Tag Monero

InfoSec Week 17, 2018

A loud sound emitted by a gas-based fire suppression system deployed in the data center has destroyed the hard drives of a Swedish data center, downing NASDAQ operations across Northern Europe.

Signal for iOS, version and prior, is vulnerable to the screen lock bypass (CVE-2018-9840).
The blog explains how the vulnerability can be exploited in practice.

Good summary about the integrated circuits Counterfeiting, detection and avoidance methods by hardware engineer Yahya Tawil.

A new python-based cryptocurrency mining malware PyRoMine (FortiGuard Labs) is using the ETERNALROMANCE exploit attributed to the NSA, to propagate Monero cryptocurrency miner.

The Australian Bureau of Statistics tracked people by their mobile device data to enrich their collection of data.

BGP hijack affected Amazon DNS and rerouted web traffic for more than two hours. Attackers used the hijack to serve fake MyEtherWallet.com cryptocurrency website.

Embedi researchers analyzed the security of a Huawei Secospace USG6330 firewall firmware. Good insight on how to analyze devices in general.

The ISO has rejected SIMON and SPECK symmetric encryption algorithms designed and proposed by the NSA. They are optimized for small and low-cost processors like IoT devices.

The Center for Information Technology Policy at Princeton Announced IoT Inspector - an ongoing initiative to study consumer IoT security and privacy.

There is a Proof of Concept for Fusée Gelée - a coldboot vulnerability that allows full, unauthenticated arbitrary code execution on NVIDIA's Tegra line of embedded processors. This vulnerability compromises the entire root-of-trust for each processor, leading to full compromise of on-device secrets where USB access is possible.

InfoSec Week 51, 2017

There is a remotely exploitable vulnerability in the Vitek CCTV firmware. Reverse netcat shell included.

Matthew Green thinks that the recently discovered "Extended Random" extension of the RSA’s BSAFE TLS library found in the older Canon printers could be NSA backdoor.

Filippo Valsorda presented the key recovery attack against the carry bug in x86-64 P-256 elliptic curve implementation in the Go library. JSON Web Encryption affected.

Explanation how web trackers exploit browser login managers to track users on the Internet.

According to the hacker Konstantin Kozlovsky, the creation of WannaCry and Lurk malware was supervised by the Russian FSB agency.

Short blog about the cracking encrypted (40-bit encryption) PDFs using hashcat.

Crooks behind the VenusLocker ransomware to Monero mining. They are executing Monero CPU miner XMRig as a remote thread under the legitimate Windows component wuapp.exe.

Two Romanian hackers infiltrated nearly two-thirds of the outdoor surveillance cameras in Washington, DC, as part of an extortion scheme.

Proofpoint researchers published paper on largely undocumented LazarusGroup campaigns targeting cryptocurrency individuals and organizations. The research covers implants and tactics not currently covered in the media.