IT / Security

BASH vulnerability issue

The BASH v.<4.3 can be vulnerable. Name: Shellshock. Some info here: NIST NVD – Vulnerability Summary for CVE-2014-6271 – https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 Wordfence – http://www.wordfence.com/blog/2014/09/major-bash-vulnerability-disclosed-may-affect-a-large-number-of-websites-and-web-apps/ The Register: http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/ SecurityIntelligence: http://securityintelligence.com/news/shellshock-where-the-bash-bug-could-hit-the-hardest/ CentOS: http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html …

Components / Security

ATECC108 from ATMEL

ATECC108 is a ECDSA Crypto Authentication Chip that is using key sizes of 256 or 283 bits and supports I²C communication (< 1Mb/sec) and Single-Wire Interface. Features: NIST B283/K283/P256 bit …

Security

That BadUSB vulnerability…

First was the badBIOS. Now BadUSB. What’s next? To read: badBIOS – 2013 issue – Dragos Ruiu,  @dragosr on Twitter, wrote about some alarming issues with malware that spreads  between …

Development Tools / Security

Maxim’s ECDSA Demo Stick

Maxim’s ECDSA DS28E35 + DS 2475 A duo that brings a ECDSA to 1-wire http://www.maximintegrated.com/en/products/embedded-security/authenticators/advisor/asymmetric.cfm Quick info links: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital …

IT / Security

The Flame: Questions and Answers / Kaspersky article

This is one of the most complex malware/threat till now. Reading the Kaspersky article http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers#page_top this malware seems to be a complex remote management and automation tool. Flame: appears to be …