CyberChef – Cyber Swiss Army Knife

CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and he…

CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509...

Read the full post at darknet.org.uk

NotPetya Ransomeware Wreaking Havoc

The latest splash has been made by the Petya or NotPetya Ransomware that exploded in Ukraine and is infecting companies all over the World. It’s getting some people in deep trouble as there’s no way to recover the files once encrypted. The malware …

The latest splash has been made by the Petya or NotPetya Ransomware that exploded in Ukraine and is infecting companies all over the World. It’s getting some people in deep trouble as there’s no way to recover the files once encrypted. The malware seems to be trying to hide it’s intent as it doesn’t really […] The post NotPetya Ransomeware...

Read the full post at darknet.org.uk

Petya ransomware outbreak: Here’s what you need to know

Petya ransomware impacting large organizations in multiple countries 続きを読む

Petya ransomware impacting large organizations in multiple countries

続きを読む

At least 10 million Android users imperiled by popular AirDroid app

Enlarge / AirDroid’s example imagery.
For at least the past six months, a popular remote management app available in the official Google Play Store has opened tens of millions of Android users to code-execution and data-theft attacks when they use…

Enlarge / AirDroid's example imagery.

For at least the past six months, a popular remote management app available in the official Google Play Store has opened tens of millions of Android users to code-execution and data-theft attacks when they use unsecured networks, researchers said Thursday.

As recently as earlier this week—and possibly even at this moment—the most up-to-date versions of AirDroid have used a static and easily detectable encryption key when transmitting update files and sensitive user data, according to a blog post published by security firm Zimperium. Attackers who are on the same network can exploit the weakness to push fraudulent updates or view potentially sensitive user information, including the international mobile equipment identity and international mobile subscriber identity designations that are unique to each phone. The app has been downloaded 10 million to 50 million times from the official Google Play Store.

"A malicious party on the same network as the victim can leverage this vulnerability to remotely gain full control of their device," Simone Margaritelli, principal security researcher at Zimperium's zLabs, told Ars. "Moreover, the attacker will be able to see the user's sensitive information such as the IMEI, IMSI, and so forth. As soon as the update, or fake update, is installed the software automatically launches the updated [Android app file] without ever verifying who built it."

Read 7 remaining paragraphs | Comments