Yet another high severity attack against the Intel CPUs. Unpatched systems can leak SIMD, FP register state between privilege levels. These registers are used for private keys nowadays.
The cost of a patch is more expensive context switches because the fix has to unload and reload all SIMD, FP state.
The team behind the CopperheadOS, hardened Google-free Android fork, has imploded. Guys, CEO and CTO (main and probably the only developer) are blaming each other.
Chromium devs are planning to enforce TLS protocol invariants by rolling new TLS 1.3 versions every six weeks.
According to the developers: "Every six weeks, we would randomly pick a new code point. These versions will otherwise be identical to TLS 1.3, save maybe minor details to separate keys and exercise allowed syntax changes. The goal is to pave the way for future versions of TLS by simulating them (“draft negative one”)."
The Kromtech Security Center found 17 malicious docker images stored on Docker Hub for an entire year. With more than 5 million pulls, containers were primarily used to mine cryptocurrency.
At least 74 persons, mostly Nigerians, were arrested due to crimes related to the business e-mail compromise schemes.
Good summary of the existing inter-service authentication schemes. Bearer, hmac based tokens etc.
There is an Ancient "su - hostile" vulnerability in Debian 8 & 9. Doing "su - hostile" may lead to the root privilege escalation. Default sudo -u probably is
There is a critical command injection vulnerability in the macaddress NPM package.
Blog about the crafting remote code execution via server-side spreadsheet injection.
An implementation flaw in multiple cryptographic libraries allows a side-channel based attacker to recover ECDSA or DSA private keys. Lots of libraries affected, like LibreSSL, Mozilla NSS, OpenSSL, etc.
The city of Atlanta government has become the victim of a ransomware attack. The ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems. Employees were told to turn off their computers.
The academic researchers have discovered a new side-channel attack method called BranchScope that can be launched against devices with Intel processors and demonstrated it against an SGX enclave. The patches released in response to the Spectre and Meltdown vulnerabilities might not prevent these types of attacks.
Good insight into the ransomware business and how it operates, how it transfers Bitcoin funds, with data gathered over a period of two years.
The paper is named "Tracking Ransomware End-to-end"
Mozilla has created a Facebook Container extension for Firefox, which should enable users to protect their online habits by sandboxing Facebook webpage.
Interesting article about the North Korean army of hackers operating abroad with the mission to earn money by any means necessary.
Unified logs in the MacOS High Sierra (up to 10.13.3) show the plain text password for APFS encrypted external volumes via disk utility application.
SophosLabs researchers analyzed a new Android malware which is pretending to he a legitimate QR reader application, but actually is monetizing users by showing them a flood of full-screen advertisements. More than 500k apps were installed.
CloudFlare published a Merkle Town dashboard, Certificate Transparency logs visualization tool.
Facebook is tracking users' phone call information via their Android Messenger application.
There are multiple critical vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software.
New version (4.0) of the most secure operating system on the planet - Qubes OS was released.