Posts


Mar. 8, 2018

FBI again calls for magical solution to break into encrypted phones

FBI again calls for magical solution to break into encrypted phones

The FBI maintains an office, known as the National Domestic Communications Assistance Center (NDCAC), which actively provides technical assistance to local law enforcement in high-profile cases.   In its most recently published minutes from May 2017, the NDCAC said that one of its goals is to make commercial tools like those from Israeli data extraction company Cellebrite ‘more widely available’ to state and local law enforcement.

Mar. 8, 2018

Bitcoin falls 10 percent after SEC warns about unregulated exchanges

Bitcoin falls 10 percent after SEC warns about unregulated exchanges

So in recent months, the SEC has stepped up its enforcement activities, shutting down the most obviously fraudulent ICOs and warning the public that stricter regulations were likely to follow later. Now the feds appear to be getting ready to rein in cryptocurrency exchanges, an important part of the ICO ecosystem that has, until now, operated largely outside of the law.

Mar. 8, 2018

Statement on Potentially Unlawful Online Platforms for Trading Digital Assets (ICO)

Statement on Potentially Unlawful Online Platforms for Trading Digital Assets (ICO)

Online trading platforms have become a popular way investors can buy and sell digital assets, including coins and tokens offered and sold in so-called Initial Coin Offerings (‘ICOs’).   The platforms often claim to give investors the ability to quickly buy and sell digital assets.

  Many of these platforms bring buyers and sellers together in one place and offer investors access to automated systems that display priced orders, execute trades, and provide transaction data.

Mar. 8, 2018

Blockchain technology is on a collision course with EU privacy law

Blockchain technology is on a collision course with EU privacy law

The bloc’s General Data Protection law, which will come into effect in a few months’ time, says people must be able to demand that their personal data is rectified or deleted under many circumstances. A blockchain is essentially a growing, shared record of past activity that’s distributed across many computers, and the whole point is that this chain of transactions (or other fragments of information) is in practice unchangeable – this is what ensures the reliability of the information stored in the blockchain.

Mar. 8, 2018

Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution

Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.

Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploitation could result in a denial-of-service condition.

Mar. 7, 2018

Here’s a Leaked Brochure for New Spyware Company ‘Grey Heron’

Here’s a Leaked Brochure for New Spyware Company ‘Grey Heron’

The government malware market is beyond saturated at this point, with myriad companies looking to sell mobile phone and computer monitoring software to authorities around the world, but still more firms are jumping into the industry.

Source: vice.com

Mar. 7, 2018

An Energy War in the Balkans Has Slowed Europe’s Electric Clocks by 5 Minutes

An Energy War in the Balkans Has Slowed Europe’s Electric Clocks by 5 Minutes

On Saturday, the European Network of Transmission System Operators for Electricity (ENTSOE) put out a statement claiming that the Continental European Power System, an electric grid linking 25 European countries, has experienced a shortage of power supply since mid-January. This power supply shortage has caused all the non-quartz electric clocks in Europe to slow down by almost six minutes over the past month and a half.

Mar. 7, 2018

Leaked NSA Tool ‘Territorial Dispute’ Reveals the Agency’s List of Enemy Hackers

Leaked NSA Tool ‘Territorial Dispute’ Reveals the Agency’s List of Enemy Hackers

Over the last year, Hungarian security researcher Boldizsár Bencsáth has remained fixated by one of the less-examined tools revealed in that disemboweling of America’s elite hacking agency: A piece of NSA software, called ‘Territorial Dispute,’ appears to have been designed to detect the malware of other nation-state hacker groups on a target computer that the NSA had penetrated. Bencsáth believes that specialized antivirus tool was intended not to remove other spies’ malware from the victim machine, but to warn the NSA’s hackers of an adversary’s presence, giving them a chance to pull back rather than potentially reveal their tricks to an enemy.

Mar. 7, 2018

Exim Off-By-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing

Exim Off-By-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing

We reported an overflow vulnerability in the base64 decode function of Exim on 5 February, 2018, identified as CVE-2018-6789. This bug exists since the first commit of exim, hence ALL versions are affected. According to our research, it can be leveraged to gain Pre-auth Remote Code Execution and at least 400k servers are at risk.

Patched version 4.90.1 is already released and we suggest to upgrade exim immediately.

Mar. 7, 2018

RCE flaw in Exim MTA affects half of the email servers online

RCE flaw in Exim MTA affects half of the email servers online

A critical remote code vulnerability in the Exim mail transfer agent (MTA), tracked as CVE-2018-6789, affects most of the email servers online. It has been estimated that as in March 2017, the total number of Internet’s email servers running Exim was over 560,000, that corresponds to 56% of all Mail (MX) Server online.

Source: securityaffairs.co

Mar. 7, 2018

Clocks in Europe are slowly deviating because of an energy war in the Balkans

![Clocks in Europe are slowly deviating because of an energy war in the Balkans](https://www.entsoe.eu/Style Library/EntsoePublishingBranding/Images/favicon.ico?rev=23)

​​The Continental European (CE) Power System -a large synchronized area stretching from Spain to Turkey and from Poland to Netherlands; encompassing 25 countries- is experiencing a continuous system frequency deviation from the mean value of 50 Hz, and this since mid of January 2018. The power deviations are originating from the control area called Serbia, Macedonia, Montenegro (SMM block) and specifically Kosovo and Serbia.

Mar. 7, 2018

How Hackers Bypassed an Adobe Flash Protection Mechanism

How Hackers Bypassed an Adobe Flash Protection Mechanism

The number of Flash Player exploits has recently declined, due to Adobe’s introduction of various measures to strengthen Flash’s security. Occasionally, however, an exploit still arises. On January 31, Kr-Cert reported a zero-day vulnerability, identified as CVE-2018-4878, being exploited in the field.

(Adobe has released an update to fix this flaw.) We analyzed this vulnerability and found that it bypassed the byte array mitigation feature that was introduced to prevent “length corruption” attacks in Flash. This post will focus on how the exploit bypasses the length checks.

Mar. 7, 2018

Leaked Files Show How NSA Tracks Other Countries’ Hackers

Leaked Files Show How NSA Tracks Other Countries’ Hackers

When the mysterious entity known as the “Shadow Brokers” released a tranche of stolen NSA hacking tools to the internet a year ago, most experts who studied the material homed in on the most potent tools, so-called zero-day exploits that could be used to install malware and take over machines. But a group of Hungarian security researchers spotted something else in the data, a collection of scripts and scanning tools that the National Security Agency uses to detect other nation-state hackers on the machines it infects.

Mar. 7, 2018

Serious code-execution vulnerability in Exim

Serious code-execution vulnerability in Exim

The Devcore researchers said as many as 400,000 servers are at risk. Queries on the Shodan computer search engine identified a large number of servers that reported running vulnerable versions. The developers published a fix with version 4.90.1, which was released on February 10.

Any organization that uses Exim should ensure it’s using the latest version.

Source: arstechnica.com

Mar. 7, 2018

Fraudsters Jailed for £37m Copycat Website Scam

Fraudsters Jailed for £37m Copycat Website Scam

National Trading Standards said that the defendants set up copycat websites between January 2011 and November 2014 that mimicked government services such as applying for or renewing passports, visas, birth or death certificates, driving licences and tests, car tax discs and the London Congestion Charge.

Source: bbc.com

Mar. 7, 2018

FBI’s Use of Paid Best Buy Informants Goes Deeper Than We Knew

FBI’s Use of Paid Best Buy Informants Goes Deeper Than We Knew

The existence of the Geek Squad informants was first revealed via the prosecution of a California doctor named Mark Rettenmaier. After Rettenmaier sent his computer to Geek Squad for repair in 2011, technicians working out of a massive Kentucky repair shop discovered thousands of images depicting child abuse on Rettenmaier’s device. Court filings later revealed that there were “eight FBI informants at Geek Squad City,” and a number had received $500 to $1,000 payments in exchange for acting as confidential sources.

Mar. 7, 2018

What Is Your Bank’s Security Banking On?

What Is Your Bank’s Security Banking On?

A large number of banks, credit unions and other financial institutions just pushed customers onto new e-banking platforms that asked them to reset their account passwords by entering a username plus some other static identifier — such as the first six digits of their Social Security number (SSN), or a mix of partial SSN, date of birth and surname. Here’s a closer look at what may be going on (spoiler: small, regional banks and credit unions have grown far too reliant on the whims of just a few major online banking platform providers).

Mar. 7, 2018

One Single Malicious Vehicle Can Block ‘Smart’ Street Intersections in the US

One Single Malicious Vehicle Can Block ‘Smart’ Street Intersections in the US

Academics from the University of Michigan have shown that one single malicious car could trick US-based smart traffic control systems into believing an intersection is full and force the traffic control algorithm to alter its normal behavior, and indirectly cause traffic slowdowns and even block street intersections.

Source: bleepingcomputer.com

Mar. 7, 2018

A Former Apple Security Engineer’s Company Will Unlock Your iPhone X—for $15,000

A Former Apple Security Engineer’s Company Will Unlock Your iPhone X—for $15,000

The company, called Grayshift, has released marketing materials to police and forensics organizations promising to unlock iPhones with its GrayKey tool, according to Forbes, which obtained a copy of those materials. GrayKey will cost law enforcement $15,000 for 300 uses. Those that want to be able to unlock iPhones an unlimited number of times will need to pay $30,000.

Mar. 7, 2018

Do your voting machines connect to the Internet, US senator asks CEO

Do your voting machines connect to the Internet, US senator asks CEO

Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined ‘The Myth of the Hacker-Proof Voting Machine.’ The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet.

Source: arstechnica.com