News
Obligatory follow-up on WannaCry
I'll try to keep it short :-)
- It turns out that it's mostly Windows 7 systems that are infected, not XP.
- There are currently two solutions that might help to decrypt WannaCry infections.
- Microsoft looks back on what happened and argues for a more responsible zero-day disclosure policy from intelligence agencies.
- Another worm was found that stitches together no less than 7 NSA exploits.
- Quite a few companies are stockpiling Bitcoins in case they become victims of ransomware.
Several media players vulnerable to exploitation by subtitles
VLC, Kodi and Popcorn Time, among others, can be exploited by using malicious subtitles. The video in the article shows it in action. Make sure your player is on the latest version.
Stealing Windows login credentials via Google Chrome and SCF files
A crafty attack has you clicking to download a SCF file, which by default gets auto-downloaded by Chrome. It will then establish a connection to a remote SMB server under control of the attacker, sending with it its hashed password.
New security features in Android O
Google announced a set of security improvements for Android O. Most important of which are Project Treble, which strives for faster patching, and Google Play Protect, which this article explains better.
Handbrake hijack leads to theft of source code for Panic apps
Panic develops Mac apps like Transmit and Coda. Its co-founder happen to install an infected Handbrake instance, after which the attacker stole parts of Panic's source code and tried to blackmail them.
A look into Unit 180, North Korea's cyber warfare group
Reuters writes an article discussing Unit 180, how it's organised and what kind of missions it takes on.
How Stack Overflow switched to HTTPS by default
Stack Overflow is switching to full-HTTPS. This very, very long post describes how they did it. There is a -lot- of knowledge packed into this one.
What to know about the EU's General Data Protection Regulation (GDPR)
By this time next year, all companies that do business in the EU need to be 'GDPR compliant'. Sophos gives a very helpful overview on what that entails.
How the Macron team fought off Russian hackers during French election
A fascinating look by the New York Times at how the tech team behind Macron prepared for Russian hacking attempts.