2017年12月30日 星期六
TrendLabs: Cyberespionage Campaign Sphinx Goes Mobile
Figure 1: Structure of AnubisSpy’s modules
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/cyberespionage-campaign-sphinx-goes-mobile-anubisspy/
2017年12月29日 星期五
The Pomodoro Technique
Chris admits to being a former workaholic who regularly clocked in 60 to 80 hour workweeks. Despite the excessive hours he put into co-founding one of his companies, a marketing agency, things didn’t go exactly as planned. Many of Chris’ worst fears came true as an entrepreneur, and in his own words “the company completely imploded.”
REF: https://blog.trello.com/how-to-pomodoro-your-way-to-productivity
2017年12月28日 星期四
TrendLabs: Better Built-in Security in IoT Devices
Through an Nmap scan, we observed that the application running the Sonos Play:1 test device communicated with TCP/1400.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/iot-devices-need-better-builtin-security/
Country-Wide Sports Production With TriCaster
TrendLabs: a Cracked Version of the Loki Infostealer
2017年12月25日 星期一
Find Work-Life Focus
REF: https://blog.trello.com/work-life-focus-trello-insider-guide-personal-productivity
In 2011, Justin Gallagher and Bobby Grace co-wrote a web application prototype that provided a visual perspective of what people were working on. That application became Trello. Here is Justin's story of how he uses it today.
2017年12月24日 星期日
2017年12月23日 星期六
TrendLabs: Dissecting ATM Malware Families
Figure 2. Cutlet Maker being offered on the deep web
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/dissecting-prilex-cutlet-maker-atm-malware-families/
2017年12月22日 星期五
2017年12月21日 星期四
Azure Media Services Standard Streaming Endpoint in preview
Now in preview, Streaming Endpoint and Streaming Units are Media Services components that deliver content directly to a media player app or to Azure Content Delivery Network for further distribution. Customers can select between Standard Endpoint and Premium Streaming Units. Standard Streaming Endpoint scales outbound bandwidth automatically where Premium Units (endpoints) customers control and manage the scale operations. Moving forward:
REF: https://docs.microsoft.com/en-us/azure/media-services/media-services-streaming-endpoints-overview
✓ | All new Media Services accounts will be created with Standard Streaming Endpoint in a stopped state by default. |
✓ | All new Media Services accounts come with 15 days of free Standard Streaming Endpoint. |
✓ | Existing Media Services accounts with classic Streaming Endpoint won’t be automatically migrated to Standard Streaming Endpoint, but customers will have the option to migrate manually. |
✓ | Customers with Premium Streaming Units can migrate their streaming endpoints to Standard Streaming Endpoint. |
2017年12月20日 星期三
TrendLabs: New Mirai Attack
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/new-mirai-attack-attempts-detected-south-america-north-african-countries/
HDF5 for efficient I/O
HDF5 is a flexible, self-describing, and portable hierarchical filesystem supported by a number of languages and tools, with the ability to run processes in parallel.
REF: http://www.linux-magazine.com/Issues/2017/205/HDF5
REF: http://www.linux-magazine.com/Issues/2017/205/HDF5
2017年12月18日 星期一
TrendLabs: CONFICKER/ DOWNAD 9 Years After
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/conficker-downad-9-years-examining-impact-legacy-systems/
2017年12月17日 星期日
2017年12月16日 星期六
TrendLabs: Untangling the Patchwork Cyberespionage Group
Patchwork (also known as Dropping Elephant) is a cyberespionage group known for targeting diplomatic and government agencies that has since added businesses to their list of targets. Patchwork’s moniker is from its notoriety for rehashing off-the-rack tools and malware for its own campaigns. The attack vectors they use may not be groundbreaking—what with other groups exploiting zero-days or adjusting their tactics—but the group’s repertoire of infection vectors and payloads makes them a credible threat.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/untangling-the-patchwork-cyberespionage-group/
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/untangling-the-patchwork-cyberespionage-group/
2017年12月15日 星期五
2017年12月14日 星期四
TrendLabs: December Patch Tuesday
Overall, Patch Tuesday addressed 12 Critical-rated vulnerabilities and 10 rated as Important, of which two were disclosed via Trend Micro’s Zero Day Initiative. In addition to the MMPE vulnerability updates, some of the other noteworthy fixes include:
- CVE-2017-11899: A security feature bypass that exists when Device Guard incorrectly validates an untrusted file. An attacker successfully exploiting this vulnerability could make untrusted files appear to be trusted once, causing Device Guard to allow a malicious file to execute.
- CVE-2017-11927: An information disclosure vulnerability that exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site to determine the zone of a provided URL. Attackers exploiting this vulnerability can use various tactics such as phishing to lure users into browsing a malicious website or to an SMB or UNC path destination. A successful attack can potentially lead to the disclosure of sensitive information to a malicious site.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/december-patch-tuesday-yearender-includes-updates-mmpe-vulnerabilities/
The many ways of running firefox on OpenBSD
First, and this has been the case for a few years already, these days I only target amd64 and i386. It's been "fun" for a while but now it's impossible to keep up with macppc and sparc64, although Martin Husemann from NetBSD still manages to run recent firefox on sparc64, i gave up on this - even *running* firefox on an i386 netbook with 1Gb of memory is unbearable. Sad state of affairs.. and on top of this, the recent dependency on rust also limits the amount of platforms firefox could run on, since rust only works on amd64 and i386 for now (thanks to the insane amount of work by semarie@ !).
REF: https://undeadly.org/cgi?action=article&sid=20170425173917
REF: https://undeadly.org/cgi?action=article&sid=20170425173917
Providers that protect against DDoS attacks
AWS Shield
The Amazon Web Services (AWS) Shield [8] provides protection against DDoS attacks (Figure 1). The Standard protection is available to any AWS customer. The product includes detection of network flow data and automatic mitigation of DDoS attacks against SYN flooding or UDP reflection attacks. However, you do not receive information about a successful defense. If you choose the AWS Shield Advanced product, you receive the following additional features for around $3,025 per month plus charges for data transfer:
- In addition to connection data at the network level, Amazon collects and analyzes transaction logs at the application level.
- Access to advanced scrubbing capacities.
- Notification of attacks on ISO Layers 3 and 4, as well as data about the type of attack.
- Reports for ISO Layers 3, 4, and 7.
- Incident management by the Amazon DDoS response team.
- If necessary, manual mitigation.
- Manual analysis after the attack.
- Reimbursement for costs incurred by the attack associated with CloudFront, Route 53, and ELB services.
Of import is that Amazon only protects what runs on Amazon. Although it is possible to protect data traffic on your own servers using services such as CloudFront or a reverse proxy and to protect your own network connection in another way, you cannot fight off targeted attacks.
REF: http://www.linux-magazine.com/Issues/2018/206/DDoS-Defense/(offset)/6
Linux Kernel 4.14 Released
Linus Torvalds, the creator of Linux, announced the release of Linux kernel 4.14 on November 12, 2017. The release was due earlier but was delayed because of an AppArmor patch that caused regression. Torvalds lashed out at a Canonical developer who found the AppArmor regression but said that it was not a big deal.
Torvalds responded and said, “As far as the kernel is concerned, a regression is THE KERNEL NOT GIVING THE SAME END RESULT WITH THE SAME USER SPACE. The regression was in the kernel. You trying to shift the regressions somewhere else is bogus SHIT. And seriously, it's the kind of garbage that makes me think your opinion and your code cannot be relied on. If you are not willing to admit that your commit 651e28c5537a ("apparmor: add base infrastructure for socket mediation") caused a regression, then honestly, I don't want to get commits from you.”
REF: http://www.linux-magazine.com/Online/News/Linux-Kernel-4.14-Released
Torvalds responded and said, “As far as the kernel is concerned, a regression is THE KERNEL NOT GIVING THE SAME END RESULT WITH THE SAME USER SPACE. The regression was in the kernel. You trying to shift the regressions somewhere else is bogus SHIT. And seriously, it's the kind of garbage that makes me think your opinion and your code cannot be relied on. If you are not willing to admit that your commit 651e28c5537a ("apparmor: add base infrastructure for socket mediation") caused a regression, then honestly, I don't want to get commits from you.”
REF: http://www.linux-magazine.com/Online/News/Linux-Kernel-4.14-Released
Announcing CrossOver 17.0.0
CrossOver 17 supports Microsoft Office 2016: the latest and greatest
Microsoft Office suite. You can install Office 2016 Home and Office
2016 Business from your Office 365 account and use the full featured
versions of these products.
CrossOver 17 also supports Quicken 2017 for your home financial
needs.
On Linux, CrossOver 17 will run the popular game League of
Legends.
You will benefit from a full upgrade of our Wine compatibility layer,
giving CrossOver 17 thousands of improvements in our core technology
over our previous version.
REF: https://www.codeweavers.com/support/forums/announce/?t=24;mhl=203321;msg=203321#msg203321
Microsoft Office suite. You can install Office 2016 Home and Office
2016 Business from your Office 365 account and use the full featured
versions of these products.
CrossOver 17 also supports Quicken 2017 for your home financial
needs.
On Linux, CrossOver 17 will run the popular game League of
Legends.
You will benefit from a full upgrade of our Wine compatibility layer,
giving CrossOver 17 thousands of improvements in our core technology
over our previous version.
REF: https://www.codeweavers.com/support/forums/announce/?t=24;mhl=203321;msg=203321#msg203321
2017年12月8日 星期五
Debian Contributors list
This is a list of all the 1808 people and 21 teams whose most recent contribution to Debian was in 2017.
The information is based on our current knowledge, which you can help us improve.
REF: https://contributors.debian.org/
The information is based on our current knowledge, which you can help us improve.
REF: https://contributors.debian.org/
TrendLabs: October macOS Patch
Figure 1. Error message when a malicious USB device is inserted (Click to enlarge)
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/october-macos-patch-fixes-fatusb-vulnerability/
2017年12月6日 星期三
Telestream Vantage
|
2017年12月5日 星期二
TrendLabs: qkG Filecoder
2017年12月4日 星期一
Samsung is testing Linux desktop
REF: http://www.linux-magazine.com/Online/News/Samsung-to-Bring-Linux-to-Desktop
The same year Canonical decide to pull out of the consumer space, Samsung is bringing a pure desktop Linux experience to PCs. Unlike Apple, Google, or Microsoft, Samsung doesn’t have any tightly integrated offering for professionals who need a desktop to get work done. Samsung came out with DeX, an accessory for Samsung Galaxy phones that connected with a monitor and offers a desktop-like interface. It’s an experience similar to Ubuntu Dock or Motorola Atrix Webtop.
The same year Canonical decide to pull out of the consumer space, Samsung is bringing a pure desktop Linux experience to PCs. Unlike Apple, Google, or Microsoft, Samsung doesn’t have any tightly integrated offering for professionals who need a desktop to get work done. Samsung came out with DeX, an accessory for Samsung Galaxy phones that connected with a monitor and offers a desktop-like interface. It’s an experience similar to Ubuntu Dock or Motorola Atrix Webtop.
2017年12月3日 星期日
TrendLabs: systemd Vulnerability
Figure 3. Packet capture of specially crafted DNS reply
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/systemd-vulnerability-leads-to-denial-of-service-on-linux/
2017年12月2日 星期六
NewTek NDI PTZ Camera
|
2017年12月1日 星期五
TrendLabs: Physical Theft Meets Cybercrime
訂閱:
文章 (Atom)