The Chinese battery expert is charged with stealing trade secrets from US employer, as he prepared to return home. Forensics found deleted research materials not related to his contract on a USB voluntarily provided to a supervisor.
The New York Times published an article about the insecurity of the mobile networks' Signaling System 7 (SS7) and the unwillingness to address mobile network vulnerabilities in general.
Iraq government took down unlicensed towers used for illegal internet bandwidth smuggling operation in the disputed province of Kirkuk.
Indias' Ministry of Home Affairs has issued a notification authorizing 10 agencies to tap, intercept and decrypt all personal data on computers and networks.
Yet another article from NY Times, this time on how Facebook uses 7500 moderators around the world to keep content "normal".
Hackers are infecting Linux servers with JungleSec ransomware using IPMI remote console, manually running encryption program, then asking for ransom.
The beta version of the WireGuard next gen VPN for iOS was released into the App Store.
Someone from the France uploaded a new sample of Shamoon wiper malware to VirusTotal. The sample is signed with Baidu digital certificate expired back in 2016.
The Wired magazine published a list of articles they have published on a security topic in 2018. Some of them are really good.
Amazon sends 1700 Alexa voice recordings to a random person.
Daniel Shapira from Twistlock wrote a blog about exploiting a Linux kernel vulnerability in the waitid() syscall (CVE-2017-5123) in order to modify the Linux capabilities of a Docker container, gain privileges and escape the container jail.
There is a critical hardware bug in the Intel chips, which enables a user level process to access kernel address space, thus read other processes memory. Cloud providers and OS makers are preparing software patches, but the performance penalty could be significant. According to the Wired:
"[researchers] confirmed that when Intel processors perform that speculative execution, they don't fully segregate processes that are meant to be low-privilege and untrusted from the highest-privilege memory in the computer's kernel. That means a hacker can trick the processor into allowing unprivileged code to peek into the kernel's memory with speculative execution."
The guy dumped PlayStation 4 kernel by leaking arbitrary memory into accessible crashdumps.
ACM published article about more than 2 decades old ransomware experiments with the name "Cryptovirology: The Birth, Neglect, and Explosion of Ransomware".
Nice write up about exploit development for the arbitrary command execution on a BMC Server Automation remote agent software.
MacOS-only 0day vulnerability published on a last day of 2017. It is an IOHIDSystem kernel vulnerability that can be exploited by any unprivileged user.
Edward Snowden’s open source Haven application uses smartphone sensors to detect physical tampering.
PiKarma detects wireless network attacks performed by KARMA module (fake AP). Starts deauthentication attack (for fake access points).
Erebus ransomware distributed by the malicious advertisement campaign is using Rig exploit kit to infect Linux servers across the world.
Some companies had to pay already.
FireEye published anatomy of a cyber extortion scheme executed by FIN10 group. They infiltrate company networks, steal valuable data, then attempt to extort executives and board members of a company.
Researchers changed e-cigarette USB compatible charger for a keyboard emulator, so it can issue commands when connected to the PC.
Wired has published an article about the malware behind the Ukraine power grid blackout.
A lottery computer programmer designed his code so that on three days of the year, he could predict winning numbers in some games.
Part of the Wikileaks Vault 7 release, Cherry Blossom, exposes CIA wireless hacking toolkit.
Cisco Talos has published BASS - Automated Signature Synthesizer for malware detection.
Some (AVG, Avast, Avira, CheckPoint, K7) antivirus software‘s kernel vulnerabilities found by the bee13oy security researcher.