- 1. How Hackers Cause Physical Damage
- 2. Signal Working on Improving Anti-Spam Capabilities
Interesting: "Unlike Signal’s underlying code, which is open-source, the code for fighting spam is kept secret, to prevent bad actors from finding bypasses."
- 3. Google just tripled its bounty for Linux kernel bugs. Here’s why
Linux security is important: "We are constantly investing in the security of the Linux Kernel because much of the internet, and Google – from the devices in our pockets, to the services running on Kubernetes in the cloud – depend on the security of it "
- 4. 10 Free and Best OSINT Tools 2021
Which is your favorite?
- 5. Signal unveils how far US law enforcement will go to get information about people
You can't provide what you don't collect: "In the search warrant, Santa Clara Police sought to get the name, street address, telephone number, and email address of a specific Signal user. It also wanted billing records, the dates of when the account was opened and registered, inbound and outbound call detail records, voicemails, video calls, emails, text messages, IP addresses along with dates and times for each login, and even all dates and times the user connected to Signal."
- 6. 8 funny cyber security quotes and why they matter to you – CyberTalk
At the time, these were relavent: "Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.” -- Clifford Stoll" - This one is like the "passwords are like underwear" horrible analolgy. Rotating passwords is no longer recommended the way it used to be. Sharing is still bad, but we have so many other ways to grant access (password/secret vaults, oAuth, etc...) that this advice is now dated. Then there is this on "The three golden rules to ensure computer security are: do not own a computer; do not power it on; and do not use it. -- Robert Morris" - I do not dispute the claim, its just less and less feasible as time goes on. Sure, we could not use any computers today, however many carry one in their pocket and for certain types of services it requires that you have some sort of computing device. I dig this one: "When you secure things right, people won’t be sure you’ve done anything at all - unknown".
- 7. Google fixes two high-severity zero-day flaws in Chrome
"The two zero-day flaws -- which are being exploited by attackers now -- are being tracked with the identifiers CVE-2021-38000 and CVE-2021-38003. Both were found by Google's Threat Analysis Group (TAG), which tracks state-sponsored and cyber-criminal exploit activity. The second of the two zero-days was also reported by Samuel Groß from Google Project Zero on 26 October, indicating how fast Google is responding to zero-day discoveries." - I find it interesting that two different research groups, in this case, both within Google, found the same bug. Just when you think something has not been discovered by someone else or some other group, think again. I don't believe we can call it "safe" if it's not being exploited in the wild, maybe it is?
- 8. Scammers Injected Fake Students Into Harvard.edu and Used Them to Post SEO Spam
This happens all the time, and has been happening for a long time: "As it turns out, there is no Harvard student by the name of Mikao John. Instead, a scammer invented that persona — and, alarmingly, managed to obtain the credentials to insert him into Harvard’s web system — in order to sell SEO-friendly backlinks, and the prestige of being hyped up by someone at one of the world’s most distinguished universities, to marketing firms with publicity-hungry clients." The scammers advertised for all sorts of things, including, synthetic urine. WTF? (Reference from actual post on Harvard site: https://archive.md/hgCU2). Companies that place ads were in on it or not? "One of the companies featured in a blog post by Mikao John, for instance, told Futurism that the mention had been secured through a marketing firm called T1 Advertising, which conceded in response to questions that it sometimes pays “media consultants” to plant blog posts on Harvard’s site."
- 9. 2021 MacBook Pro Teardown: A Glimpse at a Better Timeline
They also tore apart the $19 Apple cleaning cloth...
- 10. Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection – Microsoft Security Blog
"SIP is a security technology in macOS that restricts a root user from performing operations that may compromise system integrity. We discovered the vulnerability while assessing processes entitled to bypass SIP protections. We found that the vulnerability lies in how Apple-signed packages with post-install scripts are installed. A malicious actor could create a specially crafted file that would hijack the installation process. After bypassing SIP’s restrictions, the attacker could then install a malicious kernel driver (rootkit), overwrite system files, or install persistent, undetectable malware, among others." and right here is your problem: "when installing an Apple-signed package (.pkg file), the said package invokes system_installd, which then takes charge of installing the former. If the package contains any post-install scripts, system_installd runs them by invoking a default shell, which is zsh on macOS. Interestingly, when zsh starts, it looks for the file /etc/zshenv, and—if found—runs commands from that file automatically, even in non-interactive mode"
- 11. ‘Trojan Source’ Bug Threatens the Security of All Code – Krebs on Security
So neat: "Therefore, by placing Bidi override characters exclusively within comments and strings, we can smuggle them into source code in a manner that most compilers will accept. Our key insight is that we can reorder source code characters in such a way that the resulting display order also represents syntactically valid source code.” “Bringing all this together, we arrive at a novel supply-chain attack on source code. By injecting Unicode Bidi override characters into comments and strings, an adversary can produce syntactically-valid source code in most modern languages for which the display order of characters presents logic that diverges from the real logic."
- 12. Luton man left shocked as his house is ‘stolen’
Someone stole his identity and sold his house! Legally, this can be tricky to rectify.
- 13. IT risk consultant says New World devs “should be ashamed of themselves” for code injection vulnerability
Turns out this is not run on the client, but on the server-side: "For those who missed it, New World players Josh Strife Hayes and Callum Upton discovered on Friday that the text boxes in the game are HTML, and that the text is not sanitized, which in short means you can run client-side code in any text box in the game."
- 14. What Small Businesses Can Do to Thwart the Top 5 Cybersecurity Threats – StartupNation
This is like cookie cutter, very bland, tired old advice. How do we change the narritive? "Educate your managers and employees, Keep your software and system up to date, Ensure endpoint protection, Install a firewall, Back up your data."
- 15. CVE-2021-25219: Lame cache can be abused to severely degrade resolver performance – Security Advisories
"The purpose of a resolver's lame cache is to ensure that if an authoritative server responds to a resolver's query in a specific broken way, subsequent client queries for the same tuple do not trigger further queries to the same server for a configurable amount of time." - You can turn off lame cache: lame-ttl 0;
- 16. Protect your home for under $100 with 2 blockchain-powered home security cameras
- 17. Is Sandboxing Dead?
Holy ads batman, also, I did not get a whole lot out of this article...
- 18. MITRE Releases a List of Most Dangerous Hardware Vulnerabilities in 2021
- 19. Printers Hacked for First Time at Pwn2Own
I'm really interested in seeing the research as printers are weird devices. In HP's case, the firmware was very specific and used PJL to perform the updates. There was not great documentation or other research several years ago (that I could find easily), however, a quick search turned up this: https://www.jsof-tech.com/unpacking-hp-firmware-updates-part-1/. Happy reading!
- 20. Clippy is back to troll your friends in Microsoft Teams
Clippy is back! Not really, but, you know, rage...