Tag ECC

InfoSec Week 6, 2019

Insurance Company says to the Mondelez customer that the NotPetya ransomware attack was an act of cyber war and therefore not covered by the policy.
https://ridethelightning.senseient.com/2019/01/insurance-company-says-notpetya-is-an-act-of-war-refuses-to-pay.html

Hackers breached Norway's Visma IT company to steal client secrets. Many large Norwegian companies are using Visma for accounting.
Attackers are attributed by Reuters sources as backed by the Chinese government.
https://www.reuters.com/article/us-china-cyber-norway-visma/china-hacked-norways-visma-to-steal-client-secrets-investigators-idUSKCN1PV141

Researchers demonstrated a new privacy attack against all variants of the Authentication and Key Agreement (AKA) protocol that impacts 5G, 4G, and 3G telephony protocols. The attack compromises users' privacy more than current known location privacy attacks do.
https://www.zdnet.com/article/new-security-flaw-impacts-5g-4g-and-3g-telephony-protocols/

Looks like Go language had vulnerabilities in the Elliptic Curve Cryptography implementation which could allow attackers to cause a denial of service or possible private key recovery attacks.
https://www.debian.org/security/2019/dsa-4380

It is possible to trick Evolution email application users into trusting a phished mail via adding a forged UID to a OpenPGP key that has a previously trusted UID. It's because Evolution extrapolates the trust of one of OpenPGP key UIDs into the key itself.
https://dev.gentoo.org/~mgorny/articles/evolution-uid-trust-extrapolation.html

Good long-form story about the young cyber criminals and young girlfriend that followed their lies to her death. It does not have a happy ending.
https://www.buzzfeednews.com/article/josephbernstein/tomi-masters-down-the-rabbit-hole-i-go

Security researchers were assaulted by a casino technology vendor Atrient after responsibly disclosed critical vulnerabilities to them.
https://www.secjuice.com/security-researcher-assaulted-ice-atrient/

Article 13, the new European Union copyright law is back and it got worse, not better. https://juliareda.eu/2019/02/article-13-worse/

Researchers from Google Project Zero evaluated Apple's implementation of Pointer Authentication on the A12 SoC used in the iPhone XS. There are bypasses possible, but the conclusion says it is still a worthwhile exploitation mitigation technique.
https://googleprojectzero.blogspot.com/2019/02/examining-pointer-authentication-on.html

There is a dangerous, remote code execution flaw in the LibreOffice and OpenOffice software.
https://thehackernews.com/2019/02/hacking-libreoffice-openoffice.html

Nadim Kobeissi is discontinuing his secure online chat Cryptocat. Thanks for service, it had nice user interface.
https://twitter.com/i/web/status/1092712064634753024

Malware For Humans is a conversation-led, independent documentary about fake news, big data, electoral interference, and hybrid warfare.
https://www.byline.com/column/67/article/2412

InfoSec Week 47, 2018

The German government-issued identity card (nPA) SDK had a critical security vulnerability allowing an attacker to impersonate arbitrary users against affected web applications.
https://seclists.org/fulldisclosure/2018/Nov/56

One of the largest dark Web hosting service providers was hacked using the PHP vulnerability we wrote a week ago and taken offline by deleting the whole database.
More than 6500 Dark Web services were hosted there which means that literally one third of the publicly facing dark web is gone.
https://www.zdnet.com/article/popular-dark-web-hosting-provider-got-hacked-6500-sites-down/

For 30 months, internet traffic going to Australian Defense websites flowed through the China Telecom's data centers due to BGP hijacking.
"How the strange routing occurred is known. But the reasons why it persisted for so long aren't, and many involved in the situation aren't eager to directly comment."
https://www.databreachtoday.com/did-china-spy-on-australian-defense-websites-a-11714

The Computer Emergency Response Team of Ukraine (CERT-UA) and the Foreign Intelligence Service of Ukraine detected a new malware Pterodo Windows backdoor that was targeting computers at Ukrainian government agencies.
https://hackercombat.com/new-pterodo-backdoor-malware-detected-by-ukraine/

The US government is persuading wireless and internet providers in allied countries to avoid telecommunications equipment from Chinese company Huawei.
https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12165136

Mozilla published a blog post about their concern regarding the EU Terrorist Content Regulation.
https://blog.mozilla.org/netpolicy/2018/11/21/the-eu-terrorist-content-regulation-a-threat-to-the-ecosystem-and-our-users-rights/

TinkerSec security researchers published on a Twitter a great story about his insider penetration testing assignment. Really good read, he got busted.
https://threader.app/thread/1063423110513418240

The VUSec security group published ECCploit paper and an article demonstrating Rowhammer bitflip exploits on the Error-correcting Code (ECC) enabled systems.
https://www.vusec.net/projects/eccploit/

The Crypto.cat author, security researcher Nadim Kobeissi published ProtonMail encryption paper, "An Analysis of the ProtonMail Cryptographic Architecture".
https://eprint.iacr.org/2018/1121

MiSafes' Kids Watcher child-tracking smartwatches can be compromised, children can be tracked.
https://www.pentestpartners.com/security-blog/tracking-and-snooping-on-a-million-kids/

Zydis is the ultimate, open-source X86 & X86-64 decoder/disassembler library.
https://github.com/zyantific/zydis