Security Roundup - 2017-04-06

LastPass had another issue last week. While this is unfortunate, Troy Hunt goes into why password managers are ultimately better. Summary: the best password is a long one you don’t actually know vs systems that are easy to remember. XKCD contributes it’s own set of security tips, likely prompted by this recent issue as well.

I’ve talked about Google’s “Potentially Harmful App” detection before, but this week they go into how they detected one installed on a few dozen devices. Of note, this app was never available in the Play App store.

An IIS 6.0 zero day has been revealed to have been in play since mid-2016. Unfortunately, while IIS 6.0 reached end of life in mid-2015, it seems (there are still plenty of installs in the wild. Shodan.io shows ~600K entries per their latest scans.

Some really fun IoT exploits this week. One involves injecting attack code into the broadcast stream, which allows attackers to take over some smart TVs.

Project Zero has found an exploit for certain wifi chipsets that allow wifi drive by takeovers of devices. Patches are already available, but an overall hardware fix will take a few months.

Finally, security researchers have taken a look at Samsung’s open source Tizen operating system, used by the company for many IoT devices and found a bevy of security problems.

Threat Intelligence researchers have noticed that users are uploading plenty of sensitive documents to malware scanning services, using them in a sense as antivirus without thinking about how these files are available to researchers. The researcher in question found a number of interesting files, from private keys to confidential business plans.

A new version of Mirai has apparently raised its head, having slammed a college network for 52 hours in late February.

Written on April 6, 2017