Cybersecurity Newsletter, July 6 - 11
Qrator

Hello and welcome to our weekly recap of the news and articles worth attention on the topics of networking and cybersecurity published July 6 to 11, 2020.
 

So Darned Kind of you, Facebook: SDK bug sends popular iOS apps crashing earthwards

Its developer orifice, currently "investigating", had this to say on the issue: "We are aware and investigating an increase in errors on the iOS SDK which is causing some apps to crash."
 

Vulnerabilities in the FreeBSD's libc and IPv6 stack were patched, allowing local privilege escalation; Unbound server also got some exciting patches

 

Reclaiming unused IPv4 address space

"APNIC, the regional internet address registry for India, China, and 54 other Asia-Pacific nations, has found about fifty million unused IPv4 addresses under the couch." - The Register.
 

CoreBGP - Plugging in to BGP

"In this post I’ll provide some of my personal experience and history working with BGP, and introduce a new BGP library, CoreBGP, which can be used to build the next generation of BGP-enabled applications." - Jordan Whited.
 

Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle

 

Mozilla suspends Firefox Send service while it addresses malware abuse

 

Toward trusted sensing for the cloud: Introducing Project Freta

"Project Freta: free service from Microsoft Research for detecting evidence of OS and sensor sabotage, such as rootkits and advanced malware, in memory snapshots of live Linux systems" - Microsoft.
 

Why has DNSSEC increased in some economies and not others?

 

Mozilla is reducing TLS Certificate Lifespans to 398 Days

 

GNU: A Heuristic for Bad Cryptography

"If you see the letters GNU in a systems design, and that system intersects with cryptography, I can almost guarantee that it will be badly designed to an alarming degree." - Soatok.
 

An academic paper of the week - Your Privilege Gives Your Privacy Away: An Analysis of a Home Security Camera Service

 

Repository of the week - Netenum - A tool to passively discover active hosts on a network

 

See you next week!

For feedback, please write to us at cybersec@qrator.net.