InfoSec Week 17, 2017

Posted on 30 April 2017
SUBSCRIBE TO A WEEKLY NEWSLETTER!

A team of researchers from New York University said they identified a severe flaw in General Electric Multilin protection relays, which are widely deployed in the US energy sector.
https://www.blackhat.com/us-17/briefings.html#and-then-the-script-kiddie-said-let-there-be-no-light.-are-cyber-attacks-on-the-power-grid-limited-to-nation-state-actors

Kaspersky labs analyzed Backdoor.Win32.Denis, malware using DNS tunneling as a communication infrastructure. Base64 is not an encryption, tough.
https://securelist.com/blog/research/78203/use-of-dns-tunneling-for-cc-communications/

Check Point researchers have discovered a new Mac malware family that uses nag screens to obtain admin privileges, Tor to hide traffic diverted to a remote proxy, and a rogue certificate to intercept encrypted browser traffic. It's spreading via email spam.
http://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/

A critical vulnerability (CVE 2017-5135) in the implementation of the SNMP protocol allows an attacker to take over at least 78 cable modem models.
https://www.bleepingcomputer.com/news/security/several-cable-modem-models-affected-by-snmp-god-mode-flaw/

Wired wrote about the research of Android applications that turns the smartphone into a file server, exposing open ports to the internet, and why is it dangerous. https://www.wired.com/2017/04/obscure-app-flaw-creates-backdoors-millions-smartphones/

CIAs document tracking program Scribbles allegedly embeds a web beacon-style tag into watermarks located on Microsoft Word documents that can report document analytics back to the CIA.
https://wikileaks.org/vault7/#Scribbles

The Antminer, bitcoin mining hardware, has a backdoor that can disable miner remotely. http://www.antbleed.com/ https://www.reddit.com/r/Bitcoin/comments/67qwqv/antbleed_exposing_the_malicious_backdoor_on/dgsk6cf/

Troy Hunt published blog about some of the most insane password reset schemes, security questions, and corporate responses he saw through the career.
https://www.troyhunt.com/reckon-youve-seen-some-stupid-security-things-here-hold-my-beer/


Comments !