|
anthonypants posted:Experian.  Furism posted:Some VM escape vulnerability just patched by VMWare: https://nakedsecurity.sophos.com/2017/09/21/critical-vmware-vulnerability-patch-and-update-now/  mewse posted:NSA's spying is hindering their efforts to propose encryption standards  Lain Iwakura posted:Time to put machine learning IPSes on every internal router and switch.  Alfajor posted:Curious, and I think this is the best place for this query:  Jewel posted:nice NICE NICE NICE  Proteus Jones posted:Via YOSPOS Sec gently caress thread  CLAM DOWN posted:Every day, more dumpster fires 
|
#
?
Sep 23, 2017 01:16
|
|
|
|
| # ? May 29, 2024 17:41 |
|
|
2017 has been loving amazing, and never let someone tell you otherwise.
|
|
#
?
Sep 23, 2017 01:17
|
|
|
Next, someone will figure out how to factor large numbers in polynomial time using a classical algorithm.
|
|
#
?
Sep 23, 2017 01:26
|
|
|
CLAM DOWN posted:Every day, more dumpster fires Somebody tell Gary Numan.  https://www.youtube.com/watch?v=Ldyx3KHOFXw
|
|
#
?
Sep 23, 2017 01:42
|
|
|
Thanks Ants posted:Always. While I want to give them poo poo, i know that this position is probably born of people using some sort of goofy and slow network storage over a lovely remote connection causing the file to be half written when the user closes the lid on their laptop, causing a VERY MYSTERIOUS case of data loss that must be Adobe's fault.
|
|
#
?
Sep 23, 2017 03:54
|
|
|
A check-out / check-in approach to working with files on a removable volume that provides a friendly way to do the copy/work locally/copy back workflow wouldn't have taken them very long to produce. But they're Adobe.
|
|
#
?
Sep 23, 2017 11:36
|
|
|
Caching files that big on a local disk without user control isn't easy from a UX perspective. My suspicion is that they rely on some FS semantics that aren't guaranteed by the Win32 API but happen to work consistently on the local filesystems.
|
|
#
?
Sep 23, 2017 12:00
|
|
|
And if you tried to copy large files to the temp folder you'd get people complaining that their disk is full. But you'll notice that Adobe includes network drives along with removable media.
|
|
#
?
Sep 23, 2017 19:54
|
|
|
I've heard of browsers that seemingly slow a computer to a crawl, but putting a buttcoin miner in an extension is a new high (or low). The author claims that there "has been a hack", but the extension hasn't actually been updated for over a month, so something doesn't quite add up.
|
|
#
?
Sep 23, 2017 22:09
|
|
|
D. Ebdrup posted:I've heard of browsers that seemingly slow a computer to a crawl, but putting a buttcoin miner in an extension is a new high (or low). The author claims that there "has been a hack", but the extension hasn't actually been updated for over a month, so something doesn't quite add up. Suddenly Slack's abuse of electron makes perfect sense.
|
|
#
?
Sep 23, 2017 22:30
|
|
|
D. Ebdrup posted:I've heard of browsers that seemingly slow a computer to a crawl, but putting a buttcoin miner in an extension is a new high (or low). The author claims that there "has been a hack", but the extension hasn't actually been updated for over a month, so something doesn't quite add up.
|
|
#
?
Sep 23, 2017 22:53
|
|
|
anthonypants posted:It's not even new. Yeah, sites serving miners in their JS has been around for awhile.
|
|
#
?
Sep 23, 2017 23:51
|
|
|
HAHAHQAHAHAHAHAAHAHAHAWIWJAFEYIJEWFYAAFAWFA https://twitter.com/ThoughtsOnCyber/status/911697583525023746
|
|
#
?
Sep 24, 2017 00:54
|
|
|
This seems like the thread for this Q: A friend's facebook post from over a year ago got a response today by someone who had all the hallmarks of some kind of russian/macedonian/MAGA troll in order to stir up poo poo. The account was clearly fake and had just been opened hours beforehand. Is there any good literature about how they are operating technically? I'm curious if they use some kind of automated search to find what posts to crap all over and if it is automated posting at first that gets taken over by a human when a response is posted. Facebook was pretty quick about shutting the fake account down and so all their posts are removed. But it was a pretty interesting reminder of the weird poo poo that happens on social media.
|
|
#
?
Sep 24, 2017 06:12
|
|
|
I've started listening to this podcast on the topic which is quite good so far https://mikehind.co.uk/podcast/
|
|
#
?
Sep 24, 2017 09:47
|
|
|
anthonypants posted:It's not even new. https://www.youtube.com/watch?v=vI3GRCgThxE
|
|
#
?
Sep 24, 2017 15:25
|
|
|
priznat posted:This seems like the thread for this Q: Your best bet for good literature on the subject is to start with the Facebook documentation for building bots. If you're interested in how the campaigns themselves operate then... One of the recent big cases of using the internet for political disinformation that comes to mind is the Packrat campaign. There was not as much Twitter/Facebook automation like what we are seeing in the pro-Trump campaigns but it had a similar premise/end goal. Citizen Lab did a really good write-up on it (https://citizenlab.ca/2015/12/packrat-report/). Another notable mention is Andres Sepulveda and his work with Mexican president Enrique Pena Nieto.
|
|
#
?
Sep 24, 2017 20:17
|
|
|
D. Ebdrup posted:If that's not new and cool enough, how about using voltage screwing to gain access to the ARM/AMD TrustZone (like Intel ME, including being as insecure and untrustworthy as Intel ME) at USENIX Security '17? There's even a video of the repsentation: This is insanely cool haha, thanks for linking it!
|
|
#
?
Sep 24, 2017 22:28
|
|
|
An article about Google's AMP. http://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
|
|
#
?
Sep 25, 2017 08:30
|
|
|
So these guys wrote a paper (PDF) explaining how to exfiltrate data from the IR leds of IP cams. Bit rate is low (20 bps) but it's better than nothing. I guess it's an evolution of the same thing somebody else presented at Black Hat Europe in 2015 (iirc) where they used the light from hacked printers/scanners to achieve the same (although less discreetly obviously). Sophos has the high level summary: https://nakedsecurity.sophos.com/2017/09/22/using-infrared-cameras-to-break-out-of-air-gapped-networks/
|
|
#
?
Sep 25, 2017 10:14
|
|
|
Furism posted:So these guys wrote a paper (PDF) explaining how to exfiltrate data from the IR leds of IP cams. Bit rate is low (20 bps) but it's better than nothing. I guess it's an evolution of the same thing somebody else presented at Black Hat Europe in 2015 (iirc) where they used the light from hacked printers/scanners to achieve the same (although less discreetly obviously).
|
|
#
?
Sep 25, 2017 10:34
|
|
|
I did something similar years ago with the power led on a foscam ip camera just for fun. I used another foscam ip camera pointed at it and the blinked the user-controllable power led in morse code (again, just for fun) and picked the LED out with OpenCV on the feed from the 2nd camera.
|
|
#
?
Sep 25, 2017 17:36
|
|
|
NIST 800-53 is too long 
|
|
#
?
Sep 25, 2017 18:19
|
|
|
D. Ebdrup posted:The ways people find to exfiltrate data are absolutely fascinating - reminds me a bit of Ted Unangst describing how to exfiltrate data via receive timing and request timing, although it only manages 8bps it's almost undetectable by commonly used methods. I like how Chrome doesn't trust his certificate authority. 
|
|
#
?
Sep 25, 2017 19:15
|
|
|
He is an OpenBSD developer, afterall. EDIT: I just realized that that might come off as dismissive, which it isn't intended to be. What I mean is: It is implicit that when you use OpenBSD that you trust OpenBSDs developers not to intentionally back-door their software and do everything in their power to try and keep the software bug-free. In that sense, it makes sense to me for Ted to say that you should trust him signing his own certificates. BlankSystemDaemon fucked around with this message at 19:32 on Sep 25, 2017 |
|
#
?
Sep 25, 2017 19:22
|
|
|
Thermopyle posted:I like how Chrome doesn't trust his certificate authority. It's loving self-signed. Holy poo poo. D. Ebdrup posted:He is an OpenBSD developer, afterall. He's not even using X25519 like OpenBSD would. It's RSA for the cert and P256 for TLS.
|
|
#
?
Sep 25, 2017 19:25
|
|
|
Thermopyle posted:I did something similar years ago with the power led on a foscam ip camera just for fun. I used another foscam ip camera pointed at it and the blinked the user-controllable power led in morse code (again, just for fun) and picked the LED out with OpenCV on the feed from the 2nd camera. Why morse? Is that lighter than binary?
|
|
#
?
Sep 25, 2017 19:32
|
|
|
2012 cybersecurity company of the year hacked https://twitter.com/briankrebs/status/912359097726640130
|
|
#
?
Sep 25, 2017 19:35
|
|
|
NevergirlsOFFICIAL posted:2012 cybersecurity company of the year hacked Sigh
|
|
#
?
Sep 25, 2017 19:36
|
|
|
The Eternal September continues.Star War Sex Parrot posted:Well, bring on 10.13.1. 
|
|
#
?
Sep 25, 2017 19:46
|
|
|
CLAM DOWN posted:NIST 800-53 is too long you working on low,
|
|
#
?
Sep 25, 2017 19:50
|
|
|
Potato Salad posted:you working on low, Moderate, trying to get to high. It's a daunting task.
|
|
#
?
Sep 25, 2017 19:52
|
|
|
Furism posted:Why morse? Is that lighter than binary? No particular reason other than I (for some reason I don't recall) thought it was funny.
|
|
#
?
Sep 25, 2017 19:58
|
|
|
|
|
#
?
Sep 25, 2017 20:20
|
|
|
quote:The hacker compromised the firm’s global email server through an “administrator’s account” that, in theory, gave them privileged, unrestricted “access to all areas”. For gently caress's sake.
|
|
#
?
Sep 25, 2017 20:59
|
|
|
Double Punctuation posted:The Eternal September continues. its not great but you need to click through a few prompts and type credentials with a restricted user to launch unsigned code like that. if he just doubleclicked on his PoC app it wouldn't execute
|
|
#
?
Sep 25, 2017 21:00
|
|
|
Furism posted:For gently caress's sake. The article that I just read said the account in question was an Azure Service Admin account.
|
|
#
?
Sep 25, 2017 21:02
|
|
|
Double Punctuation posted:The Eternal September continues. How is a keychain vuln part of "Eternal September"?
|
|
#
?
Sep 25, 2017 21:52
|
|
|
dont touch the poop, etc. https://twitter.com/GossiTheDog/status/912406976528863232
|
|
#
?
Sep 25, 2017 22:17
|
|
|
|
| # ? May 29, 2024 17:41 |
|
|
Diva Cupcake posted:dont touch the poop, etc. 
|
|
#
?
Sep 25, 2017 22:34
|
|
