Sunday Round up: 25th of October 2015 - Fitbits Hacked!

Here's the week in review.

Articles:

  • 0-day race condition in Parallels Desktop for Mac (Local Privilege Escalation On Host):  https://beistlab.wordpress.com/2015/01/08/0day_race_condition_parallels_desktop/
  • Practice of Android Reverse Engineering: http://www.slideshare.net/jserv/practice-of-android-reverse-engineering
  • New Javascript Deobfuscator Tool: http://www.kahusecurity.com/2015/new-javascript-deobfuscator-tool/
  • Btproxy - Man In The Middle Analysis Tool For Bluetooth: http://www.kitploit.com/2015/10/btproxy-man-in-middle-analysis-tool-for.html
  • Tricky new malware replaces your entire browser with a dangerous Chrome lookalike: http://www.networkworld.com/article/2994803/security/tricky-new-malware-replaces-your-entire-browser-with-a-dangerous-chrome-lookalike.html
  • Fitbit Vulnerability Means Your Tracker Could Spread Malware: http://www.darknet.org.uk/2015/10/fitbit-vulnerability-means-your-tracker-could-spread-malware/
  • How to Solve Caching Conundrums: http://www.sitepoint.com/solve-caching-conundrums/
  • Hacking ZigBee Networks: http://resources.infosecinstitute.com/hacking-zigbee-networks/
  • Automating Forensic Artifact Collection with Splunk and GRR: http://informationonsecurity.blogspot.com.au/2015/10/automating-forensic-artifact-collection.html
  • Hackers Can Wirelessly Upload Malware to a Fitbit in 10 Seconds: http://gizmodo.com/hackers-can-wirelessly-upload-malware-to-a-fitbit-in-10-1737880606

Twitter:

Read last weeks round up here

If you found some other interesting stuff this week feel free to leave a link to it in the comments section.