Wycheproof, The Project →
Meanwhile, in security project news, comes word of a new Alphabet, Inc. Google Security (NasdaqGS: GOOG) project, monikered appropriately - Project Wycheproof. Purportedly apellated for the smallest mountain in the world, it is now clear that security engineers at Google possess a sense of the absurd, whilst taking care of business, as it were...
Daniel Bleichenbacher and Thai Duong both Security Architects at Google Inc., have announced the Project, via the Google Security Blog. Source is on GitHub. Enjoy.
DNSChanger, Redux →
Apparently, DNSChanger has reared it's pernicious head again, infecting large numbers of unwary users and vectored through steganographic code malware inclusion within major news site banner ads... This time, per The Hacker News reporter Swati Khandelwal, comes the bad news of both the vector and the attack.
Linux Security, The Litany of Failure →
Well-wrought thought piece on the failure of Red Hat and Ubuntu to secure their respective distros utilizing standardization in the form of reproducible builds (and other means).
Damn kids apparently have forgotten their lessons whilst in kindergarten regarding safe and fair play. In this case, however, we have the added component of organizations, companies and individuals suffering due to the ineptitude of the big names in Linux... Astounding.
Time to Implement Offensive Cybersecurity? →
The Christian Science Monitor's contributor David Brumley, PhD. pens a unique thought piece on why offensive cybersecurity is now requisite, and certainly needs a playbook...
David Brumley is the director of CyLab Security and Privacy Institute and the Bosch Distinguished Professor in Security and Privacy Technologies at Carnegie Mellon University. He's also chief executive officer of ForAllSecure. - via CSMonitor.com
Finnish HVAC Systems DDoS'd →
News, via Finnish site Metropolitan, of a DDoS attack on computer-managed HVAC systems in the town of Lappeenranta, Finland. In a country situated geographically as Finland, this attack should be construed as a life safety issue. H/T