February 21, 2024
February 21, 2024
Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen — Chinese and US researchers show new side channel can reproduce fingerprints to enable attacks | Tom's Hardware
Researchers claim they can successfully attack up to 27.9% of partial fingerprints.
Cannot wait for this years 'our EDR will protect your sex toys using advanced AI detection methods' marketing campaignshttps://t.co/dFHgUBy98T
— Daniel Cuthbert (@dcuthbert) February 20, 2024
FBI informant who lied about Bidens’ Ukraine ties had contact with Russians – prosecutors https://t.co/aZE9xWpyDW
— Dr. Dan Lomas (@Sandbagger_01) February 21, 2024
Among the other things that prosecutors are doing with this list of stuff that Alexander Smirnov told them is ensuring he'll be dead if he leaves protective custody. https://t.co/d47D2qc6Qu pic.twitter.com/LBUP79fR2m
— emptywheel (@emptywheel) February 20, 2024
You nerds are a bunch of degenerates, the memes are already flooding in 😭 pic.twitter.com/KpZwfKBWm5
— vx-underground (@vxunderground) February 20, 2024
A few comments on this paper. 1) Very well written and easy to read, answered all the questions I had. 2) Without specialized hardware, attacker needs to be within 4cm of victim's NFC card... https://t.co/TaNfcCu0bF
— Charlie Miller (@0xcharlie) February 20, 2024
Interesting white paper by @Josep_Pi on attacking cars wireless exposed communication (Tesla Model Y, NFC and Proxmark)
— 0xor0ne (@0xor0ne) February 20, 2024
White paper link: https://t.co/zmJ1Bhx9c4 #automotive #cybersecurity pic.twitter.com/r04QNaumzv
Uh... yup. That's backdoor code that was in an open-source project and made it into a major management/security product from a major vendor, alright. Damn.🤦♂️A real-world example of the danger of copy/pasting code from GitHub without making sure at all that you understand it. https://t.co/YiMC8Nfok4 pic.twitter.com/NTxF6D3Lil
— Brian in Pittsburgh (@arekfurt) February 20, 2024
A couple weeks ago I got nerdsniped by @steventseeley and dug into an old vuln in Ivanti Endpoint Manager. The advisory says "code injection", but rumours said "backdoored open source". I had a look around, and wrote up what I discovered:https://t.co/tlIHIfI8Go
— Ron Bowes (@iagox86) February 20, 2024
— 𝕯𝖒𝖎𝖙𝖗𝖞 𝕾𝖒𝖎𝖑𝖞𝖆𝖓𝖊𝖙𝖘 (@ddd1ms) February 20, 2024
I remember when 0click was called RCE and it was the default.
This was a great research work by Andy Nguyen (@theflow0) on zero click RCE in Linux bluetooth stackhttps://t.co/yVQvSi6hzT #bluetooth #cybersecurity pic.twitter.com/ItYIBNGuDW
— 0xor0ne (@0xor0ne) February 20, 2024
IT IS HAPPENING! Today, Signal launches phone number privacy & usernames! These features let you use Signal w/o sharing your phone number with the people you talk to
— Meredith Whittaker (@mer__edith) February 20, 2024
Proud to add more privacy to Signal, & proud of the smart, careful work the team did to make this happen ♥️ https://t.co/ym8UhOfloY
Introducing usernames and phone number privacy on Signal! We’re making it possible for people to connect with each other without having to share phone numbers. Now launching to beta users, available for everyone soon. https://t.co/YcBEyD1AIA
— Signal (@signalapp) February 20, 2024
If you are a threat intelligence/security researcher and you are looking for the fully translated: https://t.co/Mf7qBsEhgw dump.
— Tipsy (@TipsyBacchus) February 20, 2024
@lys and I translated it all here: https://t.co/UVocE6xSR3