======================= = End-of-Shift report = =======================
Timeframe: Donnerstag 16-02-2017 18:00 − Freitag 17-02-2017 18:00 Handler: Alexander Riepl Co-Handler: n/a
*** Divide Between Work, Personal Data on Android Breached *** --------------------------------------------- Researchers demonstrate how malicious apps can break into secure Android work containers on EMM managed phones. --------------------------------------------- http://threatpost.com/divide-between-work-personal-data-on-android-breached/...
*** Don’t panic over cyber-terrorism: Daesh-bags still at script kiddie level *** --------------------------------------------- Medieval terror bastards not great at hacking says ex-top NSA lawyer RSA USA There’s no need to panic about the threat of a major online terrorist attack, since ISIS and their allies are all talk and no .. --------------------------------------------- www.theregister.co.uk/2017/02/16/online_terrorism_isnt/
*** Mobile apps and stealing a connected car *** --------------------------------------------- The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. By using proprietary mobile .. --------------------------------------------- http://securelist.com/analysis/publications/77576/mobile-apps-and-stealing-a...
*** DSA-3790 spice - security update *** --------------------------------------------- https://www.debian.org/security/2017/dsa-3790
*** MQTT-Protokoll: IoT-Kommunikation von etwa Reaktoren und Gefängnissen öffentlich einsehbar *** --------------------------------------------- Über das Telemetrie-Protokoll MQTT spricht eine unüberschaubare Zahl an IoT-Sensoren in etwa Autos und Flugzeugen mit ihren Servern – unverschlüsselt, ohne Frage nach Passwörtern. Hacker könnten nicht nur mitlesen, sondern Daten auch manipulieren. --------------------------------------------- https://heise.de/-3629650
*** Darknet-Drogenring in Braunau aufgeflogen *** --------------------------------------------- Die Hinweise auf den Suchtgifthandel kamen von Zollfahndung Frankfurt. Der Kopf der Bande befindet sich in Haft. --------------------------------------------- https://futurezone.at/digital-life/darknet-drogenring-in-braunau-aufgeflogen...
*** My Friend Cayla: Eltern müssen Puppen ihrer Kinder zerstören *** --------------------------------------------- Smartes Spielzeug wird vor allem von Datenschützern immer wieder kritisiert. In einem Fall greift die .. --------------------------------------------- https://www.golem.de/news/my-friend-cayla-eltern-muessen-puppen-ihrer-kinder...
*** MQTT-Protokoll: IoT-Kommunikation von Reaktoren und Gefängnissen öffentlich einsehbar *** --------------------------------------------- Über das Telemetrie-Protokoll MQTT spricht eine unüberschaubare Zahl an IoT-Sensoren in etwa Autos und Flugzeugen .. --------------------------------------------- https://heise.de/-3629650
*** Gag Order: Riseup belebt den Kanarienvogel wieder *** --------------------------------------------- Nachdem Riseup seinen Warrant Canary im vergangenen Jahr nicht aktualisiert hatte, gab es viel Aufregung in der Szene. Jetzt gibt das Kollektiv bekannt: "Wir haben Nutzerdaten herausgegeben." Künftig soll das dank Verschlüsselung nicht mehr möglich sein. --------------------------------------------- https://www.golem.de/news/gag-order-riseup-belebt-den-kanarienvogel-wieder-1...
*** USB Killer now lets you fry most Lightning and USB-C devices for $55 *** --------------------------------------------- Plus a new, stealthy "anonymous" stick, because thats what the world really needed. --------------------------------------------- https://arstechnica.com/gadgets/2017/02/usb-killer-fry-lightning-usb-c-devic...
*** Planning for an InfoSec Conference *** --------------------------------------------- I wasted many an early year going to InfoSec conferences and security events only to find them useless. Well, they werent totally useless, Id often come back with a bag full of goodies that more often than not included stress .. --------------------------------------------- https://www.alienvault.com/blogs/security-essentials/planning-for-an-infosec...
*** SMTP Strict Transport Security Coming Soon to Gmail, Other Webmail Providers *** --------------------------------------------- SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference --------------------------------------------- http://threatpost.com/smtp-strict-transport-security-coming-soon-to-gmail-ot...
*** VB2016 paper: APT reports and OPSEC evolution, or: these are not the APT reports you are looking for *** --------------------------------------------- APT reports are great for gaining an understanding of how advanced attack groups operate - however, they can also .. --------------------------------------------- https://www.virusbulletin.com:443/blog/2017/02/vb2016-paper-apt-reports-and-...