Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log
Rant of Dev.jpg

Developer Errors Exposes 180 Million Phones to Compromise →

November 14, 2017 by Marc Handelman in Cellular Telephony, Mobile Security, Mobile Telephony, Mobile Networks, Lack of Security Regimen, Or Lack Thereof

Oops, They Did It Again! Coupled with the other well-known security issues (e.g., the recently exposed (but decades old) SS7 Flaw) this latest display of security-related development governance (or lack-thereof) by the MNO's is highly dangerous; and spans borders.

November 14, 2017 /Marc Handelman
Cellular Telephony, Mobile Security, Mobile Telephony, Mobile Networks, Lack of Security Regimen, Or Lack Thereof

Looked it over, how shall I say, it's lacking a certain - competency?

Are Intel SGX Enclaves Secure? Nope, Not Really...

March 22, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, Enclaves, Information Security, Lack of Security Regimen

via Catalin Cimpanu, writing at BleepingComputer, comes this well-crafted piece on the folly of secure enclaves... In this case, Intel SGX Enclaves. Enjoy.

"More details on the attacks and proposed countermeasures are available in the research paper titled "Malware Guard Extension: Using SGX to Conceal Cache Attacks." via Catalin Cimpanu at BleepingComputer

March 22, 2017 /Marc Handelman
All is Information, Alternate Attack Analysis, Enclaves, Information Security, Lack of Security Regimen