Recent Security News

with @infosecirvin, @djhardb, and @sambowne

Aug 20, 2019

A discussion with Irvin Lemus, Sam Bowne, and Elizabeth Biddlecome.

Irvin Lemus @infosecirvin

2019-08-06: AT&T employees took bribes to plant malware on the company's network

2019-08-02: Amazon's Ring Video Camera Alarms Privacy Advocates
allows police to view home surveillance footage to assist with their investigations.

Sam Bowne @sambowne

2019-08-06: Intel Releases New Technology Specifications to Protect Against ROP attacks
CET defines a second stack (shadow stack) exclusively used for control transfer operations, in addition to the traditional stack used for control transfer and data. The return instructions (e.g. RET) pops return address from both shadow and traditional stacks, and only transfers control to popped address if return addresses from both stacks match. There are restrictions to write operations to shadow stack to make it harder for adversary to modify return address on both copies of stack implemented by changes to page tables.
2019-08-11: Opinion | Are We Living in a Computer Simulation? Let's Not Find Out

2019-08-17: Here's the stupid reason Elon Musk wants to nuke Mars
2019-08-17: Elon Musk Floats 'Nuke Mars' Idea Again (He Has T-Shirts!)

Here's why: he thinks it'll kick-start the planet and make it habitable by releasing trapped carbon dioxide into the atmosphere.
2019-08-10: 'Take It Like a Gift': Chase Erases Canadian Credit Card Debts
Chase's decision is extremely unusual. Sara Rathner, NerdWallet's credit card expert, said she had never heard of a bank's simply writing off balances as it shut down a credit card product. More typically, the bank would keep collecting payments or sell the remaining balance to a debt buyer.

Elizabeth Biddlecome @djhardb

2019-08-14: Hacker gets a whopping 14 years in prison for running Scan4You service

2019-08-17: Cloudflare IPO: A real tech giant in the making -- with a female co-founder

2019-08-14: How a 'NULL' License Plate Landed One Hacker in Ticket Hell