26th October resource updates

Cryptocurrency updates

ZDNet: North Korea blamed for two cryptocurrency scams, five trading platform hacks
” A Group-IB report published last week pinned five of 14 cryptocurrency exchange hacks on Lazarus Group, a codename assigned by the cyber-security industry to North Korea’s military hacking units….In a report published today by threat intel firm Recorded Future, individuals associated with the North Korean regime have also been blamed for running cryptocurrency-related scam.” [sic]


Pierluigi Paganini: Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol – “The presentation titled “BOTCHAIN aka The Dark side of Blockchain” includes details about the first fully functional Botnet built upon the Bitcoin Protocol named “BOTCHAIN”.”

Updates to Anti-Social Media 

The Register: Apple boss decries ‘data industrial complex’ while pocketing, er, billions to hook Google into iOS – ” …”Advancing AI by collecting huge personal profiles is laziness, not efficiency,” he said. “For artificial intelligence to be truly smart, it must respect human values including privacy.”….Apple … sells Google access to iOS customers for $9bn. That’s how much Google is expected to pay Apple this year to be the default search provider on iDevices, according to a Goldman Sachs estimate.”


The Register: Jeez, not now, Iran… Facebook catches Mid East nation running trolly US political ads – “Whack-a-Troll: Ad biz smashes latest manipulation plot to show it’s doing…something … Facebook, the antisocial advertising platform on which anyone can promote just about anything, on Friday said it found people promoting political discord in the US and UK, yet again.”

IoT update


Tomáš Foltýn for ESET: IoT: A roomful of conundrums
“How can you stay safe in a world where “smart” is the new default?”


The Register: We asked 100 people to name a backdoored router. You said ‘EE’s 4GEE HH70’. Our survey says… Top answer! – SSH hardcoded ‘admin’ login found, patch, er, patch coming?


Europol press release: If your toothbrush calls you, it might not be for dental hygiene: the importance of securing the internet of things

“Building on this work, ENISA continues to engage with stakeholders and will publish a new study in 2018 on Good Practices for Security of IoT with a focus on Industry 4.0 and smart manufacturing, while in 2019 relevant efforts concerning smart cars are expected.”

Updates to Specific Ransomware Families and Types

ESET: ESET releases new decryptor for Syrian victims of GandCrab ransomware – “ESET experts have created a new decryption tool that can be used by Syrian victims of the GandCrab ransomware. It is based on a set of keys recently released by the malware operators”

Updates to Anti-Malware Testing

SE Labs introduces penalty shootout

Updates to Chain Mail Check

Je te plumerai le BEC

Updates to Mac Virus

ZDnet: Apple blocks GrayKey police tech in iOS update – “Reports suggest the data-slurping tool has been rendered useless — but no-one knows how.”

The Register: Apple boss decries ‘data industrial complex’ while pocketing, er, billions to hook Google into iOS – ” …”Advancing AI by collecting huge personal profiles is laziness, not efficiency,” he said. “For artificial intelligence to be truly smart, it must respect human values including privacy.”….Apple … sells Google access to iOS customers for $9bn. That’s how much Google is expected to pay Apple this year to be the default search provider on iDevices, according to a Goldman Sachs estimate.”

David Harley

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.