International Association for Cryptologic Research's CHES 2018 Call for Tutorials / Posters / Papers
The International Association for Cryptologic Research has issued a Call for Papers, Posters and Tutorials to enrich your Association's upcoming Cryptographic Hardware and Embedded Systems (CHES) 2018 event, slated for Amsterdam, The Netherlands from 2018/09/09 - 2018/09/12 inclusive. Enjoy!
LTE Flaw-O-Rama →
Following up on our Tuesday post entitled '4G Gone Wild (and the trigger for that post - Zero Day author Zack Whittaker's) superlative piece), another author - Sean Gallagher of Ars Technica - has posted a highly detailed article presenting his take on the same LTE security flaws and the ramifications of those pernicious issues. Certainly Today's Must Read!
Robert M. Lee and Jeff Haas', 'Little Bobby Comics' →
From LittleBobbyComics (and edited for length):
Writer
Robert M. Lee is the writer for Little Bobby and draws inspirations for the comic from his own adventures in technical and security related fields. Robert started his career as an active-duty U.S. Air Force Cyber Warfare Operations Officer working in the U.S. Intelligence Community working on complex and technical missions including the discovery of national level cyber threats and the security of SCADA and industrial control systems. He is currently the CEO of Dragos Security and is also a SANS Institute course author and instructor as well as an Adjunct Lecturer at Utica College where he teaches in the M.S. Cybersecurity program.
Illustrator
Jeff Haas is an artist and illustrator who has a career that has spanned a variety of media – including comics, book and magazine illustrations, corporate and private murals, theatrical posters, board games, and paintings. He is an accomplished artist who has managed to transform a personal passion into a career that has reached many and has been critically acclaimed by international audiences. Jeff and his wife live in Michigan, where they have been remodeling a 100 year old home “forever”.
Synthetics →
via Peter Rudegeair and AnnaMaria Andriotis - writing at The Wall Street Journal - comes a good example of crime reportage, regaling us with an exposé of pernicious criminality within the Identity Theft arena: The utilization of Synthetic Identities leveraged to abscond with fungible assets... In this case, to the tune of billions of dollars. While not new - as the article erroneously claims in both it's title and body copy - the use of synthetic identities targeting our children's identities and unused Social Security Numbers has been an ever-increasing fraud modality for a number of years. Today's Must Read.
Cryptominer versus Cryptominer →
via Richard Chirgwin, writing at El Reg, comes the story of cryptominer warfare taking place in server racks around the world. Pay attention, as we believe this is bound to get quite interesting, indeed.
4G Gone Wild →
via Zack Whittaker, writing at the Zero Day blog at ZDNet, tells the story of recently discovered 4G LTE attacks, and the academicians studying the specifics of these pernicious exploits (the group's recently published paper is currently available). Today's MustRead. H/T
Ten attacks detailed in a new paper by researchers at Purdue University and the University of Iowa expose weaknesses in three critical protocol operations of the cellular network, such as securely attaching a device to the network and maintaining a connection to receive calls and messages. - Zack Whittaker, writing at the Zero Day blog at ZDNet
Stunning Stupidity To Start The Week: Selling Your DNA Via A Blockchain Controlled Marketplace →
Easily the most egregiously moronic idea I've heard this month (and it's only 5 days in(!) - stay tuned - pretty sure there will be others)... Would you sell your DNA data on the Blockchain? Enjoy!
'It is not easy putting a dollar value on the human genome, so only time will tell if these innovative, blockchain approaches to genetic data trading will pay off for individuals.' via James Levenson, writing at Bitcoinist
IPv6, The DDoSing →
Meanwhile in DDoS news... Reportage of IPv6 DDoSing via El Reg, (and well-written by Kieren McCarthy) detailing an IPv6-transported DDoS attack - a 1.35Tbps attack on GitHub - that should be baking a lot of noodles out there in the network protection racket...
"Network guru Wesley George noticed the strange traffic earlier this week as part of a larger attack on a DNS server in an effort to overwhelm it. He was taking packet captures of the malicious traffic as part of his job at Neustar's SiteProtect DDoS protection service when he realized there were "packets coming from IPv6 addresses to an IPv6 host." The attack wasn't huge – unlike this week's record-breaking 1.35Tbps attack on GitHub – and it wasn't using a method that is exclusive to IPv6, but it was sufficiently unusual and worrying to flag to the rest of his team." - via Kieren McCarthy writing at El Reg