Updates to Cryptocurrency/Crypto-mining News and Resources
FireEye: RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique
The Register: – How polite: Fun-bucks coin miners graciously ease off CPU pounding “…according to Johannes Ullrich, head of research at SANS, who today pointed out that malicious mining apps are scaling down activity and employing built-in encryption to make them harder for antivirus packages to detect.”
Updates to Meltdown/Spectre and other chip-related resources
Catalin Cimpanu for Bleeping Computer: Some Spectre In-Browser Mitigations Can Be Defeated “According to research published by Aleph Security … researchers were able to put together proof-of-concept code that retrieves sensitive data from a browser’s protected memory … their PoC bypassed Spectre mitigations and retrieved data from browsers such as Edge, Chrome, and Safari.” (But not Firefox, apparently.)
See also these anti-social media page updates.
I missed this when it was originally published, but it’s an interesting interview (if you can get around Joanna’s rather childish bias against the AV industry) about rootkit technology, and the escalating fight to secure operating systems. I totally agree on many points, including the idea of separating function as far as possible (having a separate VM only ever used for banking is a good idea). It’s a long article, and covers some basics too, but it’s worth persevering through the 9 pages.
Andrew Lee CISSP
Nothing really new, apart perhaps from the scale of the attacks. This one talks about Gmail, but there have also been recent attacks against Yahoo, AOL and Hotmail.
If nothing else, this reminds that we still have a very long way to go on educating the users to phishing. We also have a big problem with SSL – as David pointed out a couple of days ago, SSL is a privacy preserver, not a security measure – and it certainly won’t protect against phishing.