Feb 17 23

SHAtteredThe hash function SHA-1 is finally broken. In a joint research project, Google and a team from the CWI Institute in Amsterdam created two different PDF files with the same SHA-1 hash.
The fact that SHA-1 is unsecure is already known since 2005.

written by d45id \\ tags: , , , , , , , ,

Feb 17 03

passwdMicrosoft Windows contains a memory corruption bug in the handling of SMB traffic. In particular, Windows fails to properly handle a specially-crafted server response that contains too many bytes following the structure defined in the SMB2 TREE_CONNECT Response structure. By connecting to a malicious SMB server, a vulnerable Windows client system may crash (BSOD) in mrxsmb20.sys.

written by d45id

Nov 16 17

poisontapSamy Kamkar released an amazing new tool suite for Raspberry Pi Zero which can siphons cookies, exposes the internal router and installs a persitend web-based backdoor on your locked computers.

Project site: https://samy.pl/poisontap/
Source code: https://github.com/samyk/poisontap

written by d45id \\ tags: , , , , , ,

Okt 16 07

motion-codeSociété Générale and Groupe BPCE preparing to roll out a new credit card where the CVV code changes every hour.

 

written by d45id \\ tags: , , , , ,

Okt 16 07

moral
What life should be saved and whom can you forgot?
Who plays the game of MIT researchers not only learns about the abysses of morality, but also about the problems of the AI cars of tomorrow.

Find out more:

written by d45id \\ tags: , , , , ,

Okt 16 06

datacompressionZstandard also called Zstd is a real-time compression algorithm, providing high compression ratios developed by Yann Collet.
Zstd’s reference language is C but there are a lot of other bindings:

  • Java by Luben Karavelov
  • Rust by Alexandre Bury
  • C# by SKB Kontur
  • Python by Gregory Szorc
  • Python by (simple) Sergey Dryabzhinsky
  • Node.js by streams albertdb
  • Node.js by buffers Zwb
  • PHP by Kamijo
  • Perl by Jiro Nishiguchi
  • Ruby by Jarred Holman
  • D by Masahiro Nakagawa
  • Ada by John Marino
  • Erlang by Yuki Ito
  • Go by Vianney Tran
  • OCaml by ygrek
  • Delphi by Razor12911

Finde out more:
Website
Repository
Benchmarks
Smaller and faster data compression with Zstandard

written by d45id \\ tags: , , , , , , ,

Sep 16 10

Thomas Lendacky from the AMD introduces on the KVM Forum 2016 Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV) features from the new Zen microarchitecture.

Find out more:

written by d45id \\ tags: , , , , , , , ,

Sep 16 08

passwdSecurity researcher Robert Fuller discovered an attack method with which Windows and Mac user credentials can be stolen from a locked machine.
This attack is affected against actual Windows and Mac OS computers on which the user has already logged in.

The researcher used USB-based Ethernet dongles like USB Armory or Hak5 Turtle , for which he modified the firmware code to run special software that sets the plug-and-play USB device as the network gateway, DNS, and WPAD servers on the computer it’s connected to.
Find out more:

written by d45id \\ tags: , , , , , ,