The US federal prosecutors say that Chinese spies hacked dozen firms to steal aviation engineering secrets for the Chinese aerospace company.
Apple's ICMP packet-handling code contains a heap buffer overflow vulnerability (CVE-2018-4407).
Exploit can DoS any Mac, iOS device on a network by sending a crafted packet. The ping of death is back.
Microsoft is sharing Indian bank customers' data with U.S. intelligence agencies.
Looks like the banks were aware of it, when they have signed the Office 365 license agreements.
Google announced the launch of reCAPTCHA v3, which aims to improve user experience by removing the need for challenges. It uses the score based on the user on-site interactions.
The end-to-end encrypted instant messaging application Signal introduced a new "Sealed sender" privacy feature that is protecting the sender before traffic observation.
Multiple malicious python libraries found and removed from PyPI. Guys are typo-squatting popular repository names and deliver malware.
Great list of lessons learned over 20 years of red teaming by security expert Matt Devost.
Cisco Talos researchers found a code execution vulnerability in the anti-malware tool Sophos HitmanPro.Alert.
Researcher Jay Rosenberg documents clear connection between one of Lazarus Group's tools and an open source Chinese CasperPhpTrojan remote access trojan.
Apple releases specification of T2 security chip.
Researchers announced a fast attack breaking OCB2, an ISO-standard authenticated encryption scheme.
If you are running Linux machines in Microsoft Azure, you should disable built-in wa-linux-agent backdoor that enable root access from Azure console.
There is a good blog post by Stuart Schechter about the dark side of the two factor authentication. Highly recommended reading.
Great research by Eyal Ronen, Kenneth G. Paterson and Adi Shamir demonstrate that adopting pseudo constant time implementations of TLS are not secure against the modified Lucky 13 attack on encryption in CBC-mode. Tested against four fully patched implementations of TLS - Amazon's s2n, GnuTLS, mbed TLS and wolfSSL.
Traefik, popular open source reverse proxy and load balancing solution is leaking (CVE-2018-15598) TLS certificate private keys via API.
Google enrolled Hardware Secure Module to their Cloud Key Management Service. The customers can use it to store their encryption keys with FIPS 140-2 Level 3 security certified devices from now on.
Microsoft Corp said that Russian hackers are targeting U.S. political groups ahead of November’s congressional elections.
The WIRED cover story on how Russian NotPetya malware took down Maersk, the world’s largest shipping firm.
Kaspersky Lab published analysis of a sophisticated "Dark Tequila" banking malware which is targeting customers in Mexico and other Latin American nations.
NSA successfully cracked and listened for years to encrypted networks of Russian Airlines, Al Jazeera, and other “High Potential” targets.
Anonymous targeted Spanish Constitutional Court, economy and foreign ministry websites to support Catalonia separatist drive.
Red Teaming/Adversary Simulation Toolkit is a collection of open source and commercial tools that aid in red team operations.
Ukraine’s security service attributed Russia as an actor behind ongoing malware attacks against their critical infrastructure.
Researchers from the Georgia Institute of Technology have created a ransomware that targets programmable logic controllers.
An in-depth analysis of a Marcher Android banking trojan targeting financials mostly in Germany, France, UK. Most infected devices are running Android 6.0.1.!
First person narrative about a modus operandi of a red-team social engineer. Non so technical, more about the reconnaissance and the possibilities of a macro driven phishing.
Symantec and BAE Systems linked watering hole attacks on Polish Banks to the Lazarus Group.
Malware written in SQL, executed inside the database, targets Magento-powered online stores.
Data Selfie is a Chrome extension that logs what Facebook learns about you. It shows you your own data traces and reveal how machine learning algorithms use your data to gain insights about your personality. User data are stored only locally. Scary stuff! Try it.
theZoo is a repository of a malware samples for people interested in malware analysis. Be careful.
Malboxes is a tool which builds malware analysis Windows virtual machines automatically using VirtualBox and Vagrant.