campuscodi

campuscodi , 7 hours ago to random

Bulgarian officials have arrested and charged a man named Teodor Iliev with several computer crimes. According to a report from DataBreaches.net, the man is believed to be behind the Magadans and Emil Külev hacker personas, active on several underground hacking forums. He is accused of hacking multiple Bulgarian companies and state institutions over the past five years.

https://databreaches.net/2024/06/30/bulgarian-hacker-emil-kulev-arrested-and-detained/

#infosec #cybersecurity #security

campuscodi , 19 days ago to random

More than 458,000 PHP Windows servers are currently exposed on the internet and potentially vulnerable to that nasty PHP-CGI/Windows bug

#infosec #cybersecurity #security

https://censys.com/cve-2024-4577/

campuscodi , 19 days ago to random

After European law enforcement agencies have argued for lawful access to encrypted instant messaging clients for a few years now, their demands have recently expanded. In a new report published this week, Europol has asked that lawful access should be considered for other technologies that use encryption, such as 6G, biometrics, DNS, the blockchain, and quantum computing.

https://www.europol.europa.eu/media-press/newsroom/news/equilibrium-between-security-and-privacy-new-report-encryption

jerry , 23 days ago to random

I feel like I've probably hurt a lot of feelings today with my hot takes. my apologies...

campuscodi , 24 days ago to random

According to reports from the New York Times and Haaretz, the Israel Ministry of Diaspora Affairs paid a private company named STOIC $2 million for a social media influence campaign that targeted US politicians. (1/2)

https://www.nytimes.com/2024/06/05/technology/israel-campaign-gaza-social-media.html

https://www.nytimes.com/2024/06/05/technology/israel-campaign-gaza-social-media.html

campuscodi , 26 days ago to random

A Zero Day TikTok Hack Is Taking Over Celebrity And Brand Accounts

https://www.forbes.com/sites/emilybaker-white/2024/06/04/a-zero-day-tiktok-hack-is-taking-over-celebrity-and-brand-accounts/?sh=334144b6060a

campuscodi , 26 days ago to random

Security researcher Alexander Hagenah has released TotalRecall, a tool that extracts and displays data from the Recall feature in Windows 11.

https://github.com/xaitax/TotalRecall

campuscodi , 26 days ago to random

HIBP has recently indexed more than 361 million email addresses that a security researcher scrapped from Telegram channels.

There's no Telegram leak. These are emails shared inside Telegram groups and channels—typically in ones advertising hacked data. That's quite a lot if I'm being honest!

https://www.troyhunt.com/telegram-combolists-and-361m-email-addresses/

campuscodi , 26 days ago to random

Mobile operating system GrapheneOS is adding support for a duress password.

The feature will allow users to set a special password that deletes all their data when entered.

GrapheneOS says the duress-initiated wipe does not require a reboot and cannot be interrupted.

https://grapheneos.org/features#duress

campuscodi , 1 month ago to random

Microsoft not saying a peep about the Recall privacy scandal is a huge tell of how much the company is focused on security

We should have had a statement by now that Recall is either re-engineered or removed

campuscodi , 1 month ago to random

Japanese authorities have arrested a 25-year-old man for allegedly creating ransomware using generative AI tools

https://japannews.yomiuri.co.jp/society/crime-courts/20240528-188598/

campuscodi , 1 month ago to random

OpenAI has established a Safety and Security Committee to advise its leadership on critical safety and security decisions for OpenAI projects.

The major infosec name on the committee is former NSA Director of Cybersecurity Rob Joyce, who will serve as a consultant.

https://openai.com/index/openai-board-forms-safety-and-security-committee/

campuscodi , 1 month ago to random

Thanks to that stupid EU cookie bs, the
Wayback Machine is now capturing those popups instead of a site's content

campuscodi , 1 month ago to random

ZenGo CTO Tal Be'ery has found an issue in WhatsApp that allows attackers to fingerprint a user's devices if the target has their account connected to multiple devices.

Meta declined to patch the reported issue.

https://medium.com/@TalBeerySec/hi-meta-whatsapp-with-integrity-4d85756dd7c5

campuscodi , 1 month ago to random

The President of Latvia has asked the government to amend the country's criminal code to criminalize the creation of deepfakes for political use.

The proposal suggests that offenders should face punishment of up to five years in jail.

President Edgars Rinkēvičs' proposal comes after deepfakes were used in Slovakia's presidential and parliamentary election last year in support of an anti-EU and pro-Kremlin candidate.

https://eng.lsm.lv/article/politics/politics/22.05.2024-president-presents-deepfake-parliamentary-proposal-to-saeima.a554949/

campuscodi , 1 month ago to random

Relationship goals:

I want to meet someone who treats me as Russian bots and Russian media treat Elon Musk

campuscodi , 1 month ago to random

Just think about it!

In just 14 days, Microsoft pivoted from "do security" in an internal memo on May 5 to "let's install spyware on everyone's PC" on May 21.

That must be a world record in bad corporate management

campuscodi , 1 month ago to random

Security researcher Amal Murali has published a PoC for CVE-2024-32002, an RCE in the Windows Git client that can be triggered via a simple git clone operation.

https://amalmurali.me/posts/git-rce/

https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/?ref=news.risky.biz

campuscodi , 1 month ago to random

A report from IntelligenceOnline claims Zerodium may be close to shutting down

https://www.intelligenceonline.com/surveillance--interception/2024/05/21/iconic-american-vulnerability-trader-zerodium-to-close-its-doors,110228370-art

metacurity , 1 month ago to random

OMG, there is no way to turn off Google's AI search results.
https://www.wired.com/story/google-ai-overviews-how-to-use-how-to-turn-off/#:~:text=Unfortunately%2C%20AI%20Overviews%20are%20baked,page%20filled%20with%20web%20links.

campuscodi , 1 month ago to random

Twitter is full of idiots blaming the Fico assassination attempt on everything under the sun. From the WHO to Soros.

That site keeps digging its own grave of irrelevance

jerry , 1 month ago to random

It’s interesting that though the total number of fediverse users went up by 70000 in the past month, the number of monthly active users dropped by 60000. If I’m reading that right, 10% (130k) of all active accounts went inactive over the past month.

campuscodi , 1 month ago to random

This is just of the many tweets that are flooding Twitter these days praising Telegram and discouraging users from using Signal with stupid NSA and FBI conspiracy theories.

Under no scenario you should have Telegram installed on your phone. It's basically the Hulk Hogan of E2EE apps

campuscodi , 2 months ago to random

The brain cancer of crypto-bros in two images

Crypto bros this week (first image): tHe US hAs ArReStEd tWo PrIvAcY dEvEl0PeRs

The privacy developers (second image): Come launder crypto with us, Russian oligarchs!!!

image/png

campuscodi , 2 months ago to random

Google's Mandiant has published a list of state-sponsored groups likely to target election cycles across the world this year. It's quite the long list.

https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-global-elections

campuscodi , 2 months ago to random

A group of Dutch security firms has published research looking at the Cactus ransomware's gang attacks on QlikSense servers: https://cyberveilignederland.nl/actueel/persbericht-samenwerkingsverband-melissa-vindt-diverse-nederlandse-slachtoffers-van-ransomwaregroepering-cactus

An English version of the research is available via Fox-IT: https://blog.fox-it.com/2024/04/25/sifting-through-the-spines-identifying-potential-cactus-ransomware-victims/

campuscodi , 2 months ago to random

Research from Hive Systems warns that some bcrypt-hashed passwords may be quite easily crackable using modern GPUs.

The time is here to start switching to longer passwords or passphrases.

https://www.hivesystems.com/blog/are-your-passwords-in-the-green

campuscodi , 2 months ago to random

"Avast discovered and analyzed a malware campaign hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers"

https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/

campuscodi , 2 months ago to random

The country of Georgia has published its yearly state security report.

"The cyber" gets a mention, but I can't tell you what it says because this thing appears to be geo-blocked from almost every IP I tried.

https://civil.ge/archives/600294

campuscodi , 2 months ago to random

Discord has rolled out new terms of service on April 15 that remove a user's ability to sue the company by forcing everyone into a forced arbitration process.

These types of clauses are usually secretly inserted into ToS documents right before a company does something extremely shady.

According to Polygon, there's a way to opt-out: https://www.polygon.com/2024/4/20/24134970/discord-arbitration-how-to-opt-out

campuscodi , 2 months ago to random

The Chinese government has established a new branch of the People's Liberation Army (PLA) dedicated to cyber operations.

The new PLA arm is named the Information Support Force.

It is China's ninth PLA branch.

Officials did not provide additional details about the new force's role, but China already had a dedicated cyberspace force.

http://www.mohrss.gov.cn/SYrlzyhshbzb/dongtaixinwen/shizhengyaowen/202404/t20240420_517173.html

campuscodi , 2 months ago to random

Cybersecurity agencies from the US and the Netherlands have published a joint malware analysis on the Akira ransomware.

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a

campuscodi , 2 months ago to random

"Citizen journalist" is the new codeword for paid propaganda slinger

So many info-op reports mention these type of accounts as sources of fake news

campuscodi , 2 months ago to random

The art of writing a legible vulnerability report is slowly dying

God... I'm so tired of reading 2000 words just to get a basic understanding of what some people found

campuscodi , 2 months ago to random

Russia will be dishing out treason charges for jaywalking by the end of the year

https://mastodon.social/@rvps2001/112291947568372557

campuscodi , 2 months ago to random

Gentoo has banned AI-generated code

https://www.mail-archive.com/gentoo-dev@lists.gentoo.org/msg99042.html

campuscodi , 2 months ago to random

UK plans to make the creation of sexually explicit deepfake images a crime

https://www.gov.uk/government/news/government-cracks-down-on-deepfakes-creation

campuscodi , 2 months ago to random

PuTTY fixed a crypto bug that can be used in certain circumstances to expose private keys

It's a big deal because the bug can be used to connect to remote servers or fake commits in code repos

PuTTY versions from the last 8 years are all impacted

https://www.openwall.com/lists/oss-security/2024/04/15/6

#infosec #cybersecurity #security

campuscodi , 2 months ago to random

Several security firms have published reports on the Lockbit ransomware itself, but Kaspersky has looked at the Lockbit 3.0 ransomware builder, which got leaked following an internal dispute back in 2022.

https://securelist.com/lockbit-3-0-based-custom-targeted-ransomware/112375/

campuscodi , 2 months ago to random

Newsletter: https://news.risky.biz/risky-biz-news-palo-alto-networks-scrambles-to-push-zero-day-patch/
Podcast: https://risky.biz/RBNEWS275/

-Palo Alto Networks scrambles to push zero-day patch
-FISA S702 reapproval passes through the House
-Roku forcibly enables 2FA for all users after waves of credential-stuffing attacks
-Ex-Amazon engineer gets 3 years in prison for crypto-heists
-Ransomware hits NXP (now Nexperia) (3rd hacking incident now)
-LastPass discloses deepfake incident
-OpenTable to dox all its users, a-la Glassdoor
-US sanctions Hamas cyber actor

campuscodi , 2 months ago to random

The developers of the Notepad++ text editor have asked users to help report a new website impersonating its brand and ranking high in search results

https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/

campuscodi , 2 months ago to random

New DDoS attack vector dropped.

It's named HTTP/2 CONTINUATION Flood.

Technical details are here: https://nowotarski.info/http2-continuation-flood-technical-details/

simontsui , 2 months ago to random

Babe wake up, new Google Pixel zero-days just dropped: 🔗 https://source.android.com/docs/security/bulletin/pixel/2024-04-01

• CVE-2024-29745 (information disclosure, high severity)
• CVE-2024-29748 (elevation of privilege, high severity)

Note: There are indications that the following may be under limited, targeted exploitation.

EDIT: Reported by security researcher Daniel Micay of GrapheneOS Foundation who reported that the vulnerabilities were exploited in the wild by forensics companies 🔗 https://grapheneos.social/@GrapheneOS/112204428984003954

CVE-2024-29745 refers to a vulnerability in the fastboot firmware used to support unlocking/flashing/locking. Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory. We proposed zeroing memory in firmware when rebooting to fastboot mode to wipe out the whole class of attacks. They implemented this by zeroing memory when booting fastboot mode. USB is only enabled by fastboot mode after zeroing the memory is completed, blocking these attacks. GrapheneOS already implemented defenses against this attack before we became aware of it. After becoming aware of this attack against Pixels running the stock OS, we improved our existing defenses and added new ones alongside reporting the firmware weaknesses to get those fixed.

CVE-2024-29748 refers to a vulnerability providing the ability to interrupt a factory reset triggered by a device admin app. It appears they've implemented a partial solution in firmware. See https://grapheneos.social/@GrapheneOS/112162304896898942 about ongoing work we spotted on wipe-without-reboot support.

See related Bleeping Computer reporting: 🔗 https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/

#zeroday #eitw #activeexploitation #CVE_2024_29745 #CVE_2024_29748 #Google #Pixel #Android

campuscodi , 2 months ago to random

Google Cloud vulnerability researcher Anthony Weems has published xzbot, a proof-of-concept exploit for the XZ Utils backdoor.

https://github.com/amlweems/xzbot

campuscodi , 3 months ago to random

The Federal Ministry for Digital and Transport Affairs (BMDV) has drawn up a draft bill that will make end-to-end encryption mandatory for messengers and cloud services in the future.

https://tuta.com/blog/german-government-publishes-encryption-law

campuscodi , 3 months ago to random

Software engineer Matt Frisbie has published a Google Chrome extension named Under New Management that detects when your other installed Chrome extensions have changed owner.

https://github.com/classvsoftware/under-new-management