Mar. 2, 2018
Behind an abandoned military facility 40 miles northwest of Oslo, Norway built a surveillance base in close collaboration with the National Security Agency. Its bright, white satellite dishes, some of them 60 feet in diameter, stand out against the backdrop of pine-covered hills and red-roofed buildings that scatter the area.
Source: theintercept.com
Mar. 2, 2018
On Wednesday, at about 12:15 pm ET, 1.35 terabits per second of traffic hit the developer platform GitHub all at once. It was the most powerful distributed denial of service attack recorded to date—and it used an increasingly popular DDoS method, no botnet required.
Source: wired.com
Mar. 2, 2018
On Wednesday, February 28, 2018 GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to a distributed denial-of-service (DDoS) attack. We understand how much you rely on GitHub and we know the availability of our service is of critical importance to our users. To note, at no point was the confidentiality or integrity of your data at risk.
Mar. 2, 2018
Data exposure reports have reached a dizzying pace in the past few months, and the security community has been focused on the risk from multiple angles. Now, a new study from HTTPCS gives us new insight into rates of vulnerable S3 configurations.
Source: tripwire.com
Mar. 2, 2018
A major dust-up on an Internet discussion forum is touching off troubling questions about the security of some browser-trusted HTTPS certificates when it revealed the CEO of a certificate reseller emailed a partner the sensitive private keys for 23,000 TLS certificates.
Source: arstechnica.com
Mar. 2, 2018
On Jan. 15, FBI agents arrested Jerry Chun Shing Lee, a former CIA case officer, and charged him with unlawful retention of classified information. Lee is the sixth person charged by the Justice Department in the past two years for espionage-related offenses suspected to have been conducted on behalf of the People’s Republic of China. By comparison, prior to 2015, only one or two people on average per year were arrested for such offenses.
Mar. 2, 2018
According to a Wednesday statement released by the San Diego County Sheriff’s Department, the unnamed 14-year-old boy posted a picture around 10pm Tuesday evening on Instagram with the message, ‘Don’t come to school tomorrow.’ Another student asked him to take the image down, but he refused.
Source: arstechnica.com
Mar. 1, 2018
The latest zero-day threat to be discovered by Wandera’s mobile threat research team is RedDrop, a family of mobile malware inflicting financial cost and critical data loss on infected devices.
Source: wandera.com
Mar. 1, 2018
According to cybersecurity firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month.
Victims who fall for the ploy could ultimately hand over control of their systems to an attacker, according to researchers.
Mar. 1, 2018
If the system flags anything suspicious – a large purchase of fertilizer, perhaps, or stockpiles of food considered a marker of terrorism – it notifies police, who are expected to respond the same day and act according to what they find. ‘Who ought to be taken, should be taken,’ says a work report located by the rights organization.
Source: theglobeandmail.com
Mar. 1, 2018
Facebook recently expanded its face recognition features—and you may have opted in without even realizing it.
Source: wired.com
Mar. 1, 2018
Duo found that buggy SAML libraries would read the NameID string in various ways, sometimes as [email protected] (treating the comment as a terminator for the data field), and sometimes as [email protected] (simply treating the comment as it it were not there at all).
Source: sophos.com
Mar. 1, 2018
In this new lawsuit, Wright is accused of effectively swindling Dave Kleiman’s estate—his brother Ira Kleiman is the one who has filed the case—out of a massive cache of bitcoins that today are worth more than $5 billion.
Source: arstechnica.com
Mar. 1, 2018
In part one of this series, Encryption 101: a malware analyst’s primer, we introduced some of the basic encryption concepts used in malware. If you haven’t read it, we suggest going back for a review, as it’s necessary in order to be able to fully follow part two, our case study. In this study, we will be reviewing the encryption of the ransomware ShiOne line by line.
Mar. 1, 2018
Welcome to the cat surveillance state.
Source: vice.com
Mar. 1, 2018
Talos has identified two different versions of a RAT, otherwise known as a remote access trojan, that has been written entirely in Python and is wrapped into a standalone executable. The RAT is impacting users of a Brazilian public sector management school.
Source: talosintelligence.com
Mar. 1, 2018
Unauthorized mobile phone number porting is not a new problem, but T-Mobile said it began alerting customers about it earlier this month because the company has seen a recent uptick in fraudulent requests to have customer phone numbers ported over to another mobile provider’s network.
Source: krebsonsecurity.com
Mar. 1, 2018
Wandera, a mobile security firm which spotted weaknesses in the CBS Sports app and mobile site back in 2016, uncovered the malware when a user clicked on an ad for the Chinese search engine Baidu. Their action redirected them to huxiawang[dot]cn, a distribution site which contains landing pages encouraging users to download one of 53 apps tainted by RedDrop. Those affected programs claim to help users learn a new language or dive into space exploration, for example, with engaging functionality.
Mar. 1, 2018
China censored the letter N from its internet for at least a day. The ban came as China cracked down on online discussion over the Chinese Communist Party’s proposal to scrap presidential term limits. Abolishing term limits would allow President Xi Jinping to rule indefinitely.
It’s not entirely clear why the government targeted N, but we have a few theories.
Mar. 1, 2018
A deep analysis of the Mobef ransomware revealed that it implements a number of functionalities, such as the capability to encrypt files, not only on the local drive but also on removable drives and network shares.
Source: securityaffairs.co