Thursday, January 14, 2016

How to hunt a 0DAY

Today it was very easy to determinate what will be our first informative recommendation of the day, and it´s because the best experts at security are sharing in Twitter this notice: how Kasperky Lab hunted an important hole at Silverlight, a Microsoft program. We will talk about this and also about a new bank Trojan for Android, a program which freezes their users and a reflexion of Bruce Schneier about the Internet of Things.

Kaspersky Lab explains with details how discovered and hunted a 0day at Silverlight, a plugin for browsers used by services like Netflix to show their content in streaming. All started last year with the stole of documents to Hacking Team. Among them was an email where a Russian hacker offered the 0day to the Italian company. The email peak the curiosity to Kaspersky researchers, who started a large investigation, explained in this text with excruciating detail, and were the Spanish service VirusTotal got lot of leadership.

Bank Trojan

We continue with another code, this time it´s a malware addressed to Android users. It´s about a bank Trojan called SlemBunk. FireEye company has identified 170 samples, designed to attack users of 33 financial applications. SlemBuk infected webs visitors with adult content, making users believe that it was an Adobe Flash Player update.

IoT frozen

Now we will talk about something that we will be talking along the year: the Internet of Things. "The New York Times brings us a curious story about a thermostat which can be regulated by mobile phone, and so, connected to Internet. Its name is "Nest Learning Thermostat" and last week a software failure left this thermostats without battery, whereby users woke up below zero at their homes. the complaints reached at...that. "The New York Times"

Monitoring like a business

We will finish with a text of Bruce Schneier, the security expert, the title explains the content quite good: "The Internet of Things talks about you back you". Schneier wants to shake things arguing that "monitoring is the Internet business model" and we can accustom to it until we agree on the new economy ethics.

We´ll see how it ends and  where the laws can help us in this case.


Post a Comment