Friday, January 29, 2016

The NSA tells us how we have to defend against....the NSA

Today is Friday and we start the post upside down: by the reflexion text, which we usually place at the end. And it's particularly interesting and unusual the talk given by "chief hacker" of NSA. We will relate it and we will be also focus into a serious SSL hole which has been patched, the analysis of a curious ransomware and the last CCN-CERT convention videos.

Photo from @mrisher
Rob Joyce, "chief hacker" of the National Security Agency explained at the opening talk of the Usenix Enigma convection how this intelligence service attacks its objectives, mainly administrators and others with access to privileged levels at networks, comprehensively analyzing them to discover he minimum failure or using techniques like the code injection. Joyce has explained also how to defend against these attacks: limiting access privileges, segment, no clear passwords, traffic monitoring and reading logs.

Patch OpenSSL

A hole possibly welcomed by NSA and similar agencies is the SSL protocol fail which allows to decrypt HTTPS traffic. Today we know that the OpenSSL Foundation has liberated a patch on their cryptographic code library for this more than critical vulnerability.

Metamorphic Ransomware 

We don´t stop talking about encryption because the ransomware success news seem unstoppable: their objectives are the companies, new samples appears to attack Android phones...We recommend Raúl Álvarez´s analysis about a curious ransomware which in addition to encrypt the files of their victims works like an infector and use metamorphic code to hide better. Its name: Virlock.

Videos from CCN-CERT

We finish with a advertisement for the week end: all videos of the last editions from STIC by CNN-CERT (the Spanish governmental CERT) seminars. Among them are excellent talks and some interesting news.

We challenge our readers to visit us this Sunday to read our interview with the cyberwar expert Enrique Fojón. 


Post a Comment