April 5, 2024
April 5, 2024
We have been reverse engineering the XZ Utils backdoor and are sharing some initial findings: we've identified multiple hooking options to adapt to different environments, and a hardcoded fake public key that can appear in verbose SSH logs depending on attacker-controlled flags. pic.twitter.com/P48blup7cN
— Danielle Aminov (@AminovDanielle) April 3, 2024
Our research shows that this fake public key generates the following RSA-CERT hash which can appear in verbose SSH logs under the right conditions, and therefore might be useful for detection:
— Danielle Aminov (@AminovDanielle) April 3, 2024
G1Q+4a0TgAHnlq2B8BKLZUP6wDHsjX6F5nVtUTU3dBQ pic.twitter.com/El2jglNOpI
We've updated our blogpost with more details. You can find it here 🪄:https://t.co/nO4OJt5o5o
— Danielle Aminov (@AminovDanielle) April 3, 2024
Not sure I agree that the US needs to do more aggressive disruption campaigns. In fact, I don’t.
A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask
Jia Tan found a way to get paid to work on open source. Why can't you
— apenwarr (@apenwarr) April 4, 2024
Federal government affected by Russian breach of Microsoft | CyberScoop
U.S. cybersecurity officials issued an emergency directive this week to address a breach by Russian operatives of Microsoft first disclosed in January.
The best take on xz
I saw a book entitled "Die GNU Autotools" and I thought "My feelings exactly". Turns out the book was in German.
— Tim Martin (@timmartin2) January 7, 2011
All my nudes in bio... gone.. https://t.co/80XHNDMN8h
— Rob DenBleyker (@RobDenBleyker) April 5, 2024
Elon Musk announces that Twitter/X is undergoing a purge to eliminate bots and trolls. pic.twitter.com/fPiO0hePyy
— Pop Base (@PopBase) April 4, 2024
This evening we spent over 2 hours with @lauriewired on a livestream. Our goal was to follow suspicious URLs from Twitter (or online) to get malware.
— vx-underground (@vxunderground) April 5, 2024
Every single time we got surveys for free McDonalds.
2 hours. 0 malware.
Here is what we did find:
— vx-underground (@vxunderground) April 5, 2024
- Robux scam (not malware) on Harvard and Stanford (???)
- Robux scam spam on people's obituaries (we left a nice comment)
- Tons upon tons of fake porn sites which did nothing but try to take your credit card
- Fake Roblox Android apps that show ads
Today a couple of media outlets picked up on a patent filed by Roku in 2022.
— vx-underground (@vxunderground) April 4, 2024
In a brief summary: a patent which allows Roku to slipstream advertisements via the HDMI cable. It would allow content to be paused so advertisements can be displayed.
Link: https://t.co/NpSxUcsVJW
Austria is about to ban spying. Because of woke.
"The nation has the most permissive spying laws in Europe when it comes to hosting foreign agents on its soil, with current rules allowing intelligence operatives to ply their trade as long as they don’t spy directly on Austria".https://t.co/h2qWZOIggq
— Dr. Dan Lomas (@Sandbagger_01) April 4, 2024
Google Books is full of AI-generated garbage. This is bad for a variety of reasons. One of them is that Google Books ultimately feeds into NGram Viewer, which is a tool academics use to do research on human culture and language https://t.co/9nckGnuXPI pic.twitter.com/Fi9oZT2Omd
— Jason Koebler (@jason_koebler) April 4, 2024
Great collection of resources related to executable packing (PE, ELF, MACH-O)https://t.co/s7Lh3egDgi#infosec #malware pic.twitter.com/temJtA5h45
— 0xor0ne (@0xor0ne) April 4, 2024
Big day for the V8 Sandbox:
— Samuel Groß (@5aelo) April 4, 2024
* Now included in the Chrome VRP: https://t.co/FTPnWsJPSr
* Motivation & goals discussed in a new technical blog post: https://t.co/WHr5S5T5eN
If there is ever a Sandbox "beta" release, this is it!
3 standout snippets from this @guardian scoop on Indian assassinations
— Rory Cormac (@RoryCormac) April 4, 2024
1. Directly learning from Mossad, Russia,& especially Saudi Arabia (inc desire to send message)
2. Pakistan colluded in fiction of secrecy b/c many targets are known terrorists
3…https://t.co/klUBiGbd6P
3. Sense of lots of states, including western states, engaging in extrajudicial killings overseas and so some in Delhi believe “India reserves the right to do the same”
— Rory Cormac (@RoryCormac) April 4, 2024
1+2+3=more visible but unacknowledged operations to disrupt enemy and send message (& further erosion of norm)
This is incredible.
— Mike Simonsen 🐉 (@mikesimonsen) April 4, 2024
From @Jamie_Lane where AirBnBs are fully booked next week. pic.twitter.com/ITKZJaGfY8