Mindblown: a blog about philosophy.
-
Paper: a timeline of mobile botnets
Ruchna Nigam provides an overview of more than 60 mobile malware families. The rise of mobile malware is still a relatively recent thing, with the first actual mobile botnets not appearing until the beginning of this decade. However, since then things have changed quickly, and today there are more than one million known mobile malware…
-
Paper: Dylib hijacking on OS X
Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had been discussed by none other than the NSA as far back as 1998. Many applications load dynamic link libraries (DLLs) without specifying a…
-
Paper: Windows 10 patching process may leave enterprises vulnerable to zero-day attacks
Aryeh Goretsky gives advice on how to adapt to Windows 10’s patching strategy. Patching is hard, especially when the code base is old and the bugs are buried deeply. This was highlighted once again this week when Microsoft released a patch for a vulnerability that was thought to have been patched almost five years ago,…
-
Will DIME eventually replace email?
Protocol has all the advantages of email, yet is orders of magnitude more secure. In the current Internet era sometimes referred to as ‘post-Snowden’, it is often said that email is broken. After all, a lot of email is still flowing over the Internet unencrypted, and even if encryption is used for email delivery, that…
-
The ghost of Stuxnet past
Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete. Mention Stuxnet and you’ll have many a security researcher’s attention. The worm, which was discovered in 2010, used a number of zero-day vulnerabilities to reach its target: air-gapped Windows PCs at the Natanz nuclear plant in Iran. Most prominent among these was CVE-2010-2568…
-
Canadian firm fined $1.1m for breaching anti-spam law
First success story for long-awaited CASL. The Canadian Radio-television and Telecommunications Commission (CRTC), the agency responsible for enforcing Canada’s anti-spam law (CASL) has issued a $1.1m dollar fine to Compu-Finder , a Morin-Heights, Quebec-based firm, for violating the law. Anti-spam legislation plays an important if usually fairly invisible role in the fight against spam. It…
-
Virus Bulletin seeks hackers, network researchers for VB2015
One week left to submit an abstract for the 25th Virus Bulletin conference. A few weeks ago, I made a short visit to the Clarion Congress Hotel in Prague, where VB2015 will take place this September/October. Seeing the hotel has made me even more excited about the conference and the various ‘enhancements’ we plan to…
-
VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps
Gregory Panakkal explains that there are different ways of looking at APK files – and that sometimes that can have unintended consequences. Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Leaving our ZIP…
-
FREAK attack takes HTTPS connections back to 1990s security
Golden keys from the (first) crypto wars have come back to haunt us. When a web client makes a secure connection to a web server (using HTTPS), it starts by sending a ‘Hello’ message in which it announces which cipher suites it supports. The web server then chooses one, presumably the one that offers the…
-
TorrentLocker spam has DMARC enabled
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an interesting blog post about a spam campaign that was spreading the ‘TorrentLocker’ ransomware and which, unusually, was using DMARC. TorrentLocker is one of the most prominent families…
Got any book recommendations?