Anuncia Google CTF 2017 !!
https://security.googleblog.com/2017/06/announcing-google-capture-flag-2017.html
https://security.googleblog.com/2017/06/announcing-google-capture-flag-2017.html
Google Online Security Blog
Announcing Google Capture the Flag 2017
Posted by Josh Armour Security Program Manager On 00:00:01 UTC of June 17th and 18th, 2017 we’ll be hosting the online qualification round...
Keep your mind in gear over break! We’ve just posted the summer’s first #CryptoChallenge puzzle!
https://www.facebook.com/NSACareers/app/1541913382708799/
https://www.facebook.com/NSACareers/app/1541913382708799/
Facebook
NSA - National Security Agency
NSA - National Security Agency. 377k likes. NSA hires top talent in science, technology, engineering, mathematics, language and more. Find your opportunity at IntelligenceCareers.gov/NSA.
++++++++++++++++++++++++
Command line utility for searching and downloading exploits
++++++++++++++++++++++++
Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB, Metasploit, Packetstorm and others. The most powerful feature is immediate exploit source download right in your working path.
# git clone https://github.com/vulnersCom/getsploit
# cd getsploit
# ./getsploit.py wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
—— ++++++ ——
https://github.com/vulnersCom/getsploit
Command line utility for searching and downloading exploits
++++++++++++++++++++++++
Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB, Metasploit, Packetstorm and others. The most powerful feature is immediate exploit source download right in your working path.
# git clone https://github.com/vulnersCom/getsploit
# cd getsploit
# ./getsploit.py wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
—— ++++++ ——
https://github.com/vulnersCom/getsploit
NSA report on #APT28 (?) election hack efforts, from @theintercept
https://www.documentcloud.org/documents/3766950-NSA-Report-on-Russia-Spearphishing.html#document/p1
https://www.documentcloud.org/documents/3766950-NSA-Report-on-Russia-Spearphishing.html#document/p1
How the New Suspected NSA Leaker Reality Winner Was Caught
https://motherboard.vice.com/en_us/article/nsa-suspected-leaker-reality-leigh-winner-caught
https://motherboard.vice.com/en_us/article/nsa-suspected-leaker-reality-leigh-winner-caught
First Quantum-Secured Blockchain Technology Tested in Moscow
Quantum computers pose a significant security threat to cryptocurrencies such as Bitcoin. Now a team of Russian scientists has worked out how to secure blockchains using quantum mechanics.
https://www.technologyreview.com/s/608041/first-quantum-secured-blockchain-technology-tested-in-moscow/
Quantum computers pose a significant security threat to cryptocurrencies such as Bitcoin. Now a team of Russian scientists has worked out how to secure blockchains using quantum mechanics.
https://www.technologyreview.com/s/608041/first-quantum-secured-blockchain-technology-tested-in-moscow/
Japanese cops arrest their first ransomware-slinging menace – er, a 14-year-old school boy
https://www.theregister.co.uk/2017/06/06/cops_cuff_ransomware_maker_after_school/
https://www.theregister.co.uk/2017/06/06/cops_cuff_ransomware_maker_after_school/
www.theregister.co.uk
Japanese cops arrest their first ransomware-slinging menace – er, a 14-year-old school boy
Bet his mum's going to be livid
La agencia de seguridad más importante de EEUU fue burlada por una joven de 25 años
Una contratista del área de inteligencia de los Estados Unidos, ha sido acusado de filtrar a una organización de noticias información clasificada de la Agencia de Seguridad Nacional (NSA, por sus siglas en inglés) sobre la interferencia de Rusia en las elecciones presidenciales.
Esta mañana el Departamento de Justicia anunció que detuvo a Reality Leigh, una joven de 25 años, que trabajaba en la empresa Pluribus International y había sido contratada para trabajar en las instalaciones de la NSA en Georgia desde el pasado mes de febrero.
https://news.vice.com/es/article/agencia-seguridad-mas-importante-eeuu-burlada-joven-25-anos
Una contratista del área de inteligencia de los Estados Unidos, ha sido acusado de filtrar a una organización de noticias información clasificada de la Agencia de Seguridad Nacional (NSA, por sus siglas en inglés) sobre la interferencia de Rusia en las elecciones presidenciales.
Esta mañana el Departamento de Justicia anunció que detuvo a Reality Leigh, una joven de 25 años, que trabajaba en la empresa Pluribus International y había sido contratada para trabajar en las instalaciones de la NSA en Georgia desde el pasado mes de febrero.
https://news.vice.com/es/article/agencia-seguridad-mas-importante-eeuu-burlada-joven-25-anos
How The Intercept Outed Reality Winner
Today, The Intercept released documents on election tampering from an NSA leaker. Later, the arrest warrant request for an NSA contractor named "Reality Winner" was published, showing how they tracked her down because she had printed out the documents and sent them to The Intercept. The document posted by the Intercept isn't the original PDF file, but a PDF containing the pictures of the printed version that was then later scanned in.
The problem is that most new printers print nearly invisibly yellow dots that track down exactly when and where documents, any document, is printed. Because the NSA logs all printing jobs on its printers, it can use this to match up precisely who printed the document.
In this post, I show how.
You can download the document from the original article here. You can then open it in a PDF viewer, such as the normal "Preview" app on macOS. Zoom into some whitespace on the document, and take a screenshot of this. On macOS, hit [Command-Shift-3] to take a screenshot of a window. There are yellow dots in this image, but you can barely see them, especially if your screen is dirty.
http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html
Today, The Intercept released documents on election tampering from an NSA leaker. Later, the arrest warrant request for an NSA contractor named "Reality Winner" was published, showing how they tracked her down because she had printed out the documents and sent them to The Intercept. The document posted by the Intercept isn't the original PDF file, but a PDF containing the pictures of the printed version that was then later scanned in.
The problem is that most new printers print nearly invisibly yellow dots that track down exactly when and where documents, any document, is printed. Because the NSA logs all printing jobs on its printers, it can use this to match up precisely who printed the document.
In this post, I show how.
You can download the document from the original article here. You can then open it in a PDF viewer, such as the normal "Preview" app on macOS. Zoom into some whitespace on the document, and take a screenshot of this. On macOS, hit [Command-Shift-3] to take a screenshot of a window. There are yellow dots in this image, but you can barely see them, especially if your screen is dirty.
http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html
EXPOSING CORDLESS PHONE SECURITY WITH A HACKRF
Over on YouTube user Corrosive has been uploading some videos that explore cordless phone security with a HackRF. In his first video Corrosive shows how he’s able to use a HackRF to capture and then replay the pager tones (handset finding feature) for a very cheap VTech 5.8 Gigahertz cordless phone. He uses the Universal Radio Hacker software in Windows.
https://www.youtube.com/watch?v=7CoPUsSglT4
Over on YouTube user Corrosive has been uploading some videos that explore cordless phone security with a HackRF. In his first video Corrosive shows how he’s able to use a HackRF to capture and then replay the pager tones (handset finding feature) for a very cheap VTech 5.8 Gigahertz cordless phone. He uses the Universal Radio Hacker software in Windows.
https://www.youtube.com/watch?v=7CoPUsSglT4
YouTube
vTech 5.8GHz Phone Paged by HackRF
Using a hack RF I captured and then replay it the pager tones for a vTech 5.8 gigahertz cordless phone Install your SDR from drivers to basic operation tutor...
Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls
Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.
Because of the way the Intel AMT SOL technology works, SOL traffic bypasses the local computer's networking stack, so local firewalls or security products won't be able to detect or block the malware while it's exfiltrating data from infected hosts.
https://www.bleepingcomputer.com/news/security/malware-uses-obscure-intel-cpu-feature-to-steal-data-and-avoid-firewalls/
Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.
Because of the way the Intel AMT SOL technology works, SOL traffic bypasses the local computer's networking stack, so local firewalls or security products won't be able to detect or block the malware while it's exfiltrating data from infected hosts.
https://www.bleepingcomputer.com/news/security/malware-uses-obscure-intel-cpu-feature-to-steal-data-and-avoid-firewalls/
BleepingComputer
Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls
Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.
Details about PLATINUM's targets and attacks are available in a report Microsoft released yesterday.
http://download.microsoft.com/download/2/2/5/225BFE3E-E1DE-4F5B-A77B-71200928D209/Platinum%20feature%20article%20-%20Targeted%20attacks%20in%20South%20and%20Southeast%20Asia%20April%202016.pdf
http://download.microsoft.com/download/2/2/5/225BFE3E-E1DE-4F5B-A77B-71200928D209/Platinum%20feature%20article%20-%20Targeted%20attacks%20in%20South%20and%20Southeast%20Asia%20April%202016.pdf
Spoofing caller-ID is easy with VoLTE (Voice over LTE) tempering with SIP headers, no check whatsoever 😱 #SSTIC
Leaking CellID (geolocation) and IMEI of VoLTE subscribers with a single SIP INVITE request #Privacy
Node.fz: fuzzing the server-side event-driven architecture
Node.fz: Fuzzing the server-side event-driven architecture Davis et al., EuroSys’17
This paper provides a fascinating look at common causes of concurrency bugs in server-side event driven architecture (EDA) based applications. By far the most popular framework supporting this style is Node.js of course.
"The Node.js package ecosystem, npm, is the largest ever, with over 400,000 packages and over 1.75 billion package downloads per week. Node.js has been deployed in industry, including at eBay, PayPal, and LinkedIn, and is also being embraced on IoT platforms including Cylon.js and IBM’s Node-Red."
https://blog.acolyer.org/2017/06/09/node-fz-fuzzing-the-server-side-event-driven-architecture/
Node.fz: Fuzzing the server-side event-driven architecture Davis et al., EuroSys’17
This paper provides a fascinating look at common causes of concurrency bugs in server-side event driven architecture (EDA) based applications. By far the most popular framework supporting this style is Node.js of course.
"The Node.js package ecosystem, npm, is the largest ever, with over 400,000 packages and over 1.75 billion package downloads per week. Node.js has been deployed in industry, including at eBay, PayPal, and LinkedIn, and is also being embraced on IoT platforms including Cylon.js and IBM’s Node-Red."
https://blog.acolyer.org/2017/06/09/node-fz-fuzzing-the-server-side-event-driven-architecture/