Tag VPN

InfoSec Week 7, 2018

The Fidelis Cybersecurity researcher Jason Reaves demonstrated how covertly exchange data using X.509 digital certificates. The proof of concept code is using SubjectKeyIdentifier and generating certificates on the fly.
https://www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities

The "UDPoS" Point of Sale malware is using DNS traffic to exfiltrate stolen credit card data.
https://blogs.forcepoint.com/security-labs/udpos-exfiltrating-credit-card-data-dns

Talos analyzed malware threat targeting Olympic computer systems during the opening ceremony. The main purpose was information gathering and destroying the system.
http://blog.talosintelligence.com/2018/02/olympic-destroyer.html

Zero-day vulnerability in the Bitmessage messaging client was exploited to steal Electrum cryptocurrency wallet keys.
https://securityaffairs.co/wordpress/69100/hacking/bitmessage-zero-day.html

Trustwave analyzed multi-stage Microsoft Word attack which is NOT using macros. Really creative technique.
https://www.trustwave.com/Resources/SpiderLabs-Blog/Multi-Stage-Email-Word-Attack-without-Macros/

Microsoft can't fix Skype privilege escalation bug without the massive code rewrite, so they postponed it for a while.
http://seclists.org/fulldisclosure/2018/Feb/33

Facebook is advertising their Onavo VPN application, but there are a few reasons why it is really not a good idea to use it.
https://gizmodo.com/do-not-i-repeat-do-not-download-onavo-facebook-s-vam-1822937825

Facebook is spamming users via SMS registered for two factor authentication (2FA). Then posts their responses on a wall.
https://twitter.com/Gabriel__Lewis/status/963121814166630400

(Not only) Performance analysis of a Retpoline mitigation for Spectre vulnerability.
https://cyber.wtf/2018/02/13/in-debt-to-retpoline/

A guide on how to brutefoce Linux Full Disk Encryption (LUKS) volumes using Hashcat software.
https://blog.pnb.io/2018/02/bruteforcing-linux-full-disk-encryption.html

Proof of concept of LibreOffice remote arbitrary file disclosure vulnerability. It is possible to silently send any files. All operating systems affected before 5.4.5/6.0.1 versions.
https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure

InfoSec Week 42, 2017

Interesting research on the possibility of a cheap online surveillance.
"In this work we examine the capability of [..] an individual with a modest budget -- to access the data collected by the advertising ecosystem. Specifically, we find that an individual can use the targeted advertising system to conduct physical and digital surveillance on targets that use smartphone apps with ads."
https://adint.cs.washington.edu/

Mnemonic company together with the Norwegian Consumer Council tested several smartwatches for children and found numerous security vulnerabilities that allows child tracking, etc.
https://www.forbrukerradet.no/side/significant-security-flaws-in-smartwatches-for-children

The Cisco Talos team discovered an e-mail campaign spreading malicious Visual Basic inserted in a Cyber Conflict U.S. conference flyer, targeting cyber warfare conference participants.
http://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html

SfyLabs security researchers have spotted a new Android banking trojan named LokiBot. It has banking trojan functionality, but turns into ransomware and locks users out of their phones if they try to remove its admin privileges.
https://www.bleepingcomputer.com/news/security/lokibot-android-banking-trojan-turns-into-ransomware-when-you-try-to-remove-it/

There is a newly published cryptographic attack on some legacy systems like Fortinet FortiGate VPN, which uses ANSI X9.31 random number generator with a hardcoded seed key.
https://duhkattack.com/
https://blog.cryptographyengineering.com/2017/10/23/attack-of-the-week-duhk/

Nice explanation of a remote code execution vulnerability (CVE-2017-13772) on a TP-Link WR940N home WiFi router.
https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/

Purism’s Librem Laptops running open-source coreboot firmware are now available with completely disabled Intel Management Engine.
https://puri.sm/posts/purism-librem-laptops-completely-disable-intel-management-engine/

Wire, open source end-to-end encrypted messenger is now open for corporate clients. It offers secure chats, calls and file sharing while following strict European data protection laws.
https://medium.com/@wireapp/wire-open-for-business-2c535033cf9a