SWITCH Security-Blog

SWITCH-CERT IT-Security Blog


Leave a comment

A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Meltdown and Spectre: security meltdown directly from the processor
  • Leaks, fakes and cryptocurrency hacks: business models of a different kind
  • Italianitá in the smartphone – state trojan monitors smartphone users
  • Kaspersky shut out of Lithuania as well
  • Strava leaks – fitness secrets of a different kind

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.


Leave a comment

A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Dresscode for apps in the Google Play Store: malicious
  • Quad9 – does it offer a data protection-friendly alternative to Google DNS?
  • Uber’s customer and driver data on a highway to the Dark Net
  • An earful of espionage: when headphones become listening devices

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.


A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our bi-monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Attack of the digital dolphins: hacking Alexa, Siri and their friends via ultrasound
  • The anti-antivirus programme: US government bans agencies from installing Kaspersky software on their computers
  • A hack of ‘epic proportions’ at Equifax
  • Science fiction 4.0 – how to hack a computer with a drop of saliva

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


A file that wasn’t there

One of our minions (he was introduced in this blog entry a while ago) recently came to us asking for advice: he was about to automate yet another task, by using his Python-fu, and realized that he misses entries in the file system as well as in the registry.

Notably, he only sees this behaviour on 64bit-versions of the Windows operating system:

Windows Explorer (64bit) vs Python application (32bit)

Left: Windows Explorer (64bit) lists several folders and files.   Right: Python application (32bit) only lists the folder Microsoft.

The left image shows the folder C:\Windows\System32\Tasks as seen in the Windows Explorer, the right image as seen in a simple 32bit-python application. Only the subfolder Microsoft is listed there. Something is amiss.

 

Below is the code to produce the right image, when executed in a 32bit-version of Python:

import glob, os
for pathfilename in glob.glob(r"C:\Windows\System32\Tasks\*"):
    print pathfilename

Continue reading

News


IT-Security-Links #66

German:

News


1 Comment

IT-Security-Links #65

News


1 Comment

IT-Security-Links #64

  • Shellshock I: Shellshock is a term dating from World War I and it refers to the effect of the trauma of battle on troops. But since last week it’s also the name of a serious GNU Bourne Again SHell (Bash) vulnerability, or to be more exact, a series of vulnerabilities (currently CVE-2014-6271,-7169, -7186,-7187,-6277,-6278). Comprehensive technical overviews are available from SANS (PDF) and TrendMicro (PDF).
  • Shellshock II: Web servers are indeed currently at the highest risk of being exploited, but the command shell exists all over the Internet. For example there’s also an attack vector in OpenVPN. And Shellshock could also be used to hack VOIP systems.
  • DMCA-Takedowns: Warner Bros. Entertainment must now release key information about its automated scheme to send copyright infringement notices to websites.
  • WordPress-Security: Security researcher Ryan Dewhurst released the WPScan Vulnerability Database, a one-stop shop for the latest WordPress, plug-in and theme vulnerabilities.
  • Google and Dropbox launched Simply Secure to improve online security. The newly created organization aims to make security technologies easier to use.
  • How to deal with old Java-based enterprise applications? Deutsche Bank London helped develop an “application self-defense tool” that sits below the application to detect and prevent attacks and apply virtual patches.