InfoSec Week 40, 2017

Posted on 11 október 2017

There is a great probability that if you used Outlook’s S/MIME encryption in the past 6 months, plaintext of your emails was leaked to the mail exchange because of Outlook S/MIME CVE-2017-11776 vulnerability.

The Kaspersky anti-virus was allegedly stealing NSA secrets using a silent signature mode that detected classified documents. Israel hacked the Kaspersky, and notified the NSA.

A custom OxygenOS Android fork that comes installed on all OnePlus smartphones, is tracking users, allowing OnePlus to connect each phone to its customer.

Chromebooks and Chromeboxes are affected by a bug in certain Infineon Trusted Platform Module (TPM) firmware versions. RSA keys generated by the TPM being vulnerable to a computationally expensive attacks. Targeted attacks are possible.

KovCoreG hacking group used advertising network on Pornhub to redirect users to a fake browser update websites that installed malware.

Apple released a security patch for macOS High Sierra 10.13 to fix vulnerabilities in the Apple file system (APFS) volumes and Keychain software. The patch also addresses a flaw in the Apple file system that exposes encrypted drive’s password in the hint box.

Yet another part of the reverse engineering blog post series analyzing TrickBot with IDA.

Keybase has launched a nice new feature - encrypted Git. There are no services like website, pull requests, issue tracking or wiki, just simple git. Encrypted.

Comments !