Informations about SSL certificates and networks security
Auto Added by WPeMatico
WikiLeaks is still dumping CIA cyberweapons on the Internet. Its latest dump is something called “Pandemic”: The Pandemic leak does not explain what the CIA’s initial infection vector is, but does describe it as a persistent implant. “As the name suggests, a single computer on a local network with shared drives that is infected with … Read More “CIA’s Pandemic Toolkit” »
This is impressive: The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal. That signal is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung. By exploiting two known security flaws in the Web browsers running in the background, the attack was … Read More “Smart TV Hack via the Broadcast Signal” »
Interesting research: “A Study of MAC Address Randomization in Mobile Devices When it Fails“: Abstract: Media Access Control (MAC) address randomization is a privacy technique whereby mobile devices rotate through random hardware addresses in order to prevent observers from singling out their traffic or physical location from other nearby devices. Adoption of this technology, however, … Read More “Security Vulnerabilities in Mobile MAC Randomization” »
The Department of Justice is dropping all charges in a child-porn case rather than release the details of a hack against Tor. Powered by WPeMatico
There’s new malware toolkit that uses steganography to hide in images: For the past two months, a new exploit kit has been serving malicious code hidden in the pixels of banner ads via a malvertising campaign that has been active on several high profile websites. Discovered by security researchers from ESET, this new exploit kit … Read More “WWW Malware Hides in Images” »
A year and a half ago, I wrote about hardware bit-flipping attacks, which were then largely theoretical. Now, they can be used to root Android phones: The breakthrough has the potential to make millions of Android phones vulnerable, at least until a security fix is available, to a new form of attack that seizes control … Read More “Hardware Bit-Flipping Attacks in Practice” »
The National Security Agency is lying to us. We know that because of data stolen from an NSA server was dumped on the Internet. The agency is hoarding information about security vulnerabilities in the products you use, because it wants to use it to hack others’ computers. Those vulnerabilities aren’t being reported, and aren’t getting … Read More “The NSA Is Hoarding Vulnerabilities” »
The NSA was badly hacked in 2013, and we’re just now learning about it. A group of hackers called “The Shadow Brokers” claim to have hacked the NSA, and are posting data to prove it. The data is source code from “The Equation Group,” which is a sophisticated piece of malware exposed last year and … Read More “Major NSA/Equation Group Leak” »
This week, Kaspersky Labs published detailed information on what it calls the Equation Group — almost certainly the NSA — and its abilities to embed spyware deep inside computers, gaining pretty much total control of those computers while maintaining persistence in the face of reboots, operating system reinstalls, and commercial anti-virus products. The details are … Read More “The Equation Group's Sophisticated Hacking and Exploitation Tools” »