week 03/2024
This is simply an attempt at building a weekly shortlist of cyber security highlights. My intention is – kind of – to pick stuff that I think everyone should know about, but there is no actual planning done towards my choices – it is what I think is significant, cool or fun.
Most of the articles are in English, but some current warnings might also be in German.
Highlights 🪧 IT-KV: Verhandlungen erneut unterbrochen – Demonstration am 24. Jänner I know. It's not much security and just a little cyber https://www.gpa.at/kollektivvertrag/information-und-consulting/informationstechnologie/2024/it-kv-sechste-runde
🚨 Watch out for “I can't believe he is gone” Facebook phishing posts https://www.bleepingcomputer.com/news/security/watch-out-for-i-cant-believe-he-is-gone-facebook-phishing-posts/
For All
👻 Vorsicht vor Kryptoscams, die in Wien auf der Straße liegen https://www.derstandard.at/story/3000000203274/vorsicht-vor-kryptoscams-die-in-wien-auf-der-strasse-liegen
🏢 Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers Official blog post in second link https://www.theverge.com/2024/1/19/24044561/microsoft-senior-leadership-emails-hack-russian-security-attack https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
😾 Meta won't remove fake Instagram profiles used for obvious catfishing https://www.bleepingcomputer.com/news/security/meta-wont-remove-fake-instagram-profiles-used-for-obvious-catfishing/
📴 GrapheneOS: Frequent Android auto-reboots block firmware exploits https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/
🍎 A reboot a day can keep the ******** away https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/
📘 Each Facebook User is Monitored by Thousands of Companies !!!!! !!!!!! https://themarkup.org/privacy/2024/01/17/each-facebook-user-is-monitored-by-thousands-of-companies-study-indicates
👨⚖️ IT-Experte wegen Nutzung einer Zugriffssoftware verurteilt https://www.golem.de/news/modern-solution-it-experte-wegen-nutzung-einer-zugriffssoftware-verurteilt-2401-181296.html
👩⚖️ FTC settles second case with geolocation data broker in two weeks https://therecord.media/ftc-settles-data-broker-case-geolocation
🥟 Researcher uncovers one of the biggest password dumps in recent history For more info, see the very last entry of this week 😉 https://arstechnica.com/?p=1996879
⛺ Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html
📻 Amazon plans to charge for Alexa in June—unless internal conflict delays revamp https://arstechnica.com/gadgets/2024/01/alexa-is-in-trouble-paid-for-alexa-gives-inaccurate-answers-in-early-demos/ |sarcasm on| Amazon beeing like: If you are dumb enough to put a listening spy-device in your home you are also dumb enough to pay monthly for it (Sorry, but this is just borderline idiotic to me).
🗣 OpenVoice: Versatile Instant Voice Cloning https://research.myshell.ai/open-voice
🏭 Researcher Details Critical Buffer Overflow Vulnerability in Popular Factorio Game https://securityonline.info/researcher-details-critical-buffer-overflow-vulnerability-in-popular-factorio-game/
🏛 Unseen images of code breaking computer that helped win WW2 Not news, but soooo cool https://www.bbc.com/news/technology-67997406
more, For the Curious
🔮 EasyEASM – Zero-dollar Attack Surface Management Tool https://www.kitploit.com/2024/01/easyeasm-zero-dollar-attack-surface.html
🗡️ BobTheSmuggler: Your Covert Cyber Swiss Knife for Undetectable Payload Delivery https://medium.com/@TheCyb3rAlpha/bobthesmuggler-your-covert-cyber-swiss-knife-for-undetectable-payload-delivery-bc84f3037522
Ⓜ️ Microsoft Teams Covert Channels Research https://blog.compass-security.com/2024/01/microsoft-teams-covert-channels-research/
👷Is Hardware-Glitching your Thing? 1 https://sec-consult.com/blog/detail/secglitcher-part-1-reproducible-voltage-glitching-on-stm32-microcontrollers/ 2 https://www.synacktiv.com/en/publications/how-to-voltage-fault-injection
💽 CVE-2023-28231: RCE in the Microsoft Windows DHCPv6 Service https://www.thezdi.com/blog/2023/5/1/cve-2023-28231-rce-in-the-microsoft-windows-dhcpv6-service
📃 CISA Added the current Ivanti Vulnerability to their KVE list I kind of avoided mentioning the big one. I guess it had to happen. https://www.cisa.gov/news-events/alerts/2024/01/18/cisa-adds-one-known-exploited-vulnerability-catalog
💦 CISA, FBI and EPA release an Incident Response Guide for the WWS Sector There are some cool resources in there, if you dare shaving the yak. https://www.cisa.gov/news-events/alerts/2024/01/18/incident-response-guide-wws-sector
📨 Stealing your email with a .txt file https://blog.strikeready.com/blog/stealing-your-email-with-a-.txt-file/
🚪 Inside the Massive Naz.API Credential Stuffing List https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/
(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.