Reader

O historiador grego do século I a.C., Diodoro, é considerado um compilador de fontes antigas, dentre elas alguns dos ensinamentos de Demócrito de Abdera. Em sua obra, Biblioteca de História (Tomo I, Capítulo 8), encontramos um relato da origem dos seres vivos e dos primeiros homens, que são atribuídos aos ensinamentos de Demócrito por especialistas como Diels, Vlastos, Reinhardt e Beresford. Dando início a meus estudos sobre Protágoras que, como discípulo de Demócrito, compartilhava com ele algumas concepções naturalistas e humanistas, apresento uma tradução do relato da pré-história de Diodoro. Felizmente a obra Biblioteca de História, de Diodoro, foi disponibilizada em inglês pela Universidade de Chicago nesse site.

Transcrevo a seguir o relato dos primeiros homens de Diodoro, como texto inicial para o estudo da conexão do pensamento de Demócrito com o de Protágoras (inclusive as semelhanças e diferenças com o mito de Prometeu e Epimeteu, atribuído a Protágoras no diálogo homônimo, de Platão):

(…) os primeiros homens a nascer (…) levavam uma vida indisciplinada e bestial, saindo um a um para garantir sua subsistência e alimentando-se tanto das ervas mais tenras quanto dos frutos das árvores selvagens. Então, como foram atacados pelas feras, vieram em auxílio uns dos outros, sendo instruídos pela necessidade, e, quando se reuniram dessa maneira devido ao medo, gradualmente começaram a reconhecer suas características mútuas. E embora os sons que produziam fossem no início incompreensíveis e indistintos, aos poucos conseguiram articular sua fala, e, ao concordar entre si sobre símbolos para cada coisa que se apresentava a eles, tornaram conhecido entre si o significado que deveria ser atribuído a cada termo. Mas, como grupos desse tipo surgiram por todas as partes do mundo habitado, nem todos os homens tinham a mesma linguagem, uma vez que cada grupo organizou os elementos de sua fala por mero acaso. Esta é a explicação da existência atual de todos os tipos concebíveis de linguagem e, além disso, a partir desses primeiros grupos formados surgiram todas as nações originais do mundo.

Agora, os primeiros homens, uma vez que nenhuma das coisas úteis para a vida havia sido descoberta ainda, levavam uma existência miserável, não tendo roupas para se cobrir, não sabendo o uso de habitações e fogo, e também sendo totalmente ignorantes de alimentos cultivados. Pois como também negligenciaram até mesmo a colheita dos alimentos selvagens, não acumularam nenhum estoque de seus frutos contra suas necessidades; consequentemente, um grande número deles pereceu nos invernos devido ao frio e à falta de alimentos. Pouco a pouco, no entanto, a experiência os ensinou tanto a buscar as cavernas no inverno quanto a armazenar os frutos que podiam ser preservados. E quando se familiarizaram com o fogo e outras coisas úteis, as artes também e tudo o que é capaz de promover a vida social do homem foram gradualmente descobertos. De fato, falando de modo geral, em todas as coisas foi a própria necessidade que se tornou a professora do homem, fornecendo de maneira apropriada instrução em todos os assuntos a uma criatura que foi bem dotada pela natureza e que tinha, como assistentes para todos os propósitos, mãos, logos (razão) e anchinoia (sagacidade mental).

E no que diz respeito à primeira origem dos homens e seu modo de vida mais primitivo, nos contentaremos com o que foi dito, uma vez que desejamos manter a devida proporção em nosso relato.

#Filosofia #Demócrito #Protágoras

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

Highlight

🐦 Einladung ins Fediverse: Mastodon als Alternative zu X, Instagram und Co. privacy – The article invites readers to consider Mastodon as a privacy-friendly alternative to popular social media platforms like X and Instagram, encouraging sharing and engagement through various channels. https://www.kuketz-blog.de/einladung-ins-fediverse-mastodon-als-alternative-zu-x-instagram-und-co/

🛡️ Kritische Sicherheitslücke in Laravel Framework – Updates verfügbar warning – The article about a critical vulnerability in Laravel is provided by CERT.at, Austria's Computer Emergency Response Team. https://www.cert.at/de/warnungen/2024/11/kritische-sicherheitslucke-in-laravel-framework-updates-verfugbar

---

News For All

❓ Brauchst du wirklich ein VPN? privacy – The article explores whether a VPN is necessary for online privacy and security, highlighting both its benefits and limitations in protecting personal data. https://www.kuketz-blog.de/brauchst-du-wirklich-ein-vpn/

💼 Hacker erbeuten Firmendaten des Statistischen Bundesamtes data breach – A hacker group has stolen and is selling sensitive data from Germany's Federal Statistical Office, including contact details and access credentials, raising significant privacy concerns. https://www.golem.de/news/cyberangriff-auf-destatis-hacker-erbeuten-firmendaten-des-statistischen-bundesamtes-2411-190805.html

💳 200,000 SelectBlinds customers have their cards skimmed in malware attack data breach – SelectBlinds revealed a breach affecting over 206,000 customers due to malware on its checkout page, compromising sensitive information, including credit card details. Users are advised to reset passwords and monitor statements. https://www.bitdefender.com/en-us/blog/hotforsecurity/200-000-selectblinds-customers-card-details-skimmed-malware-attack/

🔑 These are the passwords you definitely shouldn’t be using security news – NordPass released its annual list of the most common passwords, revealing a lack of creativity with '123456' topping the chart. Users are urged to create more secure passwords or consider using passkeys. https://www.theverge.com/2024/11/13/24295543/most-common-passwords-list-2024

🕵️‍♀️ The WIRED Guide to Protecting Yourself From Government Surveillance privacy – With the potential expansion of government surveillance under a new administration, experts recommend various privacy protections, including encrypted communications, device encryption, and careful management of location and financial data. https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/

🚨 Criminals Exploiting FBI Emergency Data Requests cybercrime – Cybercriminals have exploited compromised police accounts to impersonate law enforcement and request user data, resulting in unauthorized access to sensitive information from companies. This highlights vulnerabilities in lawful-access mechanisms. https://www.schneier.com/blog/archives/2024/11/criminals-exploiting-fbi-emergency-data-requests.html

📃 'FYI. A Warrant Isn’t Needed': Secret Service Says You Agreed To Be Tracked With Location Data privacy – Internal emails reveal the Secret Service's debate on needing warrants for location data from apps, claiming users consented through terms of service, despite concerns over illegal usage of the data. https://www.404media.co/fyi-a-warrant-isnt-needed-secret-service-says-you-agreed-to-be-tracked-with-location-data/

🔓 Delta, Amazon confirm vendor breach as dark web posts revive MOVEit leak concerns data breach – Delta and Amazon confirmed that employee data was stolen from a vendor via a MOVEit vulnerability. The leaked data, including contact information, has reignited concerns about previous breaches tied to the Clop ransomware gang. https://therecord.media/delta-amazon-vendor-breach-confirmed

👁️ ICE Started Ramping Up Its Surveillance Arsenal Immediately After Donald Trump Won privacy – Immediately following Trump's election, ICE sought contracts to enhance surveillance technologies for monitoring non-citizens awaiting deportation, anticipating a dramatic increase in those under surveillance from 200,000 to over 5 million. https://www.wired.com/story/ice-surveillance-contracts-isap/

📱 Safer with Google: New intelligent, real-time protections on Android to keep you safe security news – The article discusses Google's latest advancements in online security features aimed at enhancing user safety through intelligent systems and real-time protection mechanisms. https://security.googleblog.com/2024/11/new-real-time-protections-on-Android.html

🎧 These Guys Hacked AirPods to Give Their Grandmas Hearing Aids hacking write-up – Three technologists in India hacked AirPods Pro 2 to enable hearing aid features by creating a Faraday cage to bypass Apple's location restrictions, allowing their grandmothers to use the technology. https://www.wired.com/story/apple-airpods-hearing-aid-hack/

👶 Pregnancy Tracking App ‘What to Expect’ Refuses to Fix Issue that Allows Full Account Takeover privacy – The 'What to Expect' pregnancy tracking app is neglecting serious vulnerabilities, including one enabling full account takeover, which risks exposing users' sensitive reproductive health information amid rising concerns for privacy and safety. https://www.404media.co/pregnancy-tracking-app-what-to-expect-refuses-to-fix-issue-that-allows-full-account-takeover-2/

💬 An Interview With the Target & Home Depot Hacker – Krebs on Security cybercrime – Mikhail Shefel, the identity behind the Rescator alias, discusses his role in the Target and Home Depot breaches, his connections to other hackers, and his current financial struggles following legal issues and arrests. https://krebsonsecurity.com/2024/11/an-interview-with-the-target-home-depot-hacker/

🤏 ShrinkLocker Ransomware: What You Need To Know malware – ShrinkLocker is a new ransomware that uses VBScript and BitLocker to encrypt victims' files, locking them out without providing a password. It changes drive names to an attacker's contact, but Bitdefender offers a free decryption tool. https://www.tripwire.com/state-of-security/shrinklocker-ransomware-what-you-need-know

📬 Scammers resort to physical Swiss post to spread malware cybercrime – Switzerland's NCSC warns of a new scam where malware is spread through fake letters mimicking official weather alerts. Recipients are tricked into downloading a malicious app containing the Coper trojan, targeting banking information. https://www.theregister.com/2024/11/16/swiss_malware_qr/

---

Some More, For the Curious

🤔 Newag admits: Dragon Sector hackers did not modify software in Impuls trains I missed this one a few weeks earlier. security news – Newag's lawsuit against hackers reveals that while they claim no software modifications were made, they still face questions about intentional software locks in their trains. The truth remains elusive. https://rys.io/en/175.html

🦠 A new fileless variant of Remcos RAT observed in the wild malware – Fortinet has identified a phishing campaign distributing a new variant of Remcos RAT, using an Excel document to exploit vulnerabilities and stealthily execute malware, granting attackers remote access. https://securityaffairs.com/170791/security/a-new-fileless-variant-of-remcos-rat-phishing.html

💻 North Korean-linked hackers were caught experimenting with new macOS malware malware – Researchers found North Korean hackers embedding malware in macOS applications using an open-source SDK, capable of bypassing Apple's security. The malware shows ties to cryptocurrency intrusions but its use remains uncertain. https://cyberscoop.com/north-korea-macos-malware-flutter-jamf/

⚙️ Exploit code released for RCE attack on Citrix VDI solution vulnerability – Researchers released a PoC exploit for a vulnerability in Citrix's Virtual Apps and Desktops, allowing remote code execution via HTTP requests. Citrix disputes the claim of unauthenticated access, urging users to apply hotfixes. https://www.theregister.com/2024/11/12/http_citrix_vuln/

🔧 Zero Day Initiative — The November 2024 Security Update Review security news – Adobe and Microsoft released significant patches in November, addressing numerous vulnerabilities across various products. Key issues include critical RCE flaws in Windows and multiple critical updates from Adobe. https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review

🥼 Inside the DemandScience by Pure Incubation Data Breach data breach – The article discusses the DemandScience data breach, revealing how personal data was aggregated and sold. It highlights public concerns about data privacy, expectations of notification, and the implications of data misuse. https://www.troyhunt.com/inside-the-demandscience-by-pure-incubation-data-breach/

🌐 A three beats waltz: The ecosystem behind Chinese state-sponsored cyber threats security research – The article analyzes the complex ecosystem of Chinese state-sponsored cyber operations, highlighting the roles of the PLA, MSS, and MPS, along with the involvement of private companies and patriotic hackers in cyber offensives. https://blog.sekoia.io/a-three-beats-waltz-the-ecosystem-behind-chinese-state-sponsored-cyber-threats/

🔗 China's Volt Typhoon botnet has re security research – The Volt Typhoon botnet has resurfaced, using the same infrastructure and techniques to target critical infrastructure in the U.S. and Guam. Despite previous disruptions, it remains a significant threat, exploiting outdated devices. https://securityaffairs.com/170872/apt/volt-typhoon-botnet-has-re-emerged.html

📉 NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely security news – NIST announced it has cleared a backlog of unanalyzed exploited vulnerabilities with support from CISA and the private sector. However, it will not meet its goal of clearing all vulnerabilities by year-end due to data processing challenges. https://therecord.media/nist-vulnerability-backlog-cleared-cisa

💰 Crimeware and financial predictions for 2025 security news – Kaspersky's report predicts an increase in AI-powered cyberattacks, supply chain attacks, and financial threats targeting central banks and smartphones in 2025, highlighting evolving tactics in the crimeware landscape. https://securelist.com/ksb-financial-and-crimeware-predictions-2025/114565/

🔑 Good Essay on the History of Bad Password Policies security research – Stuart Schechter discusses the history of ineffective password policies, highlighting mistakes made by Morris and Thompson in assuming that their interventions would lead to strong passwords without adequate testing or metrics. https://www.schneier.com/blog/archives/2024/11/good-essay-on-the-history-of-bad-password-policies.html

🔍 NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents security news – Court documents reveal NSO Group cut off 10 customers for abusing its Pegasus spyware, which exploited WhatsApp vulnerabilities. The revelations raise concerns about NSO's operations and the use of its tools against individuals, including high-profile targets. https://techcrunch.com/2024/11/15/nso-group-admits-cutting-off-10-customers-because-they-abused-its-pegasus-spyware-say-unsealed-court-documents/

🪪 Defending Your Directory: An Expert Guide to Fortifying Active Directory Certificate Services (ADCS) Against Exploitation cyber defense – Misconfigurations in Active Directory Certificate Services can lead to serious vulnerabilities, enabling attackers to gain unauthorized access and escalate privileges within a domain. https://www.nccgroup.com/us/research-blog/defending-your-directory-an-expert-guide-to-fortifying-active-directory-certificate-services-adcs-against-exploitation/

---

CISA Corner

🔒 2023 Top Routinely Exploited Vulnerabilities security news – A joint advisory from cybersecurity agencies highlights an increase in zero-day vulnerabilities exploited in 2023, urging software developers and end-users to implement secure practices and timely patching to mitigate risks. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a

⚠️ CISA Adds Five Known Exploited Vulnerabilities to Catalog warning – CISA has included five new vulnerabilities in Atlassian Jira, Cisco ASA, Metabase GeoJSON and Microsoft Windows to its Known Exploited Vulnerabilities Catalog, emphasizing their active exploitation risks. https://www.cisa.gov/news-events/alerts/2024/11/12/cisa-adds-five-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has included two new vulnerabilities in its Known Exploited Vulnerabilities Catalog: CVE-2024-9463 and CVE-2024-9465, both related to Palo Alto Networks Expedition, highlighting significant risks to federal networks. https://www.cisa.gov/news-events/alerts/2024/11/14/cisa-adds-two-known-exploited-vulnerabilities-catalog

🏭 CISA Releases Nineteen Industrial Control Systems Advisories vulnerability – CISA has published nineteen advisories addressing security vulnerabilities in Industrial Control Systems. Siemens, Rockwell, Hitachi, 2N, Elvaco, Baxter https://www.cisa.gov/news-events/alerts/2024/11/14/cisa-releases-nineteen-industrial-control-systems-advisories 🏭 CISA Releases Five Industrial Control Systems Advisories vulnerability – CISA has published five advisories detailing security vulnerabilities and exploits related to various Industrial Control Systems. Subnet, Hitachi, Rockwell, Mitsubishi, Snap One https://www.cisa.gov/news-events/alerts/2024/11/12/cisa-releases-five-industrial-control-systems-advisories

🔒 Fortinet Releases Security Updates for Multiple Products https://www.cisa.gov/news-events/alerts/2024/11/12/fortinet-releases-security-updates-multiple-products 🛡️ Adobe Releases Security Updates for Multiple Products https://www.cisa.gov/news-events/alerts/2024/11/12/adobe-releases-security-updates-multiple-products 🔐 Microsoft Releases November 2024 Security Updates https://www.cisa.gov/news-events/alerts/2024/11/12/microsoft-releases-november-2024-security-updates 🔧 Ivanti Releases Security Updates for Multiple Products https://www.cisa.gov/news-events/alerts/2024/11/12/ivanti-releases-security-updates-multiple-products 🔒 Citrix Releases Security Updates for NetScaler and Citrix Session Recording https://www.cisa.gov/news-events/alerts/2024/11/12/citrix-releases-security-updates-netscaler-and-citrix-session-recording

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

---

Отговор на въпрос. Впоследствие разбрах, че това било част от течението на солипсизма.

Дали когато това дърво е издало някакъв звук при падането си, ако никой не го е чул. Опитах се да го разгледам в тотален детайл, за да си го само- обясня по пътя. Според мен случаят може да се разгледа в две основни направления :

То (дървото), като организъм престава да бъде живо само по себе си, когато се прекърши, удари го гръмотевица, отсече се, постепенно изсъхне и т.н. Това вероятно не е моментен процес, както откъснатите цветя не увяхват веднага след като бъдат откъснати. Но то спира да живее в този смисъл на живота, независимо дали някой е бил там, за да свидетелствува. От измислените ни теории за това как света работи, можем да направим извода, че:

1. Земното притегляне го е накарало да падне, подкрепа за това твърдение намираме в състоянието му, когато го видяхме.

2. Звукът е механична вълна, която може да се движи само в “среда”. В случая- среда има- съвкупността от газове, които наричаме въздух. Знаем, че това може да бъде среда, защото самите ние я използваме, за да общуваме.

3. През него (въздуха) могат да преминават както енегрийните вълни, които наричаме звук, така и други обекти и частици, в нашия случай дърво.

Енергията, която то набира от гравитацията се предава на нещата, които се е случило да се намират под него- камъни, пръст, листа, животни, насекоми. Те (нещата), приемайки енергията на падащото дърво, дадена му от гравитацията, създават (малко или много) звукова/механична вълна, която на теория може да се “чуе” малко след точния момент на предаването на енергията, взависимост от скоростта, която е правопропорционална на предаваната енергия, която е правопропорционална на звуковата/ механичната вълна.

От друга страна, съществува Eфекта на Наблюдателя в квантовата физика, който за мен е подобен на ефекта с котката на Schrödinger.

Observer effect: https://en.wikipedia.org/wiki/Observer_effect_(physics)

Съществува и нещо наречено – предразсъдък, обясняващ склонността на наблюдателя да не вижда/чува/усеща/изживява/Бъде това, което е налице, а това, което очаква да види/чуве/усети/изживее/Бъде/ се случи.

Observer bias: https://en.wikipedia.org/wiki/Observer_bias

---

• Макхтуб – Арабската дума, която се превежда като записано е, завързано е, казано е. Има тежестта на небесата.

Предсказанията като исторически и културен феномен -

Представляват издърпването на щипка информация от бъдещето и представяйки я в настоящето. Но за това трябва да приемем, че времето е линеарен феномен, т.е. има начало. Трябва също да се приеме, че предсказанията са тип позволен анахронизъм.

Някои от феномените на този парадокс могат да бъдат:

• Интуиция

• Дежа Вю

• Предсказването на събитие, точно преди то да се случи.

Би могло да се отнесе към интуицията, макар че тя е осъзнато знание или чувствено предположение за това какво ще се случи, интуицията е предизвикана и повикана от егото, за да се реши някакъв проблем, докато това за което говоря се случва почти изцяло подсъзнателно, като единствено нишка от него понякога достига будното ни същество в тази реалност, информирайки, че нещо ще се случи.

• Когато си мислим нещо и от външния свят се чуе дума или звук, който е точно по темата, която ни трябва.

• Символи по земята и небето

Най- известният пример за това би бил горящият храст от историята за Моисей. Класически примери могат да се търсят във всички религии и митологии. Всеки знае за себе си единия символ, който му се появява пред очите или му се нашепва.

• В музикалните произведения, които успяват да се приближат до преживявания на духа, можем също да намерим свои символи в тоновете, които се изпълняват по точно определена структура, подобно на рецептите в Шумер.

• Преди да заспиш чуваш гласове или виждаш картини – Хипнагогия.

• Вятъра нашепва (в приказките)

• Пътуването до долната земя

Всички тези реалности крият нещо в себе си. Част от тях за мен не биха могли да не бъдат необозрими освен в празното пространство. Ако изхождам от това, значи ежедневно преминаваме през такива празни пространства, “червееви дупки” ако щете, които ни пренасят за момент през друго място, което се отнася към нашата реалност, която живеем в момента.

---

Японската дума “Ма” представлява празнота, пълна с възможности, подобно на обещание, което все още не е изпълнено, тишината между нотите, която реално създава музиката.

Празното пространство брои ли се за време? Колко бързо или бавно тече едно празно пространство?

Празното пространство (когато е известно) никога не е оставено на произвола, тоест то винаги се отнася Към нещо. За да е празно празното пространство не бива никой да знае, че то съществува, защото то веднага ще получи принадлежност. Ако не се узнае, то То все още притежава в себе си магията на свиващото се и разширяващото се, подобно на диафрагмата в телата ни време.

Може ли да съществува време без пространство или пространство без време?

I need to figure out how to reasonably deal mail and deliveries privately.

How it started

I donated to a local nonprofit in 2024, and I really shouldn't say this, but I honestly wish I never did. However, this is not due to a reason you probably expect.

I started to receive significantly more junk mail from charitable nonprofits and groups, more so than usual (at least since the 2020 COVID-19 pandemic). I won't name specific names, but this was a local nonprofit which has a total annual budget size between the order of $1 million and $10 million.

(To the reader: if we know each other IRL, then I'll tell you who the offending org is; and if your savvy with implementing an actionable fix with the issue below, then maybe we can work out a way for me to get out of this rut of a “situation” — as if this is or should be by highest priority project to take on right now. Let's just say that some of you will be surprised by the org I have in mind, which either intentionally uses the services of data brokers, or at least has some heuristic workflow that is leaking donor info to data brokers. The overall situation has a bit of a tragic irony.)

I'm (usually) not a vengeful person, at least when it comes to nonprofit orgs genuinely acting in good faith; but I am keeping a running list of these others orgs that engage in buying/selling/sharing snail mail lists as orgs I won't donate money to in the future, due to their respective disregard for mail privacy. However, there are 3 national-level orgs that have (so far) never sold out to physical mail lists: the ACLU, including state chapters; the EFF; and the Freedom of the Press Foundation. I am purposefully excluding comparatively technical groups that would respect the privacy and security of others in general, such as the Signal Foundation and The Tor Project.

On the other hand, the only other way to avoid excessive physical mail list tracking is to donate to small local nonprofits. (Any method is fine — if you're super concerned about protecting your membership info, using a PO box for your mailing address and renewing your member dues via paper check is more than sufficient for most local community members.) This is because these groups literally don't have the money to spend for mass mail solicitations or blanket marketing.

After this happened, I expressed to a local activist about how I'm going to go straight for a paid plan on Privacy.com (at least the lower tier) and skip the free plan. Additionally, I commented that I reaction was essentially the “I can't believe you've done this” meme. (Somehow, I was initially confused this with the “Charlie bit my finger” meme.)

How it's going (and the future)

I no longer think it's safe for me to order computers and ship the delivery to my residential address, using my own debit card. (That does remind me – I really should get a credit card for better payment protection and everything else that encompasses.)

I remembered that I ordered the HP Dev One in 2022 and the box's outer shipping box wasn't even taped closed when it arrived on my doorstep. Due to my living situation since 2020, I no longer trust anything that goes through the mail, and after Andrew “bunnie” Huang's assessment of overall supply chain security after the 2024 exploding pager incident in Lebanon, I think it's about high time I figure out the logistics of shipping to a private mail box (PMB) – or maybe I use a friend's address and/or credit card to purchase an online only computer (while I pay my friend for the cost, of course).

However, quite a few large computer manufacturers, who primarily have B2B (business-to-business) though also some minor B2C (business-to-consumer) sales, will tell customers that sending deliveries to a PO Box is not allowed during checkout. This includes Lenovo, HP, and even Framework. (I have to double check for System76.) This is partly why I was sad when Costco no longer sold any in-store ThinkPad laptops anymore (one probable cause might be the pandemic, but that's another matter).

If you have any somewhat serious considerations to become a Linux distro maintainer or even a package manager (such as the AUR/MPR), you should at least consider this while threat modeling. I recall Ariadne Conill tweeting about how a Lenovo ThinkPad laptop that they tried ordering online was suspiciously redirected to Langely, Virginia while en route to their home in early 2022, which was symptomatic of mail interdiction. However, those tweets were deleted around late 2022 or early 2023.

There is always something new to try... https://soapbox.pub/servers/

BUT I am now a concentrate and focus. Too much candy? Too many ideas and possibilities? It all depends on the priorities we need. In other words what is your hat colour? Black, white, grey or red? No hats for me, not even green or hoody.

Security for me is transparency or zero preference. Otherwise I am spending all my time on noise and “AI” generated attempts to fathom my rousing browsing. I am already using too many browsers, except TOR. Which is one rocky peek too many.

Slow too. Too slow. Like my keyboard. Old and clunky. Noisy and dusty. Good enough...

There was a guide from early 2023 on what to change in the default KDF settings of Bitwarden.

(The guide has been saved on the Wayback Machine and archive.today.)

You must log in via browser to edit these settings. (Neither the desktop apps nor the mobile apps can change the following settings.)

1. From the main screen in Bitwarden, navigate through the following menus: Security (vertical menu) > Keys (horizontal)
2. Select Argon2id for “KDF algorithm” and enter 10 for “KDF iterations”.
3. Enter 64 for “KDF memory (MB)” and 8 for “KDF parallelism” (number of threads).
4. If you changed any settings, then click on the “Change KDF” button to save any changes (and Bitwarden will log you out of your account on all devices).
   • Otherwise, if no changes were made, then you can leave the “Keys” menu.

Personal context

I need to make sure I have something I can reference when I set up organization accounts on Bitwarden for colleagues and friends.

I vaguely remember that this was discussed roughly around the same about how the default KDF for LUKS (full disk encryption on Linux) was set up. Back in April-May 2023, the sources for episode 132 of the the Surveillance Report podcast was released during the time when the podcast released roughly biweekly – so the podcast lagged at least 1-2 weeks behind current events.

This forum thread helped to date this news story, as well as this assessment.

Remember KISS? Keep It Simple Stewpit,

We do not have to spread ourselves thinly. We can rely on the wheel being invented. We can focus on less but better and complete and cooperate and merge efforts. That is why I trust my experience and others who are offering real services I need. Real alternatives. Really simple. Really.

This evening it's Old Granddad 114. I picked it up at Costco for under $30. I've heard good things about it, so I thought it was time to try it.

The proof makes it hot, so I'm having it with some ice. On the nose, I'm getting maple, chipotle, and maybe some anise. I don't notice anything right away on the tongue, but the maple shows up with some cinnamon. The heat, along with the flavors, lingers on the tongue. There's briefly a hint of anise later. The heat sticks around and follows the swallow and hangs around.

I'm kind of reminded of whisky's that have been finished in amburana casks, but the maple isn't quite as strong.

We'll see how the second dram this evening goes...

Winter is coming. Not with some sort of ice zombies and dragons, but with colds, probably flu. Oh, and the damn fucking sinusitis.

This last one is a bitch! Every few years, my sinusitis headaches become so bad that it feels like I spent a week hitting my head on the walls. This year is an example of this: it's not even winter, and I've had a headache from sinusitis for almost two weeks, with some days so bad that I could barely keep my eyes open and had to take almost twice the recommended amount of pills just to be able to decrease it a little.

The flu wouldn't cause me this much pain.

If this is already happening during autumn, it will probably be much more painful during winter. This is just what I needed: even more pain... It's not like the fibromyalgia keeps me in a ton of pain 24/7...

#Sinusitis #Ramblings

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

News For All

🦹 Inside the Massive Crime Industry That’s Hacking Billion-Dollar Companies cybercrime – A complex hacking ecosystem fueled by infostealer malware is behind major breaches, as hackers exploit stolen credentials from pirated software. https://www.wired.com/story/inside-the-massive-crime-industry-thats-hacking-billion-dollar-companies/

🏆 Valorant is winning the war against PC gaming cheaters security news – Riot Games' Vanguard anti-cheat system has significantly reduced cheating in Valorant by employing advanced detection methods. https://www.theverge.com/2024/11/4/24283482/valorant-is-winning-the-war-against-pc-gaming-cheaters

🎫 Hacker suspected in massive Ticketmaster, AT&T breaches arrested in Canada cybercrime – Canadian authorities arrested a man suspected of breaching around 165 companies, including Ticketmaster and AT&T, by exploiting Snowflake's cloud storage with stolen credentials. https://www.theverge.com/2024/11/5/24288654/alleged-snowflake-hacker-arrested-ticketmaster-att-data-breaches

📉 Mozilla Foundation lays off 30% staff, drops advocacy division security news – The Mozilla Foundation has laid off 30% of its staff, eliminating its advocacy and global programs divisions to streamline operations and focus on its mission amidst significant changes in the tech landscape. https://techcrunch.com/2024/11/05/mozilla-foundation-lays-off-30-staff-drops-advocacy-division/

💸 South Korean authorities fine Meta $15.6 million for sharing user data with advertisers privacy – South Korea fined Meta $15.6 million for sharing sensitive data of 980,000 Facebook users with advertisers without consent, violating the Personal Information Protection Act. https://therecord.media/facebook-south-korea-privacy-regulator-fine

🐍 ToxicPanda Android banking trojan targets Europe and LATAM malware – The ToxicPanda Android banking trojan has infected over 1,500 devices, targeting banks in Europe and Latin America. It employs On-Device Fraud techniques to bypass security measures, indicating a potential shift in attack strategies by Chinese-speaking threat actors. https://securityaffairs.com/170605/malware/toxicpanda-android-malware-targets-italy.html

👮‍♂️ Interpol operation nets 41 arrests, takedown of 22,000 malicious IPs cybercrime – Interpol's Operation Synergia resulted in 41 arrests and the takedown of over 22,000 malicious IP addresses linked to cybercrime, preventing numerous phishing and ransomware attacks worldwide. https://therecord.media/interpol-operation-arrests-takedowns

🕺 Canada ordered ByteDance to shut down TikTok operations in the country over security concerns privacy – Canada has ordered ByteDance to dissolve TikTok Technology Canada due to security concerns, though Canadians can still access the app. The decision follows a national security review amid ongoing scrutiny of TikTok's data practices. https://securityaffairs.com/170653/security/canada-ordered-bytedance-to-shut-down-tiktok-operations.html

💽 Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices vulnerability – Synology patched a critical vulnerability (CVE-2024-10443) in DiskStation and BeePhotos NAS devices that allowed remote code execution without user interaction, affecting millions. Users are urged to apply updates immediately. https://securityaffairs.com/170602/hacking/synology-fixed-critical-bug-in-diskstation-and-beephotos-nas.html

🦠 SteelFox Trojan imitates popular products to drop stealer and miner malware security research – The SteelFox Trojan, disguised as software activators, spreads via torrent and forum posts, stealing sensitive data and mining cryptocurrency. It targets popular applications like AutoCAD and Foxit PDF Editor, employing sophisticated techniques to evade detection. https://securelist.com/steelfox-trojan-drops-stealer-and-miner/114414/

🚫 Major Ukrainian university bans Telegram to reduce cyberthreats security news – Taras Shevchenko National University of Kyiv has banned Telegram for official communications, citing security concerns over Russian access to user data. The ban follows similar restrictions for state officials, prompting discussions about alternative communication platforms. https://therecord.media/ukraine-university-bans-telegram

🧢 How early-stage companies can go beyond cybersecurity basics cyber defense – To combat evolving cyber threats, early-stage companies should adopt a proactive cybersecurity strategy that transcends basic compliance, focusing on risk management, layered security, employee training, and incident response planning. https://cyberscoop.com/cybersecurity-for-startups-early-stage-companies/

🧪 What Is Penetration Testing? security news – Penetration testing simulates attacks to identify vulnerabilities within an organization's security systems. By employing various techniques, it helps organizations strengthen defenses, comply with regulations, and improve incident response capabilities. https://www.blackhillsinfosec.com/what-is-penetration-testing/

🎮 Hacker says they banned ‘thousands’ of Call of Duty gamers by abusing anti-cheat flaw security news – A hacker named Vizor exploited a flaw in Activision's Ricochet anti-cheat system to falsely ban thousands of Call of Duty players by sending messages containing specific strings. https://techcrunch.com/2024/11/07/hacker-says-they-banned-thousands-of-call-of-duty-gamers-by-abusing-anti-cheat-flaw/

🚗 Zero Day Initiative — Multiple Vulnerabilities in the Mazda In vulnerability – Multiple vulnerabilities in the Mazda Connect CMU system allow physical attackers to exploit insufficient input sanitization via USB devices, enabling arbitrary code execution with root privileges, posing significant security risks. https://www.thezdi.com/blog/2024/11/7/multiple-vulnerabilities-in-the-mazda-in-vehicle-infotainment-ivi-system

🔒 A new iOS 18 security feature makes it harder for police to unlock iPhones privacy – iOS 18 introduces an inactivity timer that reboots iPhones after four days of inactivity, entering a more secure state that complicates police access to locked devices and limits data extraction capabilities. https://www.theverge.com/2024/11/9/24292092/ios-18-security-inactivity-reboot-police-complain-unlocking-iphone-difficult

---

Some More, For the Curious

🐰 Fortinet FortiGate CVE-2024-23113 – A Super Complex Vulnerability In A Super Secure Appliance In 2024 vulnerability – A Format String vulnerability in Fortinet's FortiGate SSLVPN devices allows remote code execution. https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/

🔀 A look at the latest post-quantum signature standardization candidates security research – NIST advances 14 post-quantum signature schemes for cybersecurity, highlighting their need to resist quantum attacks. The migration to these standards poses challenges, particularly regarding performance and data overhead in TLS connections. https://blog.cloudflare.com/another-look-at-pq-signatures

🎟️ Strengthening Local Admin Security in Windows 11 with Local Administrator Protection security news – Windows 11's new Local Administrator Protection feature enhances security by providing just-in-time admin privileges, reducing exposure to malware and minimizing risks associated with local admin rights. https://call4cloud.nl/local-administrator-protection-privilege-protection/

🦘 Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems security research – The SANS report highlights rising attacks on ICS/OT systems, primarily through IT network vulnerabilities, with non-ransomware incidents outnumbering ransomware. https://www.darkreading.com/ics-ot-security/attackers-breach-network-provider-ot-ics-network

💼 Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale security research – Cybercriminals are exploiting DocuSign's APIs to send realistic fake invoices using genuine accounts, bypassing traditional phishing defenses. https://lab.wallarm.com/attackers-abuse-docusign-api-to-send-authentic-looking-invoices-at-scale/

🤖 AIs Discovering Vulnerabilities security research – Research into AI capabilities for discovering software vulnerabilities is advancing, with tools like ZeroPath uncovering critical flaws missed by traditional methods. https://www.schneier.com/blog/archives/2024/11/ais-discovering-vulnerabilities.html

🔍 Typosquat campaign impersonates 287+ popular npm packages cybercrime – A new typosquatting campaign targets developers by publishing malicious npm packages that mimic legitimate ones, utilizing Ethereum smart contracts for command-and-control. https://www.theregister.com/2024/11/05/typosquatting_npm_campaign/

💰 Schneider Electric reports cyberattack, its third incident in 18 months *security news – Schneider Electric confirmed a cyberattack involving unauthorized access to its project tracking platform, with the HellCat ransomware group demanding a $150,000 ransom in baguettes after claiming to steal over 40GB of data.* https://cyberscoop.com/schneider-electric-energy-ransomware-hellcat/

🔐 Abusing Intune Permissions for Lateral Movement and Privilege Escalation in Entra ID Native Environments security research – Mandiant's Red Team demonstrated how attackers can exploit Intune permissions to achieve lateral movement and privilege escalation within Microsoft Entra ID. https://cloud.google.com/blog/topics/threat-intelligence/abusing-intune-permissions-entra-id-environments/

💯 Cisco scores an (im)perfect CVSS 10 with critical Wi-Fi flaw vulnerability – Cisco has issued a critical alert for CVE-2024-20418, a vulnerability in its Ultra-Reliable Wireless Backhaul systems that allows remote attackers to gain admin access via crafted HTTP requests, necessitating immediate patching. https://www.theregister.com/2024/11/07/cisco_uiws_flaw/

🤖 AI Industry is Trying to Subvert the Definition of “Open Source AI” security news – The Open Source Initiative's new definition of 'open source AI' has sparked controversy for permitting secretive practices in training data, raising concerns about true transparency in AI development. Critics argue for a clear distinction between 'open source' and 'open weights' models. https://www.schneier.com/blog/archives/2024/11/ai-industry-is-trying-to-subvert-the-definition-of-open-source-ai.html

🚔 FBI says hackers are sending fraudulent police data requests to tech giants to steal people's private information security news – The FBI warns that hackers are exploiting compromised government email addresses to submit fraudulent emergency data requests, enabling them to steal private user information from tech companies like Apple and Meta. https://techcrunch.com/2024/11/08/fbi-says-hackers-are-sending-fraudulent-police-data-requests-to-tech-giants-to-steal-peoples-private-information/

🏜️ Palo Alto Networks warns of potential RCE in PAN vulnerability – Palo Alto Networks alerts customers to a potential remote code execution vulnerability in PAN-OS management interface, urging them to restrict access and follow security best practices to mitigate risks. https://securityaffairs.com/170697/security/palo-alto-networks-warns-potential-pan-os-rce.html

📇 Defending Your Directory: An Expert Guide to Securing Active Directory Against DCSync Attacks security research – This guide emphasizes the importance of limiting high-privilege accounts and monitoring for unusual replication requests to defend against DCSync attacks on Active Directory. https://www.nccgroup.com/us/research-blog/defending-your-directory-an-expert-guide-to-securing-active-directory-against-dcsync-attacks/

🤖 With 2FA Enabled: NPM Package lottie-player Taken Over by Attackers security research – Attackers exploited a leaked automation token to inject malicious code into popular NPM package versions, highlighting vulnerabilities in software supply chains and 2FA limitations. https://checkmarx.com/blog/with-2fa-enabled-npm-package-lottie-player-taken-over-by-attackers/

---

CISA Corner

⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has added two vulnerabilities affecting PTZOptics cameras to its Known Exploited Vulnerabilities Catalog, highlighting the risks of OS command injection and authentication bypass to federal networks. https://www.cisa.gov/news-events/alerts/2024/11/04/cisa-adds-two-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds Four Known Exploited Vulnerabilities to Catalog warning – CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, including privilege escalation and authentication flaws, highlighting significant risks for federal agencies that must address these vulnerabilities promptly. https://www.cisa.gov/news-events/alerts/2024/11/07/cisa-adds-four-known-exploited-vulnerabilities-catalog

⚙️ CISA Releases Three Industrial Control Systems Advisories vulnerability – CISA issued three advisories on November 7, 2024, addressing security vulnerabilities in Beckhoff Automation, Delta Electronics, and Bosch Rexroth ICS products, urging users to review for technical details and mitigations. https://www.cisa.gov/news-events/alerts/2024/11/07/cisa-releases-three-industrial-control-systems-advisories

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

News For All

🎭 Massive hack-for-hire scandal rocks Italian political elites cybercrime – A hack-for-hire scheme exposed sensitive data of top Italian politicians, raising serious concerns about democracy and privacy. Investigations have led to arrests and calls for stronger security measures. https://www.politico.eu/article/hacking-scandal-italy-matteo-renzi-sergio-mattarella-equalize-nunzio-samuele-calamucci/

💻 Black Basta affiliates used Microsoft Teams in recent attacks security research – Black Basta ransomware affiliates are now using Microsoft Teams to impersonate IT support, tricking employees into granting access and spreading malware through malicious QR codes. https://securityaffairs.com/170311/cyber-crime/black-basta-ransomware-microsoft-teams.html

🔓 Free, France’s second-largest telecoms company, confirms being hit by cyberattack data breach – Free confirmed a cyberattack that compromised personal data of subscribers, with over 19 million potentially affected. The company has reported the breach and is enhancing security measures. https://therecord.media/france-telecom-free-cyberattack

🤖 Hospitals adopt error-prone AI transcription tools despite warnings security news – OpenAI's Whisper tool is generating fabricated medical transcripts, raising serious concerns for patient care. Despite warnings, many healthcare providers are using it, risking accuracy in critical situations. https://arstechnica.com/ai/2024/10/hospitals-adopt-error-prone-ai-transcription-tools-despite-warnings/

📚 Die digitale Bildung unter der Lupe: Eine Analyse von Schul- und Lern-Apps privacy – The article examines school and learning apps, focusing on their effectiveness and privacy implications. It emphasizes the need for scrutiny in digital education tools to protect user data. https://www.kuketz-blog.de/die-digitale-bildung-unter-der-lupe-eine-analyse-von-schul-und-lern-apps/

🏃‍♂️ Macron's bodyguards show his location by sharing Strava data privacy – An investigation revealed that President Macron's bodyguards inadvertently shared their locations on Strava, exposing sensitive information about his whereabouts and security arrangements. https://www.theregister.com/2024/10/29/macron_location_strava/

🏡 QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024 vulnerability – QNAP patched a critical zero-day vulnerability (CVE-2024-50388) exploited at Pwn2Own Ireland 2024, allowing remote code execution on TS-464 NAS devices. The flaw was quickly addressed following the demonstration. https://securityaffairs.com/170386/uncategorized/qnap-fixed-zero-day-cve-2024-50388-pwn2own-ireland-2024.html

🦠 Malware campaign expands its use of fake CAPTCHAs malware – A new malware campaign utilizes fake CAPTCHAs to deliver Lumma and Amadey malware, targeting users on various websites. Clicking the CAPTCHA triggers malicious code, leading to data theft and browser credential extraction. https://therecord.media/fake-captcha-malware-campaign-lumma-amadey

🤬 Google CEO says over 25% of new Google code is generated by AI security news – Google's CEO announced that AI now generates over 25% of new code at the company, aiding developers' productivity. While AI tools are popular, concerns about bugs and security remain. Comment: I can't express how scary this sounds to me. https://arstechnica.com/ai/2024/10/google-ceo-says-over-25-of-new-google-code-is-generated-by-ai/

🎢 Windows Themes 0-day opens door to NTLM credential theft vulnerability – A zero-day vulnerability in Windows Themes allows attackers to steal NTLM credentials by tricking users into handling malicious theme files. A free micropatch from Acros Security is available while awaiting a Microsoft fix. https://www.theregister.com/2024/10/30/zeroday_windows_themes/

📞 New version of Android malware FakeCall redirects bank calls to scammers cybercrime – The updated FakeCall malware for Android redirects bank calls to scammers, stealing sensitive information and funds. It mimics the Android dialer, tricking users into granting it default call handler permissions. https://securityaffairs.com/170410/malware/fakecall-malware-intercepts-outgoing-bank-calls.html

🛒 Satori Threat Intelligence Alert: Phish ’n’ Ships Fakes Online Shops to Steal Money and Credit Card Information cybercrime – Satori uncovered a fraud operation, Phish ’n’ Ships, exploiting fake online shops to steal credit card information. The scheme, which has affected hundreds of thousands of consumers, uses infected websites to redirect users to counterfeit stores, resulting in significant financial losses. https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-phish-n-ships-fakes-online-shops-to-steal-money-and-credit-card-information

🎣 Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files security research – Midnight Blizzard, a Russian threat actor, is executing a spear-phishing campaign targeting government and academic sectors using signed RDP files to redirect victims to actor-controlled servers for intelligence collection. https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/

🍽️ Fired Disney worker accused of hacking into restaurant menus, replacing them with Windings and false peanut allergy information security news – A former Disney employee allegedly hacked the restaurant menu system, changing fonts to Wingdings and removing allergy info, risking safety. He faces multiple charges, including a denial-of-service attack on Disney staff. https://www.bitdefender.com/en-us/blog/hotforsecurity/fired-disney-worker-hacking-restaurant-menus-replacing-false-peanut-allergy/

🛎️ Booking.com Phishers May Leave You With Reservations cybercrime – A spear-phishing campaign targeting Booking.com users exploits stolen credentials from hotel partners, allowing scammers to send fraudulent messages. Booking.com is enhancing security measures, including mandatory 2FA, but threats persist as cybercriminals adapt. https://krebsonsecurity.com/2024/11/booking-com-phishers-may-leave-you-with-reservations/

---

Some More, For the Curious

👮‍♀️ Law Enforcement Deanonymizes Tor Users security news – German police have managed to deanonymize several Tor users by monitoring known relays and applying timing analysis, raising concerns about the effectiveness of Tor's anonymity. https://www.schneier.com/blog/archives/2024/10/law-enforcement-deanonymizes-tor-users.html

🔐 Five Eyes tell tech startups to take infosec seriously cyber defense – The Five Eyes nations have issued security principles for tech startups to combat threats like IP theft. They emphasize understanding risks, securing products, and managing partnerships as essential practices. https://www.theregister.com/2024/10/29/five_eyes_secure_innovation_campaign/

🦠 Fog and Akira ransomware attacks exploit SonicWall VPN flaw warning – Fog and Akira ransomware groups are exploiting a critical SonicWall VPN vulnerability (CVE-2024-40766) to breach corporate networks, emphasizing the need for urgent patching to mitigate risks. https://securityaffairs.com/170359/cyber-crime/fog-akira-ransomware-sonicwall-vpn-flaw.html

🔍 How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware cybercrime – U.S. prosecutors charged Maxim Rudometov for developing Redline malware, tracing him through opsec mistakes like using identifiable email and social accounts, leading to his arrest in Operation Magnus. https://techcrunch.com/2024/10/29/how-a-series-of-opsec-failures-led-us-authorities-to-the-alleged-developer-of-the-redline-password-stealing-malware/

🎛️ Writing a BugSleep C2 server and detecting its traffic with Snort security research – Researchers analyzed the BugSleep RAT, detailing its C2 protocol and methods for traffic detection using Snort. They implemented rules to identify and block its communications effectively. https://blog.talosintelligence.com/writing-a-bugsleep-c2-server/

👺 Here’s the paper no one read before declaring the demise of modern cryptography security news – Amidst alarmist claims about quantum computing threatening encryption, experts clarify that recent research does not break RSA or AES. Instead, it finds known vulnerabilities using quantum methods without significant advancements. https://arstechnica.com/information-technology/2024/10/the-sad-bizarre-tale-of-hype-fueling-fears-that-modern-cryptography-is-dead/

🔑 Hackers find 15,000 credentials by scanning for git configuration data breach – Sysdig discovered over 15,000 stolen cloud service credentials in an open AWS bucket, collected by the EMERALDWHALE operation targeting exposed git configurations for spam and phishing campaigns. https://cyberscoop.com/sysdig-git-credentials-cloud-service-emeraldwhale/

🔓 Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns security news – Chinese hackers have compromised 20 Canadian government networks in four years, targeting critical infrastructure and innovation sectors. The threat includes espionage, IP theft, and influence operations, as noted by Canada’s cyber agency. https://therecord.media/canada-20-government-agencies-hacked-china-last-four-years

❎ Colorado scrambles to change voting-system passwords after accidental leak data breach – The Colorado Department of State is urgently updating passwords after accidentally posting a spreadsheet with partial voting system passwords online. Officials assert there is no immediate security threat, but the GOP criticizes the handling of the incident. https://arstechnica.com/tech-policy/2024/10/colorado-scrambles-to-change-voting-system-passwords-after-accidental-leak/

🐱 Hack Nintendo's Alarmo to run code (cat pics)? Let's-a go! hacking write-up – Hacker GaryOderNichts exploited a vulnerability in Nintendo's Alarmo clock to run custom code, including displaying cat pictures. The hack utilized findings from researcher Naomi Smith and involved accessing the device's firmware. https://www.theregister.com/2024/11/01/hack_nintendos_alarmo/

🔓 Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack vulnerability – A critical zero-click vulnerability in Synology's default photo app allows attackers to steal data from millions of NAS devices without user interaction. Researchers warn this could lead to ransomware attacks and unauthorized access. https://www.wired.com/story/synology-zero-click-vulnerability/

🔑 An Okta login bug bypassed checking passwords on some long usernames vulnerability – A vulnerability in Okta allowed logins without password checks for usernames over 52 characters for three months. The issue has been fixed by switching the cryptographic algorithm used for cache keys. https://www.theverge.com/2024/11/1/24285874/okta-52-character-login-password-authentication-bypass

🚿 Chinese threat actors use Quad7 botnet in password-spray attacks cybercrime – Microsoft warns that Chinese threat actors are using the Quad7 botnet to conduct password-spray attacks, targeting SOHO devices and VPNs to steal credentials. The botnet exploits vulnerabilities in various routers to relay brute-force attacks. https://securityaffairs.com/170503/malware/quad7-botnet-used-by-chinese-threat-actors.html

🧰 BOFHound: AD CS Integration cyber defense – The BOFHound tool now supports parsing Active Directory Certificate Services (AD CS) objects for better attack path mapping in BloodHound. It allows for manual LDAP queries and enhances visibility into AD environments while maintaining stealth. https://posts.specterops.io/bofhound-ad-cs-integration-91b706bc7958

🔧 A Deeper Look at FortiJump (FortiManager CVE-2024-47575) vulnerability – CVE-2024-47575, known as FortiJump, is a critical vulnerability in FortiManager that allowed unauthorized access to devices due to missing authentication. Although the flaw has been patched, researchers warn about the potential for command injection exploits. https://bishopfox.com/blog/a-look-at-fortijump-cve-2024-47575

---

CISA Corner

🔒 Apple Releases Security Updates for Multiple Products security news – Apple has released critical security updates for various products to address vulnerabilities and enhance user protection. Users are encouraged to apply these updates promptly. https://www.cisa.gov/news-events/alerts/2024/10/29/apple-releases-security-updates-multiple-products 📧 Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments cybercrime – CISA reports a large-scale spear-phishing campaign targeting government and IT sectors using malicious RDP files. Organizations are urged to implement security measures like restricting RDP connections and enabling multi-factor authentication. https://www.cisa.gov/news-events/alerts/2024/10/31/foreign-threat-actor-conducting-large-scale-spear-phishing-campaign-rdp-attachments

⚠️ Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation vulnerability – Fortinet has revised its advisory for the critical FortiManager vulnerability (CVE-2024-47575), adding new workarounds and indicators of compromise. CISA urges users to apply updates and monitor for malicious activity. https://www.cisa.gov/news-events/alerts/2024/10/30/fortinet-updates-guidance-and-indicators-compromise-following-fortimanager-vulnerability

⚙️ CISA Releases Three Industrial Control Systems Advisories warning – CISA has issued three advisories addressing vulnerabilities in Siemens, Solar-Log, and Delta Electronics ICS devices, urging users to review them for security updates and mitigation strategies. https://www.cisa.gov/news-events/alerts/2024/10/29/cisa-releases-three-industrial-control-systems-advisories ⚙️ CISA Releases Four Industrial Control Systems Advisories warning – CISA has issued four advisories addressing vulnerabilities in Rockwell Automation and Mitsubishi Electric ICS products, urging users to review the advisories for technical details and mitigation strategies. https://www.cisa.gov/news-events/alerts/2024/10/31/cisa-releases-four-industrial-control-systems-advisories

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.