Researchers from MWR Labs used 11 vulnerabilities across six different mobile applications to execute code on a Samsung Galaxy S8 at Mobile Pwn2Own.
Link: https://threatpost.com/chain-of-11-bugs-takes-down-galaxy-s8-at-mobile-pwn2own/128739/
Tag: security research
Marcus Hutchins’ Only Certainty is Uncertainty
WannaCry hero Marcus Hutchins pleaded not guilty last week could be freed today on $30,000 bond before the case moves to Wisconsin.
Link: https://threatpost.com/marcus-hutchins-only-certainty-is-uncertainty/127270/
Dashlane, Researcher at Odds Over Potential Privilege Escalation Vulnerability
Researcher Paulos Yibelo said that Dashlane elected not to patch a vulnerability he disclosed more than a year ago in all versions of the password manager application.
Link: https://threatpost.com/dashlane-researcher-at-odds-over-potential-privilege-escalation-vulnerability/127002/
Platinum APT First to Abuse Intel Chip Management Feature
Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers.
Link: https://threatpost.com/platinum-apt-first-to-abuse-intel-chip-management-feature/126166/
NSA’s EternalBlue Exploit Ported to Windows 10
Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.
Link: https://threatpost.com/nsas-eternalblue-exploit-ported-to-windows-10/126087/
40,000 Subdomains Tied to RIG Exploit Kit Shut Down
GoDaddy, along with researchers from RSA Security and other companies, shut down tens of thousands of illegal established subdomains tied to the RIG Exploit Kit.
Link: https://threatpost.com/40000-subdomains-tied-to-rig-exploit-kit-shut-down/126072/
WannaCry Development Errors Enable File Recovery
Researchers at Kaspersky Lab have found a number of programming errors in the WannaCry ransomware code that put file recovery within reach of sysadmins.
Link: https://threatpost.com/wannacry-development-errors-enable-file-recovery/126002/
ShadowBrokers Put Price on Monthly Zero Day Leaks
The ShadowBrokers announced details on how to subscribe to its Monthly Dump Service, which is available for 100 Zcash.
Link: https://threatpost.com/shadowbrokers-put-price-on-monthly-zero-day-leaks/125960/
WannaCry Ransom Note Written by Chinese, English Speaking Authors
A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said.
Link: https://threatpost.com/wannacry-ransom-note-written-by-chinese-english-speaking-authors/125906/
Yahoo Retires ImageMagick After Bugs Leak Server Memory
Researcher Chris Evans reported a new bug and showed how also used a previously known flaw in ImageMagick to leak Yahoo server data and steal images and authentication secrets.
Link: https://threatpost.com/yahoo-retires-imagemagick-after-bugs-leak-server-memory/125862/