Home > Uncategorized > Security News #0x61

Security News #0x61

Exploits
For Students
  • NICCS has a cyber competitions repository, with information about the when, where and how to complete in competitions across the calendar and across the globe.
  • You may want to visit How is My SSL with your commonly used browsers to get a feel for how your SSL connection stack up.
Learning More
  • The folks at GreyHatHAcker have identified some commonly installed products that may allow simple bypass of ASLR on Windows systems.
Industry News
  • It looks like the OpenSuSE website was hacked with up to 79,000 accounts compromised.
  • The recently discovered libXfont vulnerability that appears to have been present since 1991 worries me. The Register has some perspective and some more detail.
  • Last week, there was an attack on a number of common gaming platforms, including Steam (which locked my kids out of their usual Dota 2 fix). Well, Ars Technica reports that the attack appears to have used NTP servers as amplifiers. John Graham-Cumming has a nice introductory piece on amplification attacks.
Random Humor
  • James Mickens has a light-hearted pdf piece about how security often seems to focus on the wrong topics. Now when I say "light-hearted" I mean sufficiently funny that my CCDC team had to stop me and ask me what was so darn funny. Let me quote

    Sometimes, when I check my work email, I’ll find a message that says
    "Talk Announcement: Vertex-based Elliptic Cryptography on N-way
    Bojangle Spaces." I’ll look at the abstract for the talk, and it will say
    something like this: "It is well-known that five-way secret sharing has been
    illegal since the Protestant Reformation [Luther1517]. However, using recent
    advances in polynomial-time Bojangle projections, we demonstrate how a set
    of peers who are frenemies can exchange up to five snide remarks that are
    robust to Bojangle-chosen plaintext attacks."

    Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: