It’s only “espionage” if it comes from the Espionage region of France. Otherwise, it’s “sparkling treason.”
-
The admin of the cybercrime forum Breached said they just received a cease and desist letter claiming the forum thread where a Mexican bank's data was being sold was fake news and harming the bank's reputation. The admin responded by purchasing the data and leaking it. Whoops.
-
Part 3 of the Logistics collection is out. Great stuff by Bret Devereaux.
https://acoup.blog/2022/08/12/collections-logistics-how-did-they-do-it-part-iii-on-the-move/
-
Some hacker research on Starlink. The researcher used fault injection to glitch the client hardware, and from there he got arbitrary code execution on the local hardware. It seems like a good start to a more complex sequence of attacks. (Waiting on the video and slides)
https://www.wired.com/story/starlink-internet-dish-hack/
-
To recap the week in extremism in America, four Muslim Americans were targeted and murdered in a anti-Shia motivated attack, a Jan 6ther tried to attack the FBI in Ohio and Salman Rushdie got stabbed.
It’s a fractured threat environment for the foreseeable future.
-
This is a really special post from our friends at @ESETresearch. We’re proud to collaborate with so many great researchers that fully committed to helping Ukraine from day one and haven’t stopped since.
-
Here is our take on how to exploit CVE-2022-24816, a code injection flaw in JAI-EXT/jiffle leading to an unauthenticated remote code execution in Geoserver. Versions prior to 1.2.22 of JAI-EXT are affected. synacktiv.com/en/publication… Cc @_remsio_ @us3r777
-
why do unix assembly files
use a .s extension?
someone asked me today,
and i didn’t know,
so i asked ken.
the .s is for source,
just like .o is for object.
-
Interesting Black Hat tidbit from @magmill95 in today's @MorningCybersec: The conference's security team "found malware linked to an unnamed nation state on the device of an attendee." More details about malicious activity on the conference network here:
-
A devastating update from Salman Rushdie's agent:
1. He is on a ventilator and can't speak.
2. He will likely lose one eye.
3. The nerves in his arm were severed.
4. His liver was stabbed and damaged.
-
In which a blogger finds the private key used to sign Hyundai car software updates … by googling it. They used a key pair from a popular tutorial. 😂😂😂
The article:
https://programmingwithstyle.com/posts/howihackedmycar/
-
-
@msuiche It's hard for me to tell what Lockdown Mode is supposed to protect against, but I confirm my Gatekeeper Bypass works on Lockdown Mode on macOS Ventura.
@yo_yo_yo_jbo @msuiche Same. I also have a GateKeeper bypass/inconsistency that works on Lockdown Mode
-
-