Security Roundup - 2018-03-09

USENIX Enigma 2018 videos. Missed USENIX Enigma 2018? Videos started showing up on YouTube, so you can catch up on the latest privacy and security research, including (but not limited to) topics like:

How to break encryption. Want to know more about how researchers break ransomware? You may want to start reading MalwareBytes Encryption 101 series, where this week they go over identifying crypto and finding weaknesses in its usage.

Breaking down a RAT. And for even more malware breakdown, ObjectiveSee breaks down a remote access trojan that (at time of writing) was not picked up by AV. This happened due to looking at VirusTotal for references to a database that was previously exploitable in OSX (now patched), where several malware authors still check for this exploit.

Are voting machines truely divorced from the internet? This is the question that a Princeton professor explores in this article, since voting machines still have modems. Since this is more like a voice call, it is possible that there is insulation from the internet, but one problem will always exist: this communication is still routed, opening the possibility of some exploit in the pathway allowing an attacker to tap into the communication, which the US-CERT has called attention to. But the researchers point out there is an easier way, just use the concept behind the Stingray to act as a cell tower and MitM the communication path, putting you much closer to your intended target and more likely for a successful interception.

New 4G vulnerabilities discovered. Speaking of mobile network vulnerabilities, researchers from Purdue and Iowa University have built a tool to scan for 4G vulnerabilities and published some of their results. Spoilers: attacks exist, and there are several.

WebUSB undermines physical token security. WebUSB is a feature that allows websites to access USB content, ostensibly for things like VR and 3D printers. However, researchers have used it to trigger a query to connected 2FA tokens and, if combined with tricking the user into entering their password, could be used to take over accounts otherwise secured by 2FA.

The history of L0pht. L0pht was one of the early and influencial hacker groups of the last 25 years, and Duo has a 4 part expose on their history. In the beginning, it all started with people dialing into BBSes and sharing information, and then moved to in person to a shared loft space…

Written on March 9, 2018