Marcus, aka 'MalwareTech', is the guy responsible for the domain-based kill switch that stopped WannaCry in its tracks. He was arrested by the FBI when boarding a plane in Las Vegas leaving Defcon, allegedly being responsible for creating and selling the Kronos banking malware.
There is a lot of confusion here, as hardly anyone can imagine it being true. His official indictment can be found here. To be continued.
Fascinating attack vector: changing street signs to fool self-driving cars and potentially harming the drivers and/or causing chaos. Simply by, for example, turning a stop sign into a speed limit sign.
Speaking of fascinating attack vectors. In the not-quite-practical-but-cool category. Synthesise a DNA strand to cause a buffer overflow in a DNA sequencing machine.
Mozilla has released an experimental service that allows you to securely encrypt and send files up to 1Gb. Each file expires after one download or 24 hours. Their announcement can be read here.
Update all the things \o/
It might make sense to start grouping updates when relevant, for easier reading :)
- Microsoft patches 48 vulnerabilities, of which 27 allow for remote code execution.
- Firefox fixed three critical issues (and makes Flash click-to-run by default, woop woop)
- Google patches 49 vulnerabilities in Android, 10 of which being remote code execution bugs.
Dieter Van der Stock
Since my day job is in the solar industry, I find this extra interesting ^^
The electrical grid requires a constant balance of supply and demand. This researcher found a a set of critical vulnerabilities in a much-used brand of inverters, which convert solar DC power to AC grid power. If, on a sunny moment, he would deploy those exploits, he could cause a huge outage causing potentially billions in damages.
The extension in question is Web developer for Chrome, which a few of us might actually use (around a million people do). It was briefly turned into malware but is now back to normal. The author advises to re-install to be certain.
Something I've never thought about before is how they find a new site so quickly. One way is to monitor the Certificate Transparency report, an open standard where one can see which new SSL certificates were just issued.
A write-up of a talk by Roger Dingledine, co-founder of Tor, at Defcon. He disputes some common beliefs, like that most of Tor traffic is criminal/dark web, and announces some upcoming improvements, like beefing up the underlying encryption.
Currently all ship navigation depends solely on GPS. Because of the relative ease of jamming, which apparently happens quite often already, work is underway to implement a backup system.
I'm not a Windows admin myself, but this looks like a useful and short list of best-practices.
Interesting post by Netflix on application-level DDos attacks in a microservice architecture. They describe what it is, why it is so effective, how they test for it in their signature Chaos Monkey way and how one would defend against it.