Silensec Newsletter

Top News

Estonia Blocks Electronic ID Cards Over Identity-Theft Risk

Dubbed Estonia for being one of the world's most wired nations, the state issues electronic Identity cards giving citizens online access to virtually all public services at a special "egovernment" state portal.

A flaw in the Swiss-made chips used in the cards makes them vulnerable to malware.

The Prime Minister announced the decision to suspend security certificates for cards until their owners download an update to patch the flaw.

By blocking the certificates of the Identity cards at risk, the state is ensuring the safety of the ID card.

Read more...

EFF to ICANN's Registrars: Don't Pick Up the Censor's Pen

The Electronic Frontier Foundation has spent the week at the annual general meeting of ICANN, the global multi-stakeholder regulatory authority for Internet domain names and IP addresses.

The focus during this meeting is on speaking out against the increasing use of the domain name system as a mechanism for content censorship.

The EFF presentations were in the form of a short and simple message to ICANN, to the registries who operate its top-level domains, and the registrars who offer domains to the public: don't pick up the censor's pen.

Read more...

Read more...

Top News

Bad Rabbit Ransomware leverages the NSA Exploit for lateral movements

New precious details emerge from the analysis of malware researchers at Cisco Talos and F-Secure who respectively discovered and confirmed the presence an NSA exploit in the Bad Rabbit ransomware.

On October 24, hundreds of organizations worldwide were hit by the Bad Rabbit ransomware, mostly in Russia and Ukraine.

The first reports on the ransomware revealed that the malicious code also relies on the Server Message Block (SMB) protocol to spread within the targeted network.

Almost every analysis produced since the discovery of the Bad Rabbit ransomware revealed many similarities between Bad Rabbit and NotPetya, including the targeting of Ukraine and Russia, the usage of Mimikatz tool, and the same type of file encryption.

However, while NotPetya is a wiper disguised by a ransomware, Bad Rabbit appears to be a real ransomware.According to malware researchers, NotPetya has been linked to BlackEnergy APT, for this reason, some experts suggest the same threat actor could be behind the Bad Rabbit ransomware.

Read more...

FBI Director Wray is Wrong About Section 702 Surveillance

Newly-minted FBI Director threw out several justifications for the continued, warrantless government search of American communications. He’s wrong on all accounts. His is concerned with the potential expiration of the one of the government’s most powerful surveillance tools, Section 702 of the FISA Amendments Act, which allows the NSA, among other angencies like FBI, to collect emails, browser history and chat logs of Americans. Section 702 also allows other agencies, like the FBI, to search through that data without a warrant. Those searches are called “backdoor searches.”

Read more...

Read more...

Top News

ROCA vulnerability (CVE-2017-15361) allows attackers to recover users Private RSA Keys

While security experts are discussing the dreaded KRACK attack against WiFi networks IT giants, such as Fujitsu, Google, HP, Lenovo, and Microsoft; the companies are warning their customers of a severe flaw in widely used RSA cryptographic library.

The vulnerability, dubbed ROCA (Return of Coppersmith’s Attack), could potentially allow a remote attacker to reverse-calculate a private encryption key just by having a target’s public key.

The vulnerability in Infineon’s Trusted Platform Module (TPM), dubbed ROCA (Return of Coppersmith’s Attack), was discovered by security researchers at Masaryk University in the Czech Republic.

The researchers published the details of the ROCA vulnerability in a blog post and also published a tool online that could be used to test if RSA keys are vulnerable to this dangerous flaw.

Read more...

WPA2 security in trouble as KRACK Belgian boffins tease key re-installation bug

A promo for the upcoming ACM security conference has set infosec types all a-Twitter over the apparent cryptographic death of the WPA2 authentication scheme widely used to secure Wi-Fi connections.

The authors have everything ready except the details of their disclosure: acceptance at the ACM Conference on Computer and Communications Security (CCS) for their paper Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, a timeslot, a so-far-empty GitHub repository, and a placeholder Website at krackattacks(dot)com.

The disclosure is due some time on the October 16.

Read more...

Read more...

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed