Category: security

FLIGHT SIM LABS

FlightSimLabs

Somebody sent us a note earlier about this company using some rather suspicious tools. Evidently the company is bundling a chrome password dump tool with their software for Flight Simulator etc. There is a file called test.exe which has been found to dump the passswords from Google Chrome. Evidently they were using this to attack …

Continue reading

INFINEON TPM SECURITY ADVISORY

Seal_of_the_U_S__National_Security_Agency

It has come to our attention that certain laptops with an Infineon TPM chip . This advisory addresses CVE-2017-15361, also referred to as “Return of Coppersmith’s Attack” (ROCA). What happened is that the TPM chip generated weak cryptographic keys. The standard for keys is comparatively strict Microsoft Advisory 170012  indicated that the Infineon TPM needs …

Continue reading

LAPTOP FRU WHITELISTS

Lenovo T500

Many laptops unknown to the user use a whitelist for the hardware installed. We have seen whitelists for Wi-Fi cards, batteries and even cellular cards. Acer, Asus, MSI and Samsung are not known to use any whitelists, hardware can be modified as desired. KNOWN WHITELIST USERS Lenovo Toshiba Dell HP/Compaq Whitelist users hide behind nonsense …

Continue reading