Silensec Newsletter

Microsoft Patches 11 Critical RCE Flaws in Windows, Browsers

Microsoft Patches 11 Critical RCE Flaws in Windows, Browsers

Microsoft's Patch Tuesday updates for June 2018 address a total of 50 vulnerabilities, including nearly a dozen critical remote code execution flaws affecting Windows and the company's Edge and Internet Explorer web browsers.

None of the security holes patched this month appear to have been exploited for malicious purposes, but one of them has been publicly disclosed before the release of a fix. Microsoft also released some mitigations for the recently disclosed Variant 4 of the Spectre/Meltdown vulnerabilities.

Read more...

Bitcoin falls after Korean exchange loses $40M following hack attack

Bitcoin falls after Korean exchange loses $40M following hack attack

Coinrail, a South Korea-based cryptocurrency exchange has suffered a massive hack attack in which hackers have stolen over $40 million in tokens and altcoins on Sunday. The hack has also caused a decrease in Bitcoin's price, at the time of publishing this article, 1 Bitcoin was around $6,781.

Although it is unclear how the hack attack took place according to an official statement by Coinrail on its website the company acknowledged the hack without giving any further information on the total value of the stolen cryptocurrency.

Read more...

Google Won't Use Artificial Intelligence for Weapons

Google Won't Use Artificial Intelligence for Weapons

Google announced recently that it would not use artificial intelligence for weapons or to "cause or directly facilitate injury to people," as it unveiled a set of principles for these technologies.

Chief executive Sundar Pichai, in a blog post outlining the company's artificial intelligence policies, noted that even though Google won't use AI for weapons, "we will continue our work with governments and the military in many other areas" including cybersecurity, training, and search and rescue.

The news comes with Google facing pressure from employees and others over a contract with the US military, which the California tech giant said last week would not be renewed.

Read more...

Microsoft buys GitHub for $7.5 billion

Microsoft buys GitHub for $7.5 billion

Microsoft has officially confirmed the acquisition of GitHub code repository in $7.5 billion, a value still higher than recently speculated. Microsoft was expected to pay $ 5 billion for the service. In 2015, GitHub was valued at $ 2 billion - it was the last assessment of the market value of the popular code repository.

GitHub is mainly used by programmers and IT professionals around the world. The service is also popular among employees of hotshot firms like HP, IBM, Disney, Evernote, Apple, Amazon, Cisco, Oracle, Mastercard and many others.

Read more...

Russia asks Apple to remove Telegram Messenger from the App Store

Russia asks Apple to remove Telegram Messenger from the App Store

Russia's communications regulator has threatened Apple to face the consequences if the company does not remove secure messaging app Telegram from its App Store.

The Russian government had banned Telegram in the country for the company's refusal to hand over private encryption keys to Russian state security services to access messages sent using the secure service.

However, so far, the Telegram app is still available in the Russian version of Apple's App Store.

Read more...

100 Million IoT Devices Possibly Exposed to Z-Wave Attack

100 Million IoT Devices Possibly Exposed to Z-Wave Attack

Researchers have demonstrated that the Z-Wave wireless communications protocol, which is used by more than 100 million Internet-of-Things (IoT) devices, is vulnerable to security downgrade attacks.

Z-Wave, a protocol primarily used for home automation, uses low-energy radio waves for wireless communications over distances of up to 100 meters (330 feet).

According to the Z-Wave Alliance, an organization dedicated to advancing Z-Wave, the protocol is currently used by 700 companies in over 2,400 IoT and smart home products, including thermostats, locks and home monitoring systems.

Read more...