Wandera security researchers spotted a new sophisticated Android RedDrop malware hidden in at least 53 Android applications. It can intercept SMS, record audio and exfiltrate data to the remote server.
There is an experimental support for forward secure post-quantum Extended Hash-Based Signatures (XMSS) in the OpenSSH protocol.
Blog by Matthew Green on the probable encryption key handling by Apple in the China mandated cloud. Not really satisfied explanation, only guesses, as Apple is silent about the exact key handling methodology.
Cloudflare detected new Memcached based amplification DDoS attack vector. The attacker just implants a large payload on an exposed memcached server, then, the attacker spoofs the "get" request message with target Source IP address. The memcached server could be really huge - around 1MB.
A group of computer scientists from the US and China published a paper proposing the first-ever trojan for a neural network. It's called PoTrojan and is triggered by special network input. After that, the network start to work differently.
The Cisco Talos team analyzed attribution claims around Olympic Destroyer malware. The result is to not imply blindly to Russia. Attribution is hard.
New KeePassXC version 2.3.0 was released. There are lots of new features, like new Argon2 key derivation function, SSH agent integration, browser plugin.
Trustico SSL certificate reseller revoked 23000 customer certificates by sending private keys(?!) over email to the Digicert certification authority.
There are rumors that major U.S. government contractor Cellebrite is able to unlock all current iPhone models.
An advertising network has been using a well-known malware trick, a Domain Generation Algorithm (DGA), to bypass ad blockers and deploy in-browser cryptocurrency miners since December 2017.
A novel technique is using hardware branch predictor side channel attack to bypass ASLR protection:
"Jump Over ASLR: Attacking Branch Predictors to Bypass ASLR"
A buffer overflow vulnerability in older Starcraft version enabled modders to create new maps, so Blizzard tasked reverse engineer to safely emulate the bug in the newer, fixed version.
The author says it all: "This is a tale about what dedication to backward compatibility implies."
A bug in the Grammarly chrome extension (approx ~22M users) exposes user authentication token to all websites, so everybody collecting user data can access their cloud data at grammarly.com.
With the release of Google Chrome 68, Chrome will mark all HTTP sites as a “not secure” in the status bar.
Article about the Australian startup Azimuth Security which sells hacking software to the "Five Eyes" police and intelligence agencies.
Rumors are that they are able to remotely hack Android devices and iPhones.
SEC Consult researchers found multiple vulnerabilities in their smart sex toys security review. Customer database, clear passwords, vulnerable remote controllers...
Metasploit integrated EternalRomance, EternalSynergy, and EternalChampion Windows (MS17-010) vulnerabilities leaked from the NSA by Shadow Brokers.
Someone leaked the source code of Apples' iBoot iOS trusted boot program on GitHub. It is a critical part of iOS system. Meanwhile, Apple filed a copyright takedown request with GitHub.
Hackers infected water utility SCADA systems in Europe with the cryptocurrency mining software.
Security researchers discovered vulnerabilities in an automated gas management system that allowed them to hijack credit card payments, steal card numbers and more.
APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was the victim of an APT attack.
Researchers exploited antivirus software quarantine mechanism to gain privileges by manipulating the restore process from the virus quarantine. By abusing NTFS directory junctions, the AV quarantine restore process can be manipulated, so that previously quarantined files can be written to arbitrary file system locations.
Wikileaks released source code of leaked CIA hacking tools and it indicates that the CIA used fake certificates attributed to Kaspersky Labs for signing their malware.
A security researcher has discovered factory application in OnePlus devices. It can be used to gain root privileges, dump photos, collect WiFi & GPS information.
Researchers from the Princeton university have been studying third-party trackers that record sensitive personal data that users type into websites, and the results are not good.
iPhone X's Face ID facial recognition security mechanism system was circumvented by Vietnam experts using a 3D mask.
Security researcher Maxim Goryachy reports being able to execute unsigned code on computers running the Intel Management Engine through USB.
Deep dive into the Facebook sextorcism scheme using fake young girls profiles by the guys from Marseille.
Long read about how the security breaches by the Shadow Brokers damaged the US National Security Agency.
Analysis of a low cost Chinese GSM listening and location device hidden inside the plug of a standard USB data/charging cable.
Privacy Pass is a browser extension for Chrome and Firefox, which uses privacy-preserving cryptography to allow users to authenticate to the services without compromising their anonymity. It uses blind signature schemes.
Security researcher Gal Beniamini from Google has discovered a security vulnerability (CVE-2017-11120) in Apple's iPhone and other devices that use Broadcom Wi-Fi chips and published working exploit after notifying affected parties.
Google engineers also found multiple flaws and vulnerabilities in the popular DNS software package - Dnsmasq. The patches are now committed to the project’s git repository. Make sure to upgrade to v2.78.
Arbor Networks researchers attributed Flusihoc DDoS botnet to the Chinese origins. More than 154 different command and control servers were used during the years, with over 48 still active right now.
HP Enterprise shared ArcSight source code with the Russians.
The vulnerability in Siemens industrial switches allows an unauthenticated attacker who has access to the network to remotely perform administrative actions.
Computer manufacturer company Purism is currently running crowdfunding campaign to finance Librem 5 – A Security and Privacy Focused Phone.
From the campaign webpage:
"Librem 5, the phone that focuses on security by design and privacy protection by default. Running Free/Libre and Open Source software and a GNU+Linux Operating System designed to create an open development utopia, rather than the walled gardens from all other phone providers."
Microsoft announced new cloud-based memory corruption bug detector with the codename Project Springfield.
Super-Stealthy Droppers - Linux "Diskless" binary execution by example.