Mai 15 20

alertCrypto researcher discovered a new ancient bug in Diffie-Hellman crytography. The problem is thatservers that support 512-key “export-grade” Diffie-Hellman (DH) can be forced to downgrade a connection to that weak level. The server – and therefore the client – will both still believe they’re using stronger keys such as 768-bit or 1024-bit.

Matthew Green – one of the researcher – has hosted a site discussing what’s being called “#Logjam“, Weakdh.org, with a detailed paper – Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice (PDF) – that explain the bug in a academic way.

written by d45id \\ tags: , , , , , , , ,

Mai 15 14

Combo Breaker is a motorized, battery powered, 3D printed, Arduino-based combination lock cracking device.

Source code / 3D models:https://github.com/samyk/combobreaker

 

written by d45id \\ tags: , , , , ,

Mai 15 13

I’ve found an very interesting talk with Matthew Cole where he explain how the Italian cops figured out – with the help of cellular phone metadata – how the CIA abduct Abu Omar in Milano.

written by d45id \\ tags: , , , , ,

Mai 15 08

dockerVMware veröffentlichte in Zusammenarbeit mit dem Center for Internet Security einen Security-Guide für den sicheren Umgang mit der Container-Virtualisierung Docker.
In dem Dokument geben die Experten um die achtzig Tipps für den möglichst sicheren Betrieb von Docker-Containern.

written by d45id \\ tags: , , ,

Mai 15 04

Today, fifteen years ago ILOVEYOU computer worm saw the light of day and infected tens of millions of Windows personal computers in just a few hours. What fun ;-)

written by d45id \\ tags: , , , , ,

Apr 15 21

It’s amazing how easily modern network systems can be breached, making exhaustive vulnerability management programs more critical than ever. Please join us for a demonstration of how easy it is for attackers to compromise your network during a webinar with Marcus Murray, Cyber Security Manager at TrueSec.

In this awareness session, Marcus Murray will demonstrate a live hack where he uses a specially crafted JPEG picture to circumvent the security mechanisms of a modern Microsoft Windows server 2012R2 Webserver. He will also use this foothold to expand influence over the entire network and compromise a Windows Server 2012 R2 Domain Controller.

During the presentation, Marcus will also discuss countermeasures you can take to increase security in your environment. This is a must-see session for anyone responsible for vulnerability management.

written by d45id \\ tags: , , , , ,

Apr 15 02

written by d45id \\ tags: , , ,

Mrz 15 23

A research by Mordechai Guri and Prof. Yuval Elovici from the Cyber Security Resarch Center at Ben-Gurion University found a new way for jumping the Air-Gap.

This time they are doing this by using the heat emissions and a computer’s built-in thermal sensors.

See also

written by d45id \\ tags: , , , , ,