Silensec Newsletter

Top News

Facebook hands hackers $100k for breaking browsers

Four researchers have scored US$100,000 from Facebook for revealing 11 bugs affecting platforms including the Chrome and Firefox browsers using novel vulnerability discovery methods. 

"We all benefit from this kind of work—a large part of why Facebook has been successful in serving nearly 1.5 billion people is because we have been quick to introduce and adopt categories of systems and frameworks that prevent whole classes of vulnerabilities at once," Papagiannis says in a statement. The hacks are detailed in the paper Type Casting Verification: Stopping an Emerging Attack Vector (PDF) in which the quartet offered a #tool to help detect the bad-casting and type-confusion holes.  Read more...

 

Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware. One of the most popular Chinese computer manufacturers ‘Lenovo’ has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells. The feature is known as "Lenovo Service Engine" (LSE) – a piece of code presents into the firmware on the computer's motherboard. Read more...

 

Read more...
Top News

 Pentagon email hacked, Russia already blamed

A chunk of the US Department of Defense's email system has been down for 11 days, following what appears to have been a successful attempt to hack it. On Thursday, DoD officials told The Register the unclassified email system of the Pentagon's Joint Chiefs of Staff was compromised following a "sophisticated cyberattack" on July 25. The servers, used by 4,000 government workers, were shut down in response. The system is still not up. The attackers exploited "a new and different vulnerability," according to one report. Another says that a "spear phishing" effort resulted in malware being installed on Pentagon computers. Read more...

 

 

Lightening just struck TWICE! Thunderstrike 2: World's First Firmware Worm That Infects Mac Computers Without Detection

Two security researchers have developed a proof-of-concept computer worm for the first time that can spread automatically between MacBooks, without any need for them to be networked. Dubbed Thunderstrike 2, the new proof-of-concept firmware attack is inspired by previously developed proof-of-concept firmware called Thunderstrike. Read more...

 

 

 

 

Read more...
Top News

 White House Says No Thanks to Snowden Pardon Petition

It’s been more than two years since Edward Snowden became a name as familiar to the millions of people who have no idea what the NSA actually does it is to the power players in Washington. In that time support for Snowden has waxed and waned, but the position of the White House on Snowden’s actions has never changed. Read more...

 

 

Google Promises Fix For Recently Discovered Stagefright Android Flaw

Google has now come out with a statement on the Stagefright vulnerability, it promises a fix for this flaw by next week. Stagefright  exploits how the Hangouts app automatically process incoming video so that it’s ready for the user in the gallery. Hackers can put malicious code inside the video and since it will be automatically processed by the device it doesn’t even matter if the message was opened or not.Read more...

 

 

 

Read more...

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed