(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Multiple RedHat JBoss Products CVE-2016-7065 Remote Code Execution Vulnerability
Cybozu Office Multiple Security Bypass Vulnerabilities
GraphicsMagick CVE-2016-7997 NULL Pointer Denial of Service Vulnerability
Snoopy '_httpsrequest()' Arbitrary Command Execution Vulnerability
Snoopy CVE-2014-5009 Arbitrary Command Execution Vulnerability
Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
IBM Financial Transaction Manager CVE-2016-3060 Clickjacking Vulnerability
QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
QEMU 'hw/virtio/virtio.c' Denial of Service Vulnerability
Qemu CVE-2015-5158 Local Denial of Service Vulnerability
Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348]

Enlarge (credit: Wikimedia Commons/Maria Joner)

The Tory government's cabinet ministers have reportedly been officially banned from wearing Apple Watches to crucial meetings in case they're compromised by Russian hackers.

"The Russians are trying to hack everything," one unnamed source told the Telegraph.

Apple Watches were said to be popular with several ministers, who wore them to cabinet meetings during David Cameron's tenure as prime minister, including former justice secretary and failed leadership candidate Michael Gove. However, under PM Theresa May—the former home secretary who repeatedly pushed for Britain's spooks to have greater surveillance powers—the devices have been summarily banned amid fears that Russian security services could listen in to government business.

Read 5 remaining paragraphs | Comments

Qemu 'hcd-ehci.c' Memory Leak Denial of Service Vulnerability
SPIP Multiple Security Vulnerabilities
QEMU 'hw/display/virtio-gpu.c' Information Disclosure Vulnerability
[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks
[SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)

Radare2 is an open-source reverse-engineering framework.

Some time ago I wrote about recovering ransomed pictures. By calculating the entropy of the ransomed files with my byte-stats tool, I could see that the file was not completely encrypted.

rahash2 is one of the tools in the Radare2 framework. As it names implies, it calculates (cryptographic) hashes, but it is quite versatile. For example, it will also calculate entropy:

And like my byte-stats.py tool, it can also split the file in blocks and calculate the entropy for each block. You do this with option -b blocksize, and it will also produce a nice ASCII-art graph:

If you have interesting tips for rahash2 (or other Radare2 tools), please post a comment.

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Internet Storm Center Infocon Status