The Lazarus Heist

The Lazarus Heist is a new podcast from our partners at the BBC World Service. It’s about a devastating cyber-attack, Kim Jong-un, Sony Pictures Entertainment, and how the Lazarus Group hackers caused mayhem in Hollywood. And this is just the beginning. This is episode one, but you can subscribe to The Lazarus Heist and listen to more episodes wherever you get your podcasts.

#LazarusHeist #truecrime #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv
🎙@NoGoolag

Hacking the Samsung Galaxy S8 Irisscanner

Mobile vendors have established fingerprints as a biometric feature to unlock smartphones. Now they turn to iris recognition, as do hackers. This video demonstrates how to circumvent the iris recognition of the Samsung Galaxy S8 flagship phone only using basic tools.

https://media.ccc.de/v/biometrie-s8-iris-en

#ccc #biometric #unlock #smartphones #irisrecognition #irisscanner #video
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Facebook, IoTeX, R3 Among New Members of Confidential Computing Consortium

Facebook, Accenture, IoTeX, Nvidia and six other companies are joining the Linux Foundation’s Confidential Computing Consortium (CCC), increasing the size of the privacy-focused group by 60 percent.

The addition of members IoTeX, which leverages blockchain to secure the internet of things, and R3, an enterprise blockchain company, nearly doubles the number of blockchain companies involved.

Created in late October 2019, the CCC aims to bring developers together to accelerate the use of Trusted Execution Environment (TEE) technologies and standards. A TEE sequesters code and data away from applications on the main operating system, so they’re protected from adversaries who may gain access to the main operating system. If the main system is in the White House, for instance, with a variety of protections, a TEE is the bunker underneath it.

Within a TEE, unauthorized actors cannot view the data that is being used within the TEE and cannot alter the data. This enables applications and other systems to run without having direct access to extensive amounts of vulnerable data such as financial or personally identifiable information.

“Securing data-in-use in hardware-based TEEs, can … strengthen other security- and integrity-related technologies,” like running a blockchain ledger, said Stephen Walli, the chairperson of the CCC’s governing board, in a statement.

“Confidential computing brings privacy-preserving smart devices to the next level by not only allowing users to own their private data, but also to use it in a privacy-preserving way,” Raullen Chai, CEO of IoTex, told CoinDesk in an email. “This has major implications for consumer-facing industries such as health care and smart homes, as well as enterprise for private multi-party data sharing and interactions.”

https://telegra.ph/Facebook-IoTeX-R3-Among-New-Members-of-Confidential-Computing-Consortium---CoinDesk-04-30

via www.coindesk.com

#facebook #DeleteFacebook #IoTeX #confidential #computing #consortium #ccc
📡 @nogoolag 📡 @blackbox_archiv

Njalla-Controlled Domains Strangely Changed Hands

Two high-profile Njalla-registered domains have been hijacked, probably by phishing actors. The buyers of the domains haven’t received a 2FA confirmation, so this was either a problem on Njalla’s or a SIM-swap action.
The privacy-respecting domain registration service has acknowledged the issue but refused to make public comments.

There have been reports about domains controlled by the Njalla registrar changing hands without triggering 2FA notices or ever giving their operators a chance to intervene and stop the transfer. One report comes from Dark.Fail, an anonymous researcher who likes to dive deep into the Tor network, and another one comes from DarknetLive.

My domain dark[.]fail was hijacked 12hr ago. I am not in control of it. DarknetLive's domain was also stolen.

We are not the same person. Our registrar Njalla is the common denominator between both attacks. My 2FA was on. I received no emails from Njalla. Something is broken.
— dark.fail (@DarkDotFail) April 30, 2021

https://www.technadu.com/njalla-controlled-domains-strangely-changed-hands/270875/

#njalla #domain #hijacking #darknet #darkfail #darknetlive
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

The EU's "terrorist content" regulation and what it means for UK hosting providers

The European Parliament has adopted (deemed approved) a regulation addressing the dissemination of terrorist content online. The stated aim of the Regulation is to "address the misuse of hosting services for terrorist purposes and contribute to public security in European societies".

If you provide hosting services (which is defined broadly, and includes social media services, sites with public comments sections, eCommerce sites with free-text review facilities, as well as "hosting providers" in the more typical sense) to people in the EU, you'll want to read this.

It's a bit long and complicated, so do get in touch if you need advice on how it applies to your specific services.

Important: Even if you are in scope, you do not need to comply yet: it will apply 12 months and 20 days after it is published in the Official Journal of the European Union. I'll update this page when the date is crystallised.

https://decoded.legal/blog/2021/04/the-eus-terrorist-content-regulation-and-what-it-means-for-uk-hosting-providers

#eu #terrorist #content #regulation #hosting #provider
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

SerenityOS update (April 2021)

erenityOS is a Unix-like operating system that I'm implementing from scratch. https://serenityos.org

👉🏼 SerenityOS is open source on GitHub: https://github.com/SerenityOS/serenity

👉🏼 Discord: https://discord.gg/29gCcKsXkF

https://www.youtube.com/watch?v=KehSJ_fdTxU

#serenityOS #update #video
🎥 @nogoolag 🎥 @blackbox_archiv

I see dead uOps: Leaking secrets via uOp caches

Modern Intel, AMD, and ARM processors translate complex instructions into simpler internal micro-ops that arethen cached in a dedicated on-chip structure called themicro-op cache. This work presents an in-depth characterization study of the micro-op cache, reverse-engineering many undocumented features, and further describes attacks that exploit the micro-op cache as a timing channel to transmit secret information.

https://www.cs.virginia.edu/~av6ds/papers/isca2021a.pdf

#uops #intel #amd #arm #study #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

GitHub repository for Sedgewick's Algorithms is taken down

https://github.com/kevin-wayne/algs4

#sedgewick #algorithms #takedown #dmca #github
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Facebook Pushes Ahead with Plans for Full End-to-End Encryption of its Messaging Tools

Despite ongoing concerns about the proposal among various authorities, Facebook is pushing ahead with its plan to implement full end-to-end encryption by default within all of its messaging tools.

Within an overview of a recent virtual workshop Facebook held with experts in privacy, safety, human rights and consumer protection, the company noted that:

"We’re working hard to bring default end-to-end encryption to all of our messaging services. This will protect people’s private messages and mean only the sender and recipient, not even us, can access their messages. While we expect to make more progress on default end-to-end encryption for Messenger and Instagram Direct this year, it’s a long-term project and we won’t be fully end-to-end encrypted until sometime in 2022 at the earliest."


The news of Facebook's continued work on this front will please privacy advocates - but as noted, various authorities have raised significant concerns with the plan, with respect to how such a process could be used to hide criminal activity, with no way for authorities to track such exchanges.

https://telegra.ph/Facebook-Pushes-Ahead-with-Plans-for-Full-End-to-End-Encryption-of-its-Messaging-Tools-05-01

via www.socialmediatoday.com

#facebook #DeleteFacebook #encryption #messaging
📡 @nogoolag 📡 @blackbox_archiv

The Hitchhiker’s Guide to Python!

Greetings, Earthling! Welcome to The Hitchhiker’s Guide to Python.

This is a living, breathing guide. If you’d like to contribute, fork us on GitHub!

This handcrafted guide exists to provide both novice and expert Python developers a best practice handbook for the installation, configuration, and usage of Python on a daily basis.

This guide is opinionated in a way that is almost, but not quite, entirely unlike Python’s official documentation. You won’t find a list of every Python web framework available here. Rather, you’ll find a nice concise list of highly recommended options.

https://docs.python-guide.org/

https://github.com/realpython/python-guide

#python #guide #handbook
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Bringing Online Gaming to the Game Boy

In this video I will show you how I connected the Game Boy Tetris to the internet!

https://www.youtube.com/watch?v=KtHu693wE9o

#online #gaming #gameboy #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
📽@NoGoolag

German police shut down major darknet child pornography platform

After months of investigation, German police have busted the "Boystown" child sex abuse platform with over 400,000 members. Four German men have been arrested.

Authorities in Germany managed to take down one of the world's biggest child sex abuse platforms following a large-scale investigation which led to several arrests in mid-April, a police statement confirmed on Monday.

The platform "Boystown" was active since at least June 2019 and had a membership of over 400,000. It was only accessible via the so-called darknet.

https://www.dw.com/en/german-police-shut-down-major-darknet-child-pornography-platform/a-57408253

#childporn #germany #police #darknet #boystown #bust
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
📽@NoGoolag

New Variant of Buer Loader Written in Rust

Overview

Proofpoint researchers identified a new variant of the Buer malware loader distributed via emails masquerading as shipping notices in early April. Buer is a downloader sold on underground marketplaces that is used as a foothold in compromised networks to distribute other malware, including ransomware. Proofpoint first observed Buer in 2019.

In the associated campaigns, the emails purported to be from DHL Support. They contained a link to a malicious Microsoft Word or Excel document download that used macros to drop the new malware variant. Proofpoint is calling this new variant RustyBuer. The emails impacted over 200 organizations across more than 50 verticals. The new strain is completely rewritten in a coding language called Rust, a departure from the previous C programming language. It is unusual to see common malware written in a completely different way.

https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust

https://thehackernews.com/2021/05/a-new-buer-malware-variant-has-been.html

#buer #malware #loader #rust
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Facebook and Instagram overlays in iOS stoke fears about apps being free of charge

Through grinding teeth, the social media market leader is implementing iOS 14's new privacy requirements. But it can't refrain from a warning finger in the process.

Facebook originally intended to use "educational screens" to reveal details about data usage. Now they seem to be part of a scaremongering campaign. The message: help keep Facebook and Instagram free, and give us access to your data! The hints seem to be a new way to fight back against Apple's tracking protection in iOS 14.5. Meanwhile, the company is enjoying great business, turning over $26.2 billion between January and March alone. The company had already announced that it will expect users to read page-long data protection declarations.

#facebook #DeleteFacebook #instagram #overlays #ios #ad #tracking
📡 @nogoolag 📡 @blackbox_archiv

Statement from Governor Andrew M. Cuomo on Telecom Companies Fighting Against New York's Groundbreaking Law Requiring Providers to Offer Affordable Internet for Low-income New Yorkers

"COVID hasn't only threatened the health and well-being of New Yorkers, but it exposed the many injustices preventing millions of people from building a prosperous life. Now more than ever, it's critical we break down these barriers and ensure every New Yorker is able to take part in our post-COVID recovery.

"The fact is, this is the 21st century and whether you point to remote education, telecommuting, telehealth or otherwise, broadband holds great power. Simply put — it's become an essential service and that's why it was so important to ensure affordable internet was available for low-income New Yorkers.

"I knew giant telecom companies would be upset by our efforts to level the playing field, and right on cue, they're pushing back. This is nothing more than a transparent attempt by billion-dollar corporations putting profit ahead of creating a more fair and just society.

"Let me be abundantly clear — providing internet in the Empire State is not a god given right. If these companies want to pick this fight, impede the ability of millions of New Yorkers to access this essential service and prevent them from participating in our economic recovery, I say bring it on."

https://www.governor.ny.gov/news/statement-governor-andrew-m-cuomo-telecom-companies-fighting-against-new-yorks-groundbreaking

https://storage.courtlistener.com/recap/gov.uscourts.nyed.463483/gov.uscourts.nyed.463483.1.0.pdf

https://www.governor.ny.gov/news/governor-cuomo-signs-legislation-establishing-first-nation-program-provide-affordable-internet

#usa #ny #gov #legislation #telecom #companies #affordable #internet
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

What is the point of code review?

Most software engineers have strong feelings about code review. Almost everyone would agree that it’s a best practice when working on a team, but it can also be a burden and a source of disagreements.

Too often discussions about code review focus on how to do it without stopping to ask why we do it. The process gets in the way of the purpose, and we forget why we do code review in the first place.

Whether you’re doing over-the-shoulder reviews, GitHub Pull Requests, or mailing diffs, a good code review process should achieve two things:

1.) Share knowledge
2.) Reach consensus

https://medium.com/codeapprove/what-is-the-point-of-code-review-f8df8cffc26b

#code #review #comment #knowledge #consensus
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Security and Privacy Risks of Number Recycling at Mobile Carriers in the United States

35 million phone numbers are disconnected in the U.S. every year. Standard industry practice is to reassign those numbers to other subscribers. But this leads to many types of security and privacy risks, which our study analyzes rigorously.

https://recyclednumbers.cs.princeton.edu/assets/recycled-numbers-latest.pdf

https://recyclednumbers.cs.princeton.edu/

#security #privacy #phone #number #recycling #usa #mobile #carriers #pdf
📡 @nogoolag 📡 @blackbox_archiv

Your Car Is Spying on You, and a CBP Contract Shows the Risks

A “vehicle forensics kit” can reveal where you’ve driven, what doors you opened, and who your friends are.

U.S. Customs and Border Protection purchased technology that vacuums up reams of personal information stored inside cars, according to a federal contract reviewed by The Intercept, illustrating the serious risks in connecting your vehicle and your smartphone.

The contract, shared with The Intercept by Latinx advocacy organization Mijente, shows that CBP paid Swedish data extraction firm MSAB $456,073 for a bundle of hardware including five iVe “vehicle forensics kits” manufactured by Berla, an American company. A related document indicates that CBP believed the kit would be “critical in CBP investigations as it can provide evidence [not only] regarding the vehicle’s use, but also information obtained through mobile devices paired with the infotainment system.” The document went on to say that iVe was the only tool available for purchase that could tap into such systems.

According to statements by Berla’s own founder, part of the draw of vacuuming data out of cars is that so many drivers are oblivious to the fact that their cars are generating so much data in the first place, often including extremely sensitive information inadvertently synced from smartphones.

Indeed, MSAB marketing materials promise cops access to a vast array of sensitive personal information quietly stored in the infotainment consoles and various other computers used by modern vehicles — a tapestry of personal details akin to what CBP might get when cracking into one’s personal phone. MSAB claims that this data can include “Recent destinations, favorite locations, call logs, contact lists, SMS messages, emails, pictures, videos, social media feeds, and the navigation history of everywhere the vehicle has been.” MSAB even touts the ability to retrieve deleted data, divine “future plan[s],” and “Identify known associates and establish communication patterns between them.”

https://theintercept.com/2021/05/03/car-surveillance-berla-msab-cbp/

#car #surveillance #forensic #cbp
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Then a Hacker Began Posting Patients’ Deepest Secrets Online

A family-run psychotherapy startup grew into a health care giant. It was a huge success—until the data breach and the anonymous ransom notes sent to clients.

Jere woke up on the morning of October 24, 2020, expecting what Finnish college students call normi päivä, an ordinary day. It was a Saturday, and he’d slept in. The night before, he had gone drinking by the beach with some friends. They’d sipped cheap apple liqueur, listened to Billie Eilish on his boom box. Now Jere (pronounced “yeh-reh”) needed to clear his head. He was supposed to spend this gray fall day on campus, finishing a group physics project about solar energy. The 22-year-old took a walk around the lake near his apartment outside Helsinki. Then, feeling somewhat refreshed, he jumped on the bus.

The day went quickly. Jere caught up with his friends, many of whom he hadn’t seen since the pandemic began. They chatted about their Christmas plans, ordered pizzas from a favorite local spot, and knuckled down to work in the cafeteria.

At around 4 pm, Jere checked Snapchat. An email notification popped up on his screen. His hands began to shake. The subject line included his full name, his social security number, and the name of a clinic where he’d gotten mental health treatment as a teenager: Vastaamo. He didn’t recognize the sender, but he knew what the email said before he opened it.

https://www.wired.com/story/vastaamo-psychotherapy-patients-hack-data-breach/

https://www.wired.com/story/hacker-threaten-release-therapy-notes-patients/

#psychotherapy #patients #hack #data #breach #hacker #ransom #notes
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

The Instagram ads Facebook won't show you

Companies like Facebook aren’t building technology for you, they’re building technology for your data. They collect everything they can from FB, Instagram, and WhatsApp in order to sell visibility into people and their lives.

This isn’t exactly a secret, but the full picture is hazy to most – dimly concealed within complex, opaquely-rendered systems and fine print designed to be scrolled past. The way most of the internet works today would be considered intolerable if translated into comprehensible real world analogs, but it endures because it is invisible.

https://signal.org/blog/the-instagram-ads-you-will-never-see/

#signal #instagram #facebook #DeleteFacebook #ads #data #thinkabout
📡 @nogoolag 📡 @blackbox_archiv

Hacking the Nintendo Game & Watch

Your princess is AES encrypted in another castle

In contrast to the other Nintendo classic consoles (NES & SNES), Nintendo upped their game this time: A locked processor, AES-CTR encrypted flash & co. made it significantly harder to hack it, but in the end it was still hacked - one day before release.

This talk walks through the whole process of opening it up, exploiting the firmware up to bringing homebrew to a new console - in a fun, beginner friendly way.

https://media.ccc.de/v/rc3-11527-hacking_the_nintendo_game_watch

⚠️ This Talk was translated into multiple languages (DE / EN). The files available for download contain all languages as separate audio-tracks.

#ccc #rc3 #hacking #nintendo #game #watch #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
📽@NoGoolag