Masthash

#infosec

Kiri Bloodrose
5 minutes ago

Let's try this again, hopefully no power outages. Doing #TryHackMe Advent of Cyber: Days 2 and 3 since last night's blackout interrupted the hackie. Playing Marbles on Stream afterwards!

https://twitch.tv/kiribloodrose
https://www.youtube.com/watch?v=PItwqflsSW0

#Twitch #YouTube #ENVtuber #InfoSec #VTuber

IAintShootinMis
2 hours ago

Saw a weird #TTP from #Lockbit this week. They brought #Sophos with them onto the box. Presumably to cause Defender to shut down while they did their encryption.

Anyone else saw this?

#infosec

Ninja Owl
2 hours ago

Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats https://thehackernews.com/2023/12/qakbot-takedown-aftermath-mitigations.html #cybersecurity #infosec #privacy

🦠Toxic Flange🔬⚱️🌚
3 hours ago

#hacking #infosec

My hardware hoarding and desire to find 0 days in ISP controlled routers in customers houses pays off maybe? Now with special UART cables :)

🦠Toxic Flange🔬⚱️🌚
3 hours ago

So the Bell Aliant HH3000 of mine is dying , I’m stuck til tomorrow for a technician. Then I remembered, “Hey I wanted to be a hacker once, I bought a spare HH3000 to hack on and dump the firmware.. where is it?? “ maybe it’s so dumb it’ll work?

#hacking #infosec

vict0ni
4 hours ago

Any Ukrainian/Russian cybersecurity reporters/journalists around? if so hmu, please

#cybersecurity #infosec #hacking

InfoSecSherpa
5 hours ago

InfoSecSherpa's #InfoSec and #DataPrivacy News Roundup for Sunday, December 3, 2023 🛢

Features the World Oil article, "European Union adopts “world first” #cybersecurity legislation for manufacturers, including oil, gas industry."

https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-sunday-december-3-2023-cef13f83a626

Oil refinery photo. Image by nicolagiordano via Pixabay.
Mark Morowczynski
5 hours ago

Just finished upgrading my home #Security Onion to 2.4. Is anyone else doing monitoring like that of their home network? I actually have a hard time keeping up with all the data flowing. It really made me realize how tough this is at SMB or even Enterprise scale. Also digging into a bit more on the #Kibana side. #InfoSec #network

Windows Portable Apps
5 hours ago

We Develop Useful Apps for Windows and Android that Increase the Daily Productivity of many People. (If you love "Simplicity, Functionality and Productivity", then our Apps are a Must for you!)
.
Microsoft Store:
https://apps.microsoft.com/store/search?publisher=25%2F8
.
Amazon Appstore:
https://www.amazon.com/s?rh=p_4%3AWindows+Portable+Apps
.
Official Web Page:
https://windowsportableapps.blogspot.com
.
#windows11 #windows10 #Windows7
#Android
#Infosec #netsec #cybersec #CyberSecurity
#Data #Encryption #Decryption #Cryption #crypter #cypher
#passwordmanager #unicode #regex

Emory L.
5 hours ago

had a mild heart attack when i saw this roll by on a fresh #Fedora workstation VM. people should be aware that phrases like "owned by phracek" are perceived as emergencies by anyone in #infosec 😂

i was like “MOTHER FU-waitaminute"

Emory L.
6 hours ago

i really want to check out the #Crayonic #fido2 #securityKey but not enough that i am comfortable paying nearly USD$300 for one. if you're using a Smart Authenticator already, please tell #infosec about it!

Ninja Owl
6 hours ago

Thanksgiving hack on North Carolina city caused leak of employee data https://therecord.media/hack-on-north-carolina-city-led-to-data-leak #cybersecurity #infosec #privacy

Dissent Doe :cupofcoffee:
7 hours ago

Update on the AlphV / Tipalti claims and listing:

DataBreaches has not received any reply as yet from Tipalti, but a reader kindly sent us a link to an Israeli news source that did obtain a statement from them:

מטיפלתי נמסר: "אנחנו מכירים את הטענה הזו וחוקרים אותה. אנחנו לוקחים בכל החומרה והחשיבות את בטחון מידע לקוחותינו. נכון לרגע זה לא זיהינו כל אובדן מידע או פריצה למערכות שלנו".

In Yandex translation:

A spokesman said: "We are aware of this allegation and are investigating it. We take the security of our customers'  information with the utmost seriousness and importance. At this time, we have not detected any data loss or breach of our systems."

@brett @campuscodi @BleepingComputer

#databreach #extortion #infosec #cybersecurity #incidentresponse

Aida Akl
7 hours ago

The gift that keeps on giving. #cybersecurity #infosec

If you missed this,. more than 20,000 vulnerable #Microsoft Exchange servers exposed to attacks https://www.bleepingcomputer.com/news/security/over-20-000-vulnerable-microsoft-exchange-servers-exposed-to-attacks/ @BleepingComputer @tila

Ninja Owl
8 hours ago

SoarGames - 4,774,445 breached accounts #cybersecurity #infosec #privacy

Dumb Password Rules
9 hours ago

This dumb password rule is from Vélib’ Métropole.

Your password must be at least 10 characters, with at least 1 uppercase character, 1 lowercase character, 1 number and 1 special character (only from this list: @, $, €, #, %, *, ., ;, !, ?).

You're not allowed to paste passwords.

https://dumbpasswordrules.com/sites/velib-metropole/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

CTI.FYI
9 hours ago

🚨New ransom group blog posts!🚨

Group name: lockbit3
Post title: mirle.com.tw
Info: https://cti.fyi/groups/lockbit3.html

Group name: akira
Post title: Bern Hotels & Resort s
Info: https://cti.fyi/groups/akira.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

🌐 ✈️ GPS spoofing attacks are starting to cause navigation system failures in large aircraft. The data is "good enough" to corrupt the redundant GPS and Inertial Reference Systems leaving the flight crew blind to the aircraft's actual position.

Saying "nobody knows what to do" is incorrect but it's expensive and takes time to change certified avionics. Fix rollout will be slow and workarounds are limited.

https://www.vice.com/en/article/m7bk3v/commercial-flights-are-experiencing-unthinkable-gps-attacks-and-nobody-knows-what-to-do

#aviation #avionics #GPS #GNSS #GeoSpatial #gis #infosec

PolySécure NLF
9 hours ago

Trois sujets cette semaine.

- Nous continuons d'aborder la #neurodivergence avec Benoit Gagnon
- Scénario RedTeam - Nouvel employé, volet plus persistent avec Kim Sourdif
- Les bases du #FinOps avec Davy Adam

#podcast #infosec #cybersecurity

:mastodonworld: Petabites
10 hours ago

my state’s #DMV pushes online license plate renewal payments, and now they pre-assign your password according to formula.

“What could go wrong?” (TM) 🙄
#infosec

* walks to the curb … looks at last 4 digits of VIN … adds zip … stir

Dissent Doe :cupofcoffee:
10 hours ago

So AlphV (aka BlackCat) is trying something different again. This time, it seems they are claiming a victim before they have even attempted to contact the victim or extort them. They post no proof of claims. They state that they are taking this approach because the victim's cyberinsurance policy does not cover extortion, and their research into the victim (Tipalti) and one of the victim's clients (Roblox) suggests that their usual approach will not work. They intend to try to extort those firms and Twitch, all individually.

They even cite an academic reference on the potential benefit of paying ransom.

This listing is not the nasty approach that we've seen in some other listings on that leak site. But we'll see what happens if or when the victims don't respond.

I've sent an inquiry to Tipalti who is probably already swamped and running around trying to figure out what happened. AlphV claims to have been in multiple systems of theirs since September 8. Whether that's true or not remains to be seen.

#databreach #infosec #cybersecurity #ransom
#extortion #AlphV #BlackCat

@brett @briankrebs @campuscodi @GossiTheDog @BleepingComputer

Ninja Owl
10 hours ago

Russian region launches chatbot to report ‘extremist’ neighbors https://therecord.media/russian-region-primorsky-krai-snitching-chatbot #cybersecurity #infosec #privacy

Andreas Warburton
12 hours ago

Finally got around to migrating from Universal Analytics to GA4 (using GTM), even though I'm hugely no longer a fan of the Google/Alphabet business model.

Is it hypocritical not to look away when naked members of the public stop by my home, while personally, whenever I go out, I try not to forget to wear clothes? #privacy #ethics #tech #infosec #data #analytics

Do you either,

  1. Work in water/wastewater?
  2. Use Unitronics PLCs?

If yes, please familiarize yourself with this advisory from CISA:
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

TL;DR - Iranian threat group, CyberAv3ngers (i know, what a lame name) is targeting Unitronics PLCs with default credentials.

#cti #threatintelligence #cybersecurity #infosec

InfoSecSherpa
21 hours ago

InfoSecSherpa's #InfoSec and #DataPrivacy News Roundup for Saturday, December 2, 2023 🔮

Features the Security Affairs piece, "Fortune-Telling Website WeMystic Exposes 13M+ User Records."

https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-saturday-december-2-2023-69f7fe59080d

Fortune teller with a crystal ball.
Florian
23 hours ago

this year, I am participating in the #tryHackMe #AdventOfCyber2023 event. I have deided to make videos of me doing the tasks to document the #accessibility struggles I run into, as well as how I (fail to) get around them, for awareness, education, and basically because I felt like it. The fruits of my labor can be found here: https://www.youtube.com/playlist?list=PLoI1JGnSzOVKWI2fOpymnWcQtgxPLoW4X

Please note that the videos are still processing and therefore may not have subtitles yet. If the autogenerated ones are really bad, which wouldn't surprise me, I have infrastructure in place to do better, just let me know if it's a blocker for you and we'll sort it out. I really hope the #infoSec community as a whole can learn from this, and that it paves the way forward for better #accessibility for these kinds of challenges going forward. I'm not asking for too much here, it's about time this industry moves into the 21st century where this is concerned. Let's make it happen! :)

ZaufanaTrzeciaStrona.pl
1 day ago

Nie śpi ktoś, by czytać mógł ktoś, zatem dzisiejsza publikacja typowo dla osób cierpiących na bezsenność. Miłego klikania!

https://zaufanatrzeciastrona.pl/post/weekendowa-lektura-odcinek-548-2023-12-02-bierzcie-i-czytajcie/

#infosec #cyberbezpieczenstwo #WeekendowaLektura

Weekendowa Lektura: odcinek 548 [2023-12-02]. Bierzcie i czytajcie
Lisi Hocke
1 day ago

looking back on my personal challenge for 2023: #AskAppSec | A Tester's Journey: AskAppSec - Finding Closure https://www.lisihocke.com/2023/12/askappsec-finding-closure.html #AskInfoSec #AppSec #InfoSec

Bryan Haskin
1 day ago

You can no longer remove the location from a photo in Google Photos on #Android WTF #google

#infosec #tech #security

https://support.google.com/photos/answer/6153599?hl=en&co=GENIE.Platform%3DAndroid#

Text:
Edit or remove an estimated location from a photo 

Important: You can only update or remove estimated locations. If the location of a photo or video was automatically added by your camera, you can't edit or remove the location.
Lockdownyourlife
1 day ago

I decided to offer a birthday weekend discount on the spicy pages. I'll be dropping an audio story for subscribers over the weekend. 😈

P.S. The story has nothing to do with tech, however, I do know a few people who do vocal narration for tech podcasts & spicy books, so there's your tech connection.

Links: https://linktr.ee/lockdownyourlife

#nsfw #onlyfans #tech #infosec #voiceacting #socialmedia #contentcreator #holidays #birthday

Dumb Password Rules
1 day ago

This dumb password rule is from Bank Millennium.

Passwords limited to 8 digits.

https://dumbpasswordrules.com/sites/bank-millennium/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Paul Chambers
2 days ago

@UROCKlive1

re: Hackers had “accessed multiple US-based” water facilities

Why are the water facilities leaving the internet-connected device passwords at the manufacturer default password?

The EPA and state EPA's/water control boards need to get on this ASAP. Get the rest changed! #InfoSec #Hacking #Security #CyberSecurity

Regardless who is doing the hacking, terrorists or others, blame squarely should be with the teams operating these with default passwords.

https://www.cnn.com/2023/12/01/politics/us-water-utilities-hack/index.html

Hypolite Petovan
2 days ago

I'm positively impressed by the latest shame scam I just received. It even includes a password of mine that has been reported as part of a dump several years ago, and it makes the claim that they somehow installed a trojan virus on all my devices and caught me on camera masturbating way more impactful.

I wanted to congratulate them for the marginal ingenuity but unfortunately they do indicate it's useless to reply directly to the sender email address. 😞

#InfoSec

deltatux :donor:
2 days ago

Researchers find a new flaw that affects Bluetooth version 4.1 and higher. This flaw allows attackers the ability to perform man in the middle and device impersonation attacks.

#infosec #cybersecurity #Bluetooth #BLUFFS #vulnerability

www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/

💻 Computer Scientist Joy Buolamwini Warns Facial Recognition Technology Is Riddled w/Biases Of Its Creators

As Is Case w/All AI: including "Predictive Policing", w/can lead to harassment & worse - w/guilt by relative / association

#AI #artificialIntelligence #predictivepolicing #HumanRights #privacy #surveillance #MassSurveillance #Infosec #cyber

https://www.npr.org/2023/11/28/1215529902/unmasking-ai-facial-recognition-technology-joy-buolamwini

Jason Parker
2 days ago

The response I've seen from my disclosure of vulnerabilities in U.S. court platforms[1] has been incredible. There have been articles in TechCrunch[2] and Law360[3], an advisory from CISA[4], and a public statement from at least one court[5].

This whole process has been a pretty wild ride. I've been given so much great advice from so many people, beginning with @Kirkman during the first several days and @eff after the first week, and I can't thank those people enough.

I'm slightly disappointed that none of the four journalists, four federal agents, three state CISOs, one city CISO, eight vendors, two lawyers, or two cybersecurity experts said a single word about what is quite possibly my favorite part of the disclosure. The acknowledgements section includes a dedication to our furry friends on the Fediverse. Some of their antics after my Bluesky disclosure gave me immense joy. I don't know very much about their communities or their fursonas, but they and their whimsical natures hold a special place in my heart. I take solace in the fact that the website for a federal agency (CISA) now contains a direct link to a document that shouts out the furries.

Most vendors have been extremely difficult to work with. They either didn't respond at all (e.g. Henschen & Associates), only begrudgingly responded after contacting their CEO (e.g. Catalis), or required playing a game of telephone (e.g. Florida). The final vendor (e.g. Tyler Technologies) was prompt and forthcoming with details, which is a nice change from how they handled their a previous vulnerability; trying to avoid a second class action lawsuit was probably a big motivator.

As of today, Sarasota County, FL is the only vendor to put any public statement on their website. It's refreshing to see them be open about it, but their statement has some falsehoods that I need to correct. I have receipts. 1) There was a second vulnerability, which they fixed on or slightly before October 26th. 2) Logs will show that at least one restricted document was viewed a minimum of five times. If their logs don't show that specific document -- a sealed mental health evaluation from a psychiatrist --, then their logging is insufficient. 3) Beginning on September 15th, I have personally viewed public information on more than their stated ten instances. Again, if their logs don't show these accesses, they are insufficient.

One vendor, Lee County, FL, made veiled threats through the media, telling TechCrunch and Law360 that "[w]e interpret any unauthorized access, intentional or unintentional, as a potential violation of Florida Statute Chapter 815, and may also result in civil litigation by our office". I've always expected some form of legal blowback and I'm prepared for the possibility. If any vendor, court, or other government agency would like to give this another news cycle and give researchers some better case law, I'd be more than happy to accommodate.

The total number of courts that were taken offline after being notified is...zero. This includes the one platform that was fixed after the disclosure was released and the one that is still vulnerable at this very moment.

So now what? I am far from done.

I intend to push courts and other vendors to have very serious discussions about security.

There are vulnerabilities in two other court platforms that I need to prepare for disclosure. One of those vendors didn't respond until a city CISO and a state CISO called to (presumably) yell at their CEO on a Friday evening. The other vendor is one that I know won't be responding.

I also need to finish probing a number of other courts that I was pointed to. It isn't looking good.

Future disclosures will of course be posted here and at https://github.com/qwell/disclosures/

#infosec

[1] https://ꩰ.com/@north/111500565729142975
[2] https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/ -- from @zackwhittaker
[3] https://www.law360.com/pulse/articles/1771766 -- paywalled
[4] https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
[5] https://www.sarasotaclerk.com/Home/Components/News/News/984/353

i am root
2 days ago

Got an email from the (outsourced) security response team: "We have detected nmap malware". Apparently a Win32.Trojan.Generic rule has been triggered by the IDS, which scanned a VM I had just spun up.

Me: This is a Debian Linux VM provisioned by Google. Nmap is an established security tool. This a false positive. However to placate the tool I'll run 'apt remove nmap-common'.

Vendor: thank you, I can confirm the malware is removed. (Closes case).

Just straight up #Infosec theater. Good job! 👏

Byt3Phant0m
2 days ago
Meow ?
Taggart :donor:
2 days ago

Hello, new followers! Here's a bit of an #introduction so you'll know what you're in for.

I'm Taggart, and I've been in IT for over 15 years. For the last 5 or so, that's been focused on
#CyberSecurity / #InfoSec. Before that, I was a K-12 educator/administrator, and I haven't stopped teaching.

I run a
school of sorts. I also maintain a threat intel/cyber news feed, and some other projects.

I love writing code, especially in
#Rust these days.

This account is mostly infosec analysis/boosts, with occasional forays into things like policy. Kindness, inclusion, and allyship are the default settings.

Mark Morowczynski
2 days ago

Earlier this year @baileybercik and I presented at SANS #Cloud #Security summit on what we've learned from the last 18 or so months of deploying #CIEM as part of that broader #CNAPP strategy. We focused mostly on #Microsoft #Entra Permissions Management. The talk is now posted, https://www.youtube.com/watch?v=q2pdf_8aorg. If you want to learn more about #CNAPP see this post, https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/announcing-new-cnapp-capabilities-in-defender-for-cloud/ba-p/3981941. We also recently released an operations guide which has been very helpful for customers. Give it a read. https://learn.microsoft.com/en-us/entra/architecture/permissions-manage-ops-guide-intro. #InfoSec #Azure #AWS #GCP

Jan Schaumann
2 days ago

#InfoSec Douglas Adams on HTTP:

And so the problem remained; lots of requests were broken, and most of them violated one or another RFC, even the ones using fancy streams.

People were increasingly of the opinion that they'd all made a big mistake in stuffing absolutely everything into a simple request-response protocol in the first place. And some said that even TCP had been a bad move, and that no one should ever have connected two computers.

Yay, time for Advent of Cyber 2023...

#infosec
#ctf

Aida Akl
2 days ago

#Google will not win this stupid fight. Ad-blockers are no longer about invasive ads. They protect users against malicious pop-ups and other nefarious activities. No wonder Google Ads are a security nightmare. #cybersecurity #infosec

Inside the 'arms race' between YouTube and ad blockers https://www.engadget.com/inside-the-arms-race-between-youtube-and-ad-blockers-140031824.html @engadget

Simon Li
2 days ago

Physical security is as important as network security. Also don't unplug your CCTV cameras.
https://www.theregister.com/2023/12/01/nhs_health_board_ticked_off/
#infosec

Simple Nomad :verified:
2 days ago

Since I have grey hair, when I hear the word "cyber" used by itself my 12 year old inner self has a giggle. You see, it has a bit of history...

#infosec #HackerLife #hacker #OldManLaughsAtCyber

https://www.markloveless.net/blog/2023/12/1/the-history-of-the-word-cyber

dodothedev
2 days ago

A perfect example of a poor phishing email.

Notice the spelling, phrases not making sense and (not shown) the email it was sent from and to.

The link sends you to a Google Forms link, where they will try and get your details.
Watch out for these always, but especially at this time of year. Who *wouldn't* want $44101 this time of year?

#infoSec

screenshot of an email saying (and I quote):
"Your score has been released for 💸 Balance +$44101.

Dear user, We have noticed that you signed up an user account in our system approximately a year ago. However, it appears that you haven't visited your account in a while. We would like to inform you of the importance of using the platform on the platform. In order to provide opportunities for the rest of our users and keep up the current status of our system, we plan to block automatically inactive accounts in the near future. Please be aware that your balance will be zeroed upon account deactivation. We welcome you to access to your account and discover the latest updates and capabilities we offer. We value your participation in our system and look forward to seeing you again. Thank you for your attention and understanding. Please click the button below to access your account."
Jem
2 days ago

Heads up for my security nerd friends: Wordfence are running a "holiday bug extravaganza" with their normal bounty reward rates multiplied by 6.25 - so up to $10k for a valid vuln. https://www.wordfence.com/blog/2023/12/earn-up-to-10000-for-vulnerabilities-in-wordpress-software-6x-rewards-in-the-wordfence-holiday-bug-extravaganza/

#InfoSec #WordPress #WebDevelopment #BugBounty

Cybernews
2 days ago

WhatsApp has further tightened user messaging security with a feature that allows you to keep your chats private – from anyone who might have access to your phone.
#WhatsApp #app #messaging #privacy #cybersecurity #infosec

https://cybernews.com/tech/whatsapp-secret-code-chat-privacy/?utm_source=mastodon&utm_medium=social&utm_campaign=cybernews&utm_content=post

🌱 Ligniform :donor:​
3 days ago

All my EDR rules are LOLBIN/LOLBAS based lately. Writing detection rules is a fun way to pair #Programming and #InfoSec , really feel like I've found my calling.
Thank you all for making this such a fun community 💜​🌱​

Dumb Password Rules
3 days ago

This dumb password rule is from AmeriHealth.

Their site says "*All information is kept safe and secure.*" Just not as
secure as you'd like.

User Password must be between 6 and 14 characters and contain 1
numerical value.

https://dumbpasswordrules.com/sites/amerihealth/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Grant
3 days ago

Who wants to critique my little webpage resume I'm working on? Don't shit on me to hard though.

Edit: dm me for link. I don't want the savages of the fediverse on it 😂🤣
#infosec

Chester Wisniewski
3 days ago

Anyone else notice that like 75% of spam is coming from "onmicrosoft.com"? #spam #InfoSec

Alexandre Borges
3 days ago

(for blue-teams and, in special, incident responders)

Abusing Okta's SWA authentication:

https://pushsecurity.com/blog/okta-swa/

#authentication #cybersecurity #infosec #otka #security #infosec #incidentresponse #threathunting

Dennis Faucher :donor: :mastodon:
3 days ago

Would the #Infosec peeps agree with this #DevOps slide that "Developers are security champions"?

DevOps security slide

Nettitude Labs (@nettitude_labs) just released Tartarus-TpAllocInject, a loader for bypassing Endpoint Detection and Response (EDR) solutions using the Tartarus' Gate method.

💥⁠https://github.com/nettitude/Tartarus-TpAllocInject :github:

This is a simple loader that uses indirect syscalls via the Tartarus' Gate method. This loader executes shellcode with an known WINAPI CreateThreadPoolWait but I have changed things a little bit and instead, I call the underlying Tp* APIs from Ntdll.dll.

Method evolution:
Tartarus' Gate
⬆️ Halo's Gate
⬆️ Hell's Gate

#InfoSec #CyberSecurity #RedTeam #EDRbypass

Simple Nomad :verified:
3 days ago

Thunderstorm rolled through, even though she insisted she was protecting me from the thunder, I think she might have been nervous. Slight impact to work, especially since I work in security I have to keep her from getting any insider information.

#DogsOfMastodon #infosec

Dahlia “protecting” me from the thunderstorm. An HP Dev One running PopOS is in the background.

All Okta customer support users confirmed to be impacted by the September/October breach, not just the 134 previously stated...

🔥⁠https://www.csoonline.com/article/1249988/okta-confirms-recent-hack-affected-all-customers-within-the-affected-system.html

#InfoSec #CyberSecurity #Okta #Breach

FediFollows ☃️
3 days ago

#Infosec picks of the day:

➡️ @haveibeenpwned - Site which lets you check if you are victim of security breaches

➡️ @smashingsecurity - Award-winning humorous podcast about computer security

➡️ @gcluley - Computer security expert, blogger, co-host of Smashing Security podcast

➡️ @rysiek - IT expert, dev, good guy hacker

➡️ @adminmagazine - Technical journal for system administrators

➡️ @kalilinux - Linux distro for computer security tasks such as digital forensics, penetration testing etc

1/4

ApplSec
3 days ago

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 2 new zero-days that may have been actively exploited.

🐛 CVE-2023-42916 (WebKit):
- iOS and iPadOS 17.1.2
- macOS Sonoma 14.1.2
- Safari 17.1.2

🐛 CVE-2023-42917 (WebKit):
- iOS and iPadOS 17.1.2
- macOS Sonoma 14.1.2
- Safari 17.1.2

#apple #cybersecurity #infosec #security #ios

Marcus "MajorLinux" Summers
3 days ago

If you haven't already, please patch your stuff.

ownCloud vulnerability is actively being exploited - Desk Chair Analysts

https://dcanalysts.net/owncloud-vulnerability-is-actively-being-exploited/

#CloudStorage #Exploit #FileSharing #InfoSec #ownCloud #Security #Vulnerability #TechNews

The ownCloud logo
Avoid the Hack! :donor:
3 days ago

Associated Press, ESPN, CBS among top sites serving fake #virus alerts

Malvertising on top news sites.

Connected with threat actor "ScamClub." A large portion of this campaign targets mobile users.

-Insert my spiel about using an adblocker- Ads can be blocked in browsers, on devices, and on networks.

#malware #cybersecurity #infosec #security #malvertising

https://www.malwarebytes.com/blog/threat-intelligence/2023/11/associated-press-espn-cbs-among-top-sites-serving-fake-virus-alerts

Jason Parker
3 days ago

#infosec #vulnerability

Disorder in the Court

Insufficient permission check vulnerabilities in public court record platforms from multiple vendors allowed unauthorized public access to sealed, confidential, unredacted, and/or otherwise restricted case documents. Affected documents include witness lists and testimony, mental health evaluations, child custody agreements, detailed allegations of abuse, corporate trade secrets, jury forms, and much more.

https://github.com/qwell/disorder-in-the-court

Catalis - CMS360 is used in Georgia, Mississippi, Ohio, and Tennessee. Catalis is a "government solutions" company that provides a wide array of public record, payment, and regulatory/compliance platforms.

Henschen & Associates - CaseLook is used in Ohio. Henschen & Associates did not respond after multiple reports.

Tyler Technologies - Court Case Management Plus is used in Georgia. In February 2022, a different Tyler Technologies court records platform had a similar vulnerability that allowed the website judyrecords.com to accidentally scrape sensitive data.

Five platforms used by individual courts in Florida -- Brevard County, Hillsborough County, Lee County, Monroe County, and Sarasota County -- are each presumed to be developed "in-house" by the county court.

While all of the platforms allowed unintended public access to restricted documents, the severity varied based on the levels of restrictions that could be bypassed and the discoverability of document IDs. The methods used to exploit each of the vulnerabilities also varied, but could all be performed by an unauthenticated attacker using only a browser's developer tools.

CVE-2023-6341, CVE-2023-6342, CVE-2023-6343, CVE-2023-6344, CVE-2023-6352, CVE-2023-6353, CVE-2023-6354, CVE-2023-6375, CVE-2023-6376

Note: Additional platforms from other vendors that are known to be vulnerable will be included in future disclosures.

Nitrokey
3 days ago

After 8 Years of Development: NetHSM 1.0 is Available! The First Open Source Hardware Security Module https://www.nitrokey.com/news/2023/after-8-years-development-nethsm-10-available-first-open-source-hardware-security-module #crypto #infosec

#InfoSec #OktaPocalypse Okta’s serious security breaches are indeed noteworthy, and there are undoubtedly more things that they could fix and improve than I have space for here.

But to all the people on https://news.ycombinator.com/item?id=38454908 thinking they can run their own system, or that a competitor would do better, think again carefully.

Okta is going up against nation state elite hackers who do this as a day job. Okta needs to lift its game but don’t be naive and assume switching vendors will fix this.

Dear #Fediverse #InfoSec #Privacy folks, if anybody knows of any peer reviewed papers, official reports, etc., on how ad networks are or have been used by malicious actors to target specific people or groups — with malware, but also with targeted surveillance — I would love to hear.

I'm talking beyond "mere" surveillance capitalism. Surveillance capitalism is bad enough, of course, but in this particular case I am looking specifically for stuff that goes beyond "just" targeting ads.

:boost_ok:

0xor0ne
4 days ago

Guide for learning internals of compilers, linkers, JITs and assemblers (with focus on software security hardening)

Low-Level Software Security for Compiler Developers:
https://llsoftsec.github.io/llsoftsecbook/

#infosec #compilers

dana :blobhaj_witch:
4 days ago

Chrome is in the news for another 0-day that makes use of integer overflow in C++.

This is a solvable problem, and these bugs can be eliminated to make software safer by design. Please enjoy a blog post about how!

http://orodu.net/2023/11/29/overflow.html

#MemorySafety #Infosec #Cpp #SubspaceCpp

LimaCharlie
4 days ago

Join us this Friday for our first DEFENDER FRIDAYS series session hosted by @eric_capuano who will be demonstrating a basic attack and defend lab environment for honing detection engineering skills.

Each week, different expert hosts will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. DEFENDER FRIDAYS is informal and interactive by nature, allowing for an engaging dialogue between our guests, hosts, and you!

Register now: https://limacharlie.io/defender-fridays

#cybersecurity #infosec

DEFENDER FRIDAYS | LimaCharlie
PheebeUK
4 days ago

If you're having fun trying to map security requirements from one standard to another, then OpenCRE might be of help. For example, you might have used OWASP SAMM to try to under what maturity levels your org is at, but need to map to NIST 800-53 v5 as that's what your org's policies are based around.
https://www.opencre.org/map_analysis

Also, you have my best wishes for what seems to be a vertically uphill task to do with consistency!

#AppSec #InfoSec

sͧb̴ͫƸ̴gͬᵉ
4 days ago

Working in #infosec is really about selling Hope.

When we say ”risk-based approach”, what we’re really saying is ”hope-filled thinking”. This is not a bad thing, Hope is what makes us all go on.

But be careful about how you use facts and metrics to crush Risk - you don’t want Hope to be collateral damage.

Identity services provider #Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system.

#infosec #cybersecurity #databreach

https://thehackernews.com/2023/11/okta-discloses-additional-data-breach.html