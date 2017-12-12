Security: Bromium, EternalBlue/EternalSynerg, Updates, Reproducible Builds and Zealot Campaign
Polymorphic Banking Trojan gets past 75 per cent of AV software
Researchers at Cupertino-based virtualised security company Bromium discovered a technique being used by hackers which they describe as ‘polymorphic', attacking both primary and secondary executables.
Hackers running sophisticated cryptocurrency mining operation using NSA exploits
Researchers have discovered a new 'multi-staged attack' campaign dubbed Zealot which hackers are running to mine cryptocurrency by leveraging known NSA exploits like EternalBlue and EternalSynergy.
Security updates for Friday
Security updates for Monday
Security updates for Tuesday
Open Source Security Podcast: Episode 74 - Facial recognition and physical security
Reproducible Builds: Weekly report #137
Here's what happened in the Reproducible Builds effort between Sunday December 3 and Saturday December 9 2017...
Reproducible Builds: Weekly report #138
Here's what happened in the Reproducible Builds effort between Sunday December 10 and Saturday December 16 2017...
CVE-2017-17704] Broken Cryptography in iStar Ultra & IP ACM by Software House
How Minecraft Led To The Mirai Botnet
The Mirai botnet that swept through poorly-secured devices last year resulted in unprecedented denial-of-service attacks. At one point, the botnet turned its wrath on security researcher Brian Krebs' site, resulting in a sustained attack that saw Krebs' DDoS protection service (Akamai) say it was getting too old for this shit uninterested in providing further protection for this particular user.
Cryptominer Malware Infecting Windows and Linux Servers Around the World
What is worrisome about the Zealot Campaign is that it is being carried out with the assistance of two exploits developed by the United States National Security Agency; these two cyber warfare weapons were stolen by mysterious hacker group known as “Shadow Brokers,” who have been leaking the source code of these exploits to the public over the last two years. Intelligence analysts believe that the Shadow Brokers may be associated with Russian political interests that seek to destabilize the U.S. government.
