In this week’s web security news we look at encryption… in space – 19/08/2016

A selection of this week’s more interesting vulnerability disclosures and cyber security news.

This week, for a break from the relentless stream of catastrophes in the security world I thought I would go for an all out amazing geekfest. I have a particular love of quantum mechanics and odd physics and this story of China launching a satellite to test out particle entanglement for encryption has me all excited. Of course it could be a very expensive mistake for them, but considering they are at this stage I would suspect they are pretty confident of success. If so, then the technology that follows will have profound consequences for encryption. Exciting stuff!

• China launches quantum satellite to test spooky action at a distance (The Register)

• China’s launch of quantum satellite major step in space race (Yahoo Security)

Heads down from the clouds (see what I did there), and if you haven’t heard an NSA project might have been exposed, Sage Accounting had a serious breach but not as bad as the POS vendors….

• Accountancy software firm Sage breached in apparent insider attack (The Register)
• Air gap breached by disk drive noise (The Register)
• Hacking the Hackers? US Spy Agency at Center of Apparent Breach
• Hacking tool leak came from omnipotent NSA-tied group (ArsTechnica)
• MICROS Hackers Targeted Five Other PoS Vendors
• Oracle MICROS Hackers Breach Five More Cash Register Companies (Forbes)
• Snowden speculates leak of NSA spying tools is tied to Russian DNC hack (ArsTechnica)
• ‘Strong Connection’ Between Files Leaked By ShadowBrokers & The Equation Group Researchers from Kaspersky Lab
• Address Bar Spoofing Vulnerability Found in Several Browsers
• Almost every Volkswagen sold since 1995 can be unlocked with an Arduino (ArsTechnica)
• Backdoor Abuses TeamViewer to Spy on Victims
• Banking system SWIFT was anything but on security, ex-boss claims (The Register)
• Cisco confirms NSA-linked zeroday targeted its firewalls for years (ArsTechnica)
• Firewall Vendors Analyze Exploits Leaked by _Shadow Brokers
• Hackers claim to have stolen cyberweapons from NSA, demand 1 million Bitcoin in exchange (TechRepublic)
• In a shift, Bangladesh Bank says no plans to sue Fed, SWIFT (Yahoo Security)
• LinkedIn suffers huge bot attack that steals members personal data Ethan Baron reports
• Running a DNSSec responder? Make sure it doesn’t help the black hats (The Register)
• UK: Sage Group employee arrested on fraud charge Ashley Armstrong reports
• VeraCrypt security audit: Four PGP-encoded emails VANISH (The Register)
• _Shadow Brokers_ Claim Hack of NSA-Linked Equation Group
• Shark bosses sink teeth into booming ransomware market (The Register)
• Shark Ransomware Developers Demand 20% Cut
• Hack makes it possible to factory reset any Samsung phone without a password (Yahoo Security)
• Cisco Patches Zero-Day Firewall Flaw Exposed In Equation Group Hack ShadowBrokers dump of Equation Group
• Equation Group Stings Firewall Vendors with Zero-Day Flaws (InfoRiskToday)