The AWS team published blog about the recent improvements to the secure random number generation in Linux 4.14, OpenSSL and libc.
Really good introduction to the anonymous communication network design and mix nets in general, published by Least Authority.
Those guys reverse-engineered the Furby Connect DLC file format and are able to remotely upload their own logos, songs to the device over Bluetooth.
There is a critical vulnerability in the MacOS High Sierra, anyone can login as root with empty password after clicking on login button several times. For now, it could be mitigated by just changing the root password.
Very good investigative journalism about the mysterious NSA contractor which could provided top secret documents to the Shadow Brokers.
Uber paid hackers $100k to delete stolen data on 57 million people and shut up. They have even tried to fake it as an bug bounty payment.
Someone published remote code execution exploit for the Exim Mail server (CVE-2017-16944) on GitHub. Shodan.io shows more than 400k servers with the vulnerable CHUNKING feature.
The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in D-Link routers.
There is a new research paper published on a security of a Bluetooth stack named "The dangers of Bluetooth implementations: Unveiling zero day
vulnerabilities and security flaws in modern Bluetooth stacks." Really alarming vulnerabilities discussed.
From a paper: "BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure “air-gapped” networks, and spread malware to other devices. The attack does not require the targeted device to be set on discoverable mode or to be paired to the attacker’s device."
FireEye has analyzed a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability leveraged by attackers to distribute notoriously known FinFisher / FINSPY malware.
I have included exploit example that is published on a GitHub.
Kaspersky Labs have analyzed the trend of malicious cryptocurrency mining practices on an infected machines.
The Android BankBot malware found on Google Play store is targeting multiple UAE banking applications.
NSA had developed the capability to decrypt and decode Kazaa and eDonkey file-sharing apps traffic to determine which files are being shared, and what queries are being performed over those P2P networks.
Formally verified implementation of Curve25519 made it into Firefox 57. And it is 20% faster on 64-bit architectures.
A nice curated list of IDA plugins.