Technology
UISGCON14 https://14.uisgcon.org/ На Дніпропетровщині СБУ попередила кібератаку російських спецслужб на об’єкт критичної інфраструктури https://ssu.gov.ua/ua/news/1/category/2/view/5037#.MkS7rpun.dpbs Ukraine claims it blocked VPNFilter attack at chemical plant https://www.theregister.co.uk/2018/07/13/ukraine_vpnfilter_attack/ Speculative Buffer Overflows: Attacks and Defenses (pdf) https://people.csail.mit.edu/vlk/spectre11.pdf New Spectre 1.1 and Spectre 1.2 CPU Flaws Disclosed https://www.bleepingcomputer.com/news/security/new-spectre-11-and-spectre-12-cpu-flaws-disclosed/ Google Enables 'Site Isolation' Feature By Default For Chrome Desktop Users https://thehackernews.com/2018/07/google-chrome-site-isolation.html Вийшов річний звіт CISCO з кібербезпеки і піврічний звіт чекпоінт, але ми поговоримо про них наступного разу https://www.cisco.com/c/dam/global/uk_ua/assets/pdfs/Final_Files_Cisco_2018_ACR_Web.pdf?dtid=oemzzz000186&ccid=cc000160&ecid=10432&oid=anrsc005679 Scam alert: No, hackers don't have webcam vids of you enjoying p0rno. Don't give them any $$s https://www.theregister.co.uk/2018/07/13/hacker_extortion_scam/ GitHub to Pythonistas: Let us save you from vulnerable code https://www.theregister.co.uk/2018/07/16/github_to_pythonistas_let_us_save_you_from_vulnerable_code/ Microsoft seeks regulation of facial recognition technology https://www.reuters.com/article/us-microsoft-facial-recognition/microsoft-seeks-regulation-of-facial-recognition-technology-idUSKBN1K32F0 Two-factor auth totally locks down Office 365? You may want to check all your services... https://www.theregister.co.uk/2018/07/13/2fa_o365_bypass_attacks/ The Tale of SettingContent-ms Files https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39 Facebook fined for data breaches in Cambridge Analytica scandal https://amp.theguardian.com/technology/2018/jul/11/facebook-fined-for-data-breaches-in-cambridge-analytica-scandal Cops suspect Detroit fuel station was hacked before 10 drivers made off with 2.3k 'free' litres https://www.theregister.co.uk/2018/07/09/gas_station_hack/ 2018-07 Security Bulletin: Junos OS: Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2), PTX3K-FPC3 and PTX1K: Line card may crash upon receipt of specific MPLS packet (CVE-2018-0030) https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10864&cat=SIRT_1&actp=LIST Revoked Certificate when viewing mydlink IP Cameras with-in web-browsers https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10089 Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign https://www.welivesecurity.com/2018/07/09/certificates-stolen-taiwanese-tech-companies-plead-malware-campaign/ Ammyy Admin compromised with malware again; World Cup used as cover https://www.welivesecurity.com/2018/07/11/ammyy-admin-compromised-malware-world-cup-cover/ https://regmedia.co.uk/2018/07/13/burkdoll_affidavit.pdf US: Government Has Planted Spy Phones With Suspects https://www.hrw.org/news/2018/07/13/us-government-has-planted-spy-phones-suspects The 111 Million Record Pemiblanc Credential Stuffing List https://www.troyhunt.com/the-111-million-pemiblanc-credential-stuffing-list/ June’s Most Wanted Malware: Banking Trojans Up 50% Among Threat Actors https://blog.checkpoint.com/2018/07/05/junes-most-wanted-malware-banking-trojans-crypto-mining/ Did CrowdStrike really miss the mark? https://medium.com/@rsatter/did-crowdstrike-really-miss-the-mark-ecedf0e09dd7 Securit13 Patreon https://www.patreon.com/securit13