January 18, 2025
January 18, 2025
Chinese hackers broke into 400 Treasury department computers
Treasury hacked by exploiting trust relationship with BeyondTrust. lol
https://www.bloomberg.com/news/articles/2025-01-16/treasury-hackers-focused-on-sanctions-intelligence-report-says https://archive.is/Thtki
Biden administration punishes key players in major Chinese hacks of US government | CNN Politics
The Biden administration on Friday made one final push to expose what officials say is a rampant Chinese cyber-espionage campaign by identifying a company and a person allegedly behind a pair of damaging hacks aimed at senior US officials.
They also breached the US government office that reviews foreign investments for national security risks, CNN previously reported.
The hack, what the Treasury called a "major incident", happened in December when Chinese state-sponsored hackers breached the department's computer security guardrails by compromising third-party cybersecurity service provider BeyondTrust.
— unusual_whales (@unusual_whales) January 17, 2025
Read more: https://t.co/pb2UyIvg3c
Insane, hilarious situation going on at Walgreens right now:
— BuccoCapital Bloke (@buccocapital) January 17, 2025
- Walgreens replaces 10,000 fridge doors with giant computers
- Signed 10yr contract w/ vendor
- Screens suck. Glitch, catch fire
- Walgreens tries to end contract
- Vendor bricks computer doors pic.twitter.com/iG5i21i3sI
So, I spent a little time diving into the ownership of the underlying websites promoting these glaringly fake tweets on Canadians' timelines.
— Matina Stevis-Gridneff (@MatinaStevis) January 17, 2025
Guess where they're registered? https://t.co/rscrax2t49
Sorry --no surprises there...
— Matina Stevis-Gridneff (@MatinaStevis) January 17, 2025
Russia.
GoDefender : Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package (Windows ONLY): https://t.co/WKmqWEs2yY
— Binni Shah (@binitamshah) January 17, 2025
Fault injection to achieve RCE (CCC presentation slides)https://t.co/xkziu44x25#infosec #ccc pic.twitter.com/lqnyZvurNW
— 0xor0ne (@0xor0ne) January 17, 2025
I wrote a PoC for the recent Ivanti Connect Secure stack buffer overflow, CVE-2025-0282, based on the exploitation strategy @watchtowrcyber published, along with an assessment of exploitability given the lack of a suitable info leak to break ASLR: https://t.co/uCJehEMO25 pic.twitter.com/E6PXLGXSMX
— Stephen Fewer (@stephenfewer) January 16, 2025
#ESETresearch discovered and reported to @certcc a vulnerability that allows bypassing UEFI Secure Boot on most UEFI-based systems. This vulnerability, #CVE-2024-7344, was found in a UEFI app signed by Microsoft’s 3rd-party UEFI certificate. @smolar_m https://t.co/9P3HZ8JvgC 1/4
— ESET Research (@ESETresearch) January 16, 2025
New: Outgoing U.S. cyber ambassador Nate Fick talks to me about the nascent @StateCDP bureau's accomplishments and why the Trump administration needs to stay engaged in global contests with Russia and China over digital security issues.
— Eric Geller (@ericgeller) January 16, 2025
My @WIRED story: https://t.co/lnz76Dxw2G pic.twitter.com/wc37ig0cKf
Investigating an "evil" RJ45 dongle - lcamtuf’s thing
Reverse-engineering hardware can be difficult -- but sometimes, all you need is a comfy armchair and some Google Translate.
The Xiaohongshu 小红书 REDnote 小红书国际版 "Backdoor"
— remy🐀 (@_mattata) January 17, 2025
Analysis: The existence of “backdoor” in the Xiaohongshu 小红书 REDnote app appears to be a problem in the connotation of the word itself among a global community, and nothing more. https://t.co/FtTR8sW0t9
https://x.com/jsoo/status/1880220732237688872