InfoSec Week 21, 2017

Posted on 29 May 2017

Check Point researchers revealed a new attack vector using malicious subtitle files, which, when downloaded by a victim’s media player, can provide complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and

Check Point also discovered an auto-clicking adware found on 41 apps in Google Play Store. It is silently sending "clicks" to an advertisements pushed by the remote C&C server.

WannaCry support staff decrypted files for free because their "Taiwanese campaign seems to be a total failure." and they have "overestimated income of the population". How generous.

Cloak & Dagger is a new class of potential attacks affecting Android devices. It's basically an attack vector based on two Android permissions (SYSTEM_ALERT_WINDOW, BIND_ACCESSIBILITY_SERVICE) that are allowed by default and malicious app can use them to do bad stuff.

Interesting security evaluation "of the Implantable Cardiac Device Ecosystem Architecture" by the WhiteScope. Basically, these devices are not authenticated, nor encrypted and can be programmed by anyone competent.

Crypto guys published paper breaking the encryption published 3 days earlier. Should have emailed them instead...

Vulnerability researcher Tavis Ormandy has ported Windows Defender to Linux:)
"This repository contains a library that allows native Linux programs to load and call functions from a Windows DLL."

Comments !