- 31c3: Talks from the 31. Chaos Communication Congress are available on CCC-TV. Learn about SS7 phone-call routing protocol misuse or how the thumbprint of the German defense minister could be copied with a 200mm Tele lens.
- SECURE 2014: CERT Polska published the talks from the SECURE 2014 security conference in Warsaw.
- Misfortune Cookie / RomPager: Researchers from Check Point found a critical vulnerability that allows an intruder to remotely take over SOHO Internet routers and use them for attacks. Is it that bad? Yes. A list of at least 200 different likely affected devices is available as well as an online check.
- Ransomware: CryptoWall keeps evolving. For example new versions communicate with command-and-control servers using the Tor network.
- SSH: Secure the secure shell – how you can harden recent OpenSSH versions.
- MITM in the air: A Google engineer recently noticed that In-flight WiFi uses fake Google SSL certificates to spy on net traffic.
- Social Engineering: Ninety-nine-point-nine percent of the job is looking like you know what you’re doing.
German:
- Awareness: Dr. Security, ein Mann wie eine Firewall – eine dreiteilige Videoserie über gehackte Autos, entführte Rechner und Sicherheitslücken aus dem digitalen Alltag.
SWITCH Security-Blog 