2016-02-27

Google's Project Shield

Google has finally launched its much touted Project Shield DDoS mitigation service, with a mission to preserve free speech by protecting news, human rights and election monitoring sites around the world.
Details here; project website here 

MouseJack: Injecting Keystrokes into Wireless Mice

Interesting hack to take over wireless mice (non-Bluetooth).
Wireless mice and keyboards commonly communicate using proprietary protocols operating in the 2.4GHz ISM band. In contrast to Bluetooth, there is no industry standard to follow, leaving each vendor to implement their own security scheme. 

2016-02-14

Pwn2Own 2016

The annual event, which was originally hosted by HP's ZDI, will now be jointly hosted by HP and TrendMicro (post the acquisition). Details are here and here.

Highlights:

  • Exploiting Google Chrome or Microsoft Edge will earn hackers $65,000
  • Exploiting Apple Safari on Mac only $40,000. 
  • Achieving system-level access on Windows or root access on Mac OS X would add another $20,000 to the final payout.
  • Adobe Reader, Mozilla Firefox and Internet Explorer are no longer on the contest's target list. Adobe Flash remains, but only the version that comes bundled with Microsoft Edge
  • If anyone manages to escape the VMware Workstation virtual machine and achieves code execution on the host operating system, they’ll receive an additional $75,000


2016-02-06