Issue 32

Let's Encrypt milestone: 100 million certificates issued

Quite amazing in just 19 months time. Also, in that same timespan the percentage of page loads over HTTPS across the Web has gone from 40% to 58%.

letsencrypt.org

 

Systemd flaw allows for arbitrary code execution

Systemd-resolved provides network name resolution and could be exploited by a malicious DNS server with a specially crafted TCP packet. Ubuntu, Fedora, Arch and some others are affected. Updates are available.

thenewstack.io

 

Microsoft bringing EMET back as a built-in part of Windows 10

EMET stands for Enhanced Mitigation Experience Toolkit, a tool that aims to make vulnerabilities harder to exploit.
Related, Windows 10 Fall Creators Update will also include protected folders to try and fight ransomware.

arstechnica.com

 

U.S. Senate committee wants to ban Kaspersky products from the Department of Defense

They suspect that Kaspersky is under influence of the Russian government, although no evidence has been shown so far.
Kaspersky's founder, Eugene Kaspersky, is willing to open it's source code to the US for review to show he has nothing to hide.

grahamcluley.com

 

8tracks Internet radio service hacked: account information on 18 million users stolen

They say it wasn't their network that was breached. Rather it was an employee's Github account that was hacked, which had access to a system that made backups of the user database.

tripwire.com

 

Azure AD Connect vulnerability allows attackers to reset admin passwords

Azure AD Connect allows a company to hook up existing Active Directory infrastructure to Azure. If you use this service you'll have to update to the latest version of Connect. You can find Microsoft's advisory here.

helpnetsecurity.com

 

Researchers to release open-source firewall against SS7 attacks at Black Hat USA

The firewall aims to help telecom providers with defending against the myriad of SS7 vulnerabilities, which allow, among other things, to hijack two-factor text messages.

darkreading.com

 

Scammers attempting to extort major companies with .feedback domains

These scammers have registered, among others, google.feedback. They ask the companies for money to receive the feedback or take the website down.

grahamcluley.com

 

Companies are hiring cyber-security experts to help get merger & acquisition deals done

Bloomberg reports on an interesting trend where more and more M&A deals include an evaluation of cyber-security risks. This seems to have been prompted by Yahoo's breach making it worth $350 million less to Verizon.

bloomberg.com

 

Google Project Zero: hacker SWAT team vs. everyone

Great article from Fortune.com on Google's Project Zero, providing background on how it was started, how CloudBleed was handled, and how other companies look at the initiative. Worth the read. (Warning though: possible auto-playing video ahead).

fortune.com

 

The OpenVPN post-audit bug bonanza

Guido Vranken, the researcher who recently discovered a set of vulnerabilities in OpenVPN, makes a case for preferring automated fuzzing over manual code reviews. Afterwards he takes a deep technical dive in the vulnerabilities themselves.

wordpress.com

 

Eternal Blues: A free EternalBlue vulnerability scanner

It's a free tool created by Elad Erez, Director of Innovation at Imperva. It scans your network to see if any machines are still vulnerable to the SMB exploit that gave us WannaCry and NotPetya. You can get the tool here.

helpnetsecurity.com

 

GitHub - infobyte/spoilerwall

Fun project that replies to port scans with movie spoilers :-)

github.com