April 12, 2023

April 12, 2023

Biden is visiting Norther Ireland and the locals have put up welcome signs.

-

Microsoft just patched a Critical vulnerability we found in the Message Queuing (MSMQ) service that can lead to 𝗨𝗻𝗮𝘂𝘁𝗵𝗼𝗿𝗶𝘇𝗲𝗱 𝗥𝗲𝗺𝗼𝘁𝗲 𝗖𝗼𝗱𝗲 𝗘𝘅𝗲𝗰𝘂𝘁𝗶𝗼𝗻 with just a single packet!

Great finding by @HaifeiLi! #QueueJumper

https://research.checkpoint.com/2023/queuejumper-critical-unauthorized-rce-vulnerability-in-msmq-service/

-

China regulating generative AI. "Content generated by generative artificial intelligence should embody core socialist values and must not contain any content that subverts state power". Providers become legally liable for generated content. http://cac.gov.cn/2023-04/11/c_1682854275475410.htm

-

Microsoft and Citizen Lab have outed more activity from Israeli spyware firm and NSO competitor QuaDream, finding evidence that at least five civil society actors had their iPhones compromised by the company's software. (with @Bing_Chris)

https://www.reuters.com/technology/microsoft-watchdog-group-say-israeli-spyware-used-hack-civil-society-2023-04-11/

-

Bellingcat’s @AricToler spoke to the @lawfarepodcast about how he tracked down leaked US intelligence documents to a little known Discord server named "Thug Shaker Central". Listen here:

The Lawfare Podcast: Rid and Toler on the Latest Megaleak | Lawfare

-

Announcing the general release of the Binarly Transparency Platform, delivering unprecedented transparency for device supply chains enabling device manufacturers and endpoint protection products to comprehensively analyze both firmware and hardware.

Binarly Unveils Next-Gen Firmware Protection Transparency Platform, Revolutionizing Device Supply Chain Security | Business Wire

Binarly today announced the general release of the Binarly Transparency Platform, delivering unprecedented transparency for device supply chains enabl

-

>>If the signal is suppressed at 100% between 20-30 km, how does the drone manage to come so close? Ukraine designed and built a drone using different frequencies that was systems engineered with faraday cage style providing passive resistance to R330-ZH jamming signals. 1/2 https://twitter.com/PStyle0ne1/status/1645863182345424915…

-

Just published details of 5x SMM vulnerabilities in Insyde Software. The bugs span several SMI handlers including a fun parsing bug when performing a BIOS Guard Update.

Stepping Insyde System Management Mode | NCC Group Research Blog | Making the world safer and more secure

In October of 2022, Intel’s Alder Lake BIOS source code was leaked online. The leaked code was comprised of firmware components that originated from three sources: The independent BIOS vendor (IBV)…

-

Russian hackers ‘target security cameras inside Ukraine coffee shops’

https://www.theguardian.com/world/2023/apr/11/russian-hackers-target-security-cameras-inside-ukraine-coffee-shops

-

“Let’s schedule this meeting for after the layoffs and we can discuss it if we’re both still here” - a sentence I never expected to be uttering multiple times a week

(Life at Meta)

-

If you're interested in Java Deserialization Exploitation with recent JDKs, feel free to check out https://codewhitesec.blogspot.com/2023/04/java-exploitation-restrictions-in.html by our very own @frycos. We'll not publish tooling but maybe this blog post pushes research(ers) into new and interesting directions...

-

Remember the story about the alleged hacking of water systems? It… never happened. “the employee, “banging on his keyboard,” accidentally caused the increased lye concentration”. Also, there was never any danger. But it helped in cybersecurity budgeting. https://tampabay.com/news/pinellas/2023/04/11/oldsmar-cyberattack-water-supply-poisoning-fbi-update/

-

Elite hackers have gotten gpt4all to run on a ti-84 calculator. AP calculus exams will never be the same again.