InfoSec Week 42, 2017

Posted on 25 October 2017
SUBSCRIBE!

Interesting research on the possibility of a cheap online surveillance.
"In this work we examine the capability of [..] an individual with a modest budget -- to access the data collected by the advertising ecosystem. Specifically, we find that an individual can use the targeted advertising system to conduct physical and digital surveillance on targets that use smartphone apps with ads."
https://adint.cs.washington.edu/

Mnemonic company together with the Norwegian Consumer Council tested several smartwatches for children and found numerous security vulnerabilities that allows child tracking, etc.
https://www.forbrukerradet.no/side/significant-security-flaws-in-smartwatches-for-children

The Cisco Talos team discovered an e-mail campaign spreading malicious Visual Basic inserted in a Cyber Conflict U.S. conference flyer, targeting cyber warfare conference participants.
http://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html

SfyLabs security researchers have spotted a new Android banking trojan named LokiBot. It has banking trojan functionality, but turns into ransomware and locks users out of their phones if they try to remove its admin privileges.
https://www.bleepingcomputer.com/news/security/lokibot-android-banking-trojan-turns-into-ransomware-when-you-try-to-remove-it/

There is a newly published cryptographic attack on some legacy systems like Fortinet FortiGate VPN, which uses ANSI X9.31 random number generator with a hardcoded seed key.
https://duhkattack.com/
https://blog.cryptographyengineering.com/2017/10/23/attack-of-the-week-duhk/

Nice explanation of a remote code execution vulnerability (CVE-2017-13772) on a TP-Link WR940N home WiFi router.
https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/

Purism’s Librem Laptops running open-source coreboot firmware are now available with completely disabled Intel Management Engine.
https://puri.sm/posts/purism-librem-laptops-completely-disable-intel-management-engine/

Wire, open source end-to-end encrypted messenger is now open for corporate clients. It offers secure chats, calls and file sharing while following strict European data protection laws.
https://medium.com/@wireapp/wire-open-for-business-2c535033cf9a


Comments !