security.didici.cc
ISC StormCast for Thursday, August 16th 2018
5 hours agoPassword Protected Word Documents Push AZORult and Hermes Ransomware https://isc.sans.edu/foru
ms/diary/More+malspam+pus
hing+passwordprotected+Wo
rd+docs+for+AZORult+and+H
ermes+Ransomware/23992/Li
nux IP Fragmentation DoS https://www.kb.cert.org/v
uls/id/6417 ...
Google is tracking your location, even when the setting is turned off
11 hours agoShock! It appears Google can track the location of anyone using some of its apps on Android or iPhone even when they’ve told it not to.
The sextortionists are back, this time with your phone number as “proof”
13 hours agoLast month the crooks were throwing old passwords into their scams to make you sit up and take notice. Now it's phone numbers.
Are your Android apps listening to you?
17 hours agoThis simple setup will help you discover if your apps are listening in on you.
Your smart air conditioner could contribute to mass power outages
17 hours agoResearchers call the scenario BlackIoT: an IoT botnet of high-wattage devices that could crash the power grid.
ISC StormCast for Wednesday, August 15th 2018
18 hours agoMicrosoft Patch Tuesday Summary https://isc.sans.edu/foru
ms/diary/Microsoft+August
+2018+Patch+Tuesday/23986
/Oracle Database Patch http://www.oracle.com/tec
hnetwork/security-advisor
y/alert-cve-2018-3110-503
2149.htmlIntel Fixes Three More CPU Flaws https:// ...
FBI warns banks that crooks are planning choreographed ATM drainage
19 hours agoThis type of multinational ATM cashout could drain cash machines of millions within the span of hours.
Don't Trust Them - Application Security Weekly #28
21 hours agoThis week, Keith is joined by Dr. Doug White to discuss Secure Coding Practices! In the news, Comcast security flaws, Facebook plans to partner with banks, hacker finds ‘God Mode’ in x86 CPU’s, bypassing CSP using polyglot JPEGs, and more on this ep ...
SN 676: The Mega FaxSploit
1 day agoThis week we cover lots of discoveries revealed during last week's Black Hat 2018 and DEF CON 26 Las Vegas security conferences. Among them, 47 vulnerabilities across 25 Android smartphones, Android "Disk-In-The-Middle&
quot; attacks, Google tracking when asked ...
Hack Naked News #184 - August 14, 2018
1 day agoThis week, Las Vegas, Linux vulnerabilities, malicious faxes, Apple macOS vulnerabilities, and police body cams open to attack. We air a pre recorded interview with Matt Alderman and Torin Sandall from Styra at Black Hat 2018, and more on this episode of ...
Apple Mac “zero day” hack lets you sneakily click [OK]
1 day agoA security researcher revisited an old bug of his that Apple had patched, made a blunder - and found the old bug was still there after all.
Pacemaker controllers still vulnerable 18 months after flaws reported
1 day agoA popular brand of heart pacemaker is still vulnerable to compromise more than a year and a half after the company that makes them was told of weaknesses in its security, researchers have claimed.
Police body cameras open to attack
1 day agoA security researcher has revealed that police body cameras could put evidence - and even police officers themselves - at risk.
11-year-old hacker changes election results
1 day agoIt took him less than 10 minutes to change election results on a replica of Florida's state website.
Facebook news feed changes – it’s a hoax!
1 day agoOne scoop of "copy & paste to screw with the algorithm" between two slices of "limiting news feed posts to 25 friends". A baloney sandwich!
ISC StormCast for Tuesday, August 14th 2018
2 days agoNew Sextorition Wave Using Partial Phone Numbers New Extortion Tricks: Now Including Your (Partial) Phone Number!Intel Releases Patch for Puma Modem Chips https://www.dslreports.co
m/forum/r32071020-Interne
t-Rogers-modem-router-reb
ooting-on-wan-scans-by-de ...
Ep. 108 - Neil Fallon Is My Tech Support
2 days agoIt might not come as a shock to you that we here at SEORG love Neil Fallon and Clutch. Having Neil out at DEF CON was an amazing experience. After 4 long days at DEF CON we hosted our annual live podcast for Episode 108. Join us as: Neil fixes Chris' ...
How a cryptocurrency-destroying bug almost didn’t get reported
2 days agoA researcher recently revealed how he found a bug that could have brought the fourth largest cryptocurrency to its knees – and how he was almost unable to report it.
Siri is listening to you, but she’s NOT spying, says Apple
2 days agoApple's working to keep iPhones from eavesdropping on us, through privacy policies, short buffer windows, local storage, and app review.
Feds indict 12 for allegedly buying iPhones on other people’s dimes
2 days agoThey allegedly hacked into phone accounts, convinced retailers they were who they weren't, and upgraded to shiny new gadgets for small fees.
In-flight satellite comms vulnerable to remote attack, researcher finds
2 days agoIOActive’s researcher Ruben Santamarta is the sort of person anyone interested in computer security would probably enjoy sitting next to on a long flight. Take the journey he made last November between Madrid and Copenhagen on Norwegian during which (na ...
Monday review – the hot 19 stories of the week
2 days agoFrom the unpopular Windows 10 updates and the Snapchat source code leaked on GitHub to the 'unhackable' BitFi hardware that got hacked, and more!
ISC StormCast for Monday, August 13th 2018
3 days agoVIA C3 "God Mode" https://github.com/xoreax
eaxeax/rosenbridgeApple MDM Vulnerablity https://www.wired.com/sto
ry/mac-remote-hack-wifi-e
nterprise/Peeking into MSG Files https://isc.sans.edu/foru
ms/diary/Peeking+into+msg
+files+revisited/23974/Hu
nting SSL/TLS ...
How one man could have hacked every Mac developer (73% of them, anyway)
5 days agoAn inadvertently exposed login key could have spelled cybersecurity disaster for the Homebrew project, beloved of Mac developers everywhere.
Comcast Xfinity web flaws exposed customer data
5 days agoIt's one thing to discover a data leak, it's another to find out from a journalist that your website is leaking customer data.
15,000-strong army of Twitter robots found spreading cryptocurrency spam
5 days agoResearchers unearthed an army of 150,000 robot Twitter accounts plying a cryptocurrency scam.
Facebook ‘regrets’ balloons and confetti triggered by earthquake posts
5 days agoFacebook apologizes for animated confetti and balloons that appeared on "I'm safe" posts during the Lombok earthquake.
ISC StormCast for Friday, August 10th 2018
6 days agoVulnerabilities in Pacemaker Programmer and Insulin Pumps https://arstechnica.com/i
nformation-technology/201
8/08/lack-of-encryption-m
akes-hacks-on-life-saving
-pacemakers-shockingly-ea
sy/"Panic Attacks" Against City Infrastructure https://www.bbc.com/news/ ...
Google to warn companies targeted in government-backed attacks
6 days agoG Suite admins will have the option of enabling alerts if Google suspects government-backed hacking attempts.
“Attack” on FCC over net neutrality was legitimate traffic, report says
6 days agoAn FCC Office of Inspector General (OIG) report has found no evidence of DDoS attacks on the FCC's comments system.
DARPA takes aim at deepfake forgeries
6 days agoDARPA's MediaFor project has come up with tools it says can spot AI-created fakes.
Fortnite for Android goes “off market” – is that good or bad? [VIDEO]
6 days agoFortnite for Android will sidestep Google Play and be an “off market” experience - is that good or bad? We discuss the issues...
ISC StormCast for Thursday, August 9th 2018
1 week agoHomebrew Exposed Github Credentials https://brew.sh/2018/08/0
5/security-incident-discl
osure/WhatsApp Vulnerability https://research.checkpoi
nt.com/fakesapp-a-vulnera
bility-in-whatsapp/Netfli
x Releases Tool To Detected Cloud Credential Compromise https://m ...
Snapchat source code leaked on GitHub – but no one knows why
1 week agoWhat just befell a "small" piece of SnapChat’s source code, and should users be concerned?
Facebook wants to be the future of online banking
1 week agoFacebook says to banks: tell us who your customers are, and we'll get them talking to you in Messenger.
Don’t Delay, Migrate Today (Away from SSL/Early TLS)
1 week agoFor those tempted to delay migration away from Secure Sockets Layer (SSL)/early Transport Layer Security (TLS)—don’t wait! This includes all versions of SSL and version 1.0 of TLS (TLS v1.1 and newer are fine). For Payment Card Industry Data Security ...
Could deliberately adding security bugs make software more secure?
1 week agoA new study argues that bogging black hats down in fake flaws might be better approach to security.
We Do Not Discriminate - Application Security Weekly #27
1 week agoThis week, Keith and James Wickett interview Galen Hunt, Distinguished Engineer and Director at Microsoft! In the news, hackers automate the laundering of money via Clash of Clans, Epic Games sidesteps the Play Store with Fortnite for Android launch, the ...
ISC StormCast for Wednesday, August 8th 2018
1 week agoLinux TCP DoS Vulnerability https://www.kb.cert.org/v
uls/id/962459Let's Encrypt Now Trusted By All Major Root CA Programs https://letsencrypt.org/2
018/08/06/trusted-by-all-
major-root-programs.htmlA
ndroid Updates https://source.android.co
m/security/bulleti ...
SN 675: New WiFi Password Attack
1 week agoThis week we discuss yet another new and diabolical router hack and attack, Reddit's discovery of SMS 2FA failure, WannaCry refuses to die, law enforcement's ample unused forensic resources, a new and very clever BGP-based attack, Windows 10 update dissat ...
How Bitcoin and the Dark Web hide SamSam in plain sight
1 week agoBitcoin and the Dark Web are familiar terms, but what are they and how do they help SamSam operate in plain sight?
iPhone chipmaker blames ransomware for factory shutdowns
1 week agoTaiwan chipmaker TSMC is back up and running, and pinning the blame for its shutdown on an infection by WannaCry ransomware.
Mozilla faces resistance over DNS privacy test
1 week agoIs Mozilla’s enthusiasm for DNS-over-HTTPS getting out of hand?
Fortnite ditches Google Play – will it undermine Android security?
1 week agoLike it or not, the Play Store is a walled garden that keeps out malware.
We Know You're From Boston - Business Security Weekly #95
1 week agoThis week, we air our pre-recorded interview with Eric Bednash, CEO of RackTop! In our second interview, Paul interviews Katie Stebbins, Research Associate Professor of Computer Science at UMASS! Full Show Notes: https://wiki.securityweek
ly.com/BSWEpisode ...
ISC StormCast for Tuesday, August 7th 2018
1 week agoNumeric Obfuscation https://isc.sans.edu/foru
ms/diary/Numeric+obfuscat
ion+another+example/23960
/Crestron Touchscreen Vulnerability https://blog.securitycomp
ass.com/security-advisory
-regarding-crestron-tsw-x
x60-touch-panel-devices-9
f1a71a926a5Facebook Rele ...
Windows 10 updates under fire from unhappy security admins
1 week agoWindows 10 is on track to be the most popular Microsoft OS but some security professionals aren't happy.
Man arrested for blackmailing women with porn fakes
1 week agoPolice have arrested a man for blackmailing women through Facebook using digitally manipulated images of them.
‘Unhackable’ Bitfi hardware rooted within a week
1 week agoGetting root access and patching firmware doesn't count as successful hacking, apparently.
Guilty! Court sinks children’s hospital attacker found stranded on a boat
1 week agoMartin Gottesfeld set off DDoS attacks against hospitals in #opJustina, fled the country in a boat, and had to be rescued by a Disney ship.
Monday review – the hot 23 stories of the week
1 week agoFrom the routers turning into zombie cryptojackers and the prisoners exploiting a vulnerability to steal $225K to SamSam, the $6 million ransomware, and more!
ISC StormCast for Monday, August 6th 2018
1 week agoNew WPA Attack https://hashcat.net/forum
/thread-7717.htmlFake Techsupport Uses More Intelligent Call Routing https://www.symantec.com/
blogs/threat-intelligence
/tech-support-scam-call-o
ptimizationHP Printer Updates https://support.hp.com/us
-en/document/c06 ...
Still Incarcerated - Paul's Security Weekly #570
1 week agoThis week, Paul interviews Josh Abraham, Staff Engineer at Praetorian! In the Technical Segment, our very own Larry Pesce gives an introduction to FL2K! In the Security News, Microsoft Edge flaws, Ransomware attacks, Yale university data breaches, Reddit ...
Episode 2.16 It’s all over people! – Your wallet is unhackable but I have your password and more!
1 week agoWelcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Rob Simon, Justin Bollinger, and Scot Berner Show Links ...
Routers turned into zombie cryptojackers – is yours one of them?
1 week agoA patch was turned into an exploit and the exploit was turned into... why, CRYPTOCOINS, of course! Fortunately, there's an easy fix.
Alleged “high-ranking” members of the Fin7 cybercrime group arrested
1 week agoThe DOJ says it's arrested three members of the highly professional Fin7 group.
How safe is your DNA data?
1 week agoA group of DNA collection and genealogy websites have agreed on new guidelines for handling sensitive genetic and family data.
Amnesty International spearphished with government spyware
1 week agoPegasus spyware is supposed to be used solely by governments, to enable them to invisibly track criminals and terrorists
ISC StormCast for Friday, August 3rd 2018
1 week agoMalware in Animated GIF Files https://isc.sans.edu/foru
ms/diary/DHLthemed+malspa
m+reveals+embedded+malwar
e+in+animated+gif/23944/M
ikroTik Miner Botnet https://www.trustwave.com
/Resources/SpiderLabs-Blo
g/Mass-MikroTik-Router-In
fection-%E2%80%93-First-w
e-cr ...
Reddit’s serious “security incident” – what you need to know
1 week agoReddit suffered a serious "security incident" in mid-June. This is what we know, and what you can do.
How to defend yourself against SamSam ransomware
1 week agoDrawing on new research we look at how best to defend your organisation against SamSam.
Facebook bans midterm-meddling accounts and pages
1 week agoFacebook says it has removed 32 Pages and accounts from Facebook and Instagram for violating its policies.
Microsoft Edge adds WebAuthn as passwords near the end
1 week agoMicrosoft’s Edge browser has finally joined Mozilla Firefox and Google’s Chrome in supporting a working version of the emerging WebAuthn.
Facebook shuts off user data access for hundreds of thousands of apps
1 week agoThe app review deadline has come and gone and Facebook has now cut off API access to those apps that failed to submit.
Rusty Programmer - Enterprise Security Weekly #101
1 week agoThis week, Paul is joined by Security Weekly’s very own Jeff Man, to talk about Evaluating Security Vendors at Trade shows! In the Enterprise News, Mimecast snaps up Solebit for $88 Million, NetSpectre attack could enable remote CPU exploitation, Oracle ...
ISC StormCast for Thursday, August 2nd 2018
2 weeks agoFacebook Smishing Attack https://isc.sans.edu/foru
ms/diary/Facebook+Phishin
g+via+SMS/23940/Port 52869 UPNP Attacks https://isc.sans.edu/foru
ms/diary/When+Cameras+and
+Routers+attack+Phones+Sp
ike+in+CVE20148361+Exploi
ts+Against+Port+52869/239
42/Microsoft Im ...
Top 8 To-Dos for IoT Security
2 weeks agoLet’s say you run an operational environment and you’ve spent years figuring out how to keep your production processes and core, life-enabling systems running at high efficiency and efficacy. But now, your IT group wants to connect your production an ...
Alleged SIM-swap scammer nabbed for stealing $5m in Bitcoin
2 weeks ago"Hi Daddy Love you," texted the daughter of one of the hacker's alleged victims. The reply: "TELL YOUR DAD TO GIVE US BITCOIN"
Staff dust off their typewriters after malware attack
2 weeks agoMalware has taken down systems in at least two Alaskan municipalities in an attack that officials say is the worst they have ever seen.
High-schoolers’ data put up for sale after being scraped from surveys
2 weeks agoMillions of students' data is being sold after being harvested from college-planning questionnaires or surveys that come with the SAT or PSAT tests.
Mozilla still working on Firefox’s site isolation security revamp
2 weeks agoMozilla’s Firefox browser doesn’t have site isolation security yet, but plans to enable it are in the works.
Wu-Tang for Life - Application Security Weekly #26
2 weeks agoThis week, Keith and Paul interview Jessica Rozhin, Security Engineer at Marqeta! In the news, New Spectre attack can remotely steal secrets, Microsoft discovers supply chain attack at unnamed maker of PDF Software, XSS filter in edge, and OWASP iGoat is ...
ISC StormCast for Wednesday, August 1st 2018
2 weeks agoPowershell Inside Certificates https://blog.nviso.be/201
8/07/31/powershell-inside
-a-certificate-part-1/TEM
PEST is Back http://youtu.be/BpNP9b3aI
fY?aBig Star Labs Spyware https://adguard.com/en/bl
og/big-star-labs-spyware/
Porn-warning security scam hooks you up to “Apple Care”
2 weeks agoIt's a toll free "Apple Care" number, meaning that in theory it shouldn't cost you a thing - so what's the harm in calling just in case?
SN 674: Attacking Bluetooth Pairing
2 weeks agoThis week we examine still another new Spectre processor speculation attack, we look at the new "Death Botnet", the security of the US DoD websites, lots of Google Chrome news, a push by the US Senate toward more security, the emergence and threat of clon ...
Hack Naked News #183 - July 31, 2018
2 weeks agoThis week, hacking AOL style, DHS attempts to secure critical infrastructure, hacking for poison, ERP targeting, hacking 10,000 Wordpress sites, prisoners steal things, wiping your car and get paid to hack your printer. Ed Sattar from QuickStart joins us ...
SamSam: The (almost) $6 million ransomware
2 weeks agoNew research reveals that SamSam ransomware has affected far more victims, and raised far more ransom, than previously thought.
NSA hasn’t closed security windows Snowden climbed through
2 weeks agoOne of three problems found in an audit: two-person access controls haven't been properly implemented at data centers and equipment rooms.
Football team in trouble over unauthorized access to rivals’ videos
2 weeks agoAn investigation found that Braden River High football coaching staff got unauthorized access to rivals' practice and game video footage.
Leaky radio devices broadcast chipset data, discover researchers
2 weeks agoResearchers at EURECOM S3 Group found that they can extract crypto keys from a set of run-of-the-mill communications chips just by listening to the noise it makes.
Spectre chip weakness can be used to steal data remotely
2 weeks agoResearchers have found a new variant of the Spectre CPU flaw that shows how attackers could steal data remotely without having to run malicious code on a local system.
Cryptojacking for beginners – what you need to know
2 weeks agoCryptojacking has hit the headlines in recent months. But what is it? And do you need to be worried?
This Is Exciting - Business Security Weekly #94
2 weeks agoThis week, Paul is joined by Matt Alderman in the absence of Michael to talk about reducing the number of decisions that you have to make on any given day. In Tracking Security Innovation, we have updates from Tenable, Carbon Black, Sophos, and Imperva! F ...
ISC StormCast for Tuesday, July 31st 2018
2 weeks agoDOSFuscation Campaignhttps://isc.sans.
edu/forums/diary/Maliciou
s+Word+documents+using+DO
Sfuscation/23932/Let'
;s Encrypt Outagehttps://letsencrypt
.status.ioMalvertising Campaign Insideshttps://research.c
heckpoint.com/malvertisin
g-campaign-based-secrets-
lies ...
Risky Business #508 -- Special guest Greg Shipley of In-Q-Tel's Cyber Reboot
2 weeks agoOn this week’s show we hear from Greg Shipley. Greg works at an initiative spun up by In-Q-Tel called Cyber Reboot. Its goal is to develop open source tools that can push things forward in security – things the private sector aren’t doing. He’ll ...
Webinar – Navigating the Risks & Rewards of Evolution in the Automotive Industry
2 weeks ago– JOIN TRUSTEDSEC and MARSH ON September 12th, 2018 AT 2:00 PM EDT – The automotive industry is experiencing a level of change and innovation not seen since the introduction of the passenger car. While this sector has traditionally been dominated by ...
Prisoners exploit tablet vulnerability to steal nearly $225K
2 weeks ago364 of them hacked the JPay tablets they use for email, music and games and transferred money into their own accounts.
Social media rumors lead to PepsiCo lawsuit
2 weeks ago...so take down those 3,412 Facebook links, 20,244 Facebook posts, 242 YouTube videos, 6 Instagram links, and 562 tweets ... by court order.
Google bans Android miners from Play Store
2 weeks agoGoogle has cracked down on apps that mine for cryptocurrency, banning them entirely from its official Google Play Store.
Monday review – the hot 27 stories of the week
2 weeks agoFrom why your website is officially no longer secure and Whatsapp limiting messaging forward after lynchings to your guide to what sysadmins really mean, and more!
ISC StormCast for Monday, July 30th 2018
2 weeks agoSummary of Earchings in Recent Sextortion Attackhttps://isc.sans.ed
u/forums/diary/Sextortion
+Follow+the+Money/23922/A
dware Distributed with Legitimate Applicationshttps://www.b
leepingcomputer.com/news/
security/fake-websites-fo
r-keepass-7zip-audacity-o
ther ...
Risky Biz Soap Box: Zane Lackey of Signal Sciences talks DevOps
2 weeks agoWhat you’re about to hear is a long form interview with Zane Lackey, a former pentester turned director of security engineering for Etsy turned co-founder and CSO of Signal Sciences. Signal Sciences can be broadly, kinda described as “next generation ...
High Alcohol Content - Paul's Security Weekly #569
2 weeks agoThis week, Paul interviews Dean Coclin, Senior Director of Business Development at DigiCert! In our second feature interview, we welcome Chris Dale, Head of the Penetration Testing and Incident Handling at Netsecurity! In the Security News, Bluetooth bug ...
Your essential guide to what sysadmins really mean
2 weeks agoYou're a sysadmin and you're misunderstood, until now.
Google takes on Yubico with its own security key, Titan
2 weeks agoGoogle has increased its efforts to protect online accounts by releasing its own hardware-based security key.
“Simple trick” floors home security camera, gives anyone access
2 weeks agoAnybody with a common, free security tool could create a valid camera serial number and intercept somebody else's stream, researchers discover.
Help us bring a smile to a sysadmin’s dial…
2 weeks agoThere's a bit of poetry in everyone, so we're asking you to write an amusing limerick to celebrate #SysAdminDay... how hard can it be?
Our FREE #SysAdminDay gift means you need NEVER code in Python again!
2 weeks agoIt's 1337 times better than /dev/random, which means it will bring a smile to any sysadmin's face. (Warning: requires scissors.)
Nerves jangled by new ransomware attack on shipping giant
2 weeks agoThe US network of one of the world’s largest shipping companies, COSCO (China Ocean Shipping Company), has been hit by a disruptive ransomware attack.
Wyden urges government agencies to ditch Flash
2 weeks agoLet's not wind up with another Windows XP mess, he said, noting that there's been no public guidance in spite of Flash's looming death date.