background preloader

Security

Facebook Twitter

Hacker News. Google Online Security Blog: Announcing the first SHA1 collision. Posted by Marc Stevens (CWI Amsterdam), Elie Bursztein (Google), Pierre Karpman (CWI Amsterdam), Ange Albertini (Google), Yarik Markov (Google), Alex Petit Bianco (Google), Clement Baisse (Google) Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife.

Google Online Security Blog: Announcing the first SHA1 collision

You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread use, finding two messages that lead to the same digest should be computationally infeasible. Over time however, this requirement can fail due to attacks on the mathematical underpinnings of hash functions or to increases in computational power. How is NSA breaking so much crypto? 1401 08 12 mickens. More Than 1 Million Google Accounts Breached by Gooligan. As a result of a lot of hard work done by our security research teams, we revealed today a new and alarming malware campaign.

More Than 1 Million Google Accounts Breached by Gooligan

The attack campaign, named Gooligan, breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day. Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more. Gooligan is a new variant of the Android malware campaign found by our researchers in the SnapPea app last year. Check Point reached out to the Google Security team immediately with information on this campaign. “We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” said Adrian Ludwig, Google’s director of Android security. Sans titre. Distributed Denial of Service Attacks: Four Best Practices for Prevention and Response.

Google. Uber. That’s It. I’ve Had Enough! IoT Goes Nuclear - Creating a ZigBee Chain Reaction. GitHub - manwhoami/MMeTokenDecrypt: Decrypts and extracts iCloud and MMe authorization tokens on Apple macOS / OS X. No user authentication needed, no dependencies. Why I won't recommend Signal anymore - Sander Venema. One of the things I do is cryptography and infosec training for investigative journalists who have a need to keep either their sources and communications confidential so they can more safely do their work in the public interest.

Why I won't recommend Signal anymore - Sander Venema

Often they work in places which are heavily surveilled, like Europe, or the United States. Ed Snowden’s documents explain a thing or two about how the US intelligence apparatus goes about its day-to-day business. They sometimes also work in places in the world where rubber hose cryptanalysis is more common than in say the U.S. or Europe. Which is why crypto tools alone are not the Alpha and the Omega of (personal) security.

This requires careful consideration of what to use when, and in what situation. To be clear: the reason for this is not security. What is Signal? Signal is an app published by OpenWhisperSystems, a company run by Moxie Marlinspike. Multiple problems with Signal There are however, multiple issues with Signal, namely: Lack of federation. Stealth Cell Tower. Rogue Cellular Infrastructure Disguised as Office Printer Stealth Cell Tower is an antagonistic GSM base station in the form of an innocuous office printer.

Stealth Cell Tower

It brings the covert design practice of disguising cellular infrastructure as other things - like trees and lamp-posts - indoors, while mimicking technology used by police and intelligence agencies to surveil mobile phone users. Masquerading as a regular cellular service provider, Stealth Cell Tower surreptitiously catches phones and sends them SMSs written to appear they are from someone that knows the recipient. It does this without needing to know any phone numbers. SMS exchange with Stealth Cell Tower With each response to these messages, a transcript is printed revealing the captured message sent, alongside the victim’s unique IMSI number and other identifying information. Printed output, complete with identifying IMSI number from SIM card Conceptual background. Exploratorium. GOST cryptography: English.

A single byte write opened a root execution exploit. Thursday, September 22nd 2016.

a single byte write opened a root execution exploit

An email popped up in my inbox. Subject: ares_create_query OOB write. Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras. Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications.

Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras

They appear to come from the Mirai botnet (and relations) which were responsible for the large attacks against Brian Krebs. Our automatic DDoS mitigation systems have been handling these attacks, but we thought it would be interesting to publish some of the details of what we are seeing. In this article we'll share data on two attacks, which are perfect examples of the new trends in DDoS. Sans titre. Strange Loop - IP Spoofing — Idea of the day.

20 September 2016 I recently gave a talk at the Strange Loop conference in St Louis.

Strange Loop - IP Spoofing — Idea of the day

The recording and slides are available, but for easier consumption here's a transcript. Good morning! This is the DDoS talk. It's always hard to speak about DDoS.