Tag threat modeling

InfoSec Week 48, 2017

The German Interior Minister is preparing a law that will force device manufacturers to include backdoors within their products that law enforcement agencies could use at their discretion for legal investigations.

According to the Citizen Lab, Ethiopian dissidents in the US, UK, and other countries were targeted with emails containing sophisticated commercial spyware sold by Israeli firm Cyberbit.

Elcomsoft wrote an insight about the drastically degraded security of the Apples iOS 11 operating system.

Chinese drone maker D.J.I. is potentially sharing collected data with the Chinese government.

Crooks are installing cryptocurrency miners by using typosquatting npm package names. They are searching for the unregistered package names with the difference of one bit from a well known packages.

Swiftype written a good blog about their infrastructure risk assessment and threat modeling.

Nvidia published a paper about the clustering of a benign and malicious Windows executables using neural networks.

Bucket Stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs.

Sysdig Inspect – a powerful interface for container troubleshooting and security investigation