A market for trading software issues
#BruceSchneier on Australia's encryption laws and #CyberCon speaker bans - https://www.zdnet.com/article/schneier-slams-australias-encryption-laws-cybercon-speaker-bans/
#DLink Home Routers Open to Remote Takeover Will Remain Unpatched
CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device. https://threatpost.com/d-link-home-routers-unpatched/148941/
X-ray technique can reverse engineer an entire chip without damaging it https://spectrum.ieee.org/nanoclast/semiconductors/design/xray-tech-lays-chip-secrets-bare
They're forbearers of the bad news 😎
That's true but only to a point when you can trust your DNS provider
You can use a disposable email
Wireless attacks on aircraft instrument landing systems
Centralised DoH is bad for privacy, in 2019 and beyond https://blog.powerdns.com/2019/09/25/centralised-doh-is-bad-for-privacy-in-2019-and-beyond/
"Advanced hackers" are infecting IT providers in hopes of hitting their customers https://arstechnica.com/information-technology/2019/09/advanced-hackers-are-infecting-it-providers-in-hopes-of-hitting-their-customers/
China Telecom's BGP Hijacking [pdf] https://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1050&context=mca
Cache Attacks on CTR_DRBG - https://security.cohney.info/blackswans/
Love thy NSA
South Africa has been intercepting all undersea fibre cable Internet traffic - https://www.iafrikan.com/2019/09/02/south-africa-mass-surveillance-spying-undersea-fiber-cables/
What would that be?
Facebook uploads all system libraries on your Android - https://mobile.twitter.com/wongmjane/status/1167463054709334017?s=12
How to reveal AWS S3 bucket name, the easy way...
One-liner #Docker escape from #GCP's Cloud Shell to the host OS
Researchers use Rowhammer bit flips to steal 2048-bit crypto key - https://arstechnica.com/information-technology/2019/06/researchers-use-rowhammer-bitflips-to-steal-2048-bit-crypto-key/
SACK Panic – Multiple TCP-based remote denial-of-service issues
#sack #tcp https://access.redhat.com/security/vulnerabilities/tcpsack
Intel CPUs afflicted with simple data-spewing spec-exec vulnerability
A Mastodon instance for info/cyber security-minded people.