of devices.
https://blog.avast.com/2015/11/05/droidjack-isnt-the-only-spying-software-out-there-avast-discovers-that-omnirat-is-currently-being-used-and-spread-by-criminals-to-gain-full-remote-control-of-devices/
Title: Re: Technical
Post by: Asyn on November 07, 2015, 12:14:11 PM
Lookout discovers new trojanized adware; 20K popular apps caught in the crossfire
https://blog.lookout.com/blog/2015/11/04/trojanized-adware/
Title: Re: Technical
Post by: Asyn on November 09, 2015, 01:48:40 PM
PuTTY vulnerability vuln-ech-overflow
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
Title: Re: Technical
Post by: Asyn on November 10, 2015, 10:09:10 AM
Shoddy Programming causes new Ransomware to destroy your Data
http://www.bleepingcomputer.com/news/security/shoddy-programming-causes-new-ransomware-to-destroy-your-data/
Title: Re: Technical
Post by: Asyn on November 11, 2015, 02:57:31 PM
What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
Title: Re: Technical
Post by: Asyn on November 12, 2015, 07:06:02 AM
The Anatomy of an IoT Hack
https://blog.avast.com/2015/11/11/the-anatomy-of-an-iot-hack/
Title: Re: Technical
Post by: Asyn on November 13, 2015, 12:56:36 PM
Samsung S6 calls open to man-in-the-middle base station snooping
http://www.theregister.co.uk/2015/11/12/mobile_pwn2own1
Title: Re: Technical
Post by: Asyn on November 14, 2015, 10:20:45 AM
An End-to-End Measurement of Certificate Revocation in the Web’s PKI
https://www.stanford.edu/~aschulm/docs/imc15-revocation.pdf
Title: Re: Technical
Post by: Asyn on November 15, 2015, 02:56:04 PM
The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)
https://tools.ietf.org/html/rfc7693
https://blake2.net/
https://github.com/BLAKE2/
Title: Re: Technical
Post by: Asyn on November 17, 2015, 10:45:14 AM
Let’s Encrypt - Public Beta: December 3, 2015
https://letsencrypt.org/2015/11/12/public-beta-timing.html
Title: Re: Technical
Post by: Asyn on November 19, 2015, 08:07:14 AM
Did the FBI Pay a University to Attack Tor Users?
https://blog.torproject.org/blog/did-fbi-pay-university-attack-tor-users
https://freedom-to-tinker.com/blog/felten/why-were-cert-researchers-attacking-tor/
Title: Re: Technical
Post by: Asyn on November 20, 2015, 09:57:56 AM
Hiding in Plain Sight - Advances in Malware Covert Communication Channels
https://www.blackhat.com/eu-15/briefings.html#hiding-in-plain-sight-advances-in-malware-covert-communication-channels
https://www.blackhat.com/docs/eu-15/materials/eu-15-Bureau-Hiding-In-Plain-Sight-Advances-In-Malware-Covert-Communication-Channels-wp.pdf
Title: Re: Technical
Post by: Asyn on November 21, 2015, 05:05:32 PM
Did the FBI Pay a University to Attack Tor Users?
https://blog.torproject.org/blog/did-fbi-pay-university-attack-tor-users
https://freedom-to-tinker.com/blog/felten/why-were-cert-researchers-attacking-tor/
Did Carnegie Mellon Attack Tor for the FBI?
https://www.schneier.com/blog/archives/2015/11/did_carnegie-me.html
Title: Re: Technical
Post by: Asyn on November 22, 2015, 10:36:03 AM
VirusTotal += Mac OS X execution
http://blog.virustotal.com/2015/11/virustotal-mac-os-x-execution.html
https://www.virustotal.com/de/documentation/desktop-applications/mac-osx-uploader
Title: Re: Technical
Post by: Asyn on November 24, 2015, 10:19:18 AM
Nmap 7 Released
https://nmap.org/7/
Title: Re: Technical
Post by: Asyn on November 25, 2015, 10:27:57 AM
ZIGBEE EXPLOITED - The good, the bad and the ugly
http://cognosec.com/zigbee_exploited_8F_Ca9.pdf
Title: Re: Technical
Post by: Asyn on November 25, 2015, 12:06:30 PM
Tor 0.2.7.5 is released and stable
https://blog.torproject.org/blog/tor-0275-released-and-stable
Title: Re: Technical
Post by: Asyn on November 28, 2015, 10:34:53 AM
House of Keys: Industry-Wide HTTPS Certificate and SSH Key Reuse Endangers Millions of Devices Worldwide
http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html
https://www.kb.cert.org/vuls/id/566724
Title: Re: Technical
Post by: Asyn on November 29, 2015, 10:22:22 AM
Damballa discovers new toolset linked to Destover - Attacker’s arsenal helps them to broaden attack surface
https://www.damballa.com/damballa-discovers-new-toolset-linked-to-destover-attackers-arsenal-helps-them-to-broaden-attack-surface/
Title: Re: Technical
Post by: Pondus on November 29, 2015, 03:45:33 PM
Need more RAM     ;D

This Is Samsung's Crazy New 128GB RAM     http://gizmodo.com/this-is-samsungs-crazy-new-128gb-ddr4-ram-chip-1744776220



Title: Re: Technical
Post by: Asyn on November 30, 2015, 12:24:41 PM
ARRIS Cable Modem has a Backdoor in the Backdoor
http://w00tsec.blogspot.com/2015/11/arris-cable-modem-has-backdoor-in.html
Title: Re: Technical
Post by: Asyn on December 01, 2015, 08:07:04 AM
Trend Micro, NCA Partnership Leads to Arrests and Shutdown of Refud.me and Cryptex Reborn
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-nca-partnership-lead-to-arrests-and-shutdown-of-refud-me-and-cryptex-reborn/
Title: Re: Technical
Post by: Asyn on December 02, 2015, 09:01:56 AM
Security Advisory: Dell Foundation Services Remote Information Disclosure
http://lizardhq.rum.supply/2015/11/25/dell-foundation-services.html
Title: Re: Technical
Post by: bob3160 on December 02, 2015, 01:25:38 PM
(http://www.screencast-o-matic.com/screenshots/u/Lh/1449059101859-57738.png)
Title: Re: Technical
Post by: Asyn on December 02, 2015, 01:45:27 PM
Hi Bob, not sure what triggered it for you, the site should be clean.
-> https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html
Title: Re: Technical
Post by: bob3160 on December 02, 2015, 01:50:59 PM
Hi Bob, not sure what triggered it for you, the site should be clean.
-> https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html (https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html)
Bit Defender's Traffic Light
Title: Re: Technical
Post by: Asyn on December 02, 2015, 01:51:50 PM
Hi Bob, not sure what triggered it for you, the site should be clean.
-> https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html (https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html)
Bit Defender's Traffic Light
Report is as FP to them.
Title: Re: Technical
Post by: bob3160 on December 02, 2015, 01:57:06 PM
Hi Bob, not sure what triggered it for you, the site should be clean.
-> https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html (https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html)
Bit Defender's Traffic Light
Report is as FP to them.
Only way is through "send a comment" which I've done.
Since I've already read enough on this topic, I'll simply not visit the site for now. :)
Title: Re: Technical
Post by: DavidR on December 02, 2015, 03:09:41 PM
Hi Bob, not sure what triggered it for you, the site should be clean.
-> https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html (https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html)
Bit Defender's Traffic Light
Report is as FP to them.

If you look at the original link in Reply #1257, the page (for those that can access it) you will find a chunk of php code. It isn't in a code tag so it can't run, nor it is displayed as an image example of the code.

So it may be this chunk of code that is triggering it, though no problem with firefox and avast for me.

EDIT: added image of page php script.
Title: Re: Technical
Post by: bob3160 on December 02, 2015, 03:17:25 PM
Hi Bob, not sure what triggered it for you, the site should be clean.
-> https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html (https://sitecheck.sucuri.net/results/lizardhq.rum.supply/2015/11/25/dell-foundation-services.html)
Bit Defender's Traffic Light
Report is as FP to them.

If you look at the original link in Reply #1257, the page (for those that can access it) you will find a chunk of php code. It isn't in a code tag so it can't run, nor it is displayed as an image example of the code.

So it may be this chunk of code that is triggering it, though no problem with firefox and avast for me.
My very simple rule for staying safe or, being cautious:
When visiting any website, if any of the scanners I run send up a flair, don't visit the site.
Exception to this rule:
The website to be visited contains extremely important information that needs to be looked at:
Open a virtual machine and visit the site.  (Not on my working computer.)
Title: Re: Technical
Post by: DavidR on December 02, 2015, 03:23:17 PM
You know us, fools rush in where angels fear to tread ;D

And we do take extra precautions.
Title: Re: Technical
Post by: bob3160 on December 02, 2015, 03:25:46 PM
You know us, fools rush in where angels fear to tread ;D

And we do take extra precautions.
I'm just a foolish old Angel. :) (If you don't believe me, just ask Alice.)
Title: Re: Technical
Post by: Pondus on December 02, 2015, 06:58:17 PM
Reasons why your home Wi-Fi signal is slow and how to improve it
http://www.pandasecurity.com/mediacenter/tips/slow-down-wifi/

Title: Re: Technical
Post by: Asyn on December 03, 2015, 07:31:21 AM
Stalking anyone on Telegram
https://oflisback.github.io/telegram-stalking/
Title: Re: Technical
Post by: Asyn on December 04, 2015, 10:20:05 AM
Security Advisory: Dell Foundation Services Remote Information Disclosure
http://lizardhq.rum.supply/2015/11/25/dell-foundation-services.html
Security Advisory: Dell Foundation Services Remote Information Disclosure (II)
http://lizardhq.rum.supply/2015/12/01/dell-foundation-services.2.html
Title: Re: Technical
Post by: bob3160 on December 04, 2015, 01:23:10 PM
Security Advisory: Dell Foundation Services Remote Information Disclosure
http://lizardhq.rum.supply/2015/11/25/dell-foundation-services.html (http://lizardhq.rum.supply/2015/11/25/dell-foundation-services.html)
Security Advisory: Dell Foundation Services Remote Information Disclosure (II)
http://lizardhq.rum.supply/2015/12/01/dell-foundation-services.2.html (http://lizardhq.rum.supply/2015/12/01/dell-foundation-services.2.html)
Same warning on this link as in your last post on this topic. :)
Title: Re: Technical
Post by: Asyn on December 05, 2015, 07:16:42 AM
Same warning on this link as in your last post on this topic. :)
As said, the site is clean. Everything else, you've to discuss with Bitdefender. ;)
Title: Re: Technical
Post by: bob3160 on December 05, 2015, 02:14:11 PM
Same warning on this link as in your last post on this topic. :)
As said, the site is clean. Everything else, you've to discuss with Bitdefender. ;)
You'll notice there also hasn't been any action by them to make any changes.
Title: Re: Technical
Post by: Asyn on December 05, 2015, 06:20:49 PM
Same warning on this link as in your last post on this topic. :)
As said, the site is clean. Everything else, you've to discuss with Bitdefender. ;)
You'll notice there also hasn't been any action by them to make any changes.
I can't help you with Bitdefender. I suggest to post/ask at their forum.
-> https://www.virustotal.com/de/url/8c76b84e76b48bd3529dd1279de0520dd4959a343d201b536d8c4ab87d383919/analysis/1449335753/
Title: Re: Technical
Post by: Asyn on December 06, 2015, 08:28:31 AM
China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets
https://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html
Title: Re: Technical
Post by: Asyn on December 07, 2015, 11:26:32 AM
Let’s Encrypt - Public Beta: December 3, 2015
https://letsencrypt.org/2015/11/12/public-beta-timing.html
Entering Public Beta
https://letsencrypt.org/2015/12/03/entering-public-beta.html
Title: Re: Technical
Post by: Asyn on December 08, 2015, 12:56:53 PM
High-Profile Mobile Apps At Risk Due to Three-Year-Old Vulnerability
http://blog.trendmicro.com/trendlabs-security-intelligence/high-profile-mobile-apps-at-risk-due-to-three-year-old-vulnerability/
Title: Re: Technical
Post by: polonus on December 08, 2015, 04:34:26 PM
A good new initiative from Mozilla's: https://blog.mozilla.org/futurereleases/2015/12/08/announcing-focus-by-firefox-a-content-blocker-for-ios/

polonus
Title: Re: Technical
Post by: Asyn on December 09, 2015, 09:10:57 AM
Security Alert: Angler Exploit Kit Spreads CryptoWall 4.0 via New Drive-By Campaign
https://heimdalsecurity.com/blog/security-alert-angler-exploit-kit-spreads-cryptowall-4-0-via-new-drive-campaign/
Title: Re: Technical
Post by: Asyn on December 10, 2015, 07:41:20 AM
ZeroDB, an end-to-end encrypted database, is open source!
http://blog.zerodb.io/zerodb-open-source-announcement/
Title: Re: Technical
Post by: Asyn on December 12, 2015, 10:21:29 AM
Meet the woman in charge of the FBI’s most controversial high-tech tools
https://www.washingtonpost.com/world/national-security/meet-the-woman-in-charge-of-the-fbis-most-contentious-high-tech-tools/2015/12/08/15adb35e-9860-11e5-8917-653b65c809eb_story.html
Title: Re: Technical
Post by: Asyn on December 13, 2015, 08:45:02 AM
SHA-1 Deprecation: No Browser Left Behind
https://blog.cloudflare.com/sha-1-deprecation-no-browser-left-behind/
Title: Re: Technical
Post by: Asyn on December 15, 2015, 08:21:43 AM
WTF-PAD: Toward an Efficient Website Fingerprinting Defense for Tor
http://arxiv.org/abs/1512.00524
http://arxiv.org/pdf/1512.00524v1 (PDF)
Title: Re: Technical
Post by: Asyn on December 16, 2015, 06:05:17 AM
Retailer’s apps reveal your Christmas list to the public
https://blog.avast.com/2015/12/15/retailers-apps-reveal-my-christmas-list-to-the-public/
Title: Re: Technical
Post by: Asyn on December 17, 2015, 09:40:21 AM
FireEye Exploitation: Project Zero’s Vulnerability of the Beast
http://googleprojectzero.blogspot.com/2015/12/fireeye-exploitation-project-zeros.html
Title: Re: Technical
Post by: Asyn on December 18, 2015, 05:06:20 PM
Back to 28: Grub2 Authentication 0-Day
http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
Title: Re: Technical
Post by: Asyn on December 19, 2015, 09:27:07 AM
Exploit upgrade for Microsoft Word Intruder crimeware kit
https://nakedsecurity.sophos.com/2015/12/14/exploit-upgrade-for-microsoft-word-intruder-crimeware-kit/
https://www.sophos.com/en-us/medialibrary/PDFs/technical%20papers/sophos-microsoft-word-intruder-revealed.pdf
Title: Re: Technical
Post by: Asyn on December 20, 2015, 11:42:47 AM
It's Still the Data, Stupid!
https://blog.shodan.io/its-still-the-data-stupid/
Title: Re: Technical
Post by: Asyn on December 21, 2015, 07:02:16 AM
Stingrays- A Secret Catalogue of Government Gear for Spying on Your Cellphone
https://theintercept.com/2015/12/17/a-secret-catalogue-of-government-gear-for-spying-on-your-cellphone/
Title: Re: Technical
Post by: Asyn on December 22, 2015, 08:17:57 AM
Instagram's Million Dollar Bug
http://www.exfiltrated.com/research-Instagram-RCE.php
Title: Re: Technical
Post by: Asyn on December 23, 2015, 08:15:14 AM
Oracle Agrees to Settle FTC Charges It Deceived Consumers About Java Software Updates
https://www.ftc.gov/news-events/press-releases/2015/12/oracle-agrees-settle-ftc-charges-it-deceived-consumers-about-java
Title: Re: Technical
Post by: Asyn on December 24, 2015, 10:50:47 AM
AP Investigation: U.S. power grid vulnerable to foreign hacks
http://lasvegassun.com/news/2015/dec/21/ap-investigation-us-power-grid-vulnerable-to-forei/
Title: Re: Technical
Post by: Asyn on December 26, 2015, 09:11:02 AM
Cock.li e-mail server seized by German authorities, admin announces
http://arstechnica.com/tech-policy/2015/12/cock-li-e-mail-server-seized-by-german-authorities-admin-announces/
Title: Re: Technical
Post by: Asyn on January 04, 2016, 12:07:02 AM
The DNSSEC Root Signing Ceremony
https://www.cloudflare.com/dnssec/root-signing-ceremony/
Title: Re: Technical
Post by: Asyn on January 04, 2016, 09:51:30 AM
Top 50 Products By Total Number Of "Distinct" Vulnerabilities in 2015
http://www.cvedetails.com/top-50-products.php?year=2015
Title: Re: Technical
Post by: Lisandro on January 04, 2016, 11:33:34 AM
Top 50 Products By Total Number Of "Distinct" Vulnerabilities in 2015
http://www.cvedetails.com/top-50-products.php?year=2015
And look who is in the top? Surprise? Apple... And in the second place? Surprise? Apple...
Title: Re: Technical
Post by: Asyn on January 05, 2016, 10:20:22 AM
Meet Ransom32: The first JavaScript ransomware
http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/
Title: Re: Technical
Post by: Asyn on January 06, 2016, 08:15:16 AM
Recently Bought a Windows Computer? Microsoft Probably Has Your Encryption Key
https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/
http://arstechnica.com/information-technology/2015/12/microsoft-may-have-your-encryption-key-heres-how-to-take-it-back/
Title: Re: Technical
Post by: Asyn on January 07, 2016, 08:20:25 AM
BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry
http://www.welivesecurity.com/2016/01/04/blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry/
Title: Re: Technical
Post by: Asyn on January 08, 2016, 11:31:42 AM
The Tor Project Is Starting a Bug Bounty Program
http://motherboard.vice.com/read/the-tor-project-is-starting-a-bug-bounty-program
Title: Re: Technical
Post by: polonus on January 08, 2016, 11:40:15 AM
New privacy friendly searchengine: https://oscobo.co.uk/
Oscoba shows some ads, but not user profile related.

polonus
Title: Re: Technical
Post by: Asyn on January 09, 2016, 09:35:32 AM
You’re watching TV – Is it also watching you?
http://blog.checkpoint.com/2016/01/07/youre-watching-tv-is-it-also-watching-you/
http://blog.checkpoint.com/wp-content/uploads/2015/12/EZCast_Report_Check_Point.pdf
Title: Re: Technical
Post by: DavidR on January 09, 2016, 02:51:45 PM
You’re watching TV – Is it also watching you?
http://blog.checkpoint.com/2016/01/07/youre-watching-tv-is-it-also-watching-you/
http://blog.checkpoint.com/wp-content/uploads/2015/12/EZCast_Report_Check_Point.pdf

This is something that has concerned me from the first day of so called Smart TVs - without protection there is no way I would connect my TV to the internet.
Title: Re: Technical
Post by: polonus on January 09, 2016, 04:40:50 PM
Dear DavidR,

Surveillance has become the business model everywhere, whether we like it or not. Seems the sheeple is being herded that way.
That is the world we came to live in. And there is no one that checks the designers of this world.
There is a lot in the Internet of Things that came to spy on the owners - thermostats, household gadgets, and they talk about you behind your back.
Read how cleverly they do it. But what do you expect as they can read your lips from the vibration of your window pane.
Good we aren't always aware this is going on everywhere all of the time. Read: http://motherboard.vice.com/en_ca/read/the-internet-of-things-that-talk-about-you-behind-your-back
Oh and they know where you are now: http://freemeteo.nl/weer/?language=dutch&country=netherlands

Damian
Title: Re: Technical
Post by: DavidR on January 09, 2016, 05:15:53 PM
Yes I don't want my fridge connected to the internet either, if I ever get a smart fridge that is ;D
Title: Re: Technical
Post by: Asyn on January 10, 2016, 08:35:54 AM
Understanding risks and avoiding FUD
https://unmitigatedrisk.com/?p=552
Title: Re: Technical
Post by: polonus on January 10, 2016, 05:17:48 PM
Hi DavidR,

Probably you haven't already installed some of the smart apps? For every modern fridge there is one to warn when you have run out of strawberries or whipped cream! Re: https://play.google.com/store/apps/details?id=\
What is the E-Smart Refrigerator App?
- The E-Smart Refrigerator App allows you to control your XXXXX Refrigerator remotely from your smart phone at home.
- The E-Smart Refrigerator App allows you to check your refrigerator power consumption (in this month and last month 삭제) from your smart phone at home.
- In order to run Smart Grid (Demand Response) function, you need to register the service with your electricity provider company that has EMS(Energy Management System) supporting the SEP(Smart Energy profile).
■ Supported Smart Phone Models:
- Galaxy S4, Galaxy Note 3
(Other models are not guaranteed that they will operate normally.)
- Supported OS : Android 4.0 ~ Android 4.3
Very likely bob3160 has it long time installed  ;D

Damian
Title: Re: Technical
Post by: DavidR on January 10, 2016, 05:31:42 PM
Hi DavidR,

Probably you haven't already installed some of the smart apps? For every modern fridge there is one to warn when you have run out of strawberries or whipped cream! Re: https://play.google.com/store/apps/details?id=\
What is the E-Smart Refrigerator App?
- The E-Smart Refrigerator App allows you to control your XXXXX Refrigerator remotely from your smart phone at home.
- The E-Smart Refrigerator App allows you to check your refrigerator power consumption (in this month and last month 삭제) from your smart phone at home.
- In order to run Smart Grid (Demand Response) function, you need to register the service with your electricity provider company that has EMS(Energy Management System) supporting the SEP(Smart Energy profile).
■ Supported Smart Phone Models:
- Galaxy S4, Galaxy Note 3
(Other models are not guaranteed that they will operate normally.)
- Supported OS : Android 4.0 ~ Android 4.3
Very likely bob3160 has it long time installed  ;D

Damian


It's when your fridge starts to send you texts/email to get some milk, etc. whilst you are out. Hell if your are using your mobile phones speech tool, Siri, Cortana or Google's voice option, who knows when it detects you are in a supermarket and it blurts out "don't forget the eggs, etc. etc. your name".

I'm in no rush to get a fridge that's smarter than its user ;D
Title: Re: Technical
Post by: Asyn on January 11, 2016, 09:49:10 AM
[Mozilla Firefox] Man-in-the-Middle Interfering with Increased Security
https://blog.mozilla.org/security/2016/01/06/man-in-the-middle-interfering-with-increased-security/
Title: Re: Technical
Post by: Pondus on January 11, 2016, 09:28:04 PM
Bug Affecting Intel Skylake Processors Can Freeze Computers Running Complex Workloads
http://www.lifehacker.com.au/2016/01/bug-affecting-intel-skylake-processors-can-freeze-computers-running-complex-workloads/


Title: Re: Technical
Post by: Asyn on January 12, 2016, 09:59:52 AM
Drupal - Insecure Update Process
http://blog.ioactive.com/2016/01/drupal-insecure-update-process.html
Title: Re: Technical
Post by: Asyn on January 13, 2016, 10:32:34 AM
International action against DD4BC cybercriminal group
https://www.europol.europa.eu/content/international-action-against-dd4bc-cybercriminal-group
Title: Re: Technical
Post by: Asyn on January 14, 2016, 07:37:44 AM
Clickjacking Campaign Plays on European Cookie Law
https://blog.malwarebytes.org/fraud-scam/2016/01/clickjacking-campaign-plays-on-european-cookie-law/
Title: Re: Technical
Post by: Asyn on January 15, 2016, 08:19:26 AM
OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
http://undeadly.org/cgi?action=article&sid=20160114142733
https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
Title: Re: Technical
Post by: Pondus on January 15, 2016, 05:19:57 PM
The world’s biggest SSD has arrived
http://www.extremetech.com/computing/221303-the-worlds-biggest-ssd-has-arrived-at-13tb
http://www.fixstars.com/en/ssd/features/

Title: Re: Technical
Post by: Asyn on January 18, 2016, 08:36:35 AM
Apple’s ‘Targeted’ Gatekeeper Bypass Patch Leaves OS X Users Exposed
https://threatpost.com/apples-targeted-gatekeeper-bypass-patch-leaves-os-x-users-exposed/115887/
Title: Re: Technical
Post by: Pondus on January 18, 2016, 09:50:15 PM
Windows 10 Embracing Silicon Innovation
https://blogs.windows.com/windowsexperience/2016/01/15/windows-10-embracing-silicon-innovation/

Title: Re: Technical
Post by: Asyn on January 19, 2016, 12:13:00 PM
Yahoo Mail stored XSS
https://klikki.fi/adv/yahoo.html
Title: Re: Technical
Post by: Asyn on January 20, 2016, 08:11:26 AM
Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728)
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
Title: Re: Technical
Post by: Asyn on January 21, 2016, 11:22:59 AM
Chrome extension empties your Steam inventory
http://bartblaze.blogspot.hr/2016/01/chrome-extension-empties-your-steam.html
Title: Re: Technical
Post by: Pondus on January 21, 2016, 06:49:04 PM
The former CEO of Mozilla is launching a web browser that blocks all ads by default
www.businessinsider.com/former-mozilla-ceo-brendan-eich-launches-ad-blocking-web-browser-brave-2016-1?r=UK&IR=T


Title: Re: Technical
Post by: Asyn on January 22, 2016, 06:06:17 AM
The former CEO of Mozilla is launching a web browser that blocks all ads by default
www.businessinsider.com/former-mozilla-ceo-brendan-eich-launches-ad-blocking-web-browser-brave-2016-1?r=UK&IR=T

Quote
Replacing adverts — with adverts

"We need to clean the swimming pool," Brendan Eich says. "Chlorinate the pool. Only by doing that can we build a better ad model for publishers as well as users."

This is the more radical aspect of Brave — re-inserting new adverts. The browser will detect where adverts should go and fill them with new programmatic advertising. Eich says that by doing so, they can offer a better deal to publishers than currently exists by cutting out the adtech middle-men.

Publishers will get around 55% of revenues. 15% will go to Brave. 15% will go to the partner that supplies the ads. And, interestingly, 10-15% goes directly to the user.

It "won't be huge," Eich says, but this will let users automatically make micro-payments to publishers they like. Brave will then block all the adverts on the sites that they choose to pay for.

The adverts that Brave display will be based on tags generated from the user's web browsing history (although this history won't be shared with advertisers). This is, arguably, somewhat invasive — although users can customise their tags and add and remove them as they wish.
Title: Re: Technical
Post by: Asyn on January 23, 2016, 09:59:05 AM
Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728)
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
Regarding Android: https://plus.google.com/u/0/+AdrianLudwig/posts/KxHcLPgSPoY
Title: Re: Technical
Post by: polonus on January 23, 2016, 07:06:57 PM
Project to add any searchengine to your browser: http://mycroftproject.com/search-engines.html
So if you wanna have Disconnect add it this way etc. :http://mycroftproject.com/search-engines.html?name=Disconnect

polonus
Title: Re: Technical
Post by: Asyn on January 24, 2016, 08:03:57 AM
Insecure by design: protocols for encrypted phone calls
https://www.benthamsgaze.org/2016/01/19/insecure-by-design-protocols-for-encrypted-phone-calls/
Title: Re: Technical
Post by: Asyn on January 25, 2016, 01:43:15 PM
Deliberately hidden backdoor account in several AMX (HARMAN Professional) devices
http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt
Title: Re: Technical
Post by: Asyn on January 29, 2016, 08:04:44 AM
Putting the spotlight on firmware malware
http://blog.virustotal.com/2016/01/putting-spotlight-on-firmware-malware_27.html
Title: Re: Technical
Post by: Asyn on January 31, 2016, 01:01:33 PM
Hot or Not? The Benefits and Risks of iOS Remote Hot Patching
https://www.fireeye.com/blog/threat-research/2016/01/hot_or_not_the_bene.html
Title: Re: Technical
Post by: Asyn on February 02, 2016, 07:21:27 AM
Intel SGX Explained
http://eprint.iacr.org/2016/086
http://eprint.iacr.org/2016/086.pdf
Title: Re: Technical
Post by: Asyn on February 03, 2016, 07:54:33 AM
Tor hidden service operators: your default Apache install is probably vulnerable
https://wireflaw.net/blog/apache-hidden-service-vuln.html
Title: Re: Technical
Post by: Asyn on February 04, 2016, 01:25:02 PM
Reconciling Perspectives: New Report Reframes Encryption Debate
https://cyber.law.harvard.edu/node/99280
https://cyber.law.harvard.edu/pubrelease/dont-panic/
https://cyber.law.harvard.edu/pubrelease/dont-panic/Dont_Panic_Making_Progress_on_Going_Dark_Debate.pdf
Title: Re: Technical
Post by: Asyn on February 05, 2016, 01:46:42 PM
TeslaCrypt 3.0 Released with Modified Algorithm and .XXX, .TTT, and .MICRO File Extensions
http://www.bleepingcomputer.com/news/security/teslacrypt-3-0-released-with-new-encryption-algorithm-and-xxx-file-extensions/
Title: Re: Technical
Post by: Asyn on February 07, 2016, 12:16:19 PM
The Malware Museum
https://archive.org/details/malwaremuseum
Title: Re: Technical
Post by: Asyn on February 09, 2016, 01:39:21 PM
No More Deceptive Download Buttons
https://googleonlinesecurity.blogspot.com/2016/02/no-more-deceptive-download-buttons.html
Title: Re: Technical
Post by: Asyn on February 11, 2016, 08:20:22 AM
Your Number26 Mastercard knows what you did last summer…
https://metabubble.net/payment-cards-bank-accounts/your-number26-mastercard-knows-what-you-did-last-summer/
Title: Re: Technical
Post by: Asyn on February 12, 2016, 08:22:20 AM
T9000: Advanced Modular Backdoor Uses Complex Anti-Analysis Techniques
http://researchcenter.paloaltonetworks.com/2016/02/t9000-advanced-modular-backdoor-uses-complex-anti-analysis-techniques/
Title: Re: Technical
Post by: Asyn on February 14, 2016, 07:04:47 AM
There's a lot of vulnerable OS X applications out there
https://vulnsec.com/2016/osx-apps-vulnerabilities/
http://arstechnica.com/security/2016/02/huge-number-of-mac-apps-vulnerable-to-hijacking-and-a-fix-is-elusive/
Title: Re: Technical
Post by: Asyn on February 15, 2016, 09:56:00 AM
Russian Hackers Moved Ruble Rate With Malware, Group-IB Says
http://www.bloomberg.com/news/articles/2016-02-08/russian-hackers-moved-currency-rate-with-malware-group-ib-says
http://www.group-ib.ru/brochures/Group-IB-Corkow-Report-EN.pdf
Title: Re: Technical
Post by: Asyn on February 16, 2016, 08:23:03 AM
Poseidon Group: a Targeted Attack Boutique specializing in global cyber-espionage
https://securelist.com/blog/research/73673/poseidon-group-a-targeted-attack-boutique-specializing-in-global-cyber-espionage/
Title: Re: Technical
Post by: Asyn on February 17, 2016, 08:40:58 AM
There's a lot of vulnerable OS X applications out there
https://vulnsec.com/2016/osx-apps-vulnerabilities/
http://arstechnica.com/security/2016/02/huge-number-of-mac-apps-vulnerable-to-hijacking-and-a-fix-is-elusive/
Apologies! Sky Kinda Falling + Protecting Yourself From Sparklegate
https://www.taoeffect.com/blog/2016/02/apologies-sky-kinda-falling-protecting-yourself-from-sparklegate/
Title: Re: Technical
Post by: Asyn on February 18, 2016, 08:05:39 AM
Security Alert: Mazar BOT Spotted in Active Attacks – the Android Malware That Can Erase Your Phone
https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/
Title: Re: Technical
Post by: Asyn on February 19, 2016, 09:07:59 AM
The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Title: Re: Technical
Post by: Asyn on February 21, 2016, 09:10:01 AM
Fake SUPEE-5344 Patch Steals Payment Details
https://blog.sucuri.net/2016/02/fake-supee-5344-patch-steals-payment-details.html
Title: Re: Technical
Post by: Asyn on February 23, 2016, 08:29:24 AM
Pirated iOS App Store’s Client Successfully Evaded Apple iOS Code Review
http://researchcenter.paloaltonetworks.com/2016/02/pirated-ios-app-stores-client-successfully-evaded-apple-ios-code-review/
Title: Re: Technical
Post by: Asyn on February 24, 2016, 08:34:20 AM
The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Locky: JavaScript Deobfuscation
https://isc.sans.edu/diary/Locky/20749
Title: Re: Technical
Post by: Asyn on February 25, 2016, 10:18:23 AM
MouseJack - Injecting Keystrokes into Wireless Mice
https://www.bastille.net/technical-details
https://www.bastille.net/affected-devices
Title: Re: Technical
Post by: Asyn on February 26, 2016, 08:44:02 AM
Android Malware About to Get Worse: GM Bot Source Code Leaked
https://securityintelligence.com/android-malware-about-to-get-worse-gm-bot-source-code-leaked/
Title: Re: Technical
Post by: Asyn on February 27, 2016, 08:31:04 AM
Android trump card: Acecard
https://blog.kaspersky.com/acecard-android-trojan/11368/
Title: Re: Technical
Post by: Asyn on February 28, 2016, 11:21:01 AM
Controlling vehicle features of Nissan LEAFs across the globe via vulnerable APIs
http://www.troyhunt.com/2016/02/controlling-vehicle-features-of-nissan.html
Title: Re: Technical
Post by: Asyn on March 01, 2016, 09:23:20 AM
Porn clicker trojans at Google Play: An analysis
http://www.welivesecurity.com/2016/02/24/porn-clicker-trojans-google-play-analysis/
http://www.welivesecurity.com/2016/02/23/appendix-porn-clicker-trojans-at-google-play/
Title: Re: Technical
Post by: Asyn on March 02, 2016, 09:05:33 AM
HackingTeam Reborn; A Brief Analysis of an RCS Implant Installer
https://objective-see.com/blog/blog_0x0D.html
Title: Re: Technical
Post by: Asyn on March 03, 2016, 11:59:34 AM
CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
https://ssrg.nicta.com.au/projects/TS/cachebleed/
https://ssrg.nicta.com.au/projects/TS/cachebleed/cachebleed.pdf
Title: Re: Technical
Post by: Asyn on March 04, 2016, 09:30:25 AM
HackingTeam Reborn; A Brief Analysis of an RCS Implant Installer
https://objective-see.com/blog/blog_0x0D.html
The Italian morons are back! What are they up to this time?
https://reverse.put.as/2016/02/29/the-italian-morons-are-back-what-are-they-up-to-this-time/
Title: Re: Technical
Post by: Asyn on March 05, 2016, 08:27:46 AM
The DROWN Attack
https://drownattack.com/
https://drownattack.com/top-sites.html
https://test.drownattack.com/
https://drownattack.com/drown-attack-paper.pdf
Title: Re: Technical
Post by: Asyn on March 06, 2016, 08:26:10 AM
The Attacker's Dictionary
https://community.rapid7.com/community/infosec/blog/2016/03/01/the-attackers-dictionary
Title: Re: Technical
Post by: Asyn on March 07, 2016, 08:13:27 AM
ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs
https://eprint.iacr.org/2016/129
https://eprint.iacr.org/2016/129.pdf
Title: Re: Technical
Post by: Asyn on March 08, 2016, 07:48:08 AM
New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer
http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-ransomware-keranger-infected-transmission-bittorrent-client-installer/
Title: Re: Technical
Post by: Asyn on March 11, 2016, 06:49:06 AM
The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Locky: JavaScript Deobfuscation
https://isc.sans.edu/diary/Locky/20749
A closer look at the Locky ransomware
https://blog.avast.com/a-closer-look-at-the-locky-ransomware
Title: Re: Technical
Post by: Asyn on March 13, 2016, 09:55:48 AM
New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer
http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-ransomware-keranger-infected-transmission-bittorrent-client-installer/
KeRanger Is Actually A Rewrite of Linux.Encoder
https://labs.bitdefender.com/2016/03/keranger-is-actually-a-rewrite-of-linux-encoder/
Title: Re: Technical
Post by: Asyn on March 14, 2016, 12:03:26 PM
[SE-2012-01] Broken security fix in Oracle Java SE 7/8/9
http://seclists.org/fulldisclosure/2016/Mar/31
http://www.security-explorations.com/materials/SE-2012-01-ORACLE-14.pdf
Title: Re: Technical
Post by: Asyn on March 15, 2016, 09:40:24 AM
Towards Automated Dynamic Analysis for Linux-based Embedded Firmware
https://github.com/firmadyne/firmadyne/blob/master/paper/paper.pdf
FIRMADYNE: https://github.com/firmadyne/firmadyne
Title: Re: Technical
Post by: Asyn on March 17, 2016, 09:22:17 AM
Angler Takes Malvertising to New Heights
https://www.trustwave.com/Resources/SpiderLabs-Blog/Angler-Takes-Malvertising-to-New-Heights/
Title: Re: Technical
Post by: Asyn on March 19, 2016, 10:58:02 AM
AceDeceiver: First iOS Trojan Exploiting Apple DRM Design Flaws to Infect Any iOS Device
http://researchcenter.paloaltonetworks.com/2016/03/acedeceiver-first-ios-trojan-exploiting-apple-drm-design-flaws-to-infect-any-ios-device/
Title: Re: Technical
Post by: Asyn on March 20, 2016, 09:46:00 AM
The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Locky: JavaScript Deobfuscation
https://isc.sans.edu/diary/Locky/20749
A closer look at the Locky ransomware
https://blog.avast.com/a-closer-look-at-the-locky-ransomware
Locky’s JavaScript downloader
https://blog.avast.com/lockys-javascript-downloader
Title: Re: Technical
Post by: Asyn on March 21, 2016, 08:17:48 AM
Metaphor - A (real) real­life Stagefright exploit
https://www.exploit-db.com/docs/39527.pdf
Title: Re: Technical
Post by: Asyn on March 22, 2016, 08:38:58 AM
TeslaCrypt 4.0 Released with Bug Fixes and Stops Adding Extensions
http://www.bleepingcomputer.com/news/security/teslacrypt-4-0-released-with-bug-fixes-and-stops-adding-extensions/
Title: Re: Technical
Post by: Asyn on March 23, 2016, 07:10:36 AM
Attack of the Week: Apple iMessage
http://blog.cryptographyengineering.com/2016/03/attack-of-week-apple-imessage.html
Title: Re: Technical
Post by: Asyn on March 24, 2016, 10:08:11 AM
Comodo Antivirus Forwards Emulated API calls to the Real API during scans
https://bugs.chromium.org/p/project-zero/issues/detail?id=769
Title: Re: Technical
Post by: Asyn on March 25, 2016, 10:38:27 AM
Certificate Transparency for Untrusted CAs
https://security.googleblog.com/2016/03/certificate-transparency-for-untrusted.html
Title: Re: Technical
Post by: Asyn on March 26, 2016, 04:47:02 PM
Infoblox DNS Threat Index Report - Q4 2015
https://www.infoblox.com/dns-threat-index
https://www.infoblox.com/sites/infobloxcom/files/resources/infoblox-white-paper-dns-threat-index-q4-2015-report.pdf
Title: Re: Technical
Post by: Asyn on March 27, 2016, 10:05:42 AM
Threat Alert: “PowerWare,” New Ransomware Written in PowerShell, Targets Organizations via Microsoft Word
https://www.carbonblack.com/2016/03/25/threat-alert-powerware-new-ransomware-written-in-powershell-targets-organizations-via-microsoft-word/
Title: Re: Technical
Post by: Asyn on March 28, 2016, 09:00:12 AM
Thank You for Hacking iPhone, Now Tell Apple How You Did It
http://www.bloomberg.com/news/articles/2016-03-23/thank-you-for-hacking-iphone-now-tell-apple-how-you-did-it
Title: Re: Technical
Post by: bob3160 on March 28, 2016, 03:14:38 PM
Thank You for Hacking iPhone, Now Tell Apple How You Did It
http://www.bloomberg.com/news/articles/2016-03-23/thank-you-for-hacking-iphone-now-tell-apple-how-you-did-it (http://www.bloomberg.com/news/articles/2016-03-23/thank-you-for-hacking-iphone-now-tell-apple-how-you-did-it)
Using virtualization to bypass something destructive has long been a proven method to use on something like this.
Why did it take so long to finally realize this and, why can't they do it themselves ??? 
Title: Re: Technical
Post by: Asyn on March 30, 2016, 08:26:17 AM
Evolution of SamSa Malware Suggests New Ransomware Tactics In Play
http://researchcenter.paloaltonetworks.com/2016/03/evolution-of-samsa-malware-suggests-new-ransomware-tactics-in-play/
https://blogs.technet.microsoft.com/mmpc/2016/03/17/no-mas-samas-whats-in-this-ransomwares-modus-operandi/
http://blog.talosintel.com/2016/03/samsam-ransomware.html
http://www.intelsecurity.com/advanced-threat-research/content/Analysis_SamSa_Ransomware.pdf
Title: Re: Technical
Post by: Asyn on March 31, 2016, 08:06:05 AM
WordPress and Joomla websites get hacked with fake jQuery
https://blog.avast.com/wordpress-and-joomla-users-get-hacked-be-aware-of-fake-jquery
Title: Re: Technical
Post by: Asyn on April 01, 2016, 09:46:01 AM
Have you disabled Flash yet?
https://business.f-secure.com/have-you-disabled-flash-yet/
Title: Re: Technical
Post by: Asyn on April 02, 2016, 09:45:58 AM
Ransomware Petya - a technical review
https://blog.gdatasoftware.com/2016/03/28226-ransomware-petya-a-technical-review
Title: Re: Technical
Post by: Asyn on April 03, 2016, 09:18:55 AM
Apple's fruitless rootless security broken by code that fits in a tweet
http://www.theregister.co.uk/2016/03/30/apple_os_x_rootless/
Title: Re: Technical
Post by: Asyn on April 04, 2016, 10:34:34 AM
SideStepper: Bypassing the iOS Gatekeeper to Attack iPhone and iPad Devices
http://blog.checkpoint.com/2016/03/31/sidestepper/
Title: Re: Technical
Post by: Asyn on April 06, 2016, 07:30:40 AM
WhatsApp's Signal Protocol integration is now complete
https://whispersystems.org/blog/whatsapp-complete/
https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf
Title: Re: Technical
Post by: bob3160 on April 06, 2016, 07:21:22 PM
WhatsApp's Signal Protocol integration is now complete
https://whispersystems.org/blog/whatsapp-complete/ (https://whispersystems.org/blog/whatsapp-complete/)
https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf (https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf)
https://blog.avast.com/what-whatsapps-new-end-to-end-encryption-means-for-you
Title: Re: Technical
Post by: Asyn on April 07, 2016, 07:56:29 AM
Andromeda under the microscope
https://blog.avast.com/andromeda-under-the-microscope
Title: Re: Technical
Post by: Asyn on April 08, 2016, 09:26:31 AM
CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities
http://www.buyukkayhan.com/publications/ndss2016crossfire.pdf
Title: Re: Technical
Post by: Asyn on April 10, 2016, 10:24:58 AM
Users Really Do Plug in USB Drives They Find
https://zakird.com/papers/usb.pdf
Title: Re: Technical
Post by: bob3160 on April 10, 2016, 02:53:48 PM
Users Really Do Plug in USB Drives They Find
https://zakird.com/papers/usb.pdf (https://zakird.com/papers/usb.pdf)
(http://screencast-o-matic.com/screenshots/u/Lh/1460292881692-2072.png)
Title: Re: Technical
Post by: Asyn on April 12, 2016, 07:19:43 AM
Ransomware Petya - a technical review
https://blog.gdatasoftware.com/2016/03/28226-ransomware-petya-a-technical-review
Petya Ransomware's Encryption Defeated and Password Generator Released
http://www.bleepingcomputer.com/news/security/petya-ransomwares-encryption-defeated-and-password-generator-released/
Title: Re: Technical
Post by: Asyn on April 14, 2016, 09:43:02 AM
Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom
http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-pay-the-ransom/
Title: Re: Technical
Post by: Pondus on April 14, 2016, 10:00:04 PM
Mozilla explores radically different browser as Firefox leaks share
http://www.computerworld.com/article/3055945/web-browsers/mozilla-explores-radically-different-browser-as-firefox-leaks-share.html

Title: Re: Technical
Post by: Asyn on April 15, 2016, 08:26:48 AM
ID Ransomware
Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
https://id-ransomware.malwarehunterteam.com/
Title: Re: Technical
Post by: Asyn on April 16, 2016, 08:04:54 AM
New Threat Can Auto-Brick Apple Devices
http://krebsonsecurity.com/2016/04/new-threat-can-auto-brick-apple-devices/
Title: Re: Technical
Post by: Asyn on April 17, 2016, 09:23:43 AM
Gone in Six Characters: Short URLs Considered Harmful for Cloud Services
http://www.cs.cornell.edu/~shmat/shmat_urls.pdf
Title: Re: Technical
Post by: bob3160 on April 17, 2016, 04:16:55 PM
Gone in Six Characters: Short URLs Considered Harmful for Cloud Services
http://www.cs.cornell.edu/~shmat/shmat_urls.pdf (http://www.cs.cornell.edu/~shmat/shmat_urls.pdf)
Maybe people should learn to use Google's shortening service. They check for malicious code before shortening.
https://goo.gl/
Title: Re: Technical
Post by: Asyn on April 18, 2016, 12:06:21 PM
Internet Security Threat Report (Volume 21, April 2016)
https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
Title: Re: Technical
Post by: Pondus on April 18, 2016, 06:59:36 PM
Weekend Workshop: How to auto tweet your ISP when your Internet slows down
http://www.digitaltrends.com/cool-tech/how-to-build-broadband-speed-monitor/

http://makezine.com/projects/send-ticket-isp-when-your-internet-drops/

Title: Re: Technical
Post by: Asyn on April 19, 2016, 02:02:34 PM
Retefe is back in town
https://isc.sans.edu/diary/Retefe+is+back+in+town/20957
Title: Re: Technical
Post by: Asyn on April 23, 2016, 08:16:14 AM
Inside Nuclear’s Core: Analyzing the Nuclear Exploit Kit Infrastructure
http://blog.checkpoint.com/2016/04/20/inside-nuclears-core-analyzing-the-nuclear-exploit-kit-infrastructure/
http://blog.checkpoint.com/wp-content/uploads/2016/04/Inside-Nuclear-1-2.pdf
Title: Re: Technical
Post by: Asyn on April 24, 2016, 11:46:05 AM
How I Hacked Facebook, and Found Someone's Backdoor Script
http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/
Title: Re: Technical
Post by: Asyn on April 25, 2016, 08:45:21 AM
The Impact of a Ransomware Infection
https://blog.rootshell.be/2016/04/18/impact-ransomware-infection/
Title: Re: Technical
Post by: Asyn on April 26, 2016, 11:32:42 AM
Apple ImageIO Denial of Service
https://www.landaire.net/blog/apple-imageio-denial-of-service/
Title: Re: Technical
Post by: Asyn on April 27, 2016, 10:55:57 AM
Empty DDoS Threats: Meet the Armada Collective
https://blog.cloudflare.com/empty-ddos-threats-meet-the-armada-collective/
Title: Re: Technical
Post by: Asyn on April 28, 2016, 10:10:30 AM
Towelroot and Leaked Hacking Team Exploits Used to Deliver “Dogspectus” Ransomware to Android Devices
https://www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware
Title: Re: Technical
Post by: Asyn on April 29, 2016, 10:38:46 AM
How to unlock a .crypt file
https://blog.kaspersky.com/cryptxxx-ransomware/11939/
Title: Re: Technical
Post by: Asyn on April 30, 2016, 04:56:12 PM
Slack bot token leakage exposing business critical information
https://labs.detectify.com/2016/04/28/slack-bot-token-leakage-exposing-business-critical-information/
Title: Re: Technical
Post by: Asyn on May 01, 2016, 09:54:56 AM
Former Tor developer created malware for the FBI to hack Tor users
http://www.dailydot.com/politics/government-contractor-tor-malware/
Title: Re: Technical
Post by: Asyn on May 02, 2016, 10:24:50 AM
Digging deep for PLATINUM
https://blogs.technet.microsoft.com/mmpc/2016/04/26/digging-deep-for-platinum/
Title: Re: Technical
Post by: Asyn on May 03, 2016, 10:10:10 AM
Australian Craig Wright claims to be Bitcoin creator
http://www.bbc.com/news/technology-36168863
http://www.economist.com/news/briefings/21698061-craig-steven-wright-claims-be-satoshi-nakamoto-bitcoin
Title: Re: Technical
Post by: Asyn on May 04, 2016, 07:01:25 AM
New fresh phishing campaign hits Facebook
https://blog.avast.com/new-fresh-phishing-campaign-hits-facebook
Title: Re: Technical
Post by: Asyn on May 05, 2016, 09:17:20 AM
Decrypted: Alpha Ransomware accepts iTunes Gift Cards as Payment
http://www.bleepingcomputer.com/news/security/decrypted-alpha-ransomware-accepts-itunes-gift-cards-as-payment/
Title: Re: Technical
Post by: Asyn on May 06, 2016, 08:03:54 AM
Android Banker Trojan preys on credit card information
https://blog.avast.com/android-banker-trojan-preys-on-credit-card-information
Title: Re: Technical
Post by: Asyn on May 06, 2016, 06:59:46 PM
Mobile Malware Competition Rises in Underground Markets
https://securityintelligence.com/mobile-malware-competition-rises-in-underground-markets/
Title: Re: Technical
Post by: Asyn on May 07, 2016, 10:08:04 AM
Malware and non-malware ways for ATM jackpotting - Extended cut
https://securelist.com/analysis/publications/74533/malware-and-non-malware-ways-for-atm-jackpotting-extended-cut/
Title: Re: Technical
Post by: Asyn on May 09, 2016, 08:53:34 AM
Hold Security Recovers 272 Million Stolen Credentials From A Collector
http://holdsecurity.com/news/the_collector_breach/
http://www.reuters.com/article/us-cyber-passwords-idUSKCN0XV1I6
Title: Re: Technical
Post by: Asyn on May 10, 2016, 10:52:36 AM
An Introduction to AlphaLocker
https://blog.cylance.com/an-introduction-to-alphalocker
Title: Re: Technical
Post by: Asyn on May 11, 2016, 07:56:20 AM
Andromeda distributors craft new strategies for attacks
https://blog.avast.com/andromeda-distributors-craft-new-strategies-for-attacks
Title: Re: Technical
Post by: Asyn on May 12, 2016, 10:59:07 AM
Hacking Wordpress via XSS (Plugin: Event-Registration)
https://www.codemetrix.net/security/2016/04/25/hacking-wordpress-via-xss-event-registration.html
http://seclists.org/bugtraq/2016/May/34
Title: Re: Technical
Post by: Asyn on May 12, 2016, 12:03:47 PM
Crooks Go Deep With ‘Deep Insert’ Skimmers
http://krebsonsecurity.com/2016/05/crooks-go-deep-with-deep-insert-skimmers/
Title: Re: Technical
Post by: Asyn on May 12, 2016, 02:24:04 PM
Multiple 7-Zip Vulnerabilities Discovered by Talos
http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html
Title: Re: Technical
Post by: Asyn on May 13, 2016, 12:39:07 PM
CryptXXX 2.0: Ransomware Authors Strike Back Against Free Decryption Tool
https://www.proofpoint.com/us/threat-insight/post/cryptxxx2-ransomware-authors-strike-back-against-free-decryption-tool
Title: Re: Technical
Post by: Asyn on May 14, 2016, 06:12:22 PM
Software security suffers as upstarts lose access to virus data
http://www.reuters.com/article/us-cybersecurity-sharing-virustotal-anal-idUSKCN0XY0R4
Title: Re: Technical
Post by: Asyn on May 15, 2016, 11:01:19 AM
Mozilla - Advance Disclosure Needed to Keep Users Secure
https://blog.mozilla.org/blog/2016/05/11/advanced-disclosure-needed-to-keep-users-secure/
Title: Re: Technical
Post by: DavidR on May 15, 2016, 04:35:11 PM
Mozilla - Advance Disclosure Needed to Keep Users Secure
https://blog.mozilla.org/blog/2016/05/11/advanced-disclosure-needed-to-keep-users-secure/

I wasn't sure where this was going to lead from the blog title URL.

However, I found it to be very interesting and makes you wonder why this kind of disclosure (best practice) wasn't already the norm.
Title: Re: Technical
Post by: Gopher John on May 15, 2016, 05:24:05 PM
As long as the government wants to exploit the vulnerability itself, they wouldn't want to have it fixed regardless of how many people are put at risk.
Title: Re: Technical
Post by: Asyn on May 16, 2016, 10:10:44 AM
As long as the government wants to exploit the vulnerability itself, they wouldn't want to have it fixed regardless of how many people are put at risk.
Sad but true.
Title: Re: Technical
Post by: Asyn on May 16, 2016, 11:20:27 AM
Let's Analyze: Dridex
http://www.malwaretech.com/2016/03/lets-analyze-dridex-part-1.html
http://www.malwaretech.com/2016/04/lets-analyze-dridex-part-2.html
http://www.malwaretech.com/2016/05/lets-analyze-dridex-part-3.html
Title: Re: Technical
Post by: Asyn on May 17, 2016, 11:18:32 AM
Jigsaw Ransomware becomes CryptoHitman with Porno Extension
http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-becomes-cryptohitman-with-porno-extension/
Title: Re: Technical
Post by: Asyn on May 18, 2016, 09:45:16 AM
CryptXXX 2.0: Ransomware Authors Strike Back Against Free Decryption Tool
https://www.proofpoint.com/us/threat-insight/post/cryptxxx2-ransomware-authors-strike-back-against-free-decryption-tool
Update: CryptXXX solved again
https://blog.kaspersky.com/cryptxxx-decryption-20/12091/
Title: Re: Technical
Post by: Asyn on May 20, 2016, 08:39:20 AM
TeslaCrypt shuts down and Releases Master Decryption Key
http://www.bleepingcomputer.com/news/security/teslacrypt-shuts-down-and-releases-master-decryption-key/
Title: Re: Technical
Post by: Asyn on May 21, 2016, 09:06:27 AM
Mozilla - Advance Disclosure Needed to Keep Users Secure
https://blog.mozilla.org/blog/2016/05/11/advanced-disclosure-needed-to-keep-users-secure/
FBI Doesn’t Have to Give Mozilla Details on Bug It Used to Bust a Child Porn Ring
http://europe.newsweek.com/fbi-doesnt-have-give-mozilla-details-bug-it-used-bust-child-porn-ring-461325
Title: Re: Technical
Post by: Asyn on May 22, 2016, 11:58:28 AM
Lawsuit claims Facebook illegally scanned private messages
http://www.theverge.com/2016/5/19/11712804/facebook-private-message-scanning-privacy-lawsuit
Title: Re: Technical
Post by: Asyn on May 23, 2016, 12:10:57 PM
How I Could Compromise 4% (Locked) Instagram Accounts
https://www.arneswinnen.net/2016/03/how-i-could-compromise-4-locked-instagram-accounts/
Title: Re: Technical
Post by: Asyn on May 25, 2016, 08:12:02 AM
Two Attacks for The Price Of One: Weaponized Document Delivers Ransomware and Potential DDoS Attack
https://www.invincea.com/2016/05/two-attacks-for-the-price-of-one-weaponized-document-delivers-ransomware-and-potential-ddos-attack/
Title: Re: Technical
Post by: Pondus on May 25, 2016, 09:40:01 AM
Opera Software sold to Chinese Consortium    :'(
http://e24.no/boers-og-finans/opera-software/opera-bekrefter-budrykter-kineserne-fikk-over-90-prosent-aksept/23692851


Title: Re: Technical
Post by: Asyn on May 27, 2016, 08:32:30 AM
2016 Underground Hacker Marketplace Report
https://www.secureworks.com/resources/rp-2016-underground-hacker-marketplace-report
Title: Re: Technical
Post by: Asyn on May 28, 2016, 10:20:38 AM
Link (.lnk) to Ransom
https://blogs.technet.microsoft.com/mmpc/2016/05/26/link-lnk-to-ransom/
Title: Re: Technical
Post by: Asyn on May 29, 2016, 09:44:31 AM
Microsoft Password Guidance
http://research.microsoft.com/pubs/265143/Microsoft_Password_Guidance.pdf
Title: Re: Technical
Post by: Asyn on May 30, 2016, 08:03:26 AM
Phishing Activity Trends Report, 1st Quarter 2016
http://docs.apwg.org/reports/apwg_trends_report_q1_2016.pdf
Title: Re: Technical
Post by: Asyn on May 31, 2016, 07:44:03 AM
Don't panic, says Blue Coat, we're not using CA cert to snoop on you
http://www.theregister.co.uk/2016/05/27/blue_coat_ca_certs/
http://blogs.msmvps.com/alunj/2016/05/26/untrusting-the-blue-coat-intermediate-ca-from-windows/
https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/
Title: Re: Technical
Post by: Asyn on June 01, 2016, 10:38:34 AM
Tor Browser 6.0 is released
https://blog.torproject.org/blog/tor-browser-60-released
Title: Re: Technical
Post by: Asyn on June 02, 2016, 08:57:13 AM
How LinkedIn’s password sloppiness hurts us all
http://arstechnica.com/security/2016/06/how-linkedins-password-sloppiness-hurts-us-all/
Title: Re: Technical
Post by: Asyn on June 03, 2016, 10:14:19 AM
TeamViewer - Statement on Service Outage
https://www.teamviewer.com/en/company/press/statement-on-service-outage/
Title: Re: Technical
Post by: Asyn on June 04, 2016, 05:52:48 PM
Out-of-Box Exploitation: A Security Analysis of OEM Updaters
https://duo.com/blog/out-of-box-exploitation-a-security-analysis-of-oem-updaters
https://duo.com/assets/pdf/out-of-box-exploitation_oem-updaters.pdf
Title: Re: Technical
Post by: Asyn on June 05, 2016, 09:20:27 AM
Android -- (In-) Security of Security Applications
https://www.sit.fraunhofer.de/fileadmin/dokumente/Presse/teamsik_advisories_AV.pdf
Title: Re: Technical
Post by: Asyn on June 07, 2016, 04:25:05 PM
TeamViewer - Statement on Service Outage
https://www.teamviewer.com/en/company/press/statement-on-service-outage/
TeamViewer Launches Trusted Devices and Data Integrity
http://www.teamviewer.com/en/company/press/teamviewer-launches-trusted-devices-and-data-integrity/
Title: Re: Technical
Post by: Asyn on June 11, 2016, 08:46:28 AM
One of the World's Largest Botnets Has Vanished
http://motherboard.vice.com/read/one-of-the-worlds-largest-botnets-has-vanished
Title: Re: Technical
Post by: Asyn on June 12, 2016, 12:32:38 PM
Reviewing Microsoft's Automatic Insertion of Telemetry into C++ Binaries
https://www.infoq.com/news/2016/06/visual-cpp-telemetry
Title: Re: Technical
Post by: Asyn on June 12, 2016, 03:12:57 PM
Tails 2.4 is out
https://tails.boum.org/news/version_2.4/index.en.html
Title: Re: Technical
Post by: Asyn on June 13, 2016, 09:18:16 AM
Mozilla - Help Make Open Source Secure
https://blog.mozilla.org/blog/2016/06/09/help-make-open-source-secure/
Title: Re: Technical
Post by: croftypedro on June 13, 2016, 01:00:22 PM
Symantec to buy Blue Coat for $4.7 billion to boost enterprise unit

http://www.reuters.com/article/us-bluecoat-m-a-symantec-idUSKCN0YZ0BM
Title: Re: Technical
Post by: Asyn on June 13, 2016, 02:48:55 PM
Symantec to buy Blue Coat for $4.7 billion to boost enterprise unit
http://www.reuters.com/article/us-bluecoat-m-a-symantec-idUSKCN0YZ0BM
More here: http://investor.symantec.com/About/Investors/press-releases/press-release-details/2016/Symantec-to-Acquire-Blue-Coat-and-Define-the-Future-of-Cybersecurity/default.aspx
Title: Re: Technical
Post by: Asyn on June 13, 2016, 03:28:31 PM
Akamai - DDoS and Web Applications Attack (Q1 2016)
https://www.akamai.com/uk/en/multimedia/documents/state-of-the-internet/akamai-q1-2016-state-of-the-internet-security-report-infographic.pdf
Title: Re: Technical
Post by: Asyn on June 14, 2016, 08:44:07 AM
Intel & ME, and why we should get rid of ME
http://www.fsf.org/blogs/licensing/intel-me-and-why-we-should-get-rid-of-me
Title: Re: Technical
Post by: Asyn on June 15, 2016, 08:53:24 AM
FLocker Mobile Ransomware Crosses to Smart TV
http://blog.trendmicro.com/trendlabs-security-intelligence/flocker-ransomware-crosses-smart-tv/
Title: Re: Technical
Post by: Asyn on June 16, 2016, 11:56:28 AM
ATM Insert Skimmers In Action
https://krebsonsecurity.com/2016/06/atm-insert-skimmers-in-action/
Title: Re: Technical
Post by: Asyn on June 17, 2016, 11:30:51 AM
Unsupported TeamViewer Versions Exploited For Backdoors, Keylogging
http://blog.trendmicro.com/trendlabs-security-intelligence/unsupported-teamviewer-versions-exploited-backdoors-keylogging/
Title: Re: Technical
Post by: Asyn on June 18, 2016, 04:40:00 PM
Checked C
http://research.microsoft.com/en-us/projects/checkedc/
Title: Re: Technical
Post by: Asyn on June 19, 2016, 12:32:46 PM
Intel release new technology specifications to protect against ROP attacks
https://blogs.intel.com/evangelists/2016/06/09/intel-release-new-technology-specifications-protect-rop-attacks/
Title: Re: Technical
Post by: Asyn on June 20, 2016, 10:31:57 AM
Ransomware attack study
http://www.professionalsecurity.co.uk/news/case-studies/ransomware-attack-study/
Title: Re: Technical
Post by: Asyn on June 21, 2016, 10:36:11 AM
The new RAA Ransomware is created entirely using Javascript
http://www.bleepingcomputer.com/news/security/the-new-raa-ransomware-is-created-entirely-using-javascript/
Title: Re: Technical
Post by: Asyn on June 23, 2016, 03:46:39 PM
The Poisoned Archives
http://blog.talosintel.com/2016/06/the-poisoned-archives.html
Title: Re: Technical
Post by: DavidR on June 23, 2016, 05:22:03 PM
The Poisoned Archives
http://blog.talosintel.com/2016/06/the-poisoned-archives.html

Interesting, though what is also interesting is that a firefox add-on WorldIP reports that site as DNS-Spoofing.
Title: Re: Technical
Post by: Asyn on June 23, 2016, 08:02:23 PM
...though what is also interesting is that a firefox add-on WorldIP reports that site as DNS-Spoofing.
Hi Dave, that's a reputable site, see: http://www.talosintel.com/about/
No idea what you add-on is complaining about, sorry... :-\
Title: Re: Technical
Post by: DavidR on June 23, 2016, 08:30:32 PM
...though what is also interesting is that a firefox add-on WorldIP reports that site as DNS-Spoofing.
Hi Dave, that's a reputable site, see: http://www.talosintel.com/about/
No idea what you add-on is complaining about, sorry... :-\

I don't doubt it is legit, but there are many sites that really do go in for this kind of anonymity whilst the above link doesn't throw up the warning, the blog does. What seems to be the problem is the DNS server doesn't match the domain or somthing like that.
Title: Re: Technical
Post by: Asyn on June 23, 2016, 08:58:23 PM
If you think it's an issue, I'd suggest to report it: http://www.talosintel.com/contact/
Title: Re: Technical
Post by: Asyn on June 24, 2016, 06:51:57 AM
Retefe banking Trojan targets UK banking customers
https://blog.avast.com/retefe-banking-trojan-targets-uk-banking-customers
Title: Re: Technical
Post by: Asyn on June 25, 2016, 08:58:18 AM
Necurs Botnet Returns With Updated Locky Ransomware In Tow
https://www.proofpoint.com/threat-insight/post/necurs-botnet-returns-with-updated-locky-ransomware-in-tow
Title: Re: Technical
Post by: Asyn on June 26, 2016, 11:42:53 AM
Nuclear, Angler Exploit Kit Activity Has Disappeared
https://threatpost.com/nuclear-angler-exploit-kit-activity-has-disappeared/118842/
Title: Re: Technical
Post by: Asyn on June 28, 2016, 08:56:07 AM
A Bug in Chrome Makes It Easy to Pirate Movies
https://www.wired.com/2016/06/bug-chrome-makes-easy-pirate-movies/
Title: Re: Technical
Post by: Asyn on June 29, 2016, 08:01:07 AM
Doh! New "Bart" Ransomware from Threat Actors Spreading Dridex and Locky
https://www.proofpoint.com/us/threat-insight/post/New-Bart-Ransomware-from-Threat-Actors-Spreading-Dridex-and-Locky
Title: Re: Technical
Post by: Asyn on June 30, 2016, 10:13:02 AM
Zimbra Ransomware written in Python targets Zimbra Mail Store
http://www.bleepingcomputer.com/news/security/zimbra-ransomware-written-in-python-targets-zimbra-mail-store/
Title: Re: Technical
Post by: Asyn on July 01, 2016, 09:34:10 AM
[Tor] - Selfrando: Q and A with Georg Koppen
https://blog.torproject.org/blog/selfrando-q-and-georg-koppen
https://github.com/immunant/selfrando
https://people.torproject.org/~gk/misc/Selfrando-Tor-Browser.pdf
Title: Re: Technical
Post by: Pondus on July 01, 2016, 12:10:14 PM
Internet speed test in google and bing
http://www.theverge.com/2016/6/28/12055442/google-search-internet-speed-test-netflix-fast-ookla


Bing
https://www.bing.com/search?q=internet+speed+test&go=Submit&qs=n&form=QBLH&pq=internet+speed+test&sc=9-19&sp=-1&sk=&cvid=ECA52EBBF6DD4AF58D2A5F4068AD3C75

Title: Re: Technical
Post by: bob3160 on July 01, 2016, 02:57:00 PM
Internet speed test in google and bing
http://www.theverge.com/2016/6/28/12055442/google-search-internet-speed-test-netflix-fast-ookla (http://www.theverge.com/2016/6/28/12055442/google-search-internet-speed-test-netflix-fast-ookla)


Bing
https://www.bing.com/search?q=internet+speed+test&go=Submit&qs=n&form=QBLH&pq=internet+speed+test&sc=9-19&sp=-1&sk=&cvid=ECA52EBBF6DD4AF58D2A5F4068AD3C75 (https://www.bing.com/search?q=internet+speed+test&go=Submit&qs=n&form=QBLH&pq=internet+speed+test&sc=9-19&sp=-1&sk=&cvid=ECA52EBBF6DD4AF58D2A5F4068AD3C75)
It works in Bing not in Google:
(http://screencast-o-matic.com/screenshots/u/Lh/1467377726029-23005.png) (https://www.youtube.com/watch?v=eEYFyoYhxU0)
https://www.youtube.com/watch?v=eEYFyoYhxU0
Title: Re: Technical
Post by: Asyn on July 02, 2016, 07:23:49 AM
StartEncrypt considered harmful today
https://www.computest.nl/blog/startencrypt-considered-harmful-today/
Title: Re: Technical
Post by: Asyn on July 03, 2016, 10:18:00 AM
hashcat v3.00
https://hashcat.net/forum/thread-5559.html
Title: Re: Technical
Post by: Asyn on July 04, 2016, 11:11:22 AM
Don’t pay the Ransom! AVG releases six free decryption tools to retrieve your files
http://now.avg.com/dont-pay-the-ransom-avg-releases-six-free-decryption-tools-to-retrieve-your-files/
Title: Re: Technical
Post by: Pondus on July 04, 2016, 11:33:21 PM
Quote
Akamai: global average connection speed up 12 percent, bye bye IPv4
https://techcrunch.com/2016/06/28/akamai-global-average-connection-speed-up-12-percent-bye-bye-ipv4/

Title: Re: Technical
Post by: Asyn on July 06, 2016, 08:14:57 AM
From HummingBad to Worse: New In-Depth Details and Analysis of the HummingBad Android Malware Campaign
http://blog.checkpoint.com/2016/07/01/from-hummingbad-to-worse-new-in-depth-details-and-analysis-of-the-hummingbad-andriod-malware-campaign/
http://blog.checkpoint.com/wp-content/uploads/2016/07/HummingBad-Research-report_FINAL-62916.pdf
Title: Re: Technical
Post by: Asyn on July 08, 2016, 07:52:27 AM
New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns
https://labs.bitdefender.com/2016/07/new-mac-backdoor-nukes-os-x-systems/
https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf
Title: Re: Technical
Post by: Asyn on July 09, 2016, 04:14:35 PM
New OSX/Keydnap malware is hungry for credentials
http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/
Title: Re: Technical
Post by: Asyn on July 10, 2016, 10:46:34 AM
Exploring and exploiting Lenovo firmware secrets
http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html
Title: Re: Technical
Post by: DavidR on July 10, 2016, 03:29:14 PM
Exploring and exploiting Lenovo firmware secrets
http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html

Lenovo having a real hard time with one thing or another, the last two spyware incidents took Lenovo of my system replacement list. Looks like more work required to get their house in order before people are going to trust their system with their own data.
Title: Re: Technical
Post by: Pondus on July 11, 2016, 11:07:52 AM
Want to build your own computer   ;D

Man Builds Giant 16-Bit 'Megaprocessor' in His Living Room
http://www.popularmechanics.com/technology/design/a21670/man-builds-giant-16-bit-megaprocessor/
http://www.bbc.com/news/technology-36711989

Title: Re: Technical
Post by: Asyn on July 11, 2016, 11:22:28 AM
Exploring and exploiting Lenovo firmware secrets
http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html
Lenovo having a real hard time with one thing or another, the last two spyware incidents took Lenovo of my system replacement list. Looks like more work required to get their house in order before people are going to trust their system with their own data.
Agreed Dave, I also wouldn't recommend Lenovo, atm.
Title: Re: Technical
Post by: Asyn on July 11, 2016, 12:01:36 PM
DroidJack Uses Side-Load…It's Super Effective! Backdoored Pokemon GO Android App Found
https://www.proofpoint.com/us/threat-insight/post/droidjack-uses-side-load-backdoored-pokemon-go-android-app
Title: Re: Technical
Post by: bob3160 on July 11, 2016, 02:12:24 PM
Exploring and exploiting Lenovo firmware secrets
http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html (http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html)
Lenovo having a real hard time with one thing or another, the last two spyware incidents took Lenovo of my system replacement list. Looks like more work required to get their house in order before people are going to trust their system with their own data.
Agreed Dave, I also wouldn't recommend Lenovo, atm.
Im certainly not planning to throw mine away.....
Title: Re: Technical
Post by: Pondus on July 11, 2016, 02:18:37 PM
Exploring and exploiting Lenovo firmware secrets
http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html (http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html)
Lenovo having a real hard time with one thing or another, the last two spyware incidents took Lenovo of my system replacement list. Looks like more work required to get their house in order before people are going to trust their system with their own data.
Agreed Dave, I also wouldn't recommend Lenovo, atm.
Im certainly not planning to throw mine away.....
Same here, my lenovo yoga 500 work like a dream    ;)


Title: Re: Technical
Post by: Asyn on July 11, 2016, 02:23:22 PM
Come on guys, nobody said to throw it away. ::) ;)
Still, you should monitor your systems carefully, imo.
Title: Re: Technical
Post by: Asyn on July 12, 2016, 07:29:14 AM
Tools deliver false promises to YouTubers and Gamers
https://blog.avast.com/tools-deliver-false-promises-to-youtubers
Title: Re: Technical
Post by: Asyn on July 12, 2016, 01:13:35 PM
Experimenting with Post-Quantum Cryptography
https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html
Title: Re: Technical
Post by: Asyn on July 13, 2016, 10:58:21 AM
When Paying Out Doesn't Pay Off
http://blog.talosintel.com/2016/07/ranscam.html
Title: Re: Technical
Post by: DavidR on July 13, 2016, 03:03:03 PM
When Paying Out Doesn't Pay Off
http://blog.talosintel.com/2016/07/ranscam.html

I have always been of the opinion that payment is no guarantee that the crooks will honour any promise to decrypt/restore files when you pay.

As mentioned a robust backup and recovery strategy is required.
Title: Re: Technical
Post by: bob3160 on July 14, 2016, 12:00:47 AM
When Paying Out Doesn't Pay Off
http://blog.talosintel.com/2016/07/ranscam.html (http://blog.talosintel.com/2016/07/ranscam.html)

I have always been of the opinion that payment is no guarantee that the crooks will honour any promise to decrypt/restore files when you pay.

As mentioned a robust backup and recovery strategy is required.
Repairing for a disaster needs to be done before the disaster happens. What David does, certainly qualifies as preparing for that disaster.
It is something I stress repeatedly at every presentation. :)
Title: Re: Technical
Post by: Asyn on July 17, 2016, 01:00:33 PM
CryptXXX providing free keys for .Crypz and .Cryp1 Versions
http://www.bleepingcomputer.com/news/security/cryptxxx-providing-free-keys-for-crypz-and-cryp1-versions/
Title: Re: Technical
Post by: Asyn on July 19, 2016, 10:40:44 AM
Retefe banking Trojan targets UK banking customers
https://blog.avast.com/retefe-banking-trojan-targets-uk-banking-customers
The evolution of the Retefe banking Trojan
https://blog.avast.com/the-evolution-of-the-retefe-banking-trojan
Title: Re: Technical
Post by: Asyn on July 20, 2016, 10:59:47 AM
How “The Internet’s Biggest Blind Spot” lead to a 15 year old security vulnerability
https://medium.com/we-build-vend/how-the-internets-biggest-blind-spot-lead-to-a-15-year-old-security-vulnerability-a2a6f6218a71
https://httpoxy.org/
Title: Re: Technical
Post by: Asyn on July 22, 2016, 12:34:40 PM
Reducing Adobe Flash Usage in Firefox
https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/
Title: Re: Technical
Post by: Asyn on July 24, 2016, 08:03:00 AM
Trend Micro Ransomware File Decryptor Updated
http://blog.trendmicro.com/trend-micro-ransomware-file-decryptor-updated/
Title: Re: Technical
Post by: Asyn on July 25, 2016, 12:20:35 PM
Bart’s Shenanigans Are No Match for AVG
http://now.avg.com/barts-shenanigans-are-no-match-for-avg/
Title: Re: Technical
Post by: Asyn on July 27, 2016, 11:11:49 AM
The No More Ransom Project
https://www.nomoreransom.org/
Title: Re: Technical
Post by: Pondus on July 27, 2016, 11:34:02 PM
Lowering memory usage in Opera and Blink with Heap compaction
https://www.opera.com/blogs/desktop/2016/07/memory-usage-opera-heap-compaction/


Title: Re: Technical
Post by: Asyn on July 28, 2016, 08:17:49 AM
Keys to Chimera ransomware leaked
https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/
Title: Re: Technical
Post by: Asyn on July 30, 2016, 09:38:05 PM
OPNsense 16.7 released
https://forum.opnsense.org/index.php?topic=3428.0
Title: Re: Technical
Post by: Lisandro on July 30, 2016, 11:30:26 PM
OPNsense 16.7 released
https://forum.opnsense.org/index.php?topic=3428.0
Error: SEC_ERROR_OCSP_SERVER_ERROR
Am I alone? Can't connect...
Title: Re: Technical
Post by: bob3160 on July 30, 2016, 11:51:18 PM
No problem here connecting.
Title: Re: Technical
Post by: Lisandro on July 31, 2016, 12:59:10 AM
No problem here connecting.
Sorry, it was a temporary glitch from my side.
Title: Re: Technical
Post by: Asyn on July 31, 2016, 11:50:42 AM
Keeping Positive – Obtaining Arbitrary Wildcard SSL Certificates from Comodo via Dangling Markup Injection
https://thehackerblog.com/keeping-positive-obtaining-arbitrary-wildcard-ssl-certificates-from-comodo-via-dangling-markup-injection/index.html
Title: Re: Technical
Post by: Asyn on August 01, 2016, 10:39:39 AM
WhatsApp Forensic Artifacts: Chats Aren’t Being Deleted
http://www.zdziarski.com/blog/?p=6143
Title: Re: Technical
Post by: Asyn on August 03, 2016, 09:33:29 AM
Driver Signing changes in Windows 10, version 1607
https://blogs.msdn.microsoft.com/windows_hardware_certification/2016/07/26/driver-signing-changes-in-windows-10-version-1607/
Title: Re: Technical
Post by: Asyn on August 05, 2016, 01:52:30 PM
This is what Apple should tell you when you lose your iPhone
https://hackernoon.com/this-is-what-apple-should-tell-you-when-you-lose-your-iphone-8f07cf73cf82
Title: Re: Technical
Post by: DavidR on August 05, 2016, 04:34:12 PM
This is what Apple should tell you when you lose your iPhone
https://hackernoon.com/this-is-what-apple-should-tell-you-when-you-lose-your-iphone-8f07cf73cf82

Very interesting and devious.
Title: Re: Technical
Post by: Asyn on August 06, 2016, 07:32:15 AM
Pwnie Awards 2016
http://pwnies.com/winners/
Title: Re: Technical
Post by: Asyn on August 07, 2016, 09:39:56 AM
What are malicious USB keys and how to create a realistic one?
https://www.elie.net/blog/security/what-are-malicious-usb-keys-and-how-to-create-a-realistic-one
Title: Re: Technical
Post by: Asyn on August 10, 2016, 06:50:16 AM
ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms
https://securelist.com/analysis/publications/75533/faq-the-projectsauron-apt/
Title: Re: Technical
Post by: Asyn on August 11, 2016, 10:22:11 AM
Secure Golden Key Boot: (MS16-094 / CVE-2016-3287, and MS16-100 / CVE-2016-3320)
https://rol.im/securegoldenkeyboot/
Title: Re: Technical
Post by: Asyn on August 12, 2016, 09:48:39 AM
Study Highlights Serious Security Threat to Many Internet Users
https://ucrtoday.ucr.edu/39030
http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf
Title: Re: Technical
Post by: bob3160 on August 12, 2016, 03:00:13 PM
Study Highlights Serious Security Threat to Many Internet Users
https://ucrtoday.ucr.edu/39030 (https://ucrtoday.ucr.edu/39030)
http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf (http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf)
This pretty much destroys the belief that using Linux keeps you safe.
Title: Re: Technical
Post by: polonus on August 12, 2016, 11:27:16 PM
Fine new technology, USB firewall: https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/tian

Innovation and thinking outside the trodden path is the way forward for us all.
Great developers do it.
Knowledge means power, but unique talent is more powerful yet!

polonus
Title: Re: Technical
Post by: Asyn on August 14, 2016, 09:52:14 AM
RC4 is now disabled in Microsoft Edge and Internet Explorer 11
https://blogs.windows.com/msedgedev/2016/08/09/rc4-now-deprecated/
Title: Re: Technical
Post by: Asyn on August 16, 2016, 11:43:20 AM
PokemonGo Ransomware installs Backdoor Account and Spreads to other Drives
http://www.bleepingcomputer.com/news/security/pokemongo-ransomware-installs-backdoor-accounts-and-spreads-to-other-drives/
Title: Re: Technical
Post by: Asyn on August 17, 2016, 12:54:47 PM
Further simplifying servicing models for Windows 7 and Windows 8.1
https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/
Title: Re: Technical
Post by: mchain on August 17, 2016, 10:04:36 PM
Intel will provide early access to fast Optane SSDs via the cloud
http://www.cio.com/article/3108182/intel-will-provide-early-access-to-fast-optane-ssds-via-the-cloud.html (http://www.cio.com/article/3108182/intel-will-provide-early-access-to-fast-optane-ssds-via-the-cloud.html)
Title: Re: Technical
Post by: Asyn on August 19, 2016, 11:10:21 AM
Development version of the Hitler-Ransomware Discovered
http://www.bleepingcomputer.com/news/security/development-version-of-the-hitler-ransomware-discovered/
Title: Re: Technical
Post by: Asyn on August 20, 2016, 08:29:00 AM
Cerber Ransomware Developers make changes that defeat Check Point's Decryption Service
http://www.bleepingcomputer.com/news/security/cerber-ransomware-developers-make-changes-that-defeat-check-points-decryption-service/
Title: Re: Technical
Post by: Pondus on August 20, 2016, 09:51:13 PM
Google is killing off Chrome apps on Windows, macOS, and Linux
http://www.neowin.net/news/google-is-killing-off-chrome-apps-on-windows-macos-and-linux


Title: Re: Technical
Post by: Pondus on August 20, 2016, 09:53:54 PM
Microsoft broke millions of webcams with the Windows 10 Anniversary Update
http://www.theverge.com/2016/8/19/12562780/microsoft-windows-10-anniversary-update-webcam-freezing

Title: Re: Technical
Post by: bob3160 on August 20, 2016, 10:17:32 PM
Microsoft broke millions of webcams with the Windows 10 Anniversary Update
http://www.theverge.com/2016/8/19/12562780/microsoft-windows-10-anniversary-update-webcam-freezing (http://www.theverge.com/2016/8/19/12562780/microsoft-windows-10-anniversary-update-webcam-freezing)
Temporary workaround: https://twitter.com/WithinRafael/status/766698660608348161
Title: Re: Technical
Post by: Asyn on August 21, 2016, 11:05:54 AM
RCE in Teamspeak 3 server
http://seclists.org/fulldisclosure/2016/Aug/61
Title: Re: Technical
Post by: Asyn on August 22, 2016, 07:37:44 AM
Locky Ransomware Distributed Via DOCM Attachments in Latest Email Campaigns
https://www.fireeye.com/blog/threat-research/2016/08/locky_ransomwaredis.html
Title: Re: Technical
Post by: Asyn on August 23, 2016, 08:24:07 AM
The NSA Leak Is Real, Snowden Documents Confirm
https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
Title: Re: Technical
Post by: Asyn on August 24, 2016, 07:37:47 AM
Equation Group's BENIGNCERTAIN tool - a remote exploit to extract Cisco VPN private keys
https://musalbas.com/2016/08/18/equation-group-benigncertain.html
Title: Re: Technical
Post by: Asyn on August 25, 2016, 09:17:21 AM
NSA-linked Cisco exploit poses bigger threat than previously thought
http://arstechnica.com/security/2016/08/nsa-linked-cisco-exploit-poses-bigger-threat-than-previously-thought/
Title: Re: Technical
Post by: Asyn on August 27, 2016, 10:27:40 AM
Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN
https://sweet32.info/
Title: Re: Technical
Post by: Asyn on August 27, 2016, 05:53:21 PM
Sophisticated, persistent mobile attack against high-value targets on iOS
https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
Title: Re: Technical
Post by: Asyn on August 28, 2016, 11:35:48 AM
Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN
https://sweet32.info/
Attack of the week: 64-bit ciphers in TLS
http://blog.cryptographyengineering.com/2016/08/attack-of-week-64-bit-ciphers-in-tls.html
Title: Re: Technical
Post by: Asyn on August 29, 2016, 10:18:29 AM
Fantom Ransomware Encrypts your Files while pretending to be Windows Update
http://www.bleepingcomputer.com/news/security/fantom-ransomware-encrypts-your-files-while-pretending-to-be-windows-update/
Title: Re: Technical
Post by: Asyn on August 30, 2016, 10:15:51 AM
Keeper: Trusted UI is injected into untrusted webpage
https://bugs.chromium.org/p/project-zero/issues/detail?id=917
https://blog.keepersecurity.com/2016/08/28/security-update-for-keeper-browser-extension/
Title: Re: Technical
Post by: Asyn on August 31, 2016, 11:22:30 AM
Observatory by Mozilla
https://observatory.mozilla.org
https://observatory.mozilla.org/faq.html
https://github.com/mozilla/http-observatory
Title: Re: Technical
Post by: Asyn on September 02, 2016, 08:31:51 AM
FBI says foreign hackers penetrated state election systems
https://www.yahoo.com/news/fbi-says-foreign-hackers-penetrated-000000175.html
Title: Re: Technical
Post by: Asyn on September 03, 2016, 03:49:38 PM
Hidden Voice Commands
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_carlini.pdf
Title: Re: Technical
Post by: Asyn on September 04, 2016, 08:26:59 AM
The story of how WoSign gave me an SSL certificate for GitHub.com
https://www.schrauger.com/the-story-of-how-wosign-gave-me-an-ssl-certificate-for-github-com
Title: Re: Technical
Post by: Asyn on September 05, 2016, 09:46:01 AM
USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB
http://cyber.bgu.ac.il/t/USBee.pdf
Title: Re: Technical
Post by: Asyn on September 06, 2016, 10:03:41 AM
Kali Linux 2016.2 Release
https://www.kali.org/news/kali-linux-20162-release/
Title: Re: Technical
Post by: Asyn on September 08, 2016, 08:11:51 AM
Banking Trojan, Gugi, evolves to bypass Android 6 protection
https://securelist.com/blog/mobile/75971/banking-trojan-gugi-evolves-to-bypass-android-6-protection/
Title: Re: Technical
Post by: Asyn on September 09, 2016, 07:22:46 AM
Zepto ransomware now introduces new features to better encrypt your files
https://blog.avast.com/zepto-ransomware-now-introduces-new-features-to-better-encrypt-your-files
Title: Re: Technical
Post by: Asyn on September 10, 2016, 08:42:28 AM
Bilal Bot: That Time a Malware Developer Asked Me to Correct a Security Blog
https://securityintelligence.com/bilal-bot-that-time-a-malware-developer-asked-me-to-correct-a-security-blog/
Title: Re: Technical
Post by: Asyn on September 11, 2016, 08:50:28 AM
Snagging creds from locked machines
https://room362.com/post/2016/snagging-creds-from-locked-machines/
Title: Re: Technical
Post by: Asyn on September 12, 2016, 05:33:27 AM
Linux/Mirai ELF, when malware is recycled could be still dangerous
http://securityaffairs.co/wordpress/50929/malware/linux-mirai-elf.html
Title: Re: Technical
Post by: Asyn on September 13, 2016, 09:00:00 AM
Wireshark 2.2.0
https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html
Title: Re: Technical
Post by: Asyn on September 14, 2016, 08:59:11 AM
MySQL Exploit Remote Root-Code Execution Privesc CVE-2016-6662
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Title: Re: Technical
Post by: Asyn on September 16, 2016, 08:36:02 AM
Announcing the Project Zero Prize
https://googleprojectzero.blogspot.com/2016/09/announcing-project-zero-prize.html
Title: Re: Technical
Post by: Asyn on September 17, 2016, 04:01:01 PM
Locky ransomware goes on Autopilot
https://blog.avira.com/locky-ransomware-goes-autopilot/
Title: Re: Technical
Post by: Asyn on September 18, 2016, 08:13:12 AM
More Safe Browsing Help for Webmasters
https://security.googleblog.com/2016/09/more-safe-browsing-help-for-webmasters.html
Title: Re: Technical
Post by: Asyn on September 19, 2016, 10:38:20 AM
Someone Is Learning How to Take Down the Internet
https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html
Title: Re: Technical
Post by: Asyn on September 20, 2016, 09:12:50 AM
Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms
https://www.tu-braunschweig.de/Medien-DB/sec/pubs/2016-ccs.pdf
Title: Re: Technical
Post by: croftypedro on September 20, 2016, 12:41:03 PM
Important changes to Chrome Web Store

http://blog.chromium.org/2016/08/from-chrome-apps-to-web.html (http://blog.chromium.org/2016/08/from-chrome-apps-to-web.html)
Title: Re: Technical
Post by: Asyn on September 21, 2016, 08:05:10 AM
Inside Petya and Mischa Ransomware
https://blog.avast.com/inside-petya-and-mischa-ransomware
Title: Re: Technical
Post by: Asyn on September 21, 2016, 10:05:38 AM
Stampado: Taking Ransomware Scumbaggery to the Next Level
http://www.bleepingcomputer.com/news/security/stampado-taking-ransomware-scumbaggery-to-the-next-level/
https://decrypter.emsisoft.com/stampado
Title: Re: Technical
Post by: Asyn on September 21, 2016, 01:15:23 PM
Update on add-on pinning vulnerability
https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/
Title: Re: Technical
Post by: Asyn on September 22, 2016, 10:28:42 AM
Facebook Page Takeover – Zero Day Vulnerability
http://arunsureshkumar.me/index.php/2016/09/16/facebook-page-takeover-zero-day-vulnerability/
Title: Re: Technical
Post by: Asyn on September 23, 2016, 09:55:43 AM
Future Attack Scenarios Against Authentication Systems, Communicating with ATMS
https://securelist.com/files/2016/09/16_09_en.pdf
Title: Re: Technical
Post by: Asyn on September 24, 2016, 08:07:14 AM
Inside Petya and Mischa Ransomware
https://blog.avast.com/inside-petya-and-mischa-ransomware
Ransomware doesn't sell itself: Marketing malware on the darknet
https://blog.avast.com/ransomware-doesnt-sell-itself-marketing-malware-on-the-darknet
Title: Re: Technical
Post by: Asyn on September 25, 2016, 10:54:39 AM
Exclusive: Probe of leaked U.S. NSA hacking tools examines operative's 'mistake'
http://www.reuters.com/article/us-cyber-nsa-tools-idUSKCN11S2MF
Title: Re: Technical
Post by: Asyn on September 26, 2016, 04:44:37 PM
iOS 10: Security Weakness Discovered, Backup Passwords Much Easier to Break
http://blog.elcomsoft.com/2016/09/ios-10-security-weakness-discovered-backup-passwords-much-easier-to-break/
Title: Re: Technical
Post by: Asyn on September 29, 2016, 08:28:55 AM
The banker that can steal anything
https://securelist.com/blog/mobile/76101/the-banker-that-can-steal-anything/
Title: Re: Technical
Post by: Asyn on October 02, 2016, 08:17:39 AM
InfoArmor: Yahoo Data Breach Investigation
https://www.infoarmor.com/infoarmor-yahoo-data-breach-investigation/
Title: Re: Technical
Post by: mchain on October 02, 2016, 08:28:22 AM
The coming storm that is IoT:
Source Code for IoT Botnet ‘Mirai’ Released
https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/ (https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/)
Title: Re: Technical
Post by: Asyn on October 03, 2016, 09:03:07 AM
Apple Logs Your iMessage Contacts — and May Share Them With Police
https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/
Title: Re: Technical
Post by: Asyn on October 05, 2016, 09:38:48 AM
Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence - sources
http://www.reuters.com/article/us-yahoo-nsa-exclusive-idUSKCN1241YT
Title: Re: Technical
Post by: bob3160 on October 05, 2016, 02:26:36 PM
Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence - sources
http://www.reuters.com/article/us-yahoo-nsa-exclusive-idUSKCN1241YT (http://www.reuters.com/article/us-yahoo-nsa-exclusive-idUSKCN1241YT)
I'm glad that someone looked at all the Spam I received at my yahoo junk-mail account. :)
If you don't use your account, delete it: https://login.yahoo.com/?.done=https%3a%2f%2fedit.yahoo.com%2fconfig%2fdelete_user%3f.scrumb%3d0 (https://login.yahoo.com/?.done=https%3a%2f%2fedit.yahoo.com%2fconfig%2fdelete_user%3f.scrumb%3d0)
If you actually use your Yahoo account, transfer to one of the others and then delete your account.
Title: Re: Technical
Post by: Asyn on October 06, 2016, 08:07:12 AM
DressCode and its Potential Impact for Enterprises
http://blog.trendmicro.com/trendlabs-security-intelligence/dresscode-potential-impact-enterprises/
Title: Re: Technical
Post by: Asyn on October 07, 2016, 08:13:49 AM
Cerber Ransomware switches to a Random Extension and Ends Database Processes
http://www.bleepingcomputer.com/news/security/cerber-ransomware-switches-to-a-random-extension-and-ends-database-processes/
Title: Re: Technical
Post by: Asyn on October 08, 2016, 08:52:29 AM
Hacked Steam accounts spreading Remote Access Trojan
http://www.bleepingcomputer.com/news/security/hacked-steam-accounts-spreading-remote-access-trojan/
Title: Re: Technical
Post by: Asyn on October 09, 2016, 08:28:41 AM
Free OS X Security Tools
https://objective-see.com/products.html
Title: Re: Technical
Post by: Asyn on October 10, 2016, 01:02:52 PM
Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products
https://downloads.cloudsecurityalliance.org/assets/research/internet-of-things/future-proofing-the-connected-world.pdf
Title: Re: Technical
Post by: Asyn on October 12, 2016, 06:56:59 AM
Vladimir Putin embedded in uTorrent binary
https://blog.avast.com/vladimir-putin-embedded-in-utorrent-binary
Title: Re: Technical
Post by: Asyn on October 13, 2016, 08:42:33 AM
The DXXD Ransomware displays Legal Notice before Users Login
http://www.bleepingcomputer.com/news/security/the-dxxd-ransomware-displays-legal-notice-before-users-login/
Title: Re: Technical
Post by: Asyn on October 14, 2016, 09:20:24 AM
Zero-Day Alert: Email Security Platform (Dell SonicWALL)
https://www.digitaldefense.com/blog-zero-day-vulnerabilities-email-platform/
Title: Re: Technical
Post by: Asyn on October 15, 2016, 09:47:46 AM
FTC Charges Tech Support Companies With Using Deceptive Pop-Up Ads to Scare Consumers Into Purchasing Unneeded Services
https://www.ftc.gov/news-events/press-releases/2016/10/ftc-charges-tech-support-companies-using-deceptive-pop-ads-scare
Title: Re: Technical
Post by: Asyn on October 16, 2016, 09:06:27 AM
A kilobit hidden SNFS discrete logarithm computation
http://eprint.iacr.org/2016/961
http://eprint.iacr.org/2016/961.pdf
Title: Re: Technical
Post by: Asyn on October 17, 2016, 10:16:21 AM
Modern Business Solutions Stumbles Over A Modern Business Problem – 58M Records Dumped From An Unsecured Database
https://www.riskbasedsecurity.com/2016/10/modern-business-solutions-stumbles-over-a-modern-business-problem-58m-records-dumped-from-an-unsecured-database/
Title: Re: Technical
Post by: Asyn on October 18, 2016, 09:22:02 AM
Android Banking Trojan Asks for Selfie With Your ID
https://blogs.mcafee.com/mcafee-labs/android-banking-trojan-asks-for-selfie-with-your-id/
Title: Re: Technical
Post by: Asyn on October 20, 2016, 07:35:22 AM
Malware posing as Dual Instance app steals users’ Twitter credentials
https://blog.avast.com/malware-posing-as-dual-instance-app-steals-users-twitter-credentials
Title: Re: Technical
Post by: Asyn on October 21, 2016, 08:48:31 AM
EvilTwin's Exotic Ransomware targets Executable Files
http://www.bleepingcomputer.com/news/security/eviltwins-exotic-ransomware-targets-executable-files/
Title: Re: Technical
Post by: Asyn on October 22, 2016, 08:34:29 AM
DDoS on Dyn Impacts Twitter, Spotify, Reddit
https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/
Title: Re: Technical
Post by: Asyn on October 23, 2016, 11:01:56 AM
Magento Credit Card Swiper Exports to Image
https://blog.sucuri.net/2016/10/magento-credit-card-swiper-exports-image.html
Title: Re: Technical
Post by: Asyn on October 24, 2016, 12:44:25 PM
dr0wned - Cyber-Physical Attack with Additive Manufacturing
https://arxiv.org/abs/1609.00133
https://arxiv.org/pdf/1609.00133v1 [PDF]
Title: Re: Technical
Post by: Asyn on October 25, 2016, 10:18:54 AM
Radioactive Mouse States the Obvious
https://www.syss.de/en/pentest-blog/article/2016/10/04/radioactive-mouse-states-the-obvious-1/
Title: Re: Technical
Post by: Asyn on October 26, 2016, 07:27:07 AM
Hucky Ransomware: A Hungarian Locky Wannabe
https://blog.avast.com/hucky-ransomware-a-hungarian-locky-wannabe
Title: Re: Technical
Post by: Asyn on October 27, 2016, 09:26:12 AM
Distrusting New WoSign and StartCom Certificates
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/
Title: Re: Technical
Post by: Asyn on October 28, 2016, 10:53:08 AM
Testing MBRFilter against Ransomware that modify the Master Boot Record
http://www.bleepingcomputer.com/news/security/testing-mbrfilter-against-ransomware-that-modify-the-master-boot-record/
https://github.com/vrtadmin/MBRFilter
Title: Re: Technical
Post by: Asyn on October 29, 2016, 08:26:37 AM
AtomBombing: A Code Injection that Bypasses Current Security Solutions
http://blog.ensilo.com/atombombing-a-code-injection-that-bypasses-current-security-solutions
https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows/
Title: Re: Technical
Post by: Asyn on October 30, 2016, 08:39:10 AM
In-Dev Ransomware forces you do to Survey before unlocking Computer
http://www.bleepingcomputer.com/news/security/in-dev-ransomware-forces-you-do-to-survey-before-unlocking-computer/
Title: Re: Technical
Post by: Asyn on October 31, 2016, 08:19:12 AM
task_t considered harmful
https://googleprojectzero.blogspot.com/2016/10/taskt-considered-harmful.html
Title: Re: Technical
Post by: Asyn on November 01, 2016, 07:45:11 AM
Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide
https://blog.avast.com/android-trojan-gm-bot-is-evolving-and-targeting-more-than-50-banks-worldwide
Title: Re: Technical
Post by: Asyn on November 02, 2016, 08:27:40 AM
Battery Status readout as a privacy risk
https://blog.lukaszolejnik.com/battery-status-readout-as-a-privacy-risk/
http://lukaszolejnik.com/battery.pdf
https://www.fxsitecompat.com/en-CA/docs/2016/battery-status-api-has-been-removed/
Title: Re: Technical
Post by: Asyn on November 04, 2016, 09:21:45 AM
Tech support scammers abuse bug in HTML5 to freeze computers
https://blog.malwarebytes.com/cybercrime/social-engineering-cybercrime/2016/11/tech-support-scammers-abuse-bug-in-html5-feature-to-freeze-computers/
Title: Re: Technical
Post by: Asyn on November 04, 2016, 01:17:09 PM
Web of Trust (WOT) Add-on taken down by Google and Mozilla after reports of selling Users browsing history
http://techdows.com/2016/11/web-of-trust-add-on-removed.html
Title: Re: Technical
Post by: DavidR on November 04, 2016, 04:07:19 PM
Web of Trust (WOT) Add-on taken down by Google and Mozilla after reports of selling Users browsing history
http://techdows.com/2016/11/web-of-trust-add-on-removed.html

Well that's a good and prompt response - if only they would start working through other dubious add-ons.
Title: Re: Technical
Post by: Asyn on November 05, 2016, 07:23:40 PM
Malvertising on Google AdWords Targeting MacOS Users
https://blog.cylance.com/malvertising-on-google-adwords-targeting-macos-users
Title: Re: Technical
Post by: Asyn on November 07, 2016, 10:01:53 AM
Vulnerability Spotlight: Remotely Exploitable Bugs in Memcached Identified and Patched
http://blog.talosintel.com/2016/10/memcached-vulnerabilities.html
Title: Re: Technical
Post by: Asyn on November 09, 2016, 10:24:40 AM
Investigation of regular high load on unused machines every 7 hours
https://blog.avast.com/investigation-of-regular-high-load-on-unused-machines-every-7-hours
Title: Re: Technical
Post by: Asyn on November 10, 2016, 08:24:39 AM
iOS WebView auto dialer bug
https://www.mulliner.org/blog/blosxom.cgi/security/ios_webview_auto_dialer.html
Title: Re: Technical
Post by: Asyn on November 13, 2016, 09:36:19 AM
Google Pixel pwned in 60 seconds - Chinese teams kill Safari, laugh at four-second Flash hack
http://www.theregister.co.uk/2016/11/11/google_pixel_pwned_in_60_seconds
Title: Re: Technical
Post by: Asyn on November 15, 2016, 12:53:59 PM
Live HTTP Headers (and other Chrome extensions) distributing adware
https://cwhite.me/live-http-headers-is-now-an-adware-distributor/
Title: Re: Technical
Post by: Asyn on November 16, 2016, 09:08:03 AM
CVE-2016-4484: Cryptsetup Initrd root Shell
http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
Title: Re: Technical
Post by: Asyn on November 18, 2016, 06:37:18 AM
Ransoc Desktop Locking Ransomware Ransacks Local Files and Social Media Profiles
https://www.proofpoint.com/us/threat-insight/post/ransoc-desktop-locking-ransomware-ransacks-local-files-social-media-profiles
Title: Re: Technical
Post by: Asyn on November 19, 2016, 06:09:47 AM
Your Android could be sending messages to China
https://blog.avast.com/your-android-could-be-sending-messages-to-china
Title: Re: Technical
Post by: DavidR on November 19, 2016, 03:56:35 PM
Your Android could be sending messages to China
https://blog.avast.com/your-android-could-be-sending-messages-to-china

Strangely enough, I have always been wary of Chinese products and that only strengthened after the Lenovo issue. I did however take a punt on the Huawei Nexus 6P by a "Chinese telecommunications company that has been manufacturing mobile phones since 1997."

Nice to see that avast has this covered.
Title: Re: Technical
Post by: Asyn on November 20, 2016, 06:50:37 AM
iPhone User? Your Calls Go to iCloud
https://blog.elcomsoft.com/2016/11/iphone-user-your-calls-go-to-icloud/
Title: Re: Technical
Post by: Asyn on November 21, 2016, 08:45:45 AM
[0day] [PoC] Risky design decisions in Google Chrome and Fedora desktop enable drive-by downloads
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
Title: Re: Technical
Post by: Asyn on November 22, 2016, 07:22:18 AM
3 million Android phones vulnerable due to pre-installed rootkit
https://blog.avast.com/3-million-android-phones-vulnerable-due-to-pre-installed-rootkit
http://blog.anubisnetworks.com/blog/ragentek-android-ota-update-mechanism-vulnerable-to-mitm-attack
Title: Re: Technical
Post by: Asyn on November 23, 2016, 08:32:07 AM
Locky Ransomware now using the Aesir Extension for Encrypted Files
http://www.bleepingcomputer.com/news/security/locky-ransomware-now-using-the-aesir-extension-for-encrypted-files/
Title: Re: Technical
Post by: Asyn on November 24, 2016, 07:26:51 AM
Nemucod downloader spreading via Facebook
https://bartblaze.blogspot.com/2016/11/nemucod-downloader-spreading-via.html
Title: Re: Technical
Post by: Asyn on November 25, 2016, 08:58:41 AM
Android Banking Malware Masquerading as Email App Targets German Banks
https://blog.fortinet.com/2016/11/18/android-banking-malware-masquerading-as-email-app-targets-german-banks
Title: Re: Technical
Post by: .: Mac :. on November 25, 2016, 10:55:47 PM
Locky Ransomware now using the Aesir Extension for Encrypted Files
http://www.bleepingcomputer.com/news/security/locky-ransomware-now-using-the-aesir-extension-for-encrypted-files/

What I would give to get my hands on the creators of Locky! Many lost nights restoring customers from backups.

BTW - Love the Avatar of Mr. Incredible

Title: Re: Technical
Post by: Asyn on November 26, 2016, 09:54:45 AM
What I would give to get my hands on the creators of Locky!
You're not alone pal. ;)
Title: Re: Technical
Post by: Asyn on November 26, 2016, 09:55:50 AM
You Can Now Rent a Mirai Botnet of 400,000 Bots
http://www.bleepingcomputer.com/news/security/you-can-now-rent-a-mirai-botnet-of-400-000-bots/
Title: Re: Technical
Post by: Asyn on November 27, 2016, 08:32:58 AM
Here’s a secret: ɢoogle.com is not google.com
http://www.analyticsedge.com/2016/11/heres-a-secret-%C9%A2oogle-com-is-not-google-com/
http://help.analyticsedge.com/spam-filter/definitive-guide-to-removing-google-analytics-spam/
Title: Re: Technical
Post by: Asyn on November 28, 2016, 10:46:46 AM
Google warns journalists and professors: Your account is under attack
http://arstechnica.com/security/2016/11/google-warns-journalists-and-professors-your-account-is-under-attack/
Title: Re: Technical
Post by: Asyn on November 29, 2016, 08:00:01 AM
Locky Ransomware putting us to sleep with the ZZZZZ Extension
http://www.bleepingcomputer.com/news/security/locky-ransomware-putting-us-to-sleep-with-the-zzzzz-extension/
Title: Re: Technical
Post by: Asyn on November 30, 2016, 06:45:23 AM
An in-depth look at the technology behind CyberCapture
https://blog.avast.com/an-in-depth-look-at-the-technology-behind-cybercapture
Title: Re: Technical
Post by: Asyn on December 01, 2016, 07:49:21 AM
More Than 1 Million Google Accounts Breached by Gooligan
http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/
Gooligan Checker: https://gooligan.checkpoint.com/
Title: Re: Technical
Post by: bob3160 on December 01, 2016, 09:33:50 PM
Avast Releases Four Free Ransomware Decryptors (https://blog.avast.com/avast-releases-four-free-ransomware-decryptors)
(https://blog.avast.com/hs-fs/hubfs/Ransomware_Decryptor_tools/RansomwareDecryptorTools.png?t=1480613137926&width=600&height=313&name=RansomwareDecryptorTools.png)
Title: Re: Technical
Post by: Asyn on December 03, 2016, 10:09:03 AM
Analysis of multiple vulnerabilities in AirDroid
https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-airdroid/
Title: Re: Technical
Post by: Asyn on December 04, 2016, 09:15:22 AM
Every Windows 10 in-place Upgrade is a SEVERE Security risk
http://blog.win-fu.com/2016/11/every-windows-10-in-place-upgrade-is.html
Title: Re: Technical
Post by: Pondus on December 04, 2016, 10:18:57 AM
USB Killer, yours for $50, lets you easily fry almost every device
http://arstechnica.com/gadgets/2016/12/usb-killer-fries-devices/

war ... huh, what is it good fore?



USB Type-C cable so bad it fries Google engineer’s Chromebook Pixel
http://arstechnica.com/gadgets/2016/02/google-engineer-finds-usb-type-c-cable-thats-so-bad-it-fried-his-chromebook-pixel/



Title: Re: Technical
Post by: Asyn on December 05, 2016, 12:41:59 PM
SAMRi10 - Hardening SAM Remote Access in Windows 10/Server 2016
https://gallery.technet.microsoft.com/SAMRi10-Hardening-Remote-48d94b5b
Title: Re: Technical
Post by: Asyn on December 06, 2016, 08:28:33 AM
Announcing OSS-Fuzz: Continuous Fuzzing for Open Source Software
https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html
https://github.com/google/oss-fuzz
Title: Re: Technical
Post by: Pondus on December 07, 2016, 10:14:53 PM
Send Files Between Devices Without Uploading to an Intermediary With Takeafile
http://lifehacker.com/send-files-between-devices-without-uploading-to-an-inte-1789753970

Title: Re: Technical
Post by: Asyn on December 08, 2016, 09:40:09 AM
CVE-2016-8655 Linux af_packet.c race condition (local root)
http://seclists.org/oss-sec/2016/q4/607
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c
https://www.ubuntu.com/usn/usn-3151-1/
Title: Re: Technical
Post by: Asyn on December 09, 2016, 09:13:53 AM
Backdoor in Sony IPELA Engine IP Cameras
http://blog.sec-consult.com/2016/12/backdoor-in-sony-ipela-engine-ip-cameras.html
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20161206-0_Sony_IPELA_Engine_IP_Cameras_Backdoors_v10.txt
Title: Re: Technical
Post by: Asyn on December 10, 2016, 07:05:12 AM
Roundcube 1.2.2: Command Execution via Email
https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
Title: Re: Technical
Post by: Asyn on December 11, 2016, 07:13:44 AM
Readers of popular websites targeted by stealthy Stegano exploit kit hiding in pixels of malicious ads
http://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/
Title: Re: Technical
Post by: Asyn on December 13, 2016, 08:11:22 AM
New Scheme: Spread Popcorn Time Ransomware, get chance of free Decryption Key
https://www.bleepingcomputer.com/news/security/new-scheme-spread-popcorn-time-ransomware-get-chance-of-free-decryption-key/
Title: Re: Technical
Post by: Asyn on December 14, 2016, 11:06:17 AM
State of the Web Report 2016
https://www.menlosecurity.com/state-of-the-web-ig-lp-2016
Title: Re: Technical
Post by: Asyn on December 16, 2016, 12:11:28 PM
No More Ransom: new partners, new decryption tools, new languages to better fight ransomware
https://www.europol.europa.eu/newsroom/news/no-more-ransom-new-partners-new-decryption-tools-new-languages-to-better-fight-ransomware
Title: Re: Technical
Post by: bob3160 on December 16, 2016, 12:35:06 PM
No More Ransom: new partners, new decryption tools, new languages to better fight ransomware
https://www.europol.europa.eu/newsroom/news/no-more-ransom-new-partners-new-decryption-tools-new-languages-to-better-fight-ransomware (https://www.europol.europa.eu/newsroom/news/no-more-ransom-new-partners-new-decryption-tools-new-languages-to-better-fight-ransomware)
A better mousetrap has always resulted in smarter mice. :)
Title: Re: Technical
Post by: sebastian183 on December 16, 2016, 08:59:04 PM
Do they make Also in Polish?
Title: Re: Technical
Post by: bob3160 on December 16, 2016, 09:14:30 PM
Do they make Also in Polish?
https://forum.avast.com/index.php?board=50.0
Title: Re: Technical
Post by: Asyn on December 17, 2016, 07:55:09 AM
macOS FileVault2 Password Retrieval
http://blog.frizk.net/2016/12/filevault-password-retrieval.html
Title: Re: Technical
Post by: Asyn on December 19, 2016, 07:44:42 AM
Reliably compromising Ubuntu desktops by attacking the crash reporter
https://donncha.is/2016/12/compromising-ubuntu-desktop/
Title: Re: Technical
Post by: Asyn on December 21, 2016, 09:03:17 AM
Project Wycheproof
https://security.googleblog.com/2016/12/project-wycheproof.html
https://github.com/google/wycheproof
Title: Re: Technical
Post by: Asyn on December 22, 2016, 11:53:29 AM
Methbot
http://www.whiteops.com/methbot
http://w-ops.com/methbot_wp
Title: Re: Technical
Post by: Asyn on December 27, 2016, 09:26:15 AM
Announcing Request for Nominations for Public-Key Post-Quantum Cryptographic Algorithms
https://www.federalregister.gov/documents/2016/12/20/2016-30615/announcing-request-for-nominations-for-public-key-post-quantum-cryptographic-algorithms
https://www.gpo.gov/fdsys/pkg/FR-2016-12-20/pdf/2016-30615.pdf
Title: Re: Technical
Post by: Asyn on January 03, 2017, 11:45:18 AM
Koolova Ransomware Decrypts for Free if you Read Two Articles about Ransomware
https://www.bleepingcomputer.com/news/security/koolova-ransomware-decrypts-for-free-if-you-read-two-articles-about-ransomware/
Title: Re: Technical
Post by: Asyn on January 04, 2017, 02:43:45 PM
Top 50 Products By Total Number Of "Distinct" Vulnerabilities in 2016
http://www.cvedetails.com/top-50-products.php?year=2016
Title: Re: Technical
Post by: Asyn on January 05, 2017, 09:36:00 AM
Avast cyber security predictions for 2017
https://blog.avast.com/avast-cyber-security-predictions-for-2017
Title: Re: Technical
Post by: Asyn on January 06, 2017, 10:50:21 AM
FireCrypt Ransomware Comes With a DDoS Component
https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/
Title: Re: Technical
Post by: Asyn on January 08, 2017, 08:01:44 AM
Tech support scam page triggers denial-of-service attack on Macs
https://blog.malwarebytes.com/101/mac-the-basics/2017/01/tech-support-scam-page-attempts-denial-of-service-via-mail-app/
Title: Re: Technical
Post by: Asyn on January 11, 2017, 09:20:14 AM
MongoDB Apocalypse: Professional Ransomware Group Gets Involved, Infections Reach 28K Servers
https://www.bleepingcomputer.com/news/security/mongodb-apocalypse-professional-ransomware-group-gets-involved-infections-reach-28k-servers/
Title: Re: Technical
Post by: Asyn on January 12, 2017, 09:08:16 AM
Browser Autofill Phishing
https://github.com/anttiviljami/browser-autofill-phishing
Title: Re: Technical
Post by: Asyn on January 14, 2017, 07:41:33 AM
Misconfigured server reveals Cerber ransomware targets users in Europe and North America
https://blog.avast.com/misconfigured-server-reveals-cerber-ransomware-targets-users-in-europe-and-north-america
Title: Re: Technical
Post by: Asyn on January 17, 2017, 11:01:29 AM
WhatsApp vulnerability allows snooping on encrypted messages
https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages
https://tobi.rocks/2017/01/whatsapp-vulnerability-bug-or-backdoor/
https://whispersystems.org/blog/there-is-no-whatsapp-backdoor/
Title: Re: Technical
Post by: Asyn on January 18, 2017, 08:39:38 AM
(Cross-)Browser Fingerprinting via OS and Hardware Level Features
https://drive.google.com/file/d/0B4s900Byvv1ibW5uc1NiU2g3R3c/view
Title: Re: Technical
Post by: Asyn on January 19, 2017, 09:18:05 AM
CryptoSearch Finds Files Encrypted by Ransomware, Moves Them to New Location
https://www.bleepingcomputer.com/news/security/cryptosearch-finds-files-encrypted-by-ransomware-moves-them-to-new-location/
https://download.bleepingcomputer.com/demonslay335/CryptoSearch.zip
Title: Re: Technical
Post by: Asyn on January 20, 2017, 05:50:36 AM
Who is Anna-Senpai, the Mirai Worm Author?
https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/
Title: Re: Technical
Post by: Asyn on January 22, 2017, 08:11:47 AM
Already on probation, Symantec issues more illegit HTTPS certificates
http://arstechnica.com/security/2017/01/already-on-probation-symantec-issues-more-illegit-https-certificates/
https://www.mail-archive.com/dev-security-policy@lists.mozilla.org/msg05455.html
Title: Re: Technical
Post by: Asyn on January 23, 2017, 07:12:02 AM
Re-Hacking The Samsung Smartcam
https://blog.exploitee.rs/2017/re-hacking-the-samsung-smartcam/
Title: Re: Technical
Post by: Asyn on January 27, 2017, 06:19:07 PM
Meet TorWorld, an Upcoming Tor-as-a-Service Portal
https://www.bleepingcomputer.com/news/security/meet-torworld-an-upcoming-tor-as-a-service-portal/
https://torworld.org/
Title: Re: Technical
Post by: Asyn on January 28, 2017, 03:22:04 PM
VirLocker’s comeback; including recovery instructions
https://blog.malwarebytes.com/threat-analysis/2017/01/virlockers-comeback-including-recovery-instructions/
Title: Re: Technical
Post by: Asyn on January 29, 2017, 01:26:54 PM
Cyber Grand Shellphish
http://phrack.org/papers/cyber_grand_shellphish.html
Title: Re: Technical
Post by: Asyn on January 31, 2017, 11:17:29 AM
Saga 2.0 comes with IP Generation Algorithm (IPGA)
https://www.govcert.admin.ch/blog/27/saga-2.0-comes-with-ip-generation-algorithm-ipga
Title: Re: Technical
Post by: Asyn on February 02, 2017, 05:02:37 PM
Content Injection Vulnerability in WordPress
https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
Title: Re: Technical
Post by: Asyn on February 06, 2017, 03:52:35 PM
Hacker Dumps iOS Cracking Tools Allegedly Stolen from Cellebrite
https://motherboard.vice.com/en_us/article/hacker-dumps-ios-cracking-tools-allegedly-stolen-from-cellebrite
Title: Re: Technical
Post by: Asyn on February 07, 2017, 02:22:37 PM
Watch Your Computer Go Bonkers with Cancer Trollware
https://www.bleepingcomputer.com/news/security/watch-your-computer-go-bonkers-with-cancer-trollware/
Title: Re: Technical
Post by: Asyn on February 08, 2017, 09:53:34 AM
Spora Ransomware Sets Itself Apart with Top-Notch PR, Customer Support
https://www.bleepingcomputer.com/news/security/spora-ransomware-sets-itself-apart-with-top-notch-pr-customer-support/
Title: Re: Technical
Post by: Asyn on February 09, 2017, 12:59:20 PM
Vizio smart TVs tracked viewers around the clock without consent
https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/
Title: Re: Technical
Post by: bob3160 on February 09, 2017, 02:42:34 PM
Vizio smart TVs tracked viewers around the clock without consent
https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/ (https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/)
Maybe it was a good thing that a lightning strike killed the one I owned. :)
Title: Re: Technical
Post by: Asyn on February 09, 2017, 03:00:43 PM
Vizio smart TVs tracked viewers around the clock without consent
https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/ (https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/)
Maybe it was a good thing that a lightning strike killed the one I owned. :)
Wow, quite interesting Bob, "heavenly power" used for anti-tracking... ;)
Title: Re: Technical
Post by: Asyn on February 11, 2017, 09:16:28 AM
iKittens: Iranian Actor Resurfaces with Malware for Mac (MacDownloader)
https://iranthreats.github.io/resources/macdownloader-macos-malware/
Title: Re: Technical
Post by: Asyn on February 11, 2017, 11:07:22 PM
Lifting the (Hyper) Visor: Bypassing Samsung’s Real-Time Kernel Protection
https://googleprojectzero.blogspot.com/2017/02/lifting-hyper-visor-bypassing-samsungs.html
Title: Re: Technical
Post by: Asyn on February 12, 2017, 12:14:04 PM
Erebus Ransomware Utilizes a UAC Bypass and Request a $90 Ransom Payment
https://www.bleepingcomputer.com/news/security/erebus-ransomware-utilizes-a-uac-bypass-and-request-a-90-ransom-payment/
Title: Re: Technical
Post by: Asyn on February 14, 2017, 10:12:35 AM
Fileless attacks against enterprise networks
https://securelist.com/blog/research/77403/fileless-attacks-against-enterprise-networks/
Title: Re: Technical
Post by: Asyn on February 15, 2017, 09:15:29 AM
New Attack, Old Tricks (analyzing a malicious document with a mac-specific payload)
https://objective-see.com/blog/blog_0x17.html
Title: Re: Technical
Post by: Asyn on February 16, 2017, 11:05:58 AM
New ASLR-busting JavaScript is about to make drive-by exploits much nastier
https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to-make-drive-by-exploits-much-nastier/
https://www.vusec.net/projects/anc/
Title: Re: Technical
Post by: Asyn on February 17, 2017, 09:39:01 AM
New Xagent Mac Malware Linked with the APT28
https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/
Title: Re: Technical
Post by: Asyn on February 22, 2017, 10:41:13 AM
CryptoMix: Avast adds a new free decryption tool to its collection
https://blog.avast.com/cryptomix-avast-adds-a-new-free-decryption-tool-to-its-collection
Title: Re: Technical
Post by: Asyn on February 24, 2017, 07:58:26 AM
New crypto-ransomware hits macOS
http://www.welivesecurity.com/2017/02/22/new-crypto-ransomware-hits-macos/
Title: Re: Technical
Post by: Asyn on February 25, 2017, 07:23:10 PM
SHAttered - We have broken SHA-1 in practice
https://shattered.it/
https://shattered.it/static/shattered.pdf
Title: Re: Technical
Post by: bob3160 on February 25, 2017, 07:30:50 PM
SHAttered - We have broken SHA-1 in practice
https://shattered.it/ (https://shattered.it/)
https://shattered.it/static/shattered.pdf (https://shattered.it/static/shattered.pdf)
This reminds me of the Cancer warnings against using sugar. They fed a rat the equivalent of a bath tub
full of sugar daily and the rat developed cancer. Sugar must therefore be a cancer causing agent.
Sugar is now considered safer than it's first released replacement.
Title: Re: Technical
Post by: Asyn on February 26, 2017, 12:30:39 PM
SMTP over XXE − how to send emails using Java's XML parser
https://shiftordie.de/blog/2017/02/18/smtp-over-xxe/
Title: Re: Technical
Post by: Asyn on February 27, 2017, 07:59:56 AM
Advisory: Java/Python FTP Injections Allow for Firewall Bypass
http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html
Title: Re: Technical
Post by: Asyn on February 28, 2017, 06:42:52 AM
Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement
https://bugs.chromium.org/p/project-zero/issues/detail?id=1011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0037
Title: Re: Technical
Post by: Asyn on March 03, 2017, 10:37:13 AM
Decrypting after a Findzip ransomware infection
https://blog.malwarebytes.com/cybercrime/2017/02/decrypting-after-a-findzip-ransomware-infection/
Title: Re: Technical
Post by: Asyn on March 07, 2017, 11:10:14 AM
Nextcloud releases security scanner to help protect private clouds
https://nextcloud.com/blog/nextcloud-releases-security-scanner-to-help-protect-private-clouds/
https://scan.nextcloud.com/
Title: Re: Technical
Post by: Asyn on March 08, 2017, 09:21:29 AM
Spammergate: The Fall of an Empire
https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire
http://www.csoonline.com/article/3176433/security/spammers-expose-their-entire-operation-though-bad-backups.html
Title: Re: Technical
Post by: Asyn on March 10, 2017, 09:48:30 AM
Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html
Title: Re: Technical
Post by: Asyn on March 11, 2017, 04:43:50 PM
The Skinner adware rears its ugly head on Google Play
http://blog.checkpoint.com/2017/03/08/skinner-adware-rears-ugly-head-google-play/
Title: Re: Technical
Post by: Asyn on March 12, 2017, 11:02:47 AM
Content-Type: Malicious - New Apache Struts2 0-day Under Attack
http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html
https://cwiki.apache.org/confluence/display/WW/S2-045
Title: Re: Technical
Post by: Asyn on March 13, 2017, 12:32:43 PM
Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web
http://www.ccs.neu.edu/home/arshad/publications/ndss2017jslibs.pdf
Title: Re: Technical
Post by: Asyn on March 14, 2017, 10:32:32 AM
Decrypting after a Findzip ransomware infection
https://blog.malwarebytes.com/cybercrime/2017/02/decrypting-after-a-findzip-ransomware-infection/
Mac FindZip ransomware decryption tool unzips your encrypted files
https://blog.avast.com/mac-findzip-ransomware-decryption-tool-helps-you-unzip-your-encrypted-files
Title: Re: Technical
Post by: Asyn on March 15, 2017, 10:55:24 AM
Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx
Title: Re: Technical
Post by: DavidR on March 15, 2017, 11:32:56 AM
Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx

Big this month, considering the pulling of last months update. Still haven't received mine yet, but I'm in no rush.

Looking at the list, it doesn't seem that Microsoft has learnt anything, same issues time and time again, 'Remote Code Execution,' 'Elevation of Privileges,  'Information Disclosure,' etc. etc.
Title: Re: Technical
Post by: Asyn on March 15, 2017, 12:22:03 PM
Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx
Big this month, considering the pulling of last months update....
Yep, let's call it double-trouble. ;)
Title: Re: Technical
Post by: bob3160 on March 15, 2017, 02:42:41 PM
Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx (https://technet.microsoft.com/library/security/ms17-mar.aspx)
Big this month, considering the pulling of last months update....
Yep, let's call it double-trouble. ;)
The update this month also took almost as much time as a new install.
Title: Re: Technical
Post by: Para-Noid on March 15, 2017, 02:48:59 PM
Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx

Looking at the list, it doesn't seem that Microsoft has learnt anything, same issues time and time again, 'Remote Code Execution,' 'Elevation of Privileges,  'Information Disclosure,' etc. etc.

Either that or someone keeps figuring out ways to circumvent Microsoft fixes. Any way you look at Microsoft can't get a handle on it.
Title: Re: Technical
Post by: DavidR on March 15, 2017, 03:47:44 PM
Microsoft Security Bulletin Summary for March 2017
https://technet.microsoft.com/library/security/ms17-mar.aspx

Looking at the list, it doesn't seem that Microsoft has learnt anything, same issues time and time again, 'Remote Code Execution,' 'Elevation of Privileges,  'Information Disclosure,' etc. etc.

Either that or someone keeps figuring out ways to circumvent Microsoft fixes. Any way you look at Microsoft can't get a handle on it.

You would like to hope that MS would actually be testing for these vulnerabilities when the elements are designed.
Title: Re: Technical
Post by: Asyn on March 16, 2017, 09:37:06 AM
Taking Stock: Estimating Vulnerability Rediscovery
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2928758
Title: Re: Technical
Post by: Asyn on March 17, 2017, 02:30:43 PM
Star Trek Themed Kirk Ransomware Brings us Monero and a Spock Decryptor!
https://www.bleepingcomputer.com/news/security/star-trek-themed-kirk-ransomware-brings-us-monero-and-a-spock-decryptor/
Title: Re: Technical
Post by: Asyn on March 18, 2017, 08:22:57 PM
Zero Days, Thousands of Nights - The Life and Times of Zero-Day Vulnerabilities and Their Exploits
http://www.rand.org/pubs/research_reports/RR1751.html
http://www.rand.org/content/dam/rand/pubs/research_reports/RR1700/RR1751/RAND_RR1751.pdf
Title: Re: Technical
Post by: Asyn on March 20, 2017, 01:44:43 PM
Detecting and eliminating Chamois, a fraud botnet on Android
https://security.googleblog.com/2017/03/detecting-and-eliminating-chamois-fraud.html
Title: Re: Technical
Post by: Asyn on March 21, 2017, 10:42:57 AM
Virtual machine escape fetches $105,000 at Pwn2Own hacking contest
https://arstechnica.com/security/2017/03/hack-that-escapes-vm-by-exploiting-edge-browser-fetches-105000-at-pwn2own/
Title: Re: Technical
Post by: Asyn on March 22, 2017, 11:10:14 AM
DoubleAgent: Taking Full Control Over Your Antivirus
http://cybellum.com/doubleagent-taking-full-control-antivirus/
http://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/

PS: https://forum.avast.com/index.php?topic=199290.0 (Forum discussion)
Title: Re: Technical
Post by: Asyn on March 23, 2017, 12:38:06 PM
Necurs Diversifies Its Portfolio
http://blog.talosintelligence.com/2017/03/necurs-diversifies.html
Title: Re: Technical
Post by: Asyn on March 24, 2017, 02:13:06 PM
Diverse protections for a diverse ecosystem: Android Security 2016 Year in Review
https://security.googleblog.com/2017/03/diverse-protections-for-diverse.html
https://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf
Title: Re: Technical
Post by: Asyn on March 26, 2017, 01:50:01 PM
Dark Matter
https://wikileaks.org/vault7/darkmatter/
Title: Re: Technical
Post by: Pondus on March 27, 2017, 02:27:45 PM
In case E.T. need to phone home   ;)

The Moon could have its own mobile data network as soon as next year
http://www.wired.co.uk/article/moon-mobile-data-2018


Title: Re: Technical
Post by: DavidR on March 27, 2017, 03:52:52 PM
In case E.T. need to phone home   ;)

The Moon could have its own mobile data network as soon as next year
http://www.wired.co.uk/article/moon-mobile-data-2018

Great the moon will have better communications than many villages on this world.
Title: Re: Technical
Post by: Asyn on March 30, 2017, 10:27:30 AM
Adware Replaces Phone Numbers for Security Firms Returned in Search Results
https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/
Title: Re: Technical
Post by: Asyn on April 02, 2017, 02:43:57 PM
Number of internet facing vulnerable IIS 6.0 to CVE-2017–7269
https://medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812
https://github.com/edwardz246003/IIS_exploit
Title: Re: Technical
Post by: Asyn on April 04, 2017, 10:18:24 AM
Skype Malvertising Campaign Pushes Fake Flash Player
https://www.bleepingcomputer.com/news/security/skype-malvertising-campaign-pushes-fake-flash-player/
Title: Re: Technical
Post by: Asyn on April 05, 2017, 07:12:47 AM
Avast joins No More Ransom project as associate partner
https://blog.avast.com/avast-joins-no-more-ransom-project-as-associate-partner
https://www.nomoreransom.org
Title: Re: Technical
Post by: Asyn on April 06, 2017, 07:03:29 AM
Mobile spyware uses sandbox to  avoid antivirus detections
https://blog.avast.com/mobile-spyware-uses-sandbox-to-avoid-antivirus-detections
Title: Re: Technical
Post by: Pondus on April 06, 2017, 04:45:46 PM
Worried about ransomware or nuclear war, you may store your backup here
http://www.livescience.com/58497-second-doomsday-vault-opens-for-data.html?utm_medium=syndication&utm_source=zergnet


Title: Re: Technical
Post by: Asyn on April 07, 2017, 08:36:43 AM
Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks
https://www.sec.cs.tu-bs.de/pubs/2017-asiaccs.pdf
Title: Re: Technical
Post by: Asyn on April 08, 2017, 04:35:33 PM
Pegasus for Android - Technical Analysis and Findings of Chrysaor
https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-android-technical-analysis.pdf
Title: Re: Technical
Post by: Asyn on April 11, 2017, 10:49:09 AM
Longhorn: Tools used by cyberespionage group linked to Vault 7
https://www.symantec.com/connect/blogs/longhorn-tools-used-cyberespionage-group-linked-vault-7
Title: Re: Technical
Post by: Asyn on April 12, 2017, 09:14:32 AM
Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day
https://www.proofpoint.com/us/threat-insight/post/dridex-campaigns-millions-recipients-unpatched-microsoft-zero-day
Title: Re: Technical
Post by: Asyn on April 13, 2017, 10:48:41 AM
MS - April 2017 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/42b8fa28-9d09-e711-80d9-000d3a32fc99
https://portal.msrc.microsoft.com/en-us/security-guidance
Title: Re: Technical
Post by: Asyn on April 14, 2017, 06:43:55 AM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer
Title: Re: Technical
Post by: DavidR on April 14, 2017, 09:43:58 AM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer

Ha, is this not a good reason to bring back the Avast Remote Assistance function ???
Title: Re: Technical
Post by: Asyn on April 14, 2017, 11:43:42 AM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer
Ha, is this not a good reason to bring back the Avast Remote Assistance function ???
Absolutely, I still wonder why it got removed in the first place. It was quite handy, imo.
Title: Re: Technical
Post by: DavidR on April 14, 2017, 12:01:46 PM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer
Ha, is this not a good reason to bring back the Avast Remote Assistance function ???
Absolutely, I still wonder why it got removed in the first place. It was quite handy, imo.

I have just posted a comment in the blog and show the potential error in removing avast's own remote assistance. This move essentially pushed some avast users to team viewer.
Title: Re: Technical
Post by: bob3160 on April 14, 2017, 02:56:18 PM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer (https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer)
Ha, is this not a good reason to bring back the Avast Remote Assistance function ???
Absolutely, I still wonder why it got removed in the first place. It was quite handy, imo.

I have just posted a comment in the blog and show the potential error in removing avast's own remote assistance. This move essentially pushed some avast users to team viewer.
I've just added my 2 cents. :)
Title: Re: Technical
Post by: DavidR on April 14, 2017, 03:53:46 PM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer (https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer)
Ha, is this not a good reason to bring back the Avast Remote Assistance function ???
Absolutely, I still wonder why it got removed in the first place. It was quite handy, imo.

I have just posted a comment in the blog and show the potential error in removing avast's own remote assistance. This move essentially pushed some avast users to team viewer.
I've just added my 2 cents. :)

Yes, totally agreed.

I think they may be considering their position, possibly not about a return of the avast remote assistance tool, but to allow comments on the blog ;)
Title: Re: Technical
Post by: bob3160 on April 14, 2017, 03:56:19 PM
A deeper look into malware abusing TeamViewer
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer (https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer)
Ha, is this not a good reason to bring back the Avast Remote Assistance function ???
Absolutely, I still wonder why it got removed in the first place. It was quite handy, imo.

I have just posted a comment in the blog and show the potential error in removing avast's own remote assistance. This move essentially pushed some avast users to team viewer.
I've just added my 2 cents. :)

Yes, totally agreed.

I think they may be considering their position, possibly not about a return of the avast remote assistance tool, but to allow comments on the blog ;)
I've regularly, and for quite some time, commented on the Avast Blog. :)
Title: Re: Technical
Post by: Secondmineboy on April 14, 2017, 04:10:32 PM
Microsoft has now started to block Windows 7/8.1 updates on PCs with recent processors

https://www.onmsft.com/news/microsoft-has-now-started-to-block-windows-78-1-updates-on-pcs-with-recent-processors
Title: Re: Technical
Post by: Lisandro on April 15, 2017, 01:20:33 PM
About TeamViewer, I beg to disagree. It was a feature used by less than 1% of the users (most only ourselves and advanced users).
If we keep, or add, features that have security issues in other 3rd party apps, we'll see Avast being everything but a security app.

I know you'll be angry with me, but when people talk about "bloatware" and "keep only in security field" we clap-clap them...
Remote Assistance is not security in 1st place. It's convenient, it could be there, but it was gone and technical team needs to be focused :)
Title: Re: Technical
Post by: DavidR on April 15, 2017, 02:48:01 PM
About TeamViewer, I beg to disagree. It was a feature used by less than 1% of the users (most only ourselves and advanced users).
If we keep, or add, features that have security issues in other 3rd party apps, we'll see Avast being everything but a security app.

I know you'll be angry with me, but when people talk about "bloatware" and "keep only in security field" we clap-clap them...
Remote Assistance is not security in 1st place. It's convenient, it could be there, but it was gone and technical team needs to be focused :)

1.  Does it really matter if it is only used by a small percentage, it was essentially a unique feature to avast, not it isn't there what other unique feature is there to have people choose/switch to avast. I have no idea how much of an overhead it was, but I can't imagine it being massive.

2.  You talk of bloat, well avast is still full of it, components that I will never use and that is why so many people get rid of the cr4p using a custom install or the minimum install. Fortunately people can uninstall or not install components they don't need or want, the same would be true for the avast remote assistance function.

People are more worried about components that are installed against their wishes (even though the EULA may cover that), just cast your mind back to when the safezone browser was introduced. Also all of the in your face ads for other avast products. These I would say are much well received than the avast remote assistance function.

So you think it is OK that avast removed this function, in light of the blog article about the team viewer vulnerability/exploit. If that were me I certainly wouldn't have released a blog article that highlighted the lack a remote assistance function that was driving avast users to team viewer and leaving them potentially vulnerable to exploit.
Title: Re: Technical
Post by: bob3160 on April 15, 2017, 04:09:29 PM
About TeamViewer, I beg to disagree. It was a feature used by less than 1% of the users (most only ourselves and advanced users).
If we keep, or add, features that have security issues in other 3rd party apps, we'll see Avast being everything but a security app.

I know you'll be angry with me, but when people talk about "bloatware" and "keep only in security field" we clap-clap them...
Remote Assistance is not security in 1st place. It's convenient, it could be there, but it was gone and technical team needs to be focused :)
Sorry Lisandro, I totally disagree with your opinion on this topic.
Securing your computer via remote assistance to make it safe, is certainly security related.
If everything was purely based on the number of users, lots of useful programs wouldn't exist.
I'm all for eliminating bloatware but this isn't one of the items that belongs in that category.
Title: Re: Technical
Post by: Lisandro on April 15, 2017, 05:10:11 PM
Sorry Lisandro, I totally disagree with your opinion on this topic.
No need to be sorry Bob. We just disagree :)

I'm all for eliminating bloatware but this isn't one of the items that belongs in that category.
I did not say (neither think) that this feature is bloatware. I've put the word into quotes. I just think that is not a popular and imho it's not security related. It's convenient only.
Title: Re: Technical
Post by: Asyn on April 16, 2017, 10:18:03 AM
Mysterious Microsoft patch killed 0days released by NSA-leaking Shadow Brokers
https://arstechnica.com/security/2017/04/purported-shadow-brokers-0days-were-in-fact-killed-by-mysterious-patch/
https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/
Title: Re: Technical
Post by: Asyn on April 18, 2017, 09:46:47 AM
Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites
https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/
https://www.xudongz.com/blog/2017/idn-phishing/
https://www.reddit.com/r/netsec/comments/65csdk/phishing_with_unicode_domains/
Title: Re: Technical
Post by: Asyn on April 19, 2017, 08:31:58 AM
Statement concerning the arrest of Dmitry Bogatov
https://www.debian.org/News/2017/20170417

Statement regarding Dmitry Bogatov
https://blog.torproject.org/blog/statement-regarding-dmitry-bogatov
Title: Re: Technical
Post by: Asyn on April 20, 2017, 12:24:06 PM
No password, phone sign in for Microsoft accounts!
https://blogs.technet.microsoft.com/enterprisemobility/2017/04/18/no-password-phone-sign-in-for-microsoft-accounts/
Title: Re: Technical
Post by: Asyn on April 22, 2017, 04:14:32 PM
Abusing NVIDIA's node.js to bypass application whitelisting
http://blog.sec-consult.com/2017/04/application-whitelisting-application.html
Title: Re: Technical
Post by: Asyn on April 23, 2017, 10:50:01 AM
Android Spyware SMSVova posing as system update on Play Store
https://www.zscaler.com/blogs/research/android-spyware-smsvova-posing-system-update-play-store
Title: Re: Technical
Post by: Asyn on April 25, 2017, 08:29:25 AM
Analyzing the DOUBLEPULSAR Kernel DLL Injection Technique
https://countercept.com/our-thinking/analyzing-the-doublepulsar-kernel-dll-injection-technique/
http://blog.binaryedge.io/2017/04/21/doublepulsar/
https://arstechnica.com/security/2017/04/10000-windows-computers-may-be-infected-by-advanced-nsa-backdoor/
https://www.theregister.co.uk/2017/04/21/windows_hacked_nsa_shadow_brokers/
Title: Re: Technical
Post by: Asyn on April 26, 2017, 12:39:21 PM
Analyzing the DOUBLEPULSAR Kernel DLL Injection Technique
https://countercept.com/our-thinking/analyzing-the-doublepulsar-kernel-dll-injection-technique/
http://blog.binaryedge.io/2017/04/21/doublepulsar/
https://arstechnica.com/security/2017/04/10000-windows-computers-may-be-infected-by-advanced-nsa-backdoor/
https://www.theregister.co.uk/2017/04/21/windows_hacked_nsa_shadow_brokers/
NSA backdoor detected on >55,000 Windows boxes can now be remotely removed
https://arstechnica.com/security/2017/04/nsa-backdoor-detected-on-55000-windows-boxes-can-now-be-remotely-removed/
https://github.com/countercept/doublepulsar-detection-script
Title: Re: Technical
Post by: Asyn on April 28, 2017, 10:18:25 AM
New update options for Windows 10, version 1703
https://blogs.technet.microsoft.com/windowsitpro/2017/04/24/new-update-options-for-windows-10-1703/
Title: Re: Technical
Post by: DavidR on April 28, 2017, 11:46:45 AM
New update options for Windows 10, version 1703
https://blogs.technet.microsoft.com/windowsitpro/2017/04/24/new-update-options-for-windows-10-1703/

I can't recall where I read it, but aren't you required to make changes to your privacy settings before installing the Creators Update ?

I can't see why it would be necessary to change privacy settings to receive updates.
Title: Re: Technical
Post by: bob3160 on April 28, 2017, 03:47:43 PM
New update options for Windows 10, version 1703
https://blogs.technet.microsoft.com/windowsitpro/2017/04/24/new-update-options-for-windows-10-1703/ (https://blogs.technet.microsoft.com/windowsitpro/2017/04/24/new-update-options-for-windows-10-1703/)

I can't recall where I read it, but aren't you required to make changes to your privacy settings before installing the Creators Update ?

I can't see why it would be necessary to change privacy settings to receive updates.
No. What you probably read was that this version has more settings under privacy than prior versions.
(It still doesn't change the fact that there is no privacy.....)
Title: Re: Technical
Post by: Asyn on April 29, 2017, 08:55:53 AM
OSX Malware is Catching Up, and it wants to Read Your HTTPS Traffic
http://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/
Title: Re: Technical
Post by: Asyn on April 30, 2017, 11:22:32 AM
Verizon’s 2017 Data Breach Investigations Report
http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/
http://www.verizonenterprise.com/resources/reports/rp_DBIR_2017_Report_execsummary_en_xg.pdf
Title: Re: Technical
Post by: Asyn on May 02, 2017, 11:34:19 AM
Remote security exploit in all 2008+ Intel platforms
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

PS: Thanks to Dwarden for the links..!!
Title: Re: Technical
Post by: Asyn on May 06, 2017, 09:24:02 PM
Privacy Threats through Ultrasonic Side Channels on Mobile Devices
http://christian.wressnegger.info/content/projects/sidechannels/2017-eurosp.pdf
Title: Re: Technical
Post by: Asyn on May 09, 2017, 11:14:33 AM
Why the Next 10 Days Are Critical to the Internet’s Future
Net neutrality is in jeopardy again. We need another grassroots movement
https://blog.mozilla.org/blog/2017/05/08/next-10-days-critical-internets-future/
https://advocacy.mozilla.org/en-US/net-neutrality
Title: Re: Technical
Post by: Asyn on May 09, 2017, 11:43:36 AM
MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1252
https://technet.microsoft.com/library/security/4022344.aspx
Title: Re: Technical
Post by: Asyn on May 11, 2017, 11:57:41 AM
Keylogger in Hewlett-Packard Audio Driver
https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html
https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt
Title: Re: Technical
Post by: Asyn on May 12, 2017, 08:38:09 AM
Multiple Vulnerabilities in ASUS Routers
https://wwws.nightwatchcybersecurity.com/2017/05/09/multiple-vulnerabilities-in-asus-routers/
Title: Re: Technical
Post by: Asyn on May 13, 2017, 06:04:45 AM
Ransomware that infected Telefonica and NHS hospitals is spreading aggressively, with over 50,000 attacks so far, today
https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today
Title: Re: Technical
Post by: Asyn on May 13, 2017, 04:30:15 PM
Ransomware that infected Telefonica and NHS hospitals is spreading aggressively, with over 50,000 attacks so far, today
https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today
Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Title: Re: Technical
Post by: Asyn on May 14, 2017, 10:05:17 AM
Ransomware that infected Telefonica and NHS hospitals is spreading aggressively, with over 50,000 attacks so far, today
https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today
Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
How to Accidentally Stop a Global Cyber Attacks
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
Title: Re: Technical
Post by: DavidR on May 14, 2017, 10:17:07 AM
<snip quotes>
How to Accidentally Stop a Global Cyber Attacks
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html

A very interesting article.
Title: Re: Technical
Post by: Asyn on May 15, 2017, 10:33:06 AM
Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11
https://technet.microsoft.com/en-us/library/security/4010323
Title: Re: Technical
Post by: Asyn on May 16, 2017, 06:45:37 AM
Ransomware that infected Telefonica and NHS hospitals is spreading aggressively, with over 50,000 attacks so far, today
https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today
Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
How to Accidentally Stop a Global Cyber Attacks
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/
Title: Re: Technical
Post by: Asyn on May 17, 2017, 06:15:23 AM
Ransomware that infected Telefonica and NHS hospitals is spreading aggressively, with over 50,000 attacks so far, today
https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today
Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
How to Accidentally Stop a Global Cyber Attacks
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/
WannaCry update: The worst ransomware outbreak in history
https://blog.avast.com/wannacry-update-the-worst-ransomware-outbreak-in-history
Title: Re: Technical
Post by: Asyn on May 18, 2017, 08:01:03 AM
Keylogger in Hewlett-Packard Audio Driver
https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html
https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt
HPSBGN03558 rev.7 - Conexant HD Audio Driver Local Debug Log
https://support.hp.com/us-en/document/c05519670
Title: Re: Technical
Post by: Asyn on May 19, 2017, 07:19:37 AM
Meet Adylkuzz: cryptocurrency mining malware spreading using the same exploit as WannaCry
https://blog.avast.com/meet-adylkuzz-cryptocurrency-mining-malware-spreading-using-the-same-exploit-as-wannacry
Title: Re: Technical
Post by: Eddy on May 19, 2017, 07:43:40 AM
Researcher is able to decrypt the files under XP :
http://mashable.com/2017/05/18/wannacry-wannakey-decrypted-ransomware/?utm_campaign=Mash-Prod-RSS-Feedburner-All-Partial&utm_cid=Mash-Prod-RSS-Feedburner-All-Partial#KMqYt0c_SmqB

https://github.com/aguinet/wannakey
Title: Re: Technical
Post by: Asyn on May 20, 2017, 09:17:11 AM
Stealing Windows Credentials Using Google Chrome
http://defensecode.com/news_article.php?id=21
Title: Re: Technical
Post by: Asyn on May 21, 2017, 10:28:23 AM
Ransomware that infected Telefonica and NHS hospitals is spreading aggressively, with over 50,000 attacks so far, today
https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today
Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
How to Accidentally Stop a Global Cyber Attacks
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/
WannaCry update: The worst ransomware outbreak in history
https://blog.avast.com/wannacry-update-the-worst-ransomware-outbreak-in-history
Avast Wi-Fi Inspector can tell you if your PC is vulnerable to WannaCry
https://blog.avast.com/avast-wi-fi-inspector-can-tell-you-if-your-pc-is-vulnerable-to-wannacry
https://help.avast.com/en/av_free/17/hns/hns-doublepulsar-infection.html
Title: Re: Technical
Post by: Asyn on May 21, 2017, 02:19:49 PM
New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two
https://www.bleepingcomputer.com/news/security/new-smb-worm-uses-seven-nsa-hacking-tools-wannacry-used-just-two/
Title: Re: Technical
Post by: DavidR on May 21, 2017, 03:44:40 PM
New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two
https://www.bleepingcomputer.com/news/security/new-smb-worm-uses-seven-nsa-hacking-tools-wannacry-used-just-two/

Don't you just love the so called security services, that leave the rest of the worlds computer users at risk of their so called security tools.
Title: Re: Technical
Post by: Asyn on May 23, 2017, 11:35:52 AM
New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two
https://www.bleepingcomputer.com/news/security/new-smb-worm-uses-seven-nsa-hacking-tools-wannacry-used-just-two/
Don't you just love the so called security services, that leave the rest of the worlds computer users at risk of their so called security tools.
NSA officials worried about the day its potent hacking tool would get loose. Then it did.
https://www.washingtonpost.com/business/technology/nsa-officials-worried-about-the-day-its-potent-hacking-tool-would-get-loose-then-it-did/2017/05/16/50670b16-3978-11e7-a058-ddbb23c75d82_story.html
Title: Re: Technical
Post by: Asyn on May 24, 2017, 07:25:57 AM
*bleed continues: 18 byte file, $14k bounty, for leaking private Yahoo! Mail images
https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
Title: Re: Technical
Post by: Asyn on May 26, 2017, 08:01:16 AM
Porting Windows Dynamic Link Libraries to Linux
https://github.com/taviso/loadlibrary
Title: Re: Technical
Post by: Asyn on May 27, 2017, 09:29:31 AM
Cloak & Dagger
http://cloak-and-dagger.org/
http://cs.ucsb.edu/~yanick/publications/2017_oakland_cloakanddagger.pdf
Title: Re: Technical
Post by: Asyn on May 30, 2017, 06:06:27 AM
Avast releases decryptor tool for AES_NI ransomware
https://blog.avast.com/avast-releases-decryptor-tool-for-aes_ni-ransomware
Title: Re: Technical
Post by: mchain on May 30, 2017, 10:27:36 PM
Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/ (http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/)
Dated May 8th, somehow not noted:  Apparently only affects commercial systems.
Title: Re: Technical
Post by: Asyn on May 31, 2017, 07:03:30 AM
Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/ (http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/)
Dated May 8th, somehow not noted:  Apparently only affects commercial systems.
Also see Reply #1744. Cheers.
Title: Re: Technical
Post by: Be Secure on May 31, 2017, 05:53:10 PM
Avast releases decryption tool for XData ransomware
https://blog.avast.com/avast-releases-decryption-tool-for-xdata-ransomware
Title: Re: Technical
Post by: Lotan on May 31, 2017, 07:50:58 PM
Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/ (http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/)
Dated May 8th, somehow not noted:  Apparently only affects commercial systems.
any info what proccessors are at risk? and is there a solution without buying a new CPU?
Title: Re: Technical
Post by: mchain on May 31, 2017, 08:12:23 PM
Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/ (http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/)
Dated May 8th, somehow not noted:  Apparently only affects commercial systems.
any info what proccessors are at risk? and is there a solution without buying a new CPU?
https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf (https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf)
More information  from Intel:
https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/ (https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/)
Both links gotten from original link posted above.  If you've already read these then not aware of new news and I'd suggest contacting Intel directly.  Running the tool Intel provides should help.
Title: Re: Technical
Post by: Lotan on May 31, 2017, 10:24:27 PM
Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/ (http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/)
Dated May 8th, somehow not noted:  Apparently only affects commercial systems.
any info what proccessors are at risk? and is there a solution without buying a new CPU?
https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf (https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf)
More information  from Intel:
https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/ (https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/)
Both links gotten from original link posted above.  If you've already read these then not aware of new news and I'd suggest contacting Intel directly.  Running the tool Intel provides should help.
ok so is there a patch or something to fix the issues?
Title: Re: Technical
Post by: mchain on June 01, 2017, 01:31:09 AM
Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/ (http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/)
Dated May 8th, somehow not noted:  Apparently only affects commercial systems.
any info what proccessors are at risk? and is there a solution without buying a new CPU?
https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf (https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf)
More information  from Intel:
https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/ (https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/)
Both links gotten from original link posted above.  If you've already read these then not aware of new news and I'd suggest contacting Intel directly.  Running the tool Intel provides should help.
ok so is there a patch or something to fix the issues?
I've actually run the Intel tool and it found system as 'Unknown' and stated the vulnerable software was not running. so there was nothing to be done further. 

Intel should be able to point you to a patch or fix if you need it, but must run the tool to find out first.
Title: Re: Technical
Post by: Pondus on June 01, 2017, 04:47:42 PM
Introducing the Intel Compute Card
https://www.youtube.com/watch?v=Wv8ETAA1_6Y&feature=youtu.be

Title: Re: Technical
Post by: Pondus on June 01, 2017, 04:50:10 PM
Microsoft’s Looking to Reboot Mobile with New Software and Hardware
https://www.thurrott.com/mobile/117153/microsofts-looking-reboot-mobile-new-software-hardware


Canceled Microsoft Lumia 960 flagship smartphone makes appearance
http://www.phonearena.com/news/Canceled-Microsoft-Lumia-960-flagship-smartphone-makes-appearance_id94644


Title: Re: Technical
Post by: Asyn on June 02, 2017, 06:21:26 AM
Tainted Leaks: Disinformation and Phishing With a Russian Nexus
https://citizenlab.org/2017/05/tainted-leaks-disinformation-phish/
Title: Re: Technical
Post by: Asyn on June 03, 2017, 08:59:51 AM
Pandemic
https://wikileaks.org/vault7/releases/#Pandemic
Title: Re: Technical
Post by: Asyn on June 04, 2017, 10:58:32 AM
WannaCry: Two Weeks and 16 Million Averted Ransoms Later
https://blog.kryptoslogic.com/malware/2017/05/29/two-weeks-later.html
Title: Re: Technical
Post by: Pondus on June 04, 2017, 12:00:25 PM
Microsoft Office bug nags you with a pop-up every hour
https://www.engadget.com/2017/05/30/microsoft-office-pop-up-bug/


Title: Re: Technical
Post by: Asyn on June 05, 2017, 08:46:00 AM
FIREBALL – The Chinese Malware of 250 Million Computers Infected
http://blog.checkpoint.com/2017/06/01/fireball-chinese-malware-250-million-infection/
Title: Re: Technical
Post by: Asyn on June 06, 2017, 09:23:39 AM
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election
https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/
Title: Re: Technical
Post by: DavidR on June 06, 2017, 09:59:03 AM
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election
https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/

Top Secret eh, so top secret it has been leaked ???
Perhaps N 'Security' A doesn't mean secret.
Title: Re: Technical
Post by: Asyn on June 06, 2017, 11:38:41 AM
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election
https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/
Top Secret eh, so top secret it has been leaked ???
Perhaps N 'Security' A doesn't mean secret.
How The Intercept Outed Reality Winner
http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html
Title: Re: Technical
Post by: DavidR on June 06, 2017, 11:51:59 AM
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election
https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/
Top Secret eh, so top secret it has been leaked ???
Perhaps N 'Security' A doesn't mean secret.
How The Intercept Outed Reality Winner
http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html

Ha, Ha, dumb and dumber.
That ink dots identity/tagging process has been around for absolutely years, so much so it would appear that people have forgotten or weren't computer users when it first surfaced. It used to only be on high end Laser Printers.
Title: Re: Technical
Post by: Asyn on June 06, 2017, 12:25:37 PM
That ink dots identity/tagging process has been around for absolutely years, so much so it would appear that people have forgotten or weren't computer users when it first surfaced. It used to only be on high end Laser Printers.
Yep, for the interested ones: https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots
Title: Re: Technical
Post by: DavidR on June 06, 2017, 12:50:44 PM
That ink dots identity/tagging process has been around for absolutely years, so much so it would appear that people have forgotten or weren't computer users when it first surfaced. It used to only be on high end Laser Printers.
Yep, for the interested ones: https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots

Certainly an interesting read, with virtually all colour laserjet printers printing them. Even better only two notable companies not printing them, OkiData and Samsung. I had been looking at getting a laser printer some time ago when they were pretty expensive and I was looking at the Oki laser printers as they were competitively priced. At that time I wasn't aware that they didn't print the tagging/tracking dots.
Title: Re: Technical
Post by: Asyn on June 07, 2017, 06:25:22 AM
WannaCry mistakes that can help you restore files after infection
https://securelist.com/78609/wannacry-mistakes-that-can-help-you-restore-files-after-infection/
Title: Re: Technical
Post by: Asyn on June 08, 2017, 06:53:49 AM
WannaCry WannaBe targeting Android smartphones
https://blog.avast.com/wannacry-wannabe-targeting-android-smartphones
Title: Re: Technical
Post by: Asyn on June 08, 2017, 11:23:26 AM
Kaspersky Lab Files Claim with European Regulators Seeking Antitrust Investigation of Microsoft
https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft
https://blog.kaspersky.com/microsoft-european-trial/16976/
Title: Re: Technical
Post by: bob3160 on June 08, 2017, 03:12:21 PM
Kaspersky Lab Files Claim with European Regulators Seeking Antitrust Investigation of Microsoft
https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft (https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft)
https://blog.kaspersky.com/microsoft-european-trial/16976/ (https://blog.kaspersky.com/microsoft-european-trial/16976/)
I'm sure all other AV companies are hoping Kaspersky Labs wins this suit. :)
Title: Re: Technical
Post by: Asyn on June 09, 2017, 07:52:23 AM
Turla’s watering hole campaign: An updated Firefox extension abusing Instagram
https://www.welivesecurity.com/2017/06/06/turlas-watering-hole-campaign-updated-firefox-extension-abusing-instagram/
Title: Re: Technical
Post by: Asyn on June 10, 2017, 06:08:47 AM
Dvmap: the first Android malware with code injection
https://securelist.com/78648/dvmap-the-first-android-malware-with-code-injection/
Title: Re: Technical
Post by: Asyn on June 10, 2017, 06:56:36 PM
Of Cameras & Compromise: How IoT Could Dull Your Competitive Edge
https://business.f-secure.com/foscam_cameras_and_compromise
https://img.en25.com/Web/FSecure/%7B43df9e0d-20a8-404a-86d0-70dcca00b6e5%7D_vulnerabilities-in-foscam-IP-cameras_report.pdf
Title: Re: Technical
Post by: Asyn on June 11, 2017, 11:36:02 AM
PLATINUM continues to evolve, find ways to maintain invisibility
https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/
Title: Re: Technical
Post by: Asyn on June 12, 2017, 08:46:07 AM
CertLock Trojan Blocks Security Programs by Disallowing Their Certificates
https://www.bleepingcomputer.com/news/security/certlock-trojan-blocks-security-programs-by-disallowing-their-certificates/
Title: Re: Technical
Post by: Asyn on June 13, 2017, 11:20:22 AM
SambaCry is coming
https://securelist.com/sambacry-is-coming/78674/
Title: Re: Technical
Post by: mchain on June 13, 2017, 07:28:06 PM
Microsoft Security Update Summary  (Replaces old Microsoft Security Updates):  https://technet.microsoft.com/en-us/security/bulletins.aspx (https://technet.microsoft.com/en-us/security/bulletins.aspx)
https://portal.msrc.microsoft.com/en-us/security-guidance/summary (https://portal.msrc.microsoft.com/en-us/security-guidance/summary)
Title: Re: Technical
Post by: Asyn on June 14, 2017, 08:58:45 AM
Microsoft Security Update Summary  (Replaces old Microsoft Security Updates):  https://technet.microsoft.com/en-us/security/bulletins.aspx (https://technet.microsoft.com/en-us/security/bulletins.aspx)
https://portal.msrc.microsoft.com/en-us/security-guidance/summary (https://portal.msrc.microsoft.com/en-us/security-guidance/summary)
June 2017 security update release
Microsoft releases additional updates for older platforms to protect against potential nation-state activity

https://blogs.technet.microsoft.com/msrc/2017/06/13/june-2017-security-update-release/
Title: Re: Technical
Post by: Asyn on June 15, 2017, 09:20:48 AM
Avast releases free decryption tool for EncrypTile ransomware
https://blog.avast.com/avast-releases-free-decryption-tool-for-encryptile-ransomware
Title: Re: Technical
Post by: Asyn on June 16, 2017, 07:31:54 AM
How AI outsmarts cybercriminals
https://blog.avast.com/how-ai-works-outsmart-cybercriminals-online-security-best-malware-protection
https://www.avast.com/nextgen
Title: Re: Technical
Post by: Asyn on June 17, 2017, 08:29:02 AM
Cherry Blossom
https://wikileaks.org/vault7/releases/#Cherry%20Blossom
Title: Re: Technical
Post by: Asyn on June 20, 2017, 08:04:10 AM
Decrypted: Kaspersky Releases Decryptor for the Jaff Ransomware
https://www.bleepingcomputer.com/news/security/decrypted-kaspersky-releases-decryptor-for-the-jaff-ransomware/
Title: Re: Technical
Post by: Asyn on June 20, 2017, 03:12:35 PM
The Stack Clash
https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1be7107fbe18eed3e319a6c3e83c78254b693acb
Title: Re: Technical
Post by: Asyn on June 22, 2017, 11:02:18 AM
Kaspersky Lab Files Claim with European Regulators Seeking Antitrust Investigation of Microsoft
https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft (https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft)
https://blog.kaspersky.com/microsoft-european-trial/16976/ (https://blog.kaspersky.com/microsoft-european-trial/16976/)
I'm sure all other AV companies are hoping Kaspersky Labs wins this suit. :)
Microsoft admits it disables anti-virus software in response to Kaspersky's EU complaint
https://www.theverge.com/2017/6/20/15836208/microsoft-kaspersky-eu-anti-virus-complaint-response
https://blogs.technet.microsoft.com/mmpc/2017/06/20/partnering-with-the-av-ecosystem-to-protect-our-windows-10-customers/
Title: Re: Technical
Post by: bob3160 on June 22, 2017, 03:31:28 PM
Kaspersky Lab Files Claim with European Regulators Seeking Antitrust Investigation of Microsoft
https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft (https://www.kaspersky.com/about/press-releases/2017_kaspersky-lab-files-claim-with-european-regulators-seeking-antitrust-investigation-of-microsoft)
https://blog.kaspersky.com/microsoft-european-trial/16976/ (https://blog.kaspersky.com/microsoft-european-trial/16976/)
I'm sure all other AV companies are hoping Kaspersky Labs wins this suit. :)
Microsoft admits it disables anti-virus software in response to Kaspersky's EU complaint
https://www.theverge.com/2017/6/20/15836208/microsoft-kaspersky-eu-anti-virus-complaint-response (https://www.theverge.com/2017/6/20/15836208/microsoft-kaspersky-eu-anti-virus-complaint-response)
https://blogs.technet.microsoft.com/mmpc/2017/06/20/partnering-with-the-av-ecosystem-to-protect-our-windows-10-customers/ (https://blogs.technet.microsoft.com/mmpc/2017/06/20/partnering-with-the-av-ecosystem-to-protect-our-windows-10-customers/)
After reading MS explanation, I think the wise move was to disable something not compatible.
It's certainly better than allowing the incompatibility and crashing the system.
(This also means that MS should be held accountable if they don't allow enough time to work out compatibility problems before pushing out their update.)

Title: Re: Technical
Post by: Asyn on June 23, 2017, 10:35:07 AM
The OpenVPN post-audit bug bonanza
https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/
Title: Re: Technical
Post by: Asyn on June 24, 2017, 10:41:00 AM
Player 1 Limps Back Into the Ring - Hello again, Locky!
http://blog.talosintelligence.com/2017/06/necurs-locky-campaign.html
Title: Re: Technical
Post by: Asyn on June 24, 2017, 04:47:49 PM
Microsoft says 'no known ransomware' runs on Windows 10 S -- so we tried to hack it
http://www.zdnet.com/article/microsoft-no-known-ransomware-windows-we-tried-to-hack-it/
Title: Re: Technical
Post by: DavidR on June 24, 2017, 05:50:30 PM
Microsoft says 'no known ransomware' runs on Windows 10 S -- so we tried to hack it
http://www.zdnet.com/article/microsoft-no-known-ransomware-windows-we-tried-to-hack-it/

I think the magic words are no known ransomware, perhaps unknown ransomware runs on windows 10.
Title: Re: Technical
Post by: Asyn on June 25, 2017, 08:24:58 AM
Brutal Kangaroo
https://wikileaks.org/vault7/#Brutal%20Kangaroo
Title: Re: Technical
Post by: Asyn on June 26, 2017, 02:35:44 PM
GhostHook – Bypassing PatchGuard with Processor Trace Based Hooking
https://www.cyberark.com/threat-research-blog/ghosthook-bypassing-patchguard-processor-trace-based-hooking/
Title: Re: Technical
Post by: Asyn on June 29, 2017, 02:34:54 PM
Microsoft Security Advisory 4033453
Vulnerability in Azure AD Connect Could Allow Elevation of Privilege
https://technet.microsoft.com/library/security/4033453.aspx
Title: Re: I NEED HELP WITH AVAST VPN LINE ASAP PLEASE!!
Post by: Dayna on June 29, 2017, 03:25:13 PM
 :( help I downloaded avast VPN line on another phone and don't have that phone anymore and had bought the yearly subscription and I cannot figure out how to get my avast VPN line account on my new phone working...it says the subscription is compatible with up to 5 devices. Please someone help me retrieve this so I'm not out the money and have to pay again. I do love this app.
Title: Re: I NEED HELP WITH AVAST VPN LINE ASAP PLEASE!!
Post by: Asyn on June 29, 2017, 03:53:44 PM
:( help I downloaded avast VPN line on another phone and don't have that phone anymore and had bought the yearly subscription and I cannot figure out how to get my avast VPN line account on my new phone working...it says the subscription is compatible with up to 5 devices. Please someone help me retrieve this so I'm not out the money and have to pay again. I do love this app.
-> https://forum.avast.com/index.php?board=80.0
Title: Re: Technical
Post by: Asyn on June 30, 2017, 09:24:56 AM
Petya.2017 is a wiper not a ransomware
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/
Title: Re: Technical
Post by: bob3160 on June 30, 2017, 02:51:28 PM
Petya.2017 is a wiper not a ransomware
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b (https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b)
https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/ (https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/)
This should actually be labeled as "targeted cyber war"
Title: Re: Technical
Post by: Asyn on July 01, 2017, 08:47:43 AM
Petya.2017 is a wiper not a ransomware
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b (https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b)
https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/ (https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/)
This should actually be labeled as "targeted cyber war"
Things we have learned about Petna, the Petya-based malware
https://blog.avast.com/things-we-have-learned-about-petna-the-petya-based-malware

(https://blog.avast.com/hs-fs/hubfs/petna_map_June_30.png?t=1498844320267&width=680&height=417)
Title: Re: Technical
Post by: Lisandro on July 04, 2017, 08:45:26 PM
Petya.2017 is a wiper not a ransomware
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/
No, not really. People jump to conclusions. I won`t judge the motivations (PR?).
https://blog.avast.com/things-we-have-learned-about-petna-the-petya-based-malware
Title: Re: Technical
Post by: Asyn on July 05, 2017, 09:39:50 AM
Sliding right into disaster: Left-to-right sliding windows leak
https://eprint.iacr.org/2017/627
https://eprint.iacr.org/2017/627.pdf
Title: Re: Technical
Post by: Asyn on July 08, 2017, 03:34:58 PM
Wildcard Certificates Coming January 2018
https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html
Title: Re: Technical
Post by: ehmen on July 09, 2017, 07:46:57 PM
EU Prepares "Right to Repair" Legislation to Fight Short Product Lifespans
https://www.bleepingcomputer.com/news/government/eu-prepares-right-to-repair-legislation-to-fight-short-product-lifespans/
Title: Re: Technical
Post by: DavidR on July 09, 2017, 08:10:31 PM
EU Prepares "Right to Repair" Legislation to Fight Short Product Lifespans
https://www.bleepingcomputer.com/news/government/eu-prepares-right-to-repair-legislation-to-fight-short-product-lifespans/

This area is one I really want to be sorted A.S.P.

Quote from: xtract from article
For example, many devices today come with built-in LEDs that once they go out they cannot be replaced, or with soldered-in batteries that once they degrade, the user is forced to buy a new product altogether, or keep the device always plugged in.

For all of my old mobile phones, even before they became smart phones, they all had removable batteries once I had a battery older than a year old I used to get a new battery and alternate them. With my first smart phone Samsung Galaxy Nexus, a great phone but I would generally have to charge it every night so batteries don't last particularly long, so replacement batteries were great. I had that smart phone for 4 years before it died.

Now my Google Nexus 6P has a hard wired battery, but it is quite large capacity and lasts well over a day before it needs charging. But I feel that before my contract ends I'm likely to need to replace the battery (sending it of for replacement.

This really is madness, just imagine if all of those bonfires with the Samsung Galaxy Note 7, this could have saved Samsung $billions, just by having a replacement battery. I was seriously considering this phablet until the bonfires started up.
Title: Re: Technical
Post by: Asyn on July 10, 2017, 09:36:00 AM
EU Prepares "Right to Repair" Legislation to Fight Short Product Lifespans
https://www.bleepingcomputer.com/news/government/eu-prepares-right-to-repair-legislation-to-fight-short-product-lifespans/
Great news, this is long overdue..!!

@Dave: Guess after the Brexit, the UK needs to do it on their own. :-\
Title: Re: Technical
Post by: Asyn on July 11, 2017, 07:46:09 AM
Author of Original Petya Ransomware Publishes Master Decryption Key
https://www.bleepingcomputer.com/news/security/author-of-original-petya-ransomware-publishes-master-decryption-key/
Title: Re: Technical
Post by: ehmen on July 11, 2017, 08:16:12 PM
Scientists Develop First Battery-Free Phone

https://www.bleepingcomputer.com/news/technology/scientists-develop-first-battery-free-phone/
Title: Re: Technical
Post by: DavidR on July 11, 2017, 08:25:41 PM
Scientists Develop First Battery-Free Phone

https://www.bleepingcomputer.com/news/technology/scientists-develop-first-battery-free-phone/

Still a very long time this actually makes it to manufacture in current smart phone as they will much more than this prototype can provide.
Title: Re: Technical
Post by: ehmen on July 11, 2017, 09:04:18 PM
Why Is the "Advanced Attributes" Button Sometimes Replaced By an "Archive" Checkbox?

https://www.howtogeek.com/315266/why-is-the-advanced-attributes-button-sometimes-replaced-by-an-archive-checkbox/

(https://www.howtogeek.com/wp-content/uploads/2017/07/advanced-button-sometimes-replaced-by-an-archive-checkbox-00.png)
Title: Re: Technical
Post by: Asyn on July 12, 2017, 11:47:07 AM
The July 2017 Security Update Review
https://www.zerodayinitiative.com/blog/2017/7/11/the-july-2017-security-update-review
Title: Re: Technical
Post by: Pondus on July 12, 2017, 12:39:38 PM
The July 2017 Security Update Review
https://www.zerodayinitiative.com/blog/2017/7/11/the-july-2017-security-update-review
http://blog.trendmicro.com/trendlabs-security-intelligence/july-patch-tuesday-addresses-critical-vulnerability-in-microsoft-hololens/

Title: Re: Technical
Post by: ehmen on July 13, 2017, 12:44:00 AM
Intel Sued for Allegedly Defective, Exploding Phones

https://www.extremetech.com/g00/mobile/250798-intel-sued-qbex-brazil-allegedly-defective-exploding-smartphones
Title: Re: Technical
Post by: Asyn on July 13, 2017, 10:53:13 AM
Cybercrime tactics and techniques Q2 2017
https://www.malwarebytes.com/pdf/white-papers/CybercrimeTacticsAndTechniques-Q2-2017.pdf
Title: Re: Technical
Post by: Asyn on July 14, 2017, 11:52:30 PM
Scammer Uses Fake Tor Browser to Lure Victims to Supposed Dark Web Marketplace
https://www.bleepingcomputer.com/news/security/scammer-uses-fake-tor-browser-to-lure-victims-to-supposed-dark-web-marketplace/
Title: Re: Technical
Post by: mchain on July 15, 2017, 06:38:44 PM
Don’t get hooked by today’s phishing scams: What we can learn from the Gmail hack
https://blog.avast.com/dont-get-hooked-todays-phishing-scams-what-can-learn-from-gmail-hack (https://blog.avast.com/dont-get-hooked-todays-phishing-scams-what-can-learn-from-gmail-hack)
Title: Re: Technical
Post by: Asyn on July 16, 2017, 05:37:52 PM
Why Security Experts Are Pissed That ‘1Password’ Is Pushing Users to the Cloud
https://motherboard.vice.com/en_us/article/evdbdz/why-security-experts-are-pissed-that-1password-is-pushing-users-to-the-cloud
Title: Re: Technical
Post by: ehmen on July 16, 2017, 11:35:22 PM
How 5G Works

http://electronics.howstuffworks.com/5g.htm
Title: Re: Technical
Post by: Edson62 on July 17, 2017, 02:37:29 PM
Hey guys this app is really helpful but can i ask why this app does not autorun after restarting my phone. I try experimenting about your app by restarting my phone then messaging it with lock command but i only receive text message and it does not work even i use the in app command  . I need to open it first to apply its anti thief program . I worrying what if my phone got low battery then someone stole it. And i message it so if the thief open it , it will run the program ?
Title: Re: Technical
Post by: bob3160 on July 17, 2017, 09:01:13 PM
Hey guys this app is really helpful but can i ask why this app does not autorun after restarting my phone. I try experimenting about your app by restarting my phone then messaging it with lock command but i only receive text message and it does not work even i use the in app command  . I need to open it first to apply its anti thief program . I worrying what if my phone got low battery then someone stole it. And i message it so if the thief open it , it will run the program ?
Please start your own topic in the following section:
https://forum.avast.com/index.php?board=66.0


Title: Re: Technical
Post by: bob3160 on July 17, 2017, 09:03:03 PM
Spyware targets Iranian Android users by abusing messaging app Telegram’s Bot API


https://blog.avast.com/spyware-targets-iranian-android-users-by-abusing-messaging-app-telegram-bot-api
Title: Re: Technical
Post by: Asyn on July 18, 2017, 08:17:22 AM
Facebook users pwnd by phone with account recovery vulnerability
https://www.theregister.co.uk/2017/07/17/facebook_login_security/
https://medium.com/@jkmartindale/i-kinda-hacked-a-few-facebook-accounts-using-a-vulnerability-they-wont-fix-2f5669794f79
Title: Re: Technical
Post by: Asyn on July 20, 2017, 10:37:32 AM
Linux Users Urged to Update as a New Threat Exploits SambaCry
http://blog.trendmicro.com/trendlabs-security-intelligence/linux-users-urged-update-new-threat-exploits-sambacry/
Title: Re: Technical
Post by: Asyn on July 21, 2017, 03:47:06 PM
Devil's Ivy: Flaw in Widely Used Third-party Code Impacts Millions
http://blog.senr.io/blog/devils-ivy-flaw-in-widely-used-third-party-code-impacts-millions
http://blog.senr.io/devilsivy.html
Title: Re: Technical
Post by: Asyn on July 22, 2017, 06:23:26 PM
Putin’s Hackers Now Under Attack — From Microsoft
http://www.thedailybeast.com/microsoft-pushes-to-take-over-russian-spies-network
Title: Re: Technical
Post by: DavidR on July 22, 2017, 06:51:34 PM
Putin’s Hackers Now Under Attack — From Microsoft
http://www.thedailybeast.com/microsoft-pushes-to-take-over-russian-spies-network

You would think that letting this information leak out, is just asking for retaliatory action, best just to keep quiet and get on with it.
Title: Re: Technical
Post by: bob3160 on July 22, 2017, 10:09:02 PM
Putin’s Hackers Now Under Attack — From Microsoft
http://www.thedailybeast.com/microsoft-pushes-to-take-over-russian-spies-network (http://www.thedailybeast.com/microsoft-pushes-to-take-over-russian-spies-network)

You would think that letting this information leak out, is just asking for retaliatory action, best just to keep quiet and get on with it.
Maybe they should have watched this first ???
https://youtu.be/Dvj0v0W6yjk
Title: Re: Technical
Post by: Asyn on July 23, 2017, 01:54:21 PM
AlphaBay, the Largest Online 'Dark Market,' Shut Down
https://www.justice.gov/opa/pr/alphabay-largest-online-dark-market-shut-down

Underground Hansa Market taken over and shut down
https://www.politie.nl/en/news/2017/july/20/underground-hansa-market-taken-over-and-shut-down.html
Title: Re: Technical
Post by: Asyn on July 25, 2017, 01:20:05 PM
Remote Code Execution In Source Games
https://oneupsecurity.com/research/remote-code-execution-in-source-games
Title: Re: Technical
Post by: Pondus on July 26, 2017, 06:36:54 PM
Adobe will kill flash
https://blogs.adobe.com/conversations/2017/07/adobe-flash-update.html

https://www.theverge.com/2017/7/25/16026236/adobe-flash-end-of-support-2020

Title: Re: Technical
Post by: Asyn on July 27, 2017, 09:56:03 AM
Bye, bye Petya! Decryptor for old versions released.
https://blog.malwarebytes.com/malwarebytes-news/2017/07/bye-bye-petya-decryptor-old-versions-released/
Title: Re: Technical
Post by: Asyn on July 29, 2017, 09:22:46 PM
Microsoft Windows Bounty Program Terms
https://technet.microsoft.com/en-us/security/mt493440
Title: Re: Technical
Post by: Asyn on July 30, 2017, 11:46:11 AM
THE ADVENTURES OF AV AND THE LEAKY SANDBOX
https://www.blackhat.com/docs/us-17/thursday/us-17-Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox-wp.pdf
https://github.com/SafeBreach-Labs/spacebin
Title: Re: Technical
Post by: Asyn on July 31, 2017, 12:04:21 PM
Dark web doesn't exist, says Tor's Dingledine. And folks use network for privacy, not crime
Cofounder brings us up to date on network status
https://www.theregister.co.uk/2017/07/29/tor_dark_web/
Title: Re: Technical
Post by: bob3160 on July 31, 2017, 06:27:32 PM
VPN's under attack. First China now Russia:
(http://screencast-o-matic.com/screenshots/u/Lh/1501518420467-76160.png)
https://www.pcmag.com/news/355286/president-putin-bans-vpns-in-russia?utm_source=email&utm_campaign=whatsnewnow&utm_medium=title (https://www.pcmag.com/news/355286/president-putin-bans-vpns-in-russia?utm_source=email&utm_campaign=whatsnewnow&utm_medium=title)
Title: Re: Technical
Post by: Asyn on August 01, 2017, 10:42:59 AM
We'll Pay You to #HackTor
https://blog.torproject.org/blog/we-will-pay-you-to-hack-tor-bug-bounty
https://hackerone.com/torproject
Title: Re: Technical
Post by: Asyn on August 02, 2017, 06:58:31 AM
Our Copyfish extension was stolen and adware-infested
https://a9t9.com/blog/chrome-extension-adware/
Title: Re: Technical
Post by: polonus on August 02, 2017, 10:29:16 AM
2013, 2014, 2015, 2016, 2017 NSA collects MS error reports!

https://www.schneier.com/blog/archives/2017/08/nsa_collects_ms.html

polonus
Title: Re: Technical
Post by: Asyn on August 02, 2017, 11:04:52 AM
2013, 2014, 2015, 2016, 2017 NSA collects MS error reports!
https://www.schneier.com/blog/archives/2017/08/nsa_collects_ms.html
Quite interesting, thanks for sharing it. :)
Title: Re: Technical
Post by: bob3160 on August 02, 2017, 04:20:30 PM
2013, 2014, 2015, 2016, 2017 NSA collects MS error reports!

https://www.schneier.com/blog/archives/2017/08/nsa_collects_ms.html (https://www.schneier.com/blog/archives/2017/08/nsa_collects_ms.html)

polonus
I'm quite sure the NSA isn't alone in these collection for infection practices. :)
I'm also certain that this isn't only done for MS errors and vulnerabilities.
Title: Re: Technical
Post by: polonus on August 02, 2017, 10:08:15 PM
Hi bob3160,

MS should get their error reports from end-users full encrypted,
so neither NSA nor others, you may point out here, should get their hands on the data.

On to-day's Internet infrastructure, where trust more and more starts to become a rare thing from the past.
we can no longer do without full strength e2ee. Too many data-breaches and revelations to the contrary.

polonus
Title: Re: Technical
Post by: Asyn on August 03, 2017, 06:25:27 AM
Hac