BREACH, TorSploit, and Fort Disco
Sorry for the late posting, but your weekly taste of “what’s up” in the InfoSec world is here for your viewing pleasure. As always, I summarize some of this week’s biggest network and information security news, in case you didn’t have time to follow it yourself.
This week was packed with security stories, but I only had time to focus on four. The episode includes information on a botnet that brute forces CMS systems, an alleged flaw in Chrome’s password security, a serious new SSL encryption weakness, and suspicions that the FBI tried to backdoor Tor sites. Press play below for the full scoop, and check out the Reference section if you’d like to read about all the other stories I didn’t have time to talk about.
(Episode Runtime: 12:15)
Direct YouTube Link: https://www.youtube.com/watch?v=y4jVozwHdWc
Episode References:
- Fort Disco botnet brute forces CMS systems – Arbor Networks
- Blogger accuses Chrome of bad password management – Blog
- BREACH SSL attack relies on HTTP compression – Breach Attack site
- BREACH attack technical whitepaper [PDF] – Breach Attack site
- FBI suspected of javascript attack on Tor – Wired
- Torsploit IPs may not point to feds – Ars Technica
- Metasploit exploit for the “FBI Javascript flaw” – Rapid 7
Extras:
- Microsoft warns of a CHAPv2 flaw that affects their phone OS – Microsoft
- Microsoft’s August patch day to include eight bulletins, three critical – Microsoft
- Serious OSPF flaw affects many industry routing devices (WatchGuard not affected) – US CERT
- Firefox 23 fixes security flaws and introduces new security features – Tech Crunch
- IPv6 Man in the Middle (MitM) attack affects Windows – Computer World
- Hack NFC for free bus rides – Mashable
- Will Smith shows up at Def Con – PC World
- Hacking bluetooth toilets – Tech Week
- Reseachers release their Def Con car hack details – IOActive blog
- Does the NSA share phone hacking data with DEA? – The Washington Post
— Corey Nachreiner, CISSP (@SecAdept)
It is unbelievable, but with a couple of latest publicly disclosed cases, looks like “hack the hackers” concept slowly but surely (if such cases will appear again and again) will re-born to “strike anonymity” flow…If legals involved in that process – it’s very dispirit tendency. In WWW, like in real life, should be “space and time” for confidentiality for ordinary users… “If you are not a hacker or cybercriminal – you’ve got nothing hide” is not a justification…By the way – one famous social network in Russia (Vkontakte) was almost hit by a special law-initiative, according to which registration of users should to be held by national passports and personal data, and such data must be confirmed by the legals PRIOR to registration… Such an initiative has been canceled. Senator who proposed such an initiative, said “If you are not a hacker or cybercriminal – you’ve got nothing hide”… :-
Hey I know this is off topic but I was wondering if you knew of any widgets I could add to my blog that automatically
tweet my newest twitter updates. I’ve been looking for a plug-in like this for quite some time and was hoping maybe you would have some experience with something like this.
Please let me know if you run into anything. I truly enjoy reading your blog and I
look forward to your new updates.
The Effects of Technology in Today’s Business World.
Using ann address once for a single transaction ensures privacy and anonymity.
Splitting private keys into random shates and storing the pieces
in different machines would be useful.
The real question isn’t whether Bitcoin determination tail off, dive before take us all on a crazy harass, it’s whether it determination truly subsist its inevitable test.
Using an address once foor a singgle transaction ensures privacy and
anonymity. Eveen when an electronic transfer (like a wire transfer) method
is used, thhe spender loses the ownership of the money first and
then the target beneficiary is credited with the amount.
I’m curious to find out what blog platform you are using?
I’m experiencing some minor security issues with my latest site
and I would like to find something more secure. Do you have any suggestions?
This is my first time pay a quick visit at here and i am actually happy to
read all at alone place.
Hmm is anyone else encountering problems with the pictures on this blog loading?
I’m trying to figure out if its a problem on my end or
if it’s the blog. Any feedback would be greatly appreciated.
I truly love your blog.. Pleaasant colors & theme. Did you create this amazing site yourself?
Please reply back as I’m trying to create my own site and want to know where you got this from or just what the theme is called.
Appreciate it!
Just want tto say your article is as amazing. The clearness
for your submit is simply excellent and that i
could assume you’re aan expert on tthis subject.
Fine with your permission let me to take hold of your
RSS feed to stay up to date with forthcoming post.
Thanks one mikllion and please keep up the enjoyable work.
Hello! I know this is sort of off-topic however I had to ask.
Does building a well-established website like yours require
a massive amount work? I am brand new to running a blog
however I do write in my journal daily. I’d like to start a blog so I can share my personal experience and
feelings online. Please let me know if you have any ideas
or tips for brand new aspiring bloggers. Appreciate it!
The subject of clear skin diet is a controversial issue.
The constantly changing fashionable take on clear skin diet demonstrates the depth of the subject.
While it has been acknowledged that it has an important part to play
in the development of man, its influence on western cinema has not been given proper recognition.
Inevitably feelings run deep amongst the aristocracy,
whom I can say no more about due to legal restrictions. Hold onto your hats as we begin a journey into clear skin
diet.
Social Factors
Society is our own everyday reality. The immortal and indispensable
phrase �honesty is the best policy� [1] created a monster which
society has been attempting to tame ever since. No symbol
is more potent than clear skin diet in society today. It is crunchy on the outside
but soft in the middle.
Our post-literate society, more than ever before, relies upon clear skin diet.
It is intrinsically linked to adolescent inner
acclimatisation.
Economic Factors
There has been a great deal of discussion in the
world of economics, centred on the value of clear skin diet.
We will study the Watkis-Teeth-Pulling model, as is standard in this case.
Wonderful post! We are linking to this great article on our
site. Keep up the good writing.
Hi this is kinda of off topic but I was wanting to know if blogs use WYSIWYG editors or if you have
to manually code with HTML. I’m starting a blog soon but have
no coding skills so I wanted to get advice from
someone with experience. Any help would be enormously appreciated!
After I originally commented I seem to have clicked on the -Notify me when new comments are added- checkbox and
now each time a comment is added I get 4 emails with the same comment.
There has to be a means you can remove me
from that service? Thank you!
No matter if some one searches for his essential thing,
so he/she wishes to be available that in detail, therefore that thing is maintained over here.
It is not my first time to visit this web site, i am visiting this site dailly and get pleasant facts from here every day.
What’s up to every body, it’s my first go to see of this blog; this
webpage carries remarkable and in fact fine data
in favor of readers.
I’m really enjoying the design and layout of your blog.
It’s a very easy on the eyes which makes it much more enjoyable for me to
come here and visit more often. Did you hire out a designer to create your
theme? Outstanding work!