End-of-Shift report
Timeframe: Montag 11-05-2015 18:00 − Dienstag 12-05-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Steganography and Malware: Concealing Code and C&C Traffic
In our earlier post discussing steganography, I discussed how it is now being used to hide configuration data by malware attackers. Let's go discuss this subject another facet of this topic in this post: how actual malware code is hidden in similar ways. Security analysts will probably throw their hands up in the air and say, 'we've ..
http://blog.trendmicro.com/trendlabs-security-intelligence/steganography-and-malware-concealing-code-and-cc-traffic/
Add GitHub dorking to list of security concerns
One of the big lessons that weve learned in the last 10 years is that even little pieces of once disparate data, gathered in a single location, can yield startling truths. With Facebook, that lesson crystallized with the introduction of its Graph Search feature in 2013, when the online world ..
http://www.csoonline.com/article/2921177/application-security/add-github-dorking-to-list-of-security-concerns.html
Golem.de-Test mit Kaspersky: So sicher sind Fototerminals und Copyshops
Wie gefährlich ist es, mit beschreibbaren USB-Sticks und SD-Karten Fotos und Dateien ausdrucken zu lassen? Golem.de hat zusammen mit dem Sicherheitsunternehmen Kaspersky getestet, ob auch Windows-XP-Terminals ohne Virenscanner sicher sind.
http://www.golem.de/news/golem-de-test-mit-kaspersky-so-sicher-sind-fototerminals-und-copyshops-1505-113981.html
Verschlüsselte OSGP-Kommunikation von Smart Metern leicht belauschbar
Wenn Geräte im Smart Grid Informationen austauschen, könnten Angreifer trotz Krypto-Einsatz zumindest beim Standard Open Smart Grid Protocol Daten abgreifen. Sicherheitsforscher machen dafür das schwache Protokoll verantwortlich.
http://heise.de/-2642228
The State of ASLR on Android Lollipop
Modern platforms like Android devices enforce execute protections on memory, so injecting code into the process is often no longer the lowest hanging fruit for exploitation. Reusing the existing code and data has become the norm, and statistical defense via Address-Space Layout randomization is still the only widely available ..
https://copperhead.co/2015/05/11/aslr-android-zygote
How secure will our data be in the post-quantum era?
Build your security for the next 50 years. If the speed of processing doubles every two years, make sure your cryptographic systems can't be brute forced in 50 years. If you use 2048 bit RSA, it will take some quadrillion years to break it. Good enough, right?
https://medium.com/@amarchenkova/how-secure-will-our-data-be-in-the-post-quantum-era-6a7f444ce7d5
Bublik Trojan - Variant Evolves with New Features
While there are many similar types of malware in use today, Bublik is being used for malicious activity and appears to be under active development, suggesting that its creators have paying customers. Because security involves a dynamic interaction ..
http://www.isightpartners.com/2015/05/bublik-trojan-variant-evolves-with-new-features/