Downclimb

2014.10.24

RSS feed

Downclimb: Summit Route’s Weekly Infosec News Recap
2014.10.17 – 2014.10.24: https://SummitRoute.com

Top stories

Binaries downloaded over Tor being trojaned

Josh Pitts from Leviathan Security discusses some examples he has found where downloaded binaries are being trojaned in transit. This is one of the threats that Summit Route is going to protect against.

  • http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/

FIDO: 2-Factor Authentication

Google has announced it’s support for the Fast IDenity Online Universal 2-Factor (FIDO U2F) Authentication[1]. Membership in FIDO includes Mastercard, Visa, Microsoft, Alibaba, Bank of America, PayPal, and many others. The goal is to log into websites using a USB key. Two-factor authentication, or most anything beyond our current password schemes, is a welcome improvement. However, this has been met with some criticism for requiring the use of of the P-256 NIST elliptic curve. Some suspect the points on this curve were chosen specifically to make it possible for some people to break the crypto[2].

An alternative password replacement scheme was also announced called EasyAuth from scriptjunkie[3].

  1. http://googleonlinesecurity.blogspot.com/2014/10/strengthening-2-step-verification-with.html
  2. http://crypto.stackexchange.com/questions/10263/should-we-trust-the-nist-recommended-ecc-parameters
  3. https://www.scriptjunkie.us/2014/10/replacing-passwords-with-easyauth/

Sandworm not fully patched

Microsoft’s round of patches last week failed to fully protect against the exploit CVE-2014-4114, known as Sandworm. A Fixit and EMET guidance is available.

  • http://blogs.mcafee.com/mcafee-labs/new-exploit-sandworm-zero-day-bypass-official-patch
  • https://technet.microsoft.com/library/security/3010060

Other news

Conference materials and publications