NetSec
  corner   



HOME

LINUX

CYBERLAW

VIRTUALIZATION

Bugtraq

Packetstorm

FD

GrokLaw


RSS Feed


Netsec, comsec, infosec and IA news, research and trends

 

1.14.2020

 
Exploit Fully Breaks SHA-1, Lowers the Attack Bar from Red. We've known about SHA-1's wobbliness for some time. Previously, researchers had reduced the attack complexity to 2^64 from what should have nominally been 2^80 operations. Under this attack scenario, it will take 2648718071565183277.290096774912 cryptographic operations as opposed to 29966824157681538847.454306951413 operations. This is roughly a 10-fold increase, which is significant, but the headline "fully breaks" is an exaggeration. Virtually all crypto is subject to both brute force and statistical attacks, it is simply a matter of work. That said, SHA-1 has largely been retired from use going forward. According to wikipedia, all major browsers stopped accepting SHA-1 signed certificates in 2017.



11.15.2019

 
Federal Court Rules Suspicionless Searches of Travelers’ Phones and Laptops Unconstitutional

 
Hong Kong protesters using Bluetooth Bridgefy app - Wireless mesh networking is the future.



11.04.2019

 
Fog, Edge, Mist computing complement the cloud.



10.08.2019

 
There’s a scary new reason not to borrow a stranger’s iPhone cable from Keith



9.25.2019

 
Google’s ‘Quantum Supremacy’ Isn’t the End of Encryption from Christopher



7.31.2019

 
RUNNING A TESLA MODEL 3 ON AUTOPILOT OFF THE ROAD WITH GPS SPOOFING from Kyle



7.16.2019

 
Dragonblood: A Security Analysis of WPA3’s SAE Handshake from Kyle



7.03.2019

 

https://www.zdnet.com/article/us-cyber-command-issues-alert-about-hackers-exploiting-outlook-vulnerability/



6.13.2019

 

https://arstechnica.com/information-technology/2019/06/if-you-havent-patched-vim-or-neovim-text-editors-you-really-really-should/



6.01.2019

 
https://www.hackread.com/hackers-steal-source-code-of-top-anti-virus-firms/

 
https://www.zdnet.com/google-amp/article/new-hiddenwasp-malware-found-targeting-linux-systems/



5.29.2019

 
Germany demands an end to working cryptography

 
Microsoft Patches ‘Wormable’ RDP Flaw in Windows XP, 7 and Windows 2003



5.11.2019

 
The U.S. Government Can’t Force You To Unlock Your Phone With Your Fingerprint, Another Judge Rules from Red



4.10.2019

 
SAS 2019: Triton ICS Malware Hits A Second Victim

 
SAS 2019: Meet ‘TajMahal,’ A New and Highly Advanced APT Framework



3.25.2019

 
https://boingboing.net/2019/03/25/asus-unwittingly-pushed-malwar.html



3.20.2019

 

 
SSH client PuTTY contained serious key exchange flaw



3.12.2019

 
https://www.bleepingcomputer.com/news/security/malware-spreads-as-a-worm-uses-cryptojacking-module-to-mine-for-monero/



3.03.2019

 
https://www.zdnet.com/article/hackers-have-started-attacks-on-cisco-rv110-rv130-and-rv215-routers/



2.27.2019

 
WinRAR Flaw Being Actively Used To Load Malware In Windows PCs from Randall



2.17.2019

 
New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info from Randall

 
Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection from Randall



2.04.2019

 
This malware can steal passwords, credit card info in Chrome, Safari from Randall



1.29.2019

 
Europol Now Going After People Who Bought DDoS-for-Hire Services

 
Feds Dismantle xDedic Dark Web Credentials Market



1.28.2019

 
Hackers are going after Cisco RV320/RV325 routers using a new exploit from Randall



1.20.2019

 
Linux-Targeting Cryptojacking Malware Disables Cloud-Based Security Measures: Report from Randall

 
Windows Torrent File Malware Can Swap Out Crypto Addresses, Researcher Warns from Randall



1.15.2019

 
‘The Age of Surveillance Capitalism’ Review: The New Big Brother

 
US judge rules that feds can't force fingerprint or face phone unlocks from Red



1.09.2019

 
Towards Improving CVSS



11.28.2018

 
Widely Used JavaScript Library Had a Backdoor to Steal Bitcoin from Zach



10.05.2018

 
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Supply chain issues are coming home to roost.



10.02.2018

 
One Small Step for the Web... from Zachary



9.28.2018

 
APT28 Uses LoJax, First UEFI Rootkit Seen in the Wild from Kendall



9.25.2018

 
Palo Alto Networks' Fuel User Group has a free online test lab from which one can sign up for free 4 hour time slots to go in and play with their equipment.



8.28.2018

 
The Untold Story of NotPetya, the Most Devastating Cyberattack in History from Red





This page is powered by Blogger.


Site Meter Locations of visitors to this page