Security Roundup - 2016-01-20

Course Materials For Malware Analysis Released On Github

For those more interested in malware.

Reddit Discussion On MMO Hacking

Essentially, on the server end trust nothing clients send to you. Anything you expose can and probably will be abused.

The MonkeySphere Project

Attempting to expand the PGP Web Of Trust model to other things. Currently working on ssh trust, where admins sign public keys so users can check, rather than just blindly accepting server fingerprints.

What Is My Local IP

Did you know that with new browser extensions, people can learns what your internal IP address is? Try it pre/post VPN connection!

Cyptsy Bitcoin Exchange Hacked

Third party code for a specific blockchain currency contained an IRC backdoor, eventually allowing for in the ability to steal from other wallets. Cryptsy apparently knew this for a while, and has only disclosed recently. Someone pointed out this backdoor in march of last year on Github.

Written on January 20, 2016