December 28, 2023
December 28, 2023
New details on Triangulation, the iPhone hacking campaign against Russian government officials.
Operation Triangulation: The last (hardware) mystery | Securelist
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
Some more triangulation posts.
Dissecting TriangleDB, a Triangulation spyware implant | Securelist
In researching Operation Triangulation, we set ourselves the goal to retrieve as many parts of the exploitation chain as possible. As of now, we have finished analyzing the spyware implant and are ready to share the details.
Triangulation: validators, post-compromise activity and modules | Securelist
In this report Kaspersky shares insights into the validation components used in Operation Triangulation, TriangleDB implant post-compromise activity, as well as details of some additional modules.
THC RELEASE "WHATSERVER": ๐curl -kfsSL https://t.co/XE1DWQyvtC | bash๐ --- Display all DOMAIN-NAMES ๐ hosted on a server (and other juicy infos ๐งโ๐). Likely the 2nd command you run on any server. [Names are extracted from nginx/apache, x509 files and others]. #KeepHacking pic.twitter.com/nwjBILarQP
โ The Hacker's Choice (@thc@infosec.exchange) (@hackerschoice) December 26, 2023
Berlin IT experts hack Tesla's autopilot and find secret Elon mode
Berliner IT-Experten hacken Teslas Autopilot und finden geheimen Elon-Modus
Drei Doktoranden aus Berlin ist es gelungen, eine Tesla-Platine zu hacken und neben Firmengeheimnissen und privaten Daten den Elon-Modus ...
37C3: Unlocked - media.ccc.de
https://media.ccc.de/b/congress/2023Yesterday's "Breaking "DRM" in Polish trains" talk by @dsredford / MrTick / q3k was one of the best investigative reverse-engineering case studies I've seen. It's a must watch.https://t.co/PV0gaKc4nx
โ Gynvael Coldwind (@gynvael) December 28, 2023
"Chinese security agencies appeal to public for tip-offs after claiming foreign spies were caught after suspicious landlord spotted mystery โgreen lightโ in flat".
โ Dr. Dan Lomas (@Sandbagger_01) December 28, 2023
Sure, Jan!https://t.co/1LGBKCaNy6
๐NEW Release: "The Case for Memory Safe Roadmaps," a collaborative guide with our interagency and Five Eyes partners. This guide outlines a historic coding error persisting for 50+ years and a promising solution! https://t.co/J5gEkE94d9 pic.twitter.com/WU5JZNz67d
โ Cybersecurity and Infrastructure Security Agency (@CISAgov) December 6, 2023
Start the conversation: