Security Alerts & News
by Tymoteusz A. Góral

History
#1978 Google Project Zero: How we cracked Samsung's DoD and NSA-certified Knox
Google's Project Zero hackers have detailed several high-severity flaws that undermined a core defense in Samsung's Knox platform that protects Galaxy handsets in the enterprise.

Since launching Knox in 2013, the platform has been certified for internal use by UK and US government departments, including the US DoD and NSA. Given these certifications, defense-in-depth mechanisms should be rock solid.

But according to Project Zero's Gal Beniamini, who last year tore apart Android's full disk encryption, a Knox hypervisor designed to protect the Linux kernel during runtime can be subverted multiple ways.
Read more
#1978 Google Project Zero: How we cracked Samsung's DoD and NSA-certified Knox
#1977 AthenaGo RAT uses Tor2Web proxy system to hide C&C server
#1976 DynA-Crypt not only encrypts your files, but also steals your info
#1975 Newly discovered flaw undermines HTTPS connections for almost 1,000 sites
#1974 Finding Ticketbleed
#1973 Google let scammers post a perfectly spoofed Amazon ad in its search results
#1972 The startup paying people to legally hack Uber, Nintendo, and Starbucks just got another $40 million to keep growing
#1971 Fileless attacks against enterprise networks
#1970 Mirai gets a Windows version to boost distribution efforts
#1969 This modular backdoor malware is now the most common threat to Android smartphones
#1968 Mac malware, possibly made in Iran, targets US defense industry
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12