Downclimb: Summit Route’s Weekly Infosec News Recap
2015.01.16 – 2015.01.23: https://SummitRoute.com
Quotes
“1)you hacked us, this means war 2) no we didnt 1) yes you did, we had already hacked you, and watched you do it #irony” @HumanActuator in reference to the story that the US knows North Korea was behind the Sony hack because the NSA had hacked and watched them do it.
“Tip for Microsoft: start 0day’ing Android and probably Google will modify their disclosure policy;)”
Cesar Cerrudo (@cesarcer)
Top stories
State of the Union mentions cyber security
From President Obama’s SOTU speech:
“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids. We are making sure our government integrates intelligence to combat cyber threats, just as we have done to combat terrorism. And tonight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft, and protect our children’s information. If we don’t act, we’ll leave our nation and our economy vulnerable. If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe.”
- http://fortune.com/2015/01/21/obama-state-union-cybersecurity/
Project Spartan: Microsoft’s new browser
Microsoft held a Windows 10 Media Brief[1] to show off their new operating system and their Hololens project[2], which is similar to Google Glass. The most interesting announcement though was their Project Spartan, which is a new browser to replace Internet Explorer. It’s not just a new look, but actually has a new rendering engine.
- Windows 10 Media Brief: http://news.microsoft.com/windows10story/
- Hololens: http://www.theverge.com/2015/1/21/7867593/microsoft-announces-windows-holographic
- Project Spartan: http://blogs.msdn.com/b/ie/archive/2015/01/22/project-spartan-and-the-windows-10-january-preview-build.aspx
Publications and Conference materials
- Security Day: Held in France on Jan 16.
Tools
- Sysmon 2.0: Microsoft released a new version of their Sysmon tool that now supports a configuration file and monitoring driver loading and image loading.
Other news
- Glorious Leader’s Not-That-Glorious Malwares - Part 2
- How Control Flow Guard Drastically Caused Windows 8.1 Address Space and Behavior Changes by Alex Ionescu.
- Phate: Investigations Into Windows Phone 8 by Graham Bucholz and Jesse Hertz of Matasano Security.