NetSec
  corner   



HOME

LINUX

CYBERLAW

VIRTUALIZATION

Bugtraq

Packetstorm

FD

GrokLaw


RSS Feed


Netsec, comsec, infosec and IA news, research and trends

 

11.28.2018

 
Widely Used JavaScript Library Had a Backdoor to Steal Bitcoin from Zach



10.05.2018

 
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Supply chain issues are coming home to roost.



10.02.2018

 
One Small Step for the Web... from Zachary



9.28.2018

 
APT28 Uses LoJax, First UEFI Rootkit Seen in the Wild from Kendall



9.25.2018

 
Palo Alto Networks' Fuel User Group has a free online test lab from which one can sign up for free 4 hour time slots to go in and play with their equipment.



8.28.2018

 
The Untold Story of NotPetya, the Most Devastating Cyberattack in History from Red



6.02.2018

 
"Web of Profit" report detailing the cybercrime landscape



5.24.2018

 
Nist List - Search for forensic tools by functionality



5.23.2018

 
VPNfilter malware is sowing chaos



5.08.2018

 
Similar to the GeeWhiz's post regarding quad 1 below, a different service by the name of "Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against IBM X-Force threat intelligence that includes 800+ terabytes of threat intelligence data including 40B+ analyzed web pages and images and 17 million spam and phishing attacks monitored daily"



4.28.2018

 
Internet Exposure, Flaws Put Industrial Safety Controllers at Risk of Attacks



4.11.2018

 
Cloudflare is hosting DNS over TLS and HTTPS at 1.1.1.1 and 1.0.0.1

 
2018 Verizon Data Breach Investigations Report

 
This is an interesting article that relates to HIPAA and the safeguarding of PHI. I actually worked on solving this problem with my current employer a couple years ago and something missing from this article is, why is this happening?

It could be explained as a complex relationship web of conflicting goals between the business units (hospital departments), the network management folks and network security, while this is all true in most cases it is much simpler. The hospitals are (almost) required to network certain devices and medical devices have strict certification requirements (translation: is it expensive, for a device manufacturer, to get a device through certification, therefore, they don't want to change the device). In most devices, any change no matter how minuscule (like a security patch) requires a complete recertification of the device.

There is still no excuse to have any external exposure of medical IOT devices. This is really a network security gap and considering the continually increasing risk factors that unpatched systems are posing, the network teams must work harder to ensure the protection of patient PHI.

https://www.cyberscoop.com/trend-micro-challenges-in-securing-connected-hospitals/




4.09.2018

 
Stealing Credit Cards from FUZE via Bluetooth from Lee



3.22.2018

 
https://iotscanner.bullguard.com/ Bullguard has a free online scanner that will scan your network edge to see if your IOT toaster is reachable from the outside. If so, you can bet https://shodan.io has already grabbed its banner. Speaking of which, if anyone has a pcap file for an IOT toaster, I would love to get my hands on it! Thanks.

 
https://securityplanner.org "Security Planner is an easy-to-use guide with expert-reviewed advice for staying safer online. It provides recommendations on implementing basic online practices, like enabling two-factor authentication on important accounts, making sure software stays updated, and using encrypted chats to protect private communications. More advanced users can receive advice on where to go for more help." This site interactively guides the user through a few questions related to the technologies used, the user's security concerns, and the user's desire for more specific information related to security. It then provides a list of general recommendations along with more detailed information should the user want to dig further. Its very "approachable" and provides good top level recommendations for users who may not be very technically savvy.

 
https://any.run/ AnyRun is an online malware sandbox where you can open files, urls, code, etc and run these inside of a virtual machine to see what happens. They have a limited free version which gives you a full two minutes to play in a somewhat limited but useful VM. It's come in handy a few times for me when I wanted to explode something safely off of my network.



3.03.2018

 
Trustico revokes 23,000 SSL certificates due to compromise from Lee



2.22.2018

 
MeltdownPrime and SpectrePrime: Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols from Lee



2.17.2018

 
For Russia, Unraveling US Democracy Was Just Another Day Job - Influence operations occur and surround everyone in the Internet age nonstop. People want others to "pay" attention and are willing to spend money to make this happen. Inspired by a story sent by Kendall.



2.04.2018

 
Quantum Computers Pose Imminent Threat to Bitcoin Security from Sam



1.22.2018

 
Trisis has mistakenly been released on the open internet from Lee



1.04.2018

 
Apple 0-day - Happy New year! More from the source.



11.16.2017

 
Bruce Schneier on the Equifax Breach from Joel

 
IBM, Packet Clearing House and Global Cyber Alliance Collaborate to Protect Businesses and Consumers from Internet Threats



11.06.2017

 
OceanLotus Blossoms: Mass Digital Surveillance and Attacks Targeting ASEAN, Asian Nations, the Media, Human Rights Groups, and Civil Society



10.21.2017

 
$1000 in mobile ads is sufficient to track a person's location.



10.16.2017

 
Serious flaw in WPA2 protocol lets attackers intercept passwords and much more



9.19.2017

 
Details emerging on Apple's FaceID



9.16.2017

 
Failure to patch two-month-old bug led to massive Equifax breach



9.13.2017

 
Billions of devices imperiled by new clickless Bluetooth attack

 
Bypassing Self-Encrypting Drives (SED) in Enterprise Environments



9.07.2017

 
Chip Whisperer - NewAE Technology Inc. AES-256 Is Not Enough.™



9.05.2017

 
Georgia Tech Launches Facility for Remote Users to Control Robot Swarms



8.04.2017

 
He Won Praise for Halting a Global Cyberattack. Then He Was Arrested.



6.20.2017

 
The Stack Clash is a vulnerability in the memory management of several operating systems. It affects Linux, OpenBSD, NetBSD, FreeBSD and Solaris, on i386 and amd64. It can be exploited by attackers to corrupt memory and execute arbitrary code. From Alex.





This page is powered by Blogger.


Site Meter Locations of visitors to this page