Norwegian student tracks Bluetooth headset wearers by wardriving around Oslo on a bicycle
www.theregister.com/2021/09/04/bluetooth_headphones_tracking_oslo/ A Norwegian student who went wardriving around Oslo on a pushbike has discovered that several popular models of Bluetooth headphones don’t implement MAC address randomisation meaning they can be used to track their wearers.
The State of SSL/TLS Certificate Usage in Malware C&C Communications
www.trendmicro.com/content/dam/trendmicro/global/en/research/21/i/ssl-tls-technical-brief/ssl-tls-technical-brief.pdf Over the last six years there has been an increased shift by malware authors to secure their C&C communications using the SSL/TLS protocol to stymie detection and blend in with normal traffic. This shift is noticeable in commodity malware, as well as in APT type attacks.. This is also seen in red teaming tabletop exercises to test the capabilities of different detection security layers, using frameworks such as Cobalt Strike, Metasploit and Core Impact, among others