China’s “Great Cannon” being actively used against Hong Kong protestors

Apparently China has brought out the proverbial “big guns” for dealing with the protests that have been going on in Hong Kong for the last 6+ months. The “Great Cannon” is a capability that is in the Great Firewall of China and it is cyber weapon has the ability to downgrade HTTPS to HTTP and then inject malicious JavaScript into targets web browser which gives them full control of the web browser and can be used to track what is being said, sites being visited, and worst of all create a massive botnet using the affected web browsers to launch a distributed denial of service (DDoS) attack the forums being used to coordinate protests.

You can read more about China’s “Great Cannon” here:

Burp Suite now supports WebSockets

While I was trolling around on Twitter this morning PortSwigger tweeted about their latest release of Burp Suite which now supports intercepting WebSockets. Check out their release note regarding v2.1.01. This feature also appears to be in the Community version as well as their Professional version:

Articles: Women in Security

To all the female engineers in information security, here’s are some articles regarding women working in technology. Most of the articles are inspiring while others show how far women have come in technology but also there’s still a lot that needs to be addressed before women get the recognition that they deserve in this field.

Article: New Silex malware is bricking IoT devices, has scary plans

If you haven’t changed your IoT devices credentials from their defaults, you should! This botnet is using default credentials to take over the IoT device and corrupts the embedded Linux operating system by overwriting it’s storage, dropping the firewall, etc. To get it back up and running you will need to re-flash the firmware in most of the cases.