Last week's issue reported on a DDoS record of 1.3 Tbs, based on memcached reflection. The day after a new record of 1.7Tbs was reached in an attack on Arbor Networks, a DDoS mitigation service.
Good news too on the memcached front. There's a mitigation technique where you send a flush_all command to the servers that are attacking you. Memcached also released a new version with UDP disabled by default.
"An attacker could connect to a 4G LTE network using another user's identity, send messages on behalf of another user, intercept messages meant for that user, spoof the location of a mobile device, and even force other devices to disconnect from a mobile network."
Telecom protocols really aren't winning any points with me :/ And unfortunately there's no real chance of these issues getting fixed.
Things I never thought I'd write. Kali Linux is made specifically for pentesting, with tools like Metasploit, Burp Suite and much more. You can now install it on Windows 10. I did read cases where Windows Defender wasn't happy with all them hacker tools, so maybe read up a bit more before you try it :)
There is nothing wrong with the Yubikey. Rather, it's Chrome that allows for things to happen that shouldn't through its WebUSB API. The attack is very hard to pull off, but Chrome will issue a temporary fix and work with the FIDO alliance to dig deeper.
Update all the things \o/
A noninclusive list of updates I came across:
- Chrome released an update fixing 45 security vulnerabilities and blocking 'tab-under redirects', where a site opens a new tab and redirects the original tab: link
- Android received its March update with 11 critical vulnerabilities fixed, seven of which are remote code execution bugs: link
- Updates were released for the Pivotal Spring framework, fixing serious remote code execution issues similar to those that tackled Equifax: link
- HP released an update fixing a critical issue in its remote management tool called Integrated Lights-Out 3 (iLO3): link
Very interesting and down to Earth overview for dev/ops people on how you can go about implementing GDPR in your codebase and infrastructure.
Speaking of GDPR, here's a list of well known services and a link to their GDPR statements.
It's a pretty awesome looking service where you can upload a malware sample in a sandbox and see things like what network calls it makes and which registry values and files it changes.
For those who haven't seen this yet: a cool project that lists the availability of 2fa for a whole lot of companies, divided by category and searchable by name.
Watch this technical demo by Netsparker's CEO Ferruh Mavituna, during which he explains the blind XSS and second order vulnerabilities and also shows how attackers can exploit them.
Fleetsmith is a fantastic solution for keeping your macOS devices managed and secure, used by yours truly every day. It fully integrates with G Suite, and you can try it free with 10 devices for as long as you need.