Thursday, August 17, 2017 - 04:10

Thomas de Maizière und die Cyber-Anlagen Feuerwehr.

Im Wahlkampf wird man ja mit einer Menge dusseligem Zeugs belästigt, das vorzugsweise wohl lieber nicht gesagt worden wäre. Und der Innenminister konnte es sich wohl nicht verkneifen auf einer Wahlkampf-veranstaltung in Bremen etwas Internetausdrucker-Romantik über ein Mikrofon zu erbrechen.

Anscheinend regte er dort eine Cyber-Feuerwehr an. Quasi als Ersatzveranstaltung für die, die sich eher nicht bei der Feuerwehr oder dem THW sehen.

Friday, January 27, 2017 - 18:33

Interesting fishing attack supported by SPAM against Strato customers

A couple of days ago one of my mail servers got spammed ... massively. That's not uncommon but I rarely see idiots mail-delivery-failure spamming just 1 system account with ~ 60,000 mails. But that wasn't the surprise.
Saturday, April 30, 2016 - 19:55

Former Tor project member developed Tor exploits for the FBI

The good news first. The developer in question never had a relevant role in the Tor project. So if you're worried that he might have placed malicious code into Tor it's quite safe to say that he hasn't. He was working on Vidalia, a GUI frontend.
Tuesday, April 26, 2016 - 23:09

Karma is a biatch and it really favors the BSI

A couple of days ago Arne Schönbohm (BSI) made a remarkably careless remark in an interview with German newspaper Welt. According to him the idea that hackers gain access to nuclear power plants and cause a MCA is nonsense.
Monday, July 6, 2015 - 14:44

Hacking Team hacked ... again.

Since I'm usually on the defense team hacks range from annoying over interesting sometimes entertaining. I'm simply on the other side of that fence. But a target like Hacking Team is a special case where everyone can just fully enjoy the shit storm party that's about to come to their town. Well. Everyone but Hacking Team of course. But that's precisely the fun part.
Thursday, May 28, 2015 - 11:22

Hacking Starbucks and a typical reaction from idiots

Egor Homakov found a way to steal money from Starbucks by exploiting a race condition on their gift cards by initiating two identical transfers at once.
Thursday, May 28, 2015 - 10:43

TOX: Tailored ransomware

McAffee found a malware as a service on a hidden service on TOR. The site is a malware construction kit for TOX ... ransomware.
Thursday, May 21, 2015 - 15:51

LogJam: Beating TLS and DH with a MITM attack and precomputation

Researchers found a pretty disturbing problem with TLS and DH. It's mostly relevant for export grade encryption. But it's here to stay and needs to be tackled more properly in the near future.
Monday, May 18, 2015 - 00:03

mSpy Hack and why parents should stay away from such services

mSpy is a service providing surveillance capabilities to private citizens for mostly mobile devices...phones. The software can track movement, phone calls and a couple of other things. What you'd expect from such a software. It's mainly advertised for helicopter parents and employers.
Thursday, May 14, 2015 - 18:37

Open resolvers and rogue networks. Scylla & Charybdis in the network

Open resolvers are generally considered a plague. Pretty much what open relays are for mail. And there is a good reason why certain people eyeball them with suspicion.