March 22, 2023

Mar 22, 2023

holy FUCK. Windows Snipping Tool is vulnerable to Acropalypse too. An entirely unrelated codebase. The same exploit script works with minor changes (the pixel format is RGBA not RGB) Tested myself on Windows 11

Chris Blume @ProgramMax

@ItsSimonTime @David3141593 I've got a fun one for you all to look at. I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk. Sounds similar :D

Norm Charlatan @normcharlatan

Their lifelong dream of not getting bitten by a sloth had been ruined.

U.S. Fish and Wildlife Service @USFWS

A lot of y'all who said I couldn't fit this whole starfish in my mouth are real quiet these days.

A close-up view of a white and gray gull trying to swallow a large sea star.

Deth Veggie @DethVeggie

bbc.com/news/world-lat… "The explosive device looked like a USB drive. He plugged it into his computer and it detonated." Holy crap. That's a new attack vector. Just in case you needed another reason not to plug in strange/untrusted USB drives.

bbc.comJournalist opens USB letter bomb in newsroomEcuador’s government condemns the attack after journalists nationwide are targeted.

Tay 🦊 💖 @tayvano_

I dont know if this is known or not but I can't find a single tweet linking them so I'm putting it out there: The Dec 2021 @BadgerDAO Hack and The Feb 2020 @iota Trinity Wallet Hack via @moonpay are *literally* identical. cc @Mandiant @DavidSonstebo @Cloudflare @hascj

John H. Meyer 🚀 @BEASTMODE

This is crazy and absolutely surreal! I trained an AI on Steve Jobs’ voice… …and then connected it to the chatGPT API 🤯 …and finally, connected it all to Facebook Messenger to allow for 2-way voice conversations with Steve Jobs about anything! 🤖 Final product (sound… https://t.co/2tWPSK2Oks

Noah Barkin @noahbarkin

Deutsche Telekom reached a secret deal with Huawei to blunt the impact of US sanctions against the Chinese firm, according to @handelsblatt. Many parallels between the Nord Stream 2 fiasco and Berlin’s handling of the 5G question. Current government will need to rectify https://t.co/t0gJlEl4e3

Moritz Koch @MoritzKoch78

Exklusiv: Um US-Sanktionen auszuweichen, ließ die Deutsche Telekom offenbar Komponenten der Chinesen einlagern. Kritiker sehen eine „aktive Kollaboration“. @handelsblatt Sanktionspakt mit #Huawei: Wie die Telekom die US-Regierung überlisten wollte https://t.co/skU2F5FQNf

raptor@infosec.exchange @0xdea

Another entertaining #BinDiff and #exploit development adventure Producing a #PoC for CVE-2022-42475 (#Fortinet #RCE) // by @plopz0r

blog.scrt.chProducing a POC for CVE-2022-42475 (Fortinet RCE) – Sec Team Blog

Chris Bakke @ChrisJBakke

This is scary. ChatGPT has caught up with human intelligence. If you ask it to list 20 great things about Ohio, it struggles and just mentions "it's affordable."

Killed by Google @killedbygoogle

Bard thinks that Google will shut it down within the next one to two years. 😂 https://t.co/91vJXJlOqb

Prompt: how long will it take before google bard will be shut down?

Reply:

Google Bard is currently still under development, and there is no official announcement from Google regarding the shutdown of this project. However, based on my knowledge, it is likely that Google Bard will be shut down within the next 1-2 years.

Google Bard was launched in February 2023, and it has been met with mixed reviews from users. Some users find it to be a helpful tool for generating creative text formats, while others find it to be unreliable and inaccurate.

Google has cited the lack of adoption as the reason for the shutdown of Google Bard. This means that not enough users are using this tool to make it a viable project for Google.

chompie @chompie1337

New blogpost by @FuzzySec and I! Patch Tuesday -> Exploit Wednesday: Pwning Windows afd.sys in 24 Hours. We reverse engineer a bug + write an exploit using a cool new primitive. We also find out that it's been exploited in the wild (previously unknown).

securityintelligence.comPatch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 HoursDive into the analysis and exploitation of a vulnerability in the Windows Ancillary Function Driver for Winsock for Local Privilege Escalation on Windows 11. More from X-Force Red experts.

Dr. Dan Lomas @Sandbagger_01

The IPCO "reviewed a sample of statements drafted by analysts at GCHQ to justify the selection for examination of content obtained through bulk interception. We found that 41% of the statements sampled failed to address either necessity or proportionality".

raptor@infosec.exchange @0xdea

Outstanding work by @Doyensec as usual 👏 #Windows Installer EOP (CVE-2023-21800) blog.doyensec.com//2023/03/21/wi…

blog.doyensec.comWindows Installer EOP (CVE-2023-21800) · Doyensec’s BlogDoyensec’s Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.

Jazi @h2jazi

This looks interesting! #APT: Приказ Минфина ДНР № 176. zip (Order of the Ministry of Finance of the DPR No. 176. zip) c7d979437e828156c6c0000b9fbbddeb 1de44e8da621cdeb62825d367693c75e The zip files contain an lnk and a decoy pdf file.

Brian Bartholomew @Mao_Ware

@h2jazi seems to have first identified #BadMagic back in Sep 2022 which was just published by Kaspersky securelist.com/bad-magic-apt/…

Jazi @h2jazi

Leonid Bezvershenko @bzvr_

Magic is here! We have discovered a previously unknown #APT that has been attacking organizations in the area affected by the conflict between Russia and Ukraine. Observed victims were compromised with previously unknown implants that we dubbed #PowerMagic and #CommonMagic. [1/4]

Jazi @h2jazi

@fr0s7_ @bzvr_ Well me and my team did a comprehensive research on this but for some reasons (mainly because of attribution sensitivity) we have decided to hold it off from publishing.

If you wish to honor @aloria@infosec.exchange's memory, please donate to NARAL (https://prochoiceamerica.org), The Trevor Project (https://thetrevorproject.org), Envision Freedom Fund (https://envisionfreedom.org), and/or MrBallen Foundation (https://mrballen.foundation), charities which were meaningful to her.

https://infosec.exchange/@quine/110061983632610002

Source, eek ; https://www.ftc.gov/business-guidance/blog/2023/03/chatbots-deepfakes-voice-clones-ai-deception-sale

https://someone.elses.computer/@lilianedwards/110064056585611144

Forget A TikTok Ban, We Need To Regulate Data Brokers And Pass A Real Privacy Law https://www.techdirt.com/2023/03/21/forget-a-tiktok-ban-we-need-to-regulate-data-brokers-and-pass-a-real-privacy-law/
We’ve noted for a while now how the great TikTok moral panic of 2023 is largely a distraction. It’s a distraction from the fact we’ve refused to meaningfully regulate dodgy data b…

https://infosec.exchange/@nolsen311/110062974543638118

just read the Economic Report of the President, pp 237-272, the crypto chapter.
it uh is *strident*. as you'd expect just after a huge disaster.
it's a great chapter, very clear and readable, and crypto is extremely upset.
“This chapter primarily examines crypto assets, whose proponents have been relearning the lessons from previous financial crises the hard way.”
“The risks presented by crypto assets stem from excessive speculation, high leverage, run risk, environmental harm from crypto asset mining, and fraudulent activities that harm retail investors and corporations.”
“This raises the question of the role of regulation in protecting consumers, investors, and the rest of the financial system from panics, crashes, and fraud related to crypto assets.”
it reads like someone has been very pissed off for a while and this was their chance to say something
also quotes James Mickens, lol

https://www.whitehouse.gov/wp-content/uploads/2023/03/ERP-2023.pdf

https://circumstances.run/@davidgerard/110064266144671891

The Info Op

Discussion about this post