Week 43 in Information Security, 2017
Researchers from the Masaryk University finally published full paper of the practical cryptographic attack against the implementation of RSA in the widely used trusted platform modules / crypto tokens. "The Return of Coppersmith’s A‚ttack: Practical Factorization of Widely Used RSA Moduli"
http://ift.tt/2ihjyiAThose guys published an interesting paper about the secure cryptographic computation with the threat model without attackers based on Earth. They are proposing SpaceHSM hardware secure devices on the orbit. "SpaceTEE: Secure and Tamper-Proof Computing in Space using CubeSats"
http://ift.tt/2ylOdX0There is a small chance that the documents encrypted by Bad Rabbit ransomware could be recovered without paying ransom, if the shadow copies had been enabled in the Windows prior to infection. Victims can restore the original versions of the encrypted files using standard Windows backup mechanism. For technical analysis of the Bad Rabbit ransomware, see the second link.
http://ift.tt/2zzScLB
http://ift.tt/2gJGURgGoogle is going to deprecate the use of pinned public key certificates, public key pinning (PKP), from the Google Chrome browser.
http://ift.tt/2hgu4a2The British government has publicly attributed North Korean government hackers as a source behind the "WannaCry" malware epidemy.
http://ift.tt/2lFVF9dMultiple remote execution vulnerabilities (CVE-2017-13089, CVE-2017-13090) were patched in the popular software Wget. Update!
http://ift.tt/2hbuXkcThe source code of an AhMyth Android remote administration tool is available on GitHub. It can steal contact information, turn on camera, microphone, read SMS, and more.
http://ift.tt/2tWse3pMalscan is a robust and fully featured scanning platform for Linux servers built upon the ClamAV platform, providing all of the features of Clamscan with a host of new features and detection modes.
http://ift.tt/2yn2UZOThere is an update for the world's fastest and most advanced password recovery utility Hashcat.
http://ift.tt/2gSN7qzSource: http://ift.tt/2ynZF4b

Submitted November 02, 2017 at 03:43AM by undercomm
via reddit http://ift.tt/2h4WO90

Costs for a Cybersecurity Club
Hi everyone,I'm planning to create a general netsec/cybersecurity club at my high school this year. As for activities, I wanted to get the school involved in security education and training through CTFs, Red Team-Blue Team, Kali Linux, VMWare, and other activites related (thank you for this info on other posts).My only issue currently is how much it would cost to do these activities for 15-30 students at a time. I don't know many resources for these activities as I'm a beginner myself, and would really appreciate your advice.If you have any good resources for beginner-intermediate (and possibly advanced) activities or a general quote of how much you think the club would need to be maintained, please let me know.Thank you,vinnishi.

Submitted November 02, 2017 at 04:13AM by vinnishi
via reddit http://ift.tt/2iUmUfj

Will I get terminated?
my work computer got hacked and sent out company-wide emails with phishing content.I have no idea what happened but I promptly notified the security team.

Submitted November 02, 2017 at 05:51AM by pkrishnaq
via reddit http://ift.tt/2zZlS50

In response to how nation states such as Russia, China, Iran & North Korea are weaponizing cyberspace in order to inject their influence operations on Americans & Europeans, ICIT has introduced the Center for Cyber-Influence Operations Studies (CCIOS).
http://ift.tt/2zZ4gGn

Submitted November 02, 2017 at 05:43AM by bloc_hack
via reddit http://ift.tt/2hxr5KL

More must be done to protect America's nuclear power plants from cyberattacks
http://ift.tt/2A1lKCO

Submitted November 02, 2017 at 04:57AM by WinglessIndependence
via reddit http://ift.tt/2zoXqOi

Security Advice for the Rest of the World
http://ift.tt/2zZypFu

Submitted November 02, 2017 at 07:53AM by hpo1n7
via reddit http://ift.tt/2gW8dnE

Security Researchers Breach iOS 11.1 at Hacking Contest
http://ift.tt/2h6jzt4

Submitted November 02, 2017 at 09:35AM by nzwasp
via reddit http://ift.tt/2gWk0m7

Signal >> Blog >> Standalone Signal Desktop
http://ift.tt/2z1sMK8

Submitted November 02, 2017 at 10:57AM by dpgowan
via reddit http://ift.tt/2z7bYPo

Silence of the Moles: Linking the Silence Trojan & Mole Ransomware
http://ift.tt/2inVj2h

Submitted November 02, 2017 at 12:08PM by 0xbaadf00dsec
via reddit http://ift.tt/2iV5ak9

Moving news comments from the quiet giant Disqus ( to Mozilla/Coral Talk?) after their data breach
http://ift.tt/2z6Ee4Q

Submitted November 02, 2017 at 02:54PM by nkrva
via reddit http://ift.tt/2iTXcrx

Intrusion Detection System (IDS / IPS) for Linux home users?
Can an Intrusion Detection System or Intrusion Prevention System (IDS / IPS) increase the security of home users using Linux?Or is an IDS / IPS even less useful than antivirus for Linux?Is an IDS / IPS more useful in company networks and so forth?

Submitted November 02, 2017 at 04:02PM by musterhausen
via reddit http://ift.tt/2gUqe5T

Paul Manafort Might Have Used "bond007" As Online Password
http://ift.tt/2ik0HDq

Submitted November 02, 2017 at 04:42PM by GemmaJ123
via reddit http://ift.tt/2h6eOjk

[x-post r/business] Facebook crushes Q3 earnings but warns that future profit will slow, impacted by investment in security
http://ift.tt/2xLK5eg

Submitted November 02, 2017 at 04:32PM by GemmaJ123
via reddit http://ift.tt/2iXpTnv

CPSA resources?
Hey all,Just done my QSTM accreditation and I’m getting booked up for the CPSA.I found during my studies for QSTM that the material they give really lacks a directive and can become saturated with irrelevant information.Has anyone taken the CPSA recently and if so could you point me in the direction of good resources to go over?I’ve been going over some of the information outlined by the syllabus and over the RTFM.Thank you.

Submitted November 02, 2017 at 06:43PM by freshkidj
via reddit http://ift.tt/2zqFGSv

Security In 5: Episode 103 - Top 10 Security Tips For Your Network - 1 - Use Strong Authentication
http://ift.tt/2zbA0uN

Submitted November 02, 2017 at 06:34PM by BinaryBlog
via reddit http://ift.tt/2zrnokf

Ramnit Malware Makes a Comeback via Google Play
http://ift.tt/2zbWz2A

Submitted November 02, 2017 at 06:22PM by RG9N
via reddit http://ift.tt/2zpL6gx

Bypassing Browser Security Warnings with Pseudo Password Fields
http://ift.tt/2ynwuOS

Submitted November 02, 2017 at 06:49PM by sidcool1234
via reddit http://ift.tt/2hzvU6i

Russia hackers had targets worldwide, beyond US election
http://ift.tt/2iobCfF

Submitted November 02, 2017 at 07:51PM by pielco11
via reddit http://ift.tt/2zZZ98U

The evolution of deception in computer security
http://ift.tt/2zZjsU8

Submitted November 02, 2017 at 07:31PM by Mr_CyberFish
via reddit http://ift.tt/2gYEJWd

Using the DDE attack with PowerShell Empire
http://ift.tt/2hz1r8h

Submitted November 02, 2017 at 07:18PM by maxxori
via reddit http://ift.tt/2zckwGO

No Security Regulations on IoT Devices? How to Help with this Problem?
Currently there is no government regulations on security for IoT Devices. What are the steps for one to enforce stricter security regulation on IoT devices in a country such as USA? As the future pushes forward with IoT devices, consumers will need to have a sense of trust in order to embrace IoT devices to create a better, safer and convenient way of life. By having the feeling of higher security regulation on IoT devices, consumers will have a better feeling knowing they're are protected.Any suggestions or opinions are welcome.

Submitted November 02, 2017 at 09:42PM by dld008
via reddit http://ift.tt/2xQ52om