Feb 17 23

SHAtteredThe hash function SHA-1 is finally broken. In a joint research project, Google and a team from the CWI Institute in Amsterdam created two different PDF files with the same SHA-1 hash.
The fact that SHA-1 is unsecure is already known since 2005.

written by d45id \\ tags: , , , , , , , ,

Sep 15 25

After a successfull exploit on ESET’s antivirus scanner NOD32 and Kaspersky’s engine now googles security expert taviso has found a new critical bug in avast! antivirus scanner with which a system call could be done.
AvastUI-load-calc

 

Now everybody wonders who will be the next, Trend Micro, Intel (formerly known as McAfee) or somebody else ?

written by d45id \\ tags: , , , , , , ,

Jan 15 02

ms-windowsIn Microsoft Windows klafft erneut eine Sicherheitslücke (MSRC-20544), diesmal in der ahcache.sys, die zu einer Umgehung der User Account Control (UAC) ausgenutz werden kann um die eigenen Benutzerrechte zu erweitern.

Sicherheitsforscher von google sind über diese Schwachstelle schon Ende September 2014 gestollpert, da Microsoft bis heute nicht wirklich darauf reagierte wurden nun Einzelheiten, sowie ein Proof of Concept (PoC) veröffentlicht. Das PoC demonstiert die Schwachstelle in Windows 8.1 (32bit sowie 64bit) und startet den Windows calculator aus einem einfachen Benutzerkontext heraus als Administrator.

Ausführliche Informationen sowie das PoC finden sich hier

written by d45id \\ tags: , , , , , ,

Jan 14 19

MusicTimelineThe Music Timeline shows genres of music waxing and waning, based on how many Google Play Music users have an artist or album in their music library, and other data (such as album release dates). Each stripe on the graph represents a genre; the thickness of the stripe tells you roughly the popularity of music released in a given year in that genre. (For example, the „jazz“ stripe is thick in the 1950s since many users‘ libraries contain jazz albums released in the ’50s.)

 

written by d45id \\ tags: , ,