Jan 24, 2023
Always a good time to rewatch Mickens
-
Prisoners Usually Can't Have Cell Phones. See How People Use Them Anyway | The Marshall Project
Incarcerated people say contraband phones can improve lives, despite the risks.
-
-
US Soldiers Expose Nuclear Weapons Secrets Via Flashcard Apps - bellingcat
Online study aids used by US soldiers contained detailed information about base security and the location of nuclear devices in Europe.
-
Report from Ukraine on how the Russian cyber offensive is integrated into the “special military operation.”
https://cip.gov.ua/en/news/kiberataki-artileriya-propaganda-zagalnii-oglyad-vimiriv-rosiiskoyi-agresiyiAnd an article on the report:
Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations
Researchers associated with the Ukrainian government on Tuesday confirmed that Russia has coordinated kinetic strikes and cyberattacks to inflict damage on government offices, public service organizations, media companies and communication centers.
-
WiFi Routers Used to Produce 3D Images of Humans
https://vpnoverview.com/news/wifi-routers-used-to-produce-3d-images-of-humans/-
-
People have been asking me about Bitwarden ever since LastPass has been breached. While I never took an in-depth look, I now at least evaluated the claims regarding their encryption:
https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/While the password manager being completely open-source with the option to self-host is great, otherwise I’m not too impressed.
Yellow Flag: "People have been asking me about #Bitwarden ever …" - Infosec Exchange
People have been asking me about #Bitwarden ever since #LastPass has been breached. While I never took an in-depth look, I now at least evaluated the claims regarding their encryption: https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/ While the password manager being completely open-source with the option to self-host is great, otherwise I’m not too impressed. The issues in particular: · Server-side iterations mechanism does not provide any security value. They should have known about it at least since 2020 when @dchest@mastodon.social wrote about it, probably even since 2018 when I discussed the same flaw in LastPass. Yet they are still using it for their PR claims. · 100,000 PBKDF2 iterations on the client side is too low, with the current OWASP recommendation being 310,000. They updated this setting (hopefully upgrading existing accounts as well) in 2018 seemingly to match LastPass and failed to adjust ever since. · Bitwarden allows users to configure 5,000 iterations without even warning them. Not only is this value dangerously low, supporting it also allows a compromised production server to ask the client for a password hashed with 5,000 iterations – regardless of the actual setting. · Bitwarden users have been pointing out the key derivation parameters being inadequate since at least 2018. Development of Argon2 support only started two weeks ago, and it isn’t coming from the core developers. On the bright side, vault data is completely encrypted. No unencrypted URLs and such. @bitwarden@fosstodon.org
-
Pwning Google phone using a bug in Mali
Pwning the all Google phone with a non-Google bug - The GitHub Blog
It turns out that the first “all Google” phone includes a non-Google bug. Learn about the details of CVE-2022-38181, a vulnerability in the Arm Mali GPU. Join me on my journey through reporting the vulnerability to the Android security team, and the exploit that used this vulnerability to gain arbitrary kernel code execution and root on a Pixel 6 from an Android app.
-
Activation Context Cache Poisoning: ZDI Sr Vuln Research Simon Zuckerbraun details this new class of privilege escalation vulnerabilities that has already been used in the wild. He also looks at the code changes #Microsoft has introduced in response. https://www.zerodayinitiative.com/blog/2023/1/23/activation-context-cache-poisoning-exploiting-csrss-for-privilege-escalation
Zero Day Initiative: "Activation Context Cache Poisoning: ZDI Sr Vuln R…" - Infosec Exchange
Activation Context Cache Poisoning: ZDI Sr Vuln Research Simon Zuckerbraun details this new class of privilege escalation vulnerabilities that has already been used in the wild. He also looks at the code changes #Microsoft has introduced in response. https://www.zerodayinitiative.com/blog/2023/1/23/activation-context-cache-poisoning-exploiting-csrss-for-privilege-escalation
…
@dave_aitel@mastodon.social @thezdi@infosec.exchange though I'd argue it wasn't entirely new in 2022 ;-)
https://bugs.chromium.org/p/project-zero/issues/detail?id=1749
James Forshaw :donor:: "@dave_aitel@mastodon.social @thezdi though I'd ar…" - Infosec Exchange
@dave_aitel@mastodon.social @thezdi though I'd argue it wasn't entirely new in 2022 ;-) https://bugs.chromium.org/p/project-zero/issues/detail?id=1749
-
🎰 Miami man 🎰 injured 🎰 by falling iguana 🎰 during outdoor yoga class
miaminewtimes.com/news/florida-m…
-
-
A thought provoking thread.
Some security thoughts on a super strange topic: how rationalists and nihilists have it wrong, and why the infosec community is ahead of the curve.
This is going to be a weird thread tying together an epic James Mickens USENIX Security keynote, Ken Thompson's classic Turing Award speech, Chapman's insights on the failure of modernity and rationalism and postmodernity, and more. So, let's begin.
INVISV: "Some security thoughts on a super strange topic: …" - IOC.exchange
Some security thoughts on a super strange topic: how rationalists and nihilists have it wrong, and why the infosec community is ahead of the curve. This is going to be a weird thread tying together an epic James Mickens USENIX Security keynote, Ken Thompson's classic Turing Award speech, Chapman's insights on the failure of modernity and rationalism and postmodernity, and more. So, let's begin.
-
Paper on undefined behavior in C.
https://people.eecs.berkeley.edu/~akcheung/papers/apsys12.pdf
-
did you know you can infer what version of Windows an executable was built on (or at least what version of the Windows SDK was targeted) by how many fields its load configuration directory has?
the structure remained unchanged from WinXP, until Win8.1 Update 3 when they added new fields for Control Flow Guard support. the same fields were used in the initial Win10 release (version 1507)
the structure was iteratively expanded in versions 1511, 1607, 1703, 1709, 1803, 1809, 21H1, 21H2, and 22H2.
Graham Sutherland / Polynomial: "did you know you can infer what version of Window…" - chaos.social
did you know you can infer what version of Windows an executable was built on (or at least what version of the Windows SDK was targeted) by how many fields its load configuration directory has? the structure remained unchanged from WinXP, until Win8.1 Update 3 when they added new fields for Control Flow Guard support. the same fields were used in the initial Win10 release (version 1507) the structure was iteratively expanded in versions 1511, 1607, 1703, 1709, 1803, 1809, 21H1, 21H2, and 22H2.
-
China is inviting experts to come to China and provide consultations to the gov. Apparently it was consultations with foreigners that led to the removal of all Covid restrictions in December.
If you want a full or part time contract with China they prefer STEM academics in Health, International Relations, and Security. Meetings take place face to face in China. Oh, and no US persons.
^^ CCP uses LinkedIn to build network of foreign experts; prefers Europeans & 'no US experts should be involved'; STEM bckgrnd; re: health, int'l relations & security.
