Home > Uncategorized > Security News #0x60

Security News #0x60

Exploits
  • Veil payloads are designed to evade anti-virus, but it is somewhat difficult to verify this. Before Christmas, Chris Truncer announced a way to check Veil payloads against VirusTotal without sending along a sample of the crafted malware.
For Students
  • If you want to learn more about how to break into a system, you definitely want to head over to Techorganic and read about the De-ICE hacking challenge. This is a great example of problem solving in action and well worth your time.
  • If you have had a good course in cryptography, you probably also want to take a look at Ari’s Blog, where he provides some background on elliptic curve cryptography, and explain in principle how you could back door such a system, as has been alleged for Dual_EC_DRBG.
  • It looks like many SOHO routers may have backdoors. You may want to run that nmap scan on your own gear, just to be sure that you know what is running on your own network!
Industry News
  • The www.openssl.org site was attacked last weekend. The defaced home page has been archived. Later in the week, there was some hullabaloo as to how the server was compromised; you may want to look over at Ars Technica for their coverage.
  • The Snapchat user database was recently exposed; ironically this appears to have occurred after they were notified that this was possible and they dismissed these claims as unfounded. Ouch. The summary over at NakedSecurity is worth a read.
Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. March 7, 2014 at 4:54 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: