Tag CSIDH

InfoSec Week 1, 2019

Let's Encrypt recapitulated the last year in the operation of their ACME based certification authority, and summarized the challenges that they will work on in 2019.
They intend to deploy multi-perspective validation, checking multiple distinct Autonomous Systems for domain validation, preventing potential BGP hijacks. They also plan to run own Certificate Transparency (CT) log.
https://letsencrypt.org/2018/12/31/looking-forward-to-2019.html

According to the consultant Nathan Ziehnert, "CenturyLink 50 hour outage at 15 datacenters across the US — impacting cloud, DSL, and 911 services was caused by a single network card sending bad packets."
https://twitter.com/GossiTheDog/status/1079144491238469638

Great blog by Artem Dinaburg, where he is resurrecting 30 years old fuzzing techniques from the famous research papers to run them on on the current Linux distro. Successfully.
https://blog.trailofbits.com/2018/12/31/fuzzing-like-its-1989/

An article by Wired about the fake murder for hire services on dark web and a freelance security researcher that took them down. As it turned out, some clients killed their targets themselves.
https://www.wired.co.uk/article/kill-list-dark-web-hitmen

Multiple newspaper publishers in the US were hit by a ransomware attack, delaying their operations.
https://www.latimes.com/business/technology/la-fi-tn-ryuk-hack-20190101-story.html

The European Union starts running bug bounties on Free and Open Source Software.
https://juliareda.eu/2018/12/eu-fossa-bug-bounties/

Foxit Readers' proof of concept exploit for the Use-After-Free vulnerability (CVE-2018-14442) was published on Github.
https://github.com/payatu/CVE-2018-14442

Attacker launched multiple servers that return an error message to the connected Electrum clients, which then turn them into a fake update prompt linking to a malware.
https://github.com/spesmilo/electrum/issues/4968

Adam Langley published blog about the zero-knowledge attestation when using FIDO based authentication. It could prevent a single-vendor policy some sites started to require.
https://www.imperialviolet.org/2019/01/01/zkattestation.html

Interesting blog post by Wouter Castryck on "CSIDH: post-quantum key exchange using isogeny-based group actions".
https://www.esat.kuleuven.be/cosic/csidh-post-quantum-key-exchange-using-isogeny-based-group-actions/

The security researcher Bruno Keith published a a proof of concept for a remote code execution vulnerability in Microsoft Edge browser (CVE-2018-8629).
https://securityaffairs.co/wordpress/79264/hacking/microsoft-edge-poc-exploit.html

If you are interested in older car hacking/tuning, check this article about overcoming the speed limitation on an old Japanese Subaru Impreza STi.
https://p1kachu.pluggi.fr/project/automotive/2018/12/28/subaru-ssm1/

Jonathan “smuggler” Logan published study on the future of black markets and cryptoanarchy named "Dropgangs, or the future of darknet markets".
https://opaque.link/post/dropgang/

InfoSec Week 23, 2018

Australian government drafts new laws, that will force technology giants like Facebook, Google to give government agencies access to encrypted data.
https://www.theguardian.com/technology/2018/jun/06/planned-laws-to-force-tech-firms-to-reveal-encrypted-data

A security researcher at Telspace Systems, Dmitri Kaslov, discovered a vulnerability in the Microsoft Windows JScript component, that can be exploited by an attacker to execute malicious code on a target computer.
https://www.zerodayinitiative.com/advisories/ZDI-18-534/

IBM X-Force Research has uncovered a new Brazilian, Delphi-based MnuBot malware active in the wild. It downloads it's functionality during the execution dynamically from the remote C&C server, so its functionality can be upgraded on the fly.
https://securityintelligence.com/new-banking-trojan-mnubot-discovered-by-ibm-x-force-research/

The US Department of Homeland Security and FBI issues alert over two new malware, Joanap remote access tool and Brambul SMB worm, linked to the Hidden Cobra hacker group.
https://www.us-cert.gov/ncas/alerts/TA18-149A

A Toronto-based investment firm alleges that a rival company hired the Israeli companies tied to state intelligence agencies, to help sway a business dispute over a 2014 bid for a telecommunications company.
https://www.calcalistech.com/ctech/articles/0,7340,L-3739390,00.html

Google announced a project Capillary: End-to-end encryption for push messaging in Android. It should be available backward to API level 19 - KitKat.
https://android-developers.googleblog.com/2018/06/project-capillary-end-to-end-encryption.html

Engineers from the University of Toronto have built a filter that slightly alters photos of people’s faces to keep facial recognition software from realizing what it's looking at. https://joeybose.github.io/assets/adversarial-attacks-face.pdf

Research paper about the business model of a botnet operation, even with a business model canvas!
https://arxiv.org/abs/1804.10848

New research takes on the problem of habituation to security warnings. They have used eye tracking and fMRI data to find out how people react to the security warnings in the software.
https://neurosecurity.byu.edu/misq-longitudinal-2018/

A new paper by Bonnetain and Schrottenloher giving improved quantum attack on a newly proposed Commutative Supersingular Isogeny Diffie–Hellman (CSIDH) key exchange. According to the paper, they show, that the 128-bit classical, 64-bit quantum security parameters proposed actually offer at most 37 bits of quantum security.
https://eprint.iacr.org/2018/537