An interesting history. Powered by WPeMatico
Researchers have demonstrated using Intel’s Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX’s protected enclave: Malware Guard Extension: Using SGX to Conceal Cache Attacks Abstract:In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial … Read More “Using Intel's SGX to Attack Itself” »
CloudPets are an Internet-connected stuffed animals that allow children and parents to send each other voice messages. Last week, we learned that Spiral Toys had such poor security that it exposed 800,000 customer credentials, and two million audio recordings. As we’ve seen time and time again in the last couple of years, so-called “smart” devices … Read More “IoT Teddy Bear Leaked Personal Audio Recordings” »
Some good election security news for a change: France is dropping its plans for remote Internet voting, because it’s concerned about hacking. Powered by WPeMatico
I am part of this very interesting project: For many users, blog posts on how to install Signal, massive guides to protecting your digital privacy, and broad statements like “use Tor” — all offered in good faith and with the best of intentions — can be hard to understand or act upon. If we want … Read More “Digital Security Exchange: Security for High-Risk Communities” »
Brian Krebs posts a video advertisement for Philadelphia, a ransomware package that you can purchase. Powered by WPeMatico
Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration data that directly relate to tool functionality. Consideration should be made to also only de-obfuscating strings in-memory at the moment the data is needed. When a previously de-obfuscated value … Read More “The CIA's “Development Tradecraft DOs and DON'Ts”” »
The Department of Justice is dropping all charges in a child-porn case rather than release the details of a hack against Tor. Powered by WPeMatico
Here are some squid cooking tips. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Here’s a video interview I did at RSA on the Internet of Things and security. Powered by WPeMatico