CGA-MRF6-GCHQ-92R9

Bulletin has no description...

Hidden between the tags: Insights into spammers’ evasion techniques in HTML Smuggling

Cisco Talos has spotted several malicious email campaigns over the past few months that disguise JavaScript code within HTML email attachments, a technique commonly known as "HTML Smuggling." Cisco Talos has noticed that some industry verticals were targeted more than others by email threats usin...

CGA-7HXX-W5G3-GCHQ

Bulletin has no description...

New Images of Colossus Released

GCHQ has released new images of the WWII Colossus code-breaking computer, celebrating the machines eightieth anniversary birthday?. News article...

GCHQ Christmas Codebreaking Challenge

Looks like fun. Details here...

FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

By Owais Sultan A joint advisory from the National Cyber Security Centre has detailed how the UK and its allies have cracked Snake, a Russian malware used by the FSB. This is a post from HackRead.com Read the original post: FBI, GCHQ Unite To Foil Russian Malware Hacking Tool...

NCSC: Be Cyber Aware, especially during the Christmas season

In early December, the National Cyber Security Centre, a UK-based cybersecurity body and a part of GCHQ, kicked off the next chapter of its Cyber Aware campaign initiative, focusing on online shopping threats during the Christmas season. Cyber Aware is the UK government’s "national campaign on...

Understanding Binary and Data Representation with CyberChef

A significant part of reverse engineering and attacking devices relies on viewing and recognising data in various forms and working out how to decode it. We typically use Linux tools and scripts to do this, but you can make the first few steps using a really neat online tool called CyberChef. Wha...

Russia Is Trying to Tap Transatlantic Cables

The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe. The cables enable millions of people to communicate and allow financi...

ACLU on the GCHQ Backdoor Proposal

Back in January, two senior GCHQ officials proposed a specific backdoor for communications systems. It was universally derided as unworkable -- by me, as well. Now Jon Callas of the ACLU explains why...

Buffer Over-Read

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Buffer Over-Read

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Buffer Over-Read

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Vulnerability in French Government Tchap Chat App

A researcher found a vulnerability in the French government WhatsApp replacement app: Tchap. The vulnerability allows anyone to surreptitiously join any conversation. Of course the developers will fix this vulnerability. But it is amusing to point out that this is exactly the backdoor that GCHQ i...

Enigma, Typex, and Bombe Simulators

GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet. News article...

Hacking the GCHQ Backdoor

Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems. Furthering the debate, Nate Cardozo and Seth Schoen of EFF explain how this sort of backdoor can be detected: In fact, we think when the ghost feature is active­ -- silently inserting a secret...

Evaluating the GCHQ Exceptional Access Proposal

The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the UK, Australia, and elsewhere -- argue that the pervasive use of civilian encryption is hampering their ability to solve crimes and that they need the tech companies to make...

GCHQ on Quantum Key Distribution

The UK's GCHQ delivers a brutally blunt assessment of quantum key distribution: QKD protocols address only the problem of agreeing keys for encrypting data. Ubiquitous on-demand modern services such as verifying identities and data integrity, establishing network sessions, providing access contro...

The ‘Perfect Storm’ of Disinformation and Hacking

We live in an age of fake news, misinformation and disinformation. Recently, we have been falling for it – mostly. That is largely thanks to a confluence of social media, hacking and good old fashion disinformation campaigns, according to Matt “Pwn all the Things” Tait, a senior cybersecurity...

GCHQ Found -- and Disclosed -- a Windows 10 Vulnerability

Now this is good news. The UK's National Cyber Security Centre NCSC -- part of GCHQ -- found a serious vulnerability in Windows Defender their anti-virus component. Instead of keeping it secret and all of us vulnerable, it alerted Microsoft. I'd like believe the US does this, too...