Mai 15 20
Crypto researcher discovered a new ancient bug in Diffie-Hellman crytography. The problem is thatservers that support 512-key “export-grade” Diffie-Hellman (DH) can be forced to downgrade a connection to that weak level. The server – and therefore the client – will both still believe they’re using stronger keys such as 768-bit or 1024-bit.
Matthew Green – one of the researcher – has hosted a site discussing what’s being called “#Logjam“, Weakdh.org, with a detailed paper – Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice (PDF) – that explain the bug in a academic way.
Mai 15 14
Combo Breaker is a motorized, battery powered, 3D printed, Arduino-based combination lock cracking device.
Source code / 3D models:https://github.com/samyk/combobreaker
Mai 15 13
I’ve found an very interesting talk with Matthew Cole where he explain how the Italian cops figured out – with the help of cellular phone metadata – how the CIA abduct Abu Omar in Milano.
Mai 15 08
VMware veröffentlichte in Zusammenarbeit mit dem Center for Internet Security einen Security-Guide für den sicheren Umgang mit der Container-Virtualisierung Docker.
In dem Dokument geben die Experten um die achtzig Tipps für den möglichst sicheren Betrieb von Docker-Containern.
Mai 15 04
Today, fifteen years ago ILOVEYOU computer worm saw the light of day and infected tens of millions of Windows personal computers in just a few hours. What fun ;-)
Apr 15 21
It’s amazing how easily modern network systems can be breached, making exhaustive vulnerability management programs more critical than ever. Please join us for a demonstration of how easy it is for attackers to compromise your network during a webinar with Marcus Murray, Cyber Security Manager at TrueSec.
In this awareness session, Marcus Murray will demonstrate a live hack where he uses a specially crafted JPEG picture to circumvent the security mechanisms of a modern Microsoft Windows server 2012R2 Webserver. He will also use this foothold to expand influence over the entire network and compromise a Windows Server 2012 R2 Domain Controller.
During the presentation, Marcus will also discuss countermeasures you can take to increase security in your environment. This is a must-see session for anyone responsible for vulnerability management.
Mrz 15 23
A research by Mordechai Guri and Prof. Yuval Elovici from the Cyber Security Resarch Center at Ben-Gurion University found a new way for jumping the Air-Gap.
This time they are doing this by using the heat emissions and a computer’s built-in thermal sensors.