Prisma/Channel

14 Dec 2023 13:49

‼️ Do not interact with DeFi in the nearest time until this is resolved!

Prisma/Channel

24 Mar 2023 08:33

Things that happen on Fridays #FridaySecurity

https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/

Prisma/Channel

20 Jan 2022 07:12

It's hard to believe that this story is true, but then again - I wouldn't be surprised.

https://twitter.com/SchizoDuckie/status/1474087696247279626

Prisma/Channel

21 Oct 2021 08:30

🗣 Still using voice assistants? Ever wonder what data they collect and persist? Here's a hint: everything. This data privacy blogger requested their data from Amazon and it had among others: precise location, a list of all contacts and audio recordings of all her requests to Alexa.

🔸 my.data.not.yours/video/7002745932064230662" rel="nofollow">https://www.tiktok.com/@my.data.not.yours/video/7002745932064230662

🔸 https://www.mirror.co.uk/news/weird-news/woman-finds-amazon-thousands-recordings-25240984

Prisma/Channel

05 Feb 2021 06:49

🤪 I love these stories when a regular due diligence on a device security turns into a complete train wreck. A simple device that counts the passing by people to measure building occupancy turned into a wide-open welcoming gateway for everybody.

Just take a look, it gets worse and worse: https://threadreaderapp.com/thread/1357296455615197184.html

#FridaySecurity

Prisma/Channel

01 Oct 2020 10:36

So the recent leak of Windows source code is confirmed, in fact the sources were for Windows XP SP1 and Windows Server 2003. This is huge for the community and I believe will in the end be beneficial to Microsoft's OS business itself.

A twitter user https://twitter.com/ntdev_ published a youtube tutorial on how to compile it, which was shortly taken down by copyright claims from Microsoft.

The video however is available and could be downloaded via torrent using this magnet link: magnet:?xt=urn:btih:7c370b5e00b91b12fc02e97bacdca24306dc12b5

Prisma/Channel

07 Aug 2020 08:03

A massive data breach at Intel has leaked over 20GB of source codes, internal documents, images and other internal and confidential files.

Some of the files were stored in password-protected ZIP-archives with passwords intel123 and Intel123 🤦‍♂️

Most recent files in the dump are dated May 2020.

Prisma/Channel

27 Mar 2020 11:20

ProtonVPN found a bug in iOS implementation of VPN affecting iOS 13.3.1 and later. The issue is currently unpatched and causes some connections to bypass VPN. Stay safe!

https://www.bleepingcomputer.com/news/security/unpatched-ios-bug-blocks-vpns-from-encrypting-all-traffic/

Prisma/Channel

18 Mar 2020 09:38

This should have been a Friday post. German military laptop with classified information sold on eBay.

https://www.nytimes.com/2020/03/17/world/europe/germany-missile-laptop.html

Prisma/Channel

13 Mar 2020 09:42

Google started Project Nightingale to collect healthcare data on millions of people. What can go wrong?

https://edition.cnn.com/2019/11/12/tech/google-project-nightingale-federal-inquiry/index.html

Prisma/Channel

12 Mar 2020 07:09

⚠️ Major bug in Avast JS engine that allowed to execute arbitrary JS code with SYSTEM privileges as easy as just sending a malicious file to the victim in an email.

The patch is not ready yet (and no timeline given so far) but the compromised component is allegedly disabled in Avast installations.

Generally, for end-user machines with Windows 10, 3rd party AV software gives little to none advantage over the built-in Defender. Consider switching to Defender at least temporarily until the patch is ready.

More info: https://www.zdnet.com/article/avast-disables-javascript-engine-in-its-antivirus-following-major-bug/

Prisma/Channel

09 Mar 2020 12:45

Another day - another Intel CPU vulnerability. This time in Converged Security Management Engine CSME), which is the cryptographic foundation for such security features as DRM, TPM or Identity Protection. Source of weakness is in the boot ROM, which leaks control over generation of encryption keys, including the key used to certify code integrity. Citing Mark Ermolov of Positive Technologies, who is behind the discovery, "with this key, attackers can forge the code of any Intel CSME firmware module in a way that authenticity checks cannot detect. This is functionally equivalent to a breach of the private key for the Intel CSME firmware digital signature, but limited to a specific platform".

🔸 The Verge high-level overview of the issue: https://www.theverge.com/2020/3/6/21167782/intel-processor-flaw-root-of-trust-csme-security-vulnerability
🔸 Positive Technologies report: http://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html

Hardware security bugs have a huge impact on applications hosted in public clouds (AWS, Azure, etc.). Application-level data encryption such as Prisma/DB can fully mitigate these risks.

Prisma/Channel

04 Mar 2020 11:07

Let's Encrypt had a bug with the system responsible for validating domain name ownership and are revoking slightly over 3,000,000 TLS/SSL certificates. That's 2.6% of the overall certs issued by them.

🔸 The bug: https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591
🔸 Additional info: https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864

🔸 Check if your domain was affected: https://checkhost.unboundtest.com/

Prisma/Channel

18 Nov 2019 08:05

Yahoo employee abused their access to user accounts and compromised 6000 users in search of explicit photos.

Insider threat is always present. And the bigger the organization, the higher is the risk. Proper encryption of sensitive data can mitigate these risks to a great extent.

https://www.businessinsider.com/engineer-admits-hacking-yahoo-accounts-searching-for-images-2019-10?IR=T

Prisma/Channel

02 Nov 2019 05:54

​​⚠️ Severe Chrome RCE vulnerabilities in the built-in PDF reader PDFium and in the audio subsystem. Both based on use-after-free. Exploits are known to be in the wild.

🔶 Update immediately! Fixes are available in the stable channel.

https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html

Prisma/Channel

18 Apr 2023 16:09

⚠️ Update your macOS and iOS devices, there were a couple of severe vulnerabilities, both potentially leading to arbitrary code execution with kernel privileges.
🔹 https://support.apple.com/en-us/HT213720
🔹 https://support.apple.com/en-us/HT213721

Prisma/Channel

19 Aug 2022 10:36

⚠️ Update your Chromium- or Webkit-based browsers (Chrome, Brave) and update your iOS and MacOS devices ASAP, there were two major RCE vulnerabilities

🔸 https://cve.report/CVE-2022-32893
🔸 https://cve.report/CVE-2022-32894

Prisma/Channel

27 Nov 2021 09:20

What hackers don’t want you to know

Prisma/Channel

14 Sep 2021 10:35

🍏⚠️ Apple's new iOS v14.8 contains security fixes for vulnerabilities found by Citizen Lab in CoreGraphics and WebKit. Since exploits were found in the wild, it is highly recommended to update ASAP.

https://9to5mac.com/2021/09/13/apple-says-ios-14-8-patches-iphone-attack-that-defeated-blastdoor-protections/

Prisma/Channel

27 Jan 2021 11:23

⚠️ Wow, that's a big one (CVE-2021-3156): escalation of privilege in sudo (‼️) through a buffer overflow. Almost everyone's affected, any local user can elevate to root.

Affected versions:
🔘 All legacy versions from 1.8.2 to 1.8.31p2
🔘 All stable versions from 1.9.0 to 1.9.5p1

To test if your system is vulnerable or not, login to the system as a non-root user.
Run command sudoedit -s /
If the system is vulnerable, it will respond with an error that starts with sudoedit:
If the system is patched, it will respond with an error that starts with usage:

More details: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Prisma/Channel

25 Sep 2020 11:42

🔥 The rumor has it, Windows XP source code was leaked today in a 43 GB archive.

Prisma/Channel

02 Apr 2020 11:40

Marriott had a breach again, leaking info on 5.2M customers. Database security can't be neglected, this events will happen more and more, on a larger scale and with more expensive consequences.

https://www.zdnet.com/article/marriott-discloses-new-data-breach-impacting-5-2-million-hotel-guests/

Prisma/Channel

19 Mar 2020 11:20

Socially responsible hackers claim to cease all ransomware attacks on medical organizations during the virus outbreak and promise to provide free decryption if any of them still get hit by ransomware.

https://www.bleepingcomputer.com/news/security/ransomware-gangs-to-stop-attacking-health-orgs-during-pandemic/

Prisma/Channel

14 Mar 2020 09:35

HSBC is switching from paper trail to a blockcahin-based custody platform to track $20 billion (sic!) worth of assets. This is the biggest single use of blockchain tech in the industry.

https://www.reuters.com/article/us-hsbc-hldg-blockchain/hsbc-swaps-paper-records-for-blockchain-to-track-20-billion-worth-of-assets-idUSKBN1Y11X2

Prisma/Channel

12 Mar 2020 09:45

Some good ol' data leaks that happened recently:

🔸 140GB of contact data (49M records) — Israel marketing company left ElasticSearch creds in plaintext on one of the domains: https://www.databreachtoday.com/israeli-marketing-company-exposes-contacts-database-a-13785
🔸 6.5M records of Israeli voters leaked: https://thehackernews.com/2020/02/Israeli-voter-data-leaked.html
🔸 250M records of Microsoft customers leaked in yet another ElasticSearch misconfiguration: https://www.comparitech.com/blog/information-security/microsoft-customer-service-data-leak/
🔸 29K records of Facebook employees' financial data lost as unencrypted drives are stolen: https://www.bloomberg.com/news/articles/2019-12-13/thief-stole-payroll-data-for-thousands-of-facebook-employees
🔸 21M account records from a music service Mixcloud leaked; owners learn about breach after seeing the data being sold for 0.5BTC: https://blog.mixcloud.com/2019/11/30/mixcloud-security-notice/
🔸 4B (!) accounts of 1.2B (!) people in a 4TB (!) misconfigured ElasticSearch leak: https://www.dataviper.io/blog/2019/pdl-data-exposure-billion-people/
🔸 1.19B confidential x-ray and other medical images leak: https://www.helpnetsecurity.com/2019/11/20/confidential-medical-images/

Prisma/Channel

11 Mar 2020 10:20

Yay! Some more security issues in hardware to keep Intel some company! Well, actually, most are for Intel again.

🔸 AMD side-channel attacks: https://www.tomshardware.com/uk/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
🔸 Intel SGX leaks data from secure enclave: https://www.theregister.co.uk/2019/02/12/intel_sgx_hacked/
🔸 TRRespass — the return of the Rowhammer: https://www.vusec.net/projects/trrespass/?utm_source=telegram.me&utm_medium=social&utm_campaign=yay!-some-more-security-issues-in-hardwa
🔸 Snoop-assisted L1 Data Sampling — extraction of data from L1 cache: https://software.intel.com/security-software-guidance/insights/deep-dive-snoop-assisted-l1-data-sampling
🔸 L1D Eviction Sampling — another way to leak L1 cache values: https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling🔸 Vector Register Sampling — leaking data from CPU registers under certain conditons: https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling

Prisma/Channel

05 Mar 2020 11:03

Adobe has leaked 7+ million Creative Cloud user records with emails, account info and list of Adobe software. Leak was done through a misconfigured database (ElasticSearch in this instance). Database misconfiguration is a major contributor to the pool of data leaks, so consider using strong encryption for your DBs (such as 🔼Prisma/DB)!

🔸 Adobe disclosure: https://theblog.adobe.com/security-update/
🔸 Details of the leak: https://www.comparitech.com/blog/information-security/7-million-adobe-creative-cloud-accounts-exposed-to-the-public/

Prisma/Channel

20 Nov 2019 06:41

🕐 Timing attacks are not new. But the relatively recent discoveries of such vulnerabilties as Meltdown, Spectre, and alike have really breathed new life into researching that direction. Anything that has cache in any way or form was scrutinized and broken.

As a consequence, browsers are now going away from shared cache and implement segregated cache storages for every website. This will definitely lead to lower performance of the web as a whole as well as increase costs for smaller websites.

https://www.jefftk.com/p/shared-cache-is-going-away

Prisma/Channel

05 Nov 2019 09:45

​​🎙 Researchers from University of Michigan, US and The University of Electro-Communications, Japan have used photoacoustics (basically, generation of sound using light/laser) to inject commands into voice assistant systems (Google assistant, Amazon Alexa, Facebook Portal, and Apple Siri) from a distance of up to 75m.

Unexpected attack vectors often are the most fruitful! And I am also quite surprised that domain name LightCommands was available... :)

https://lightcommands.com/

Prisma/Channel

01 Nov 2019 08:05

​​📸 Australian government is considering using face recognition for age verification on porn sites. What can possibly go wrong?

Some time ago there was a huge wave of spam emails claiming to have recorded target users through webcam when they visited porn sites. Spammers therefore demanded ransom in exchange for deleting the data. Might have been a source of inspiration for Australian law-makers.

https://arstechnica.com/tech-policy/2019/10/australia-wants-to-use-face-recognition-for-porn-age-verification/

#FridaySecurity