week 03/2024

This is simply an attempt at building a weekly shortlist of cyber security highlights. My intention is – kind of – to pick stuff that I think everyone should know about, but there is no actual planning done towards my choices – it is what I think is significant, cool or fun.

Most of the articles are in English, but some current warnings might also be in German.

Highlights 🪧 IT-KV: Verhandlungen erneut unterbrochen – Demonstration am 24. Jänner I know. It's not much security and just a little cyber https://www.gpa.at/kollektivvertrag/information-und-consulting/informationstechnologie/2024/it-kv-sechste-runde

🚨 Watch out for “I can't believe he is gone” Facebook phishing posts https://www.bleepingcomputer.com/news/security/watch-out-for-i-cant-believe-he-is-gone-facebook-phishing-posts/

For All

👻 Vorsicht vor Kryptoscams, die in Wien auf der Straße liegen https://www.derstandard.at/story/3000000203274/vorsicht-vor-kryptoscams-die-in-wien-auf-der-strasse-liegen

🏢 Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers Official blog post in second link https://www.theverge.com/2024/1/19/24044561/microsoft-senior-leadership-emails-hack-russian-security-attack https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/

😾 Meta won't remove fake Instagram profiles used for obvious catfishing https://www.bleepingcomputer.com/news/security/meta-wont-remove-fake-instagram-profiles-used-for-obvious-catfishing/

📴 GrapheneOS: Frequent Android auto-reboots block firmware exploits https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/

🍎 A reboot a day can keep the ******** away https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/

📘 Each Facebook User is Monitored by Thousands of Companies !!!!! !!!!!! https://themarkup.org/privacy/2024/01/17/each-facebook-user-is-monitored-by-thousands-of-companies-study-indicates

👨‍⚖️ IT-Experte wegen Nutzung einer Zugriffssoftware verurteilt https://www.golem.de/news/modern-solution-it-experte-wegen-nutzung-einer-zugriffssoftware-verurteilt-2401-181296.html

👩‍⚖️ FTC settles second case with geolocation data broker in two weeks https://therecord.media/ftc-settles-data-broker-case-geolocation

🥟 Researcher uncovers one of the biggest password dumps in recent history For more info, see the very last entry of this week 😉 https://arstechnica.com/?p=1996879

⛺ Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html

📻 Amazon plans to charge for Alexa in June—unless internal conflict delays revamp https://arstechnica.com/gadgets/2024/01/alexa-is-in-trouble-paid-for-alexa-gives-inaccurate-answers-in-early-demos/ |sarcasm on| Amazon beeing like: If you are dumb enough to put a listening spy-device in your home you are also dumb enough to pay monthly for it (Sorry, but this is just borderline idiotic to me).

🗣 OpenVoice: Versatile Instant Voice Cloning https://research.myshell.ai/open-voice

🏭 Researcher Details Critical Buffer Overflow Vulnerability in Popular Factorio Game https://securityonline.info/researcher-details-critical-buffer-overflow-vulnerability-in-popular-factorio-game/

🏛 Unseen images of code breaking computer that helped win WW2 Not news, but soooo cool https://www.bbc.com/news/technology-67997406

more, For the Curious

🔮 EasyEASM – Zero-dollar Attack Surface Management Tool https://www.kitploit.com/2024/01/easyeasm-zero-dollar-attack-surface.html

🗡️ BobTheSmuggler: Your Covert Cyber Swiss Knife for Undetectable Payload Delivery https://medium.com/@TheCyb3rAlpha/bobthesmuggler-your-covert-cyber-swiss-knife-for-undetectable-payload-delivery-bc84f3037522

Ⓜ️ Microsoft Teams Covert Channels Research https://blog.compass-security.com/2024/01/microsoft-teams-covert-channels-research/

👷Is Hardware-Glitching your Thing? 1 https://sec-consult.com/blog/detail/secglitcher-part-1-reproducible-voltage-glitching-on-stm32-microcontrollers/ 2 https://www.synacktiv.com/en/publications/how-to-voltage-fault-injection

💽 CVE-2023-28231: RCE in the Microsoft Windows DHCPv6 Service https://www.thezdi.com/blog/2023/5/1/cve-2023-28231-rce-in-the-microsoft-windows-dhcpv6-service

📃 CISA Added the current Ivanti Vulnerability to their KVE list I kind of avoided mentioning the big one. I guess it had to happen. https://www.cisa.gov/news-events/alerts/2024/01/18/cisa-adds-one-known-exploited-vulnerability-catalog

💦 CISA, FBI and EPA release an Incident Response Guide for the WWS Sector There are some cool resources in there, if you dare shaving the yak. https://www.cisa.gov/news-events/alerts/2024/01/18/incident-response-guide-wws-sector

📨 Stealing your email with a .txt file https://blog.strikeready.com/blog/stealing-your-email-with-a-.txt-file/

🚪 Inside the Massive Naz.API Credential Stuffing List https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/

(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions in these articles are not my own. No guarantee for correct- or completeness in any way.

theme: https://write.as/themes/fosstodon-hub