Security news vol. 6 - 20150528 - Risk & Technology Wrocław Group
8
-
Upload
logicaltrust-pl -
Category
Internet
-
view
80 -
download
0
Transcript of Security news vol. 6 - 20150528 - Risk & Technology Wrocław Group
Logjam
TLS - HTTPS, IPSec, VPN, SSH, POP3S, IMAPS, SMTPS
Atak pozwala na wymuszenie obniżenia poziomu szyfrowania wymiany kluczy Diffiego-Hellmana do poziomu 512 bitów.
https://weakdh.org/http://zaufanatrzeciastrona.pl/post/atak-na-wymiane-kluczy-zagraza-polaczeniom-https-vpn-ssh-i-smtps/
http://venom.crowdstrike.com/
The bug is in QEMU’s virtual Floppy Disk Controller (FDC). This vulnerable FDC code is used in numerous virtualization platforms and appliances, notably Xen, KVM, VirtualBox, and the native QEMU client.VMware, Microsoft Hyper-V, and Bochs hypervisors are not impacted by this vulnerability.
https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
Once you register for the product, you can create your malware in three simple steps:1)Enter the ransom amount. (The site takes 20% of the ransom.)2)Enter your “cause.”3)Submit the captcha.
The BACKRONYM vulnerability allows for an attacker to downgrade and snoop on the SSL/TLS connection that MySQL client libraries use to communicate to a MySQL server.
http://backronym.fail/
https://blog.malwarebytes.org/fraud-scam/2015/05/we-need-your-support-nepal-earthquake-419-spam/
Nepal earthquake Scam
http://darkmatters.norsecorp.com/2015/05/04/london-railway-system-password-exposed-in-tv-documentary/
London Railway System Password Exposed in TV Documentary
