Elliptic Follows the Bitcoin Ransoms Paid by Colonial Pipeline and Other DarkSide Ransomware Victims
Elliptic has identified the Bitcoin wallet used by the DarkSide ransomware group to receive ransom payments from its victims, based on our intelligence collection and analysis of blockchain transactions. This wallet received the 75 BTC payment made by Colonial Pipeline on May 8, following the crippling cyberattack on its operations - leading to widespread fuel shortages in the US.
The wallet has been active since 4th March 2021 and has received 57 payments from 21 different wallets. Some of these payments directly match ransoms known to have been paid to DarkSide by other victims, such as 78.29 BTC (worth $4.4 million) sent by chemical distribution company Brenntag on May 11.
In total, the DarkSide wallet has received Bitcoin transactions since March with a total value of $17.5 million. Ransoms associated with previous attacks were paid to other wallets.
๐กWhere is Darkside sending the bitcoins?
We can also use blockchain analysis to follow the money trail and determine where DarkSide is sending its ransomware proceeds, to launder them or convert them to cash.
It has been reported within the past hours that DarkSide itself has ceased operations and has had its funds seized - and indeed their wallet was emptied of the $5 million in Bitcoin it contained on Thursday afternoon.
But by tracing previous outflows from the wallet, we can gain insights into how DarkSide and its affiliates were laundering their previous proceeds. What we find is that 18% of the Bitcoin was sent to a small group of exchanges. This information will provide law enforcement with critical leads to identify the perpetrators of these attacks.
https://www.elliptic.co/blog/elliptic-follows-bitcoin-ransoms-paid-by-darkside-ransomware-victims
#darkside #ransomware #servers #bitcoin #seized
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Elliptic has identified the Bitcoin wallet used by the DarkSide ransomware group to receive ransom payments from its victims, based on our intelligence collection and analysis of blockchain transactions. This wallet received the 75 BTC payment made by Colonial Pipeline on May 8, following the crippling cyberattack on its operations - leading to widespread fuel shortages in the US.
The wallet has been active since 4th March 2021 and has received 57 payments from 21 different wallets. Some of these payments directly match ransoms known to have been paid to DarkSide by other victims, such as 78.29 BTC (worth $4.4 million) sent by chemical distribution company Brenntag on May 11.
In total, the DarkSide wallet has received Bitcoin transactions since March with a total value of $17.5 million. Ransoms associated with previous attacks were paid to other wallets.
๐กWhere is Darkside sending the bitcoins?
We can also use blockchain analysis to follow the money trail and determine where DarkSide is sending its ransomware proceeds, to launder them or convert them to cash.
It has been reported within the past hours that DarkSide itself has ceased operations and has had its funds seized - and indeed their wallet was emptied of the $5 million in Bitcoin it contained on Thursday afternoon.
But by tracing previous outflows from the wallet, we can gain insights into how DarkSide and its affiliates were laundering their previous proceeds. What we find is that 18% of the Bitcoin was sent to a small group of exchanges. This information will provide law enforcement with critical leads to identify the perpetrators of these attacks.
https://www.elliptic.co/blog/elliptic-follows-bitcoin-ransoms-paid-by-darkside-ransomware-victims
#darkside #ransomware #servers #bitcoin #seized
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
www.elliptic.co
Elliptic Follows Bitcoin Ransoms Paid by Ransomware Victims
Elliptic identifies the DarkSide Bitcoin wallet used to collect ransomware payments from Colonial Pipeline and other victims - and follows the money
Counter-Strike Global Offsets: reliable remote code execution
One of the factors contributing to Counter-Strike Global Offensiveโs (herein โCS:GOโ) massive popularity is the ability for anyone to host their own community server. These community servers are free to download and install and allow for a high grade of customization. Server administrators can create and utilize custom assets such as maps, allowing for innovative game modes.
However, this design choice opens up a large attack surface. Players can connect to potentially malicious servers, exchanging complex game messages and binary assets such as textures.
Weโve managed to find and exploit two bugs that, when combined, lead to reliable remote code execution on a playerโs machine when connecting to our malicious server. The first bug is an information leak that enabled us to break ASLR in the clientโs game process. The second bug is an out-of-bounds access of a global array in the .data section of one of the gameโs loaded modules, leading to control over the instruction pointer.
โผ๏ธ For educational purposes only
https://secret.club/2021/05/13/source-engine-rce-join.html
#educational #rce #cs #go
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
One of the factors contributing to Counter-Strike Global Offensiveโs (herein โCS:GOโ) massive popularity is the ability for anyone to host their own community server. These community servers are free to download and install and allow for a high grade of customization. Server administrators can create and utilize custom assets such as maps, allowing for innovative game modes.
However, this design choice opens up a large attack surface. Players can connect to potentially malicious servers, exchanging complex game messages and binary assets such as textures.
Weโve managed to find and exploit two bugs that, when combined, lead to reliable remote code execution on a playerโs machine when connecting to our malicious server. The first bug is an information leak that enabled us to break ASLR in the clientโs game process. The second bug is an out-of-bounds access of a global array in the .data section of one of the gameโs loaded modules, leading to control over the instruction pointer.
โผ๏ธ For educational purposes only
https://secret.club/2021/05/13/source-engine-rce-join.html
#educational #rce #cs #go
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
secret club
Counter-Strike Global Offsets: reliable remote code execution
One of the factors contributing to Counter-Strike Global Offensiveโs (herein โCS:GOโ) massive popularity is the ability for anyone to host their own community server. These community servers are free to download and install and allow for a high grade of customization.โฆ
Bitcoin Core integration/staging tree
For an immediately usable, binary version of the Bitcoin Core software, see https://bitcoincore.org/en/download/.
Further information about Bitcoin Core is available in the doc folder.
https://github.com/bitcoin/bitcoin
#bitcoin #integration #staging #tree
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
For an immediately usable, binary version of the Bitcoin Core software, see https://bitcoincore.org/en/download/.
Further information about Bitcoin Core is available in the doc folder.
https://github.com/bitcoin/bitcoin
#bitcoin #integration #staging #tree
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Bitcoin Core
Download - Bitcoin
2105.02274.pdf
713.4 KB
Rethinking Search: Making Experts out of Dilettantes
When experiencing an information need, users want to engage with an expert, but often turn to an information retrieval system, such as a search engine, instead. Classical information retrieval systems do not answer information needs directly, but instead provide references to (hopefully authoritative) answers. Successful question answering systems offer a limited corpus created on-demand by human experts, which is neither timely nor scalable.
https://arxiv.org/pdf/2105.02274.pdf
#google #search #research #pdf
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
When experiencing an information need, users want to engage with an expert, but often turn to an information retrieval system, such as a search engine, instead. Classical information retrieval systems do not answer information needs directly, but instead provide references to (hopefully authoritative) answers. Successful question answering systems offer a limited corpus created on-demand by human experts, which is neither timely nor scalable.
https://arxiv.org/pdf/2105.02274.pdf
#google #search #research #pdf
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Edaqa's Secret Sharing
Use this tool to allow friends, colleagues, and loved ones, gain access to your systems in case of an emergency. It allows you to break a secret into parts, and if enough recipients agree to combine their parts, the initial secret can be recovered.
https://edaqa.com/edaqas-secrets.html
#edaqa #decryption #encryption #secret
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Use this tool to allow friends, colleagues, and loved ones, gain access to your systems in case of an emergency. It allows you to break a secret into parts, and if enough recipients agree to combine their parts, the initial secret can be recovered.
https://edaqa.com/edaqas-secrets.html
#edaqa #decryption #encryption #secret
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
The app that lets you pay to control another person's life
How would you feel about being able to pay to control multiple aspects of another person's life? A new app is offering you the chance to do just that.
When writer Brandon Wong recently couldn't decide what takeaway to order one evening, he asked his followers on social media app NewNew to choose for him.
Those that wanted to get involved in the 24-year-old's dinner dilemma paid $5 (ยฃ3.50) to vote in a poll, and the majority verdict was that he should go for Korean food, so that was what he bought.
"I couldn't decide between Chinese or Korean, so it was very helpful," says Mr Wong, who lives in Edmonton, Canada. "I have also used NewNew polls to decide what clothes I should wear that day, and lots of other personal stuff.
"I joined back in March, and I post [polls] three or four times a week. I've now had more than 1,700 total votes."
NewNew is the brainchild of Los Angeles-based entrepreneur Courtne Smith. The app, which is still in its "beta" or pre-full release stage, describes itself as "a human stock market where you buy shares in the lives of real people, in order to control their decisions and watch the outcome".
https://www.bbc.com/news/business-57085557
#newnew #app #control #live
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
How would you feel about being able to pay to control multiple aspects of another person's life? A new app is offering you the chance to do just that.
When writer Brandon Wong recently couldn't decide what takeaway to order one evening, he asked his followers on social media app NewNew to choose for him.
Those that wanted to get involved in the 24-year-old's dinner dilemma paid $5 (ยฃ3.50) to vote in a poll, and the majority verdict was that he should go for Korean food, so that was what he bought.
"I couldn't decide between Chinese or Korean, so it was very helpful," says Mr Wong, who lives in Edmonton, Canada. "I have also used NewNew polls to decide what clothes I should wear that day, and lots of other personal stuff.
"I joined back in March, and I post [polls] three or four times a week. I've now had more than 1,700 total votes."
NewNew is the brainchild of Los Angeles-based entrepreneur Courtne Smith. The app, which is still in its "beta" or pre-full release stage, describes itself as "a human stock market where you buy shares in the lives of real people, in order to control their decisions and watch the outcome".
https://www.bbc.com/news/business-57085557
#newnew #app #control #live
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
BBC News
The app that lets you pay to control another person's life
NewNew aims to connect artists with their fans who can vote on aspects of their work and daily life.
Major Privacy Breach as Eufy Security Camera Owners Report Seeing Other Users' Video Feeds
Owners of Eufy home security cameras are this morning reporting seeing live and recorded feeds show up in the Eufy app from other users' cameras, in what appears to be a disturbing breach of privacy and a major malfunctioning of the company's service.
As with many connected domestic security cameras, Eufy cameras offer users the ability to view real-time and recorded streams of video feeds from the devices set up in and around the home. However, many Eufy owners are reporting seeing video feeds from cameras that are clearly not their own, while some users are claiming they are even able to pan and zoom strangers' cameras.
Eufy users on Monday took to Reddit to express their disbelief:
https://www.reddit.com/r/EufyCam/comments/nebii3/i_am_seeing_someone_elses_security_camera_feeds/
https://www.macrumors.com/2021/05/17/eufy-camera-users-security-breach/
#eufy #breach #privacy #security #camera
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Owners of Eufy home security cameras are this morning reporting seeing live and recorded feeds show up in the Eufy app from other users' cameras, in what appears to be a disturbing breach of privacy and a major malfunctioning of the company's service.
As with many connected domestic security cameras, Eufy cameras offer users the ability to view real-time and recorded streams of video feeds from the devices set up in and around the home. However, many Eufy owners are reporting seeing video feeds from cameras that are clearly not their own, while some users are claiming they are even able to pan and zoom strangers' cameras.
Eufy users on Monday took to Reddit to express their disbelief:
https://www.reddit.com/r/EufyCam/comments/nebii3/i_am_seeing_someone_elses_security_camera_feeds/
https://www.macrumors.com/2021/05/17/eufy-camera-users-security-breach/
#eufy #breach #privacy #security #camera
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Reddit
From the EufyCam community on Reddit: I am seeing someone else's security camera feeds on my phone
Explore this post and more from the EufyCam community
Amazon's Sidewalk Network Is Turned On by Default. Here's How to Turn It Off
The company's Sidewalk mesh network goes live June 8. The good news is that you can turn it off.
Last week, Amazon said it would turn on Sidewalk, its mesh network that uses Bluetooth and 900MHz radio signals to communicate between devices, on June 8. I imagine that most people, even those who bought an Echo smart speaker in the past few years, have no idea what Sidewalk is.
I suspect most of those people would be even more surprised to know that it's turned on by default on every one of their devices. I'll get to that part in just a minute.
First, let's talk about Sidewalk. The idea behind is actually really smart--make it possible for smart home devices to serve as a sort of bridge between your WiFi connection and one another. That way, if your Ring doorbell, for example, isn't located close to your WiFi router, but it happens to near an Echo Dot, it can use Sidewalk to stay connected.
The same is true if your internet connection is down. Your smart devices can connect to other smart devices, even if they aren't in your home. The big news on this front is that Tile is joining the Sidewalk network on June 14. That means that if you lose a Tile tracker, it can connect to any of the millions of Echo or Ring devices in your neighborhood and send its location back to you.
That's definitely a nice benefit, but it's also where things get a little murky from a privacy standpoint. That's because other people's devices, like your neighbor's, can also connect to your network.
Amazon is pretty clear that Sidewalk uses three layers of encryption so that no data is shared between say, someone's Tile tracker and your network. The signal from the Tile is encrypted all the way back to the Tile app on your iPhone or Android smartphone.
Still, a feature like this seems like the type of thing you'd want some control over. If suddenly my devices are going to start connecting to my neighbor's WiFi, or theirs to mine, it seems like you'd have to opt-in, right?
Nope.
https://www.inc.com/jason-aten/amazons-sidewalk-network-is-turned-on-by-default-heres-how-to-turn-it-off.html
#amazon #DeleteAmazon #sidewalk #network
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
The company's Sidewalk mesh network goes live June 8. The good news is that you can turn it off.
Last week, Amazon said it would turn on Sidewalk, its mesh network that uses Bluetooth and 900MHz radio signals to communicate between devices, on June 8. I imagine that most people, even those who bought an Echo smart speaker in the past few years, have no idea what Sidewalk is.
I suspect most of those people would be even more surprised to know that it's turned on by default on every one of their devices. I'll get to that part in just a minute.
First, let's talk about Sidewalk. The idea behind is actually really smart--make it possible for smart home devices to serve as a sort of bridge between your WiFi connection and one another. That way, if your Ring doorbell, for example, isn't located close to your WiFi router, but it happens to near an Echo Dot, it can use Sidewalk to stay connected.
The same is true if your internet connection is down. Your smart devices can connect to other smart devices, even if they aren't in your home. The big news on this front is that Tile is joining the Sidewalk network on June 14. That means that if you lose a Tile tracker, it can connect to any of the millions of Echo or Ring devices in your neighborhood and send its location back to you.
That's definitely a nice benefit, but it's also where things get a little murky from a privacy standpoint. That's because other people's devices, like your neighbor's, can also connect to your network.
Amazon is pretty clear that Sidewalk uses three layers of encryption so that no data is shared between say, someone's Tile tracker and your network. The signal from the Tile is encrypted all the way back to the Tile app on your iPhone or Android smartphone.
Still, a feature like this seems like the type of thing you'd want some control over. If suddenly my devices are going to start connecting to my neighbor's WiFi, or theirs to mine, it seems like you'd have to opt-in, right?
Nope.
https://www.inc.com/jason-aten/amazons-sidewalk-network-is-turned-on-by-default-heres-how-to-turn-it-off.html
#amazon #DeleteAmazon #sidewalk #network
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Inc.com
Amazon's Massive Tracking Network Is Turned On By Default. Here's How to Turn It Off
The company's Sidewalk mesh network goes live June 8. The good news is that you can turn it off.
This media is not supported in your browser
VIEW IN TELEGRAM
The worldยดs most dangerous USB-Cable - O.MG Cable - The New Batch
โผ๏ธ For educational purposes only
https://www.youtube.com/watch?v=Y1xzkHOWFkA
#educational #usb #cable #hak5 #video
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
โผ๏ธ For educational purposes only
https://www.youtube.com/watch?v=Y1xzkHOWFkA
#educational #usb #cable #hak5 #video
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Season 2, Episode 1, An Epiphany on a Train
TikTok Started With a Tech Guy From China Who Decoded Americaโs Teens
Foundering, a podcast from Bloomberg Technology, tells the story of TikTok.
https://www.bloomberg.com/news/articles/2021-04-22/when-tiktok-started-a-tech-guy-from-china-decoded-america-s-teens
#tiktok #DeleteTikTok #podcast #bloomberg
๐@cRyPtHoN_INFOSEC_FR
๐@cRyPtHoN_INFOSEC_EN
๐@cRyPtHoN_INFOSEC_DE
๐@BlackBox_Archiv
Foundering, a podcast from Bloomberg Technology, tells the story of TikTok.
https://www.bloomberg.com/news/articles/2021-04-22/when-tiktok-started-a-tech-guy-from-china-decoded-america-s-teens
#tiktok #DeleteTikTok #podcast #bloomberg
๐@cRyPtHoN_INFOSEC_FR
๐@cRyPtHoN_INFOSEC_EN
๐@cRyPtHoN_INFOSEC_DE
๐@BlackBox_Archiv
Insider Q&A: Sophie Zhang, Facebook whistleblower
Sophie Zhang worked as a Facebook data scientist for nearly three years before was she fired in the fall of 2020. On her final day, she posted a 7,800-word memo to the companyโs internal forum โ such farewell notes, if not the length, are a common practice for departing employees. In the memo, first published by Buzzfeed, she outlined evidence that governments in countries like Azerbaijan and Honduras were using fake accounts to influence the public. Elsewhere, such as India and Ecuador, Zhang found coordinated activity intended to manipulate public opinion, although it wasnโt clear who was behind it. Facebook, she said, didnโt take her findings seriously.
Zhangโs experience led her to a stark conclusion: โI have blood on my hands.โ
Facebook has not disputed the facts of Zhangโs story but has sought to diminish the importance of her findings.
โWe fundamentally disagree with Ms. Zhangโs characterization of our priorities and efforts to root out abuse on our platform,โ Facebook said in a statement. โAs part of our crackdown against this kind of abuse, we have specialized teams focused on this work and have already taken down more than 150 networks of coordinated inauthentic behavior. Around half of them were domestic networks that operated in Latin America, the Middle East, North Africa, and in the Asia Pacific region.โ
This interview has been edited for length and clarity.
https://apnews.com/article/europe-science-technology-business-6df84710d91b491d97eb98cde5432dc7
#facebook #DeleteFacebook #whistleblower #interview
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Sophie Zhang worked as a Facebook data scientist for nearly three years before was she fired in the fall of 2020. On her final day, she posted a 7,800-word memo to the companyโs internal forum โ such farewell notes, if not the length, are a common practice for departing employees. In the memo, first published by Buzzfeed, she outlined evidence that governments in countries like Azerbaijan and Honduras were using fake accounts to influence the public. Elsewhere, such as India and Ecuador, Zhang found coordinated activity intended to manipulate public opinion, although it wasnโt clear who was behind it. Facebook, she said, didnโt take her findings seriously.
Zhangโs experience led her to a stark conclusion: โI have blood on my hands.โ
Facebook has not disputed the facts of Zhangโs story but has sought to diminish the importance of her findings.
โWe fundamentally disagree with Ms. Zhangโs characterization of our priorities and efforts to root out abuse on our platform,โ Facebook said in a statement. โAs part of our crackdown against this kind of abuse, we have specialized teams focused on this work and have already taken down more than 150 networks of coordinated inauthentic behavior. Around half of them were domestic networks that operated in Latin America, the Middle East, North Africa, and in the Asia Pacific region.โ
This interview has been edited for length and clarity.
https://apnews.com/article/europe-science-technology-business-6df84710d91b491d97eb98cde5432dc7
#facebook #DeleteFacebook #whistleblower #interview
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
AP NEWS
Insider Q&A: Sophie Zhang, Facebook whistleblower
Sophie Zhang worked as a Facebook data scientist for nearly three years before was she fired in the fall of 2020. On her final day, she posted a 7,800-word memo to the companyโs internal forum โ such farewell notes, if not the length, are a common practiceโฆ
Telemetry Debate Rocks Audacity Community in Open Source Dustup
Starting an open source project is easy: write some code, pick a compatible license, and push it up to GitHub. Extra points awarded if you came up with a clever logo and remembered to actually document what the project is supposed to do. But maintaining a large open source project and keeping its community happy while continuing to evolve and stay on the cutting edge is another story entirely.
Just ask the maintainers of Audacity. The GPLv2 licensed multi-platform audio editor has been providing a powerful and easy to use set of tools for amateurs and professionals alike since 1999, and is used daily byโฆwell, itโs hard to say. Millions, tens of millions? Nobody really knows how many people are using this particular tool and on what platforms, so itโs not hard to see why a pull request was recently proposed which would bake analytics into the software in an effort to start answering some of these core questions.
https://hackaday.com/2021/05/17/telemetry-debate-rocks-audacity-community-in-open-source-dustup/
#telemetry #audacity #community #opensource #muse
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Starting an open source project is easy: write some code, pick a compatible license, and push it up to GitHub. Extra points awarded if you came up with a clever logo and remembered to actually document what the project is supposed to do. But maintaining a large open source project and keeping its community happy while continuing to evolve and stay on the cutting edge is another story entirely.
Just ask the maintainers of Audacity. The GPLv2 licensed multi-platform audio editor has been providing a powerful and easy to use set of tools for amateurs and professionals alike since 1999, and is used daily byโฆwell, itโs hard to say. Millions, tens of millions? Nobody really knows how many people are using this particular tool and on what platforms, so itโs not hard to see why a pull request was recently proposed which would bake analytics into the software in an effort to start answering some of these core questions.
https://hackaday.com/2021/05/17/telemetry-debate-rocks-audacity-community-in-open-source-dustup/
#telemetry #audacity #community #opensource #muse
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Hackaday
Telemetry Debate Rocks Audacity Community In Open Source Dustup
Starting an open source project is easy: write some code, pick a compatible license, and push it up to GitHub. Extra points awarded if you came up with a clever logo and remembered to actually docuโฆ
Ad block shouldn't break your checkout
We've recently started a shop with some merchandise using TeeSpring. We wanted to try out selling merch as a strategy for monetizing our game Bela Online. And while TeeSpring enabled us to set up this very fast and it is a no-brainer in terms of how hands off it is, there are some issues. Some critical issues.
What happened? ๐ค
If your customer has an ad blocker enabled which blocks, well, ads, the whole checkout experience breaks. A friend of mine reported it today to me. He has uBlock Origin installed and when he clicks "Checkout" the site doesn't do anything. ๐ข
The experience just stops, and he couldn't go through with the order.
I've sent a report through a channel intended for reporting issues with your order, but I've also wanted to write this blog post as a cautionary tale for other developers.
uBlock Origin breaks things ๐ฟ
So, what is the root cause of this issue? If we look at the code that breaks:
https://ilakovac.com/teespring-ublock-issue/
#ublock #adblock #issues
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
We've recently started a shop with some merchandise using TeeSpring. We wanted to try out selling merch as a strategy for monetizing our game Bela Online. And while TeeSpring enabled us to set up this very fast and it is a no-brainer in terms of how hands off it is, there are some issues. Some critical issues.
What happened? ๐ค
If your customer has an ad blocker enabled which blocks, well, ads, the whole checkout experience breaks. A friend of mine reported it today to me. He has uBlock Origin installed and when he clicks "Checkout" the site doesn't do anything. ๐ข
The experience just stops, and he couldn't go through with the order.
I've sent a report through a channel intended for reporting issues with your order, but I've also wanted to write this blog post as a cautionary tale for other developers.
uBlock Origin breaks things ๐ฟ
So, what is the root cause of this issue? If we look at the code that breaks:
https://ilakovac.com/teespring-ublock-issue/
#ublock #adblock #issues
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Ilakovac
Ad block shouldn't break your checkout
TeeSpring's checkout doesn't work if you have ad block turned on
Introducing Site Isolation in Firefox
When two major vulnerabilities known as Meltdown and Spectre were disclosed by security researchers in early 2018, Firefox promptly added security mitigations to keep you safe. Going forward, however, it was clear that with the evolving techniques of malicious actors on the web, we needed to redesign Firefox to mitigate future variations of such vulnerabilities and to keep you safe when browsing the web!
We are excited to announce that Firefoxโ new Site Isolation architecture is coming together. This fundamental redesign of Firefoxโ Security architecture extends current security mechanisms by creating operating system process-level boundaries for all sites loaded in Firefox for Desktop. Isolating each site into a separate operating system process makes it even harder for malicious sites to read another siteโs secret or private data.
We are currently finalizing Firefoxโs Site Isolation feature by allowing a subset of users to benefit from this new security architecture on our Nightly and Beta channels and plan a roll out to more of our users later this year. If you are as excited about it as we are and would like to try it out, follow these steps:
๐ก To enable Site Isolation on Firefox Nightly:
1.) Navigate to about:preferences#experimental
2.) Check the โFission (Site Isolation)โ checkbox to enable.
3.) Restart Firefox.
๐ก To enable Site Isolation on Firefox Beta or Release:
1.) Navigate to about:config.
2.) Set
3.) Restart Firefox.
With this monumental change of secure browser design, users of Firefox Desktop benefit from protections against future variants of Spectre, resulting in an even safer browsing experience. If you arenโt a Firefox user yet, you can download the latest version here and if you want to know all the technical details about Firefoxโ new security architecture, you can read it here.
https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/
#ff #firefox #site #isolation
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
When two major vulnerabilities known as Meltdown and Spectre were disclosed by security researchers in early 2018, Firefox promptly added security mitigations to keep you safe. Going forward, however, it was clear that with the evolving techniques of malicious actors on the web, we needed to redesign Firefox to mitigate future variations of such vulnerabilities and to keep you safe when browsing the web!
We are excited to announce that Firefoxโ new Site Isolation architecture is coming together. This fundamental redesign of Firefoxโ Security architecture extends current security mechanisms by creating operating system process-level boundaries for all sites loaded in Firefox for Desktop. Isolating each site into a separate operating system process makes it even harder for malicious sites to read another siteโs secret or private data.
We are currently finalizing Firefoxโs Site Isolation feature by allowing a subset of users to benefit from this new security architecture on our Nightly and Beta channels and plan a roll out to more of our users later this year. If you are as excited about it as we are and would like to try it out, follow these steps:
๐ก To enable Site Isolation on Firefox Nightly:
1.) Navigate to about:preferences#experimental
2.) Check the โFission (Site Isolation)โ checkbox to enable.
3.) Restart Firefox.
๐ก To enable Site Isolation on Firefox Beta or Release:
1.) Navigate to about:config.
2.) Set
fission.autostart pref to true.3.) Restart Firefox.
With this monumental change of secure browser design, users of Firefox Desktop benefit from protections against future variants of Spectre, resulting in an even safer browsing experience. If you arenโt a Firefox user yet, you can download the latest version here and if you want to know all the technical details about Firefoxโ new security architecture, you can read it here.
https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/
#ff #firefox #site #isolation
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Mozilla Security Blog
Introducing Site Isolation in Firefox
With Site Isolation enabled on Firefox for Desktop, Mozilla takes its security guarantees to the next level.
Colonial Pipeline Hit by Network Outage Just Days After Hack Shutdown
NEW YORK (Reuters) - Colonial Pipeline is having network issues preventing shippers from planning upcoming shipments of fuel, the company said on Tuesday, just after the nation's biggest fuel pipeline reopened after a week-long ransomware attack.
The disruption was caused by efforts by the company to harden its system as it restores service following the cyberattack, Colonial said, and not the result of a reinfection of its network. It did not say when the issue would be fixed, but said it was still delivering products scheduled by shippers.
Last week's closure of the 5,500-mile (8,900-km) system was the most disruptive cyberattack on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast.
Colonial has been using its shipper nomination system to schedule batches of fuel deliveries to bring flows back to normal. A prolonged network outage could prevent shippers from adding to or making changes to deliveries - which would hamper delivery across the U.S. southeast and east coasts just after the line reopened.
After the ransomware attack forced Colonial to shut its entire network, thousands of gas stations across the U.S. southeast ran out of fuel. Motorists fearing prolonged shortages raced to fill up their cars.
Colonial's shipping nomination system is operated by a third party, privately-held Transport4, or T4, which handles similar logistics for other pipeline companies. T4 could not say when the issue would be fixed, and did not comment on whether its systems for other pipelines were affected.
https://money.usnews.com/investing/news/articles/2021-05-18/colonial-pipeline-nomination-system-shut-tuesday-market-sources
https://twitter.com/IntelPointAlert/status/1394672389464670212
#colonial #pipeline #network #issues
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
NEW YORK (Reuters) - Colonial Pipeline is having network issues preventing shippers from planning upcoming shipments of fuel, the company said on Tuesday, just after the nation's biggest fuel pipeline reopened after a week-long ransomware attack.
The disruption was caused by efforts by the company to harden its system as it restores service following the cyberattack, Colonial said, and not the result of a reinfection of its network. It did not say when the issue would be fixed, but said it was still delivering products scheduled by shippers.
Last week's closure of the 5,500-mile (8,900-km) system was the most disruptive cyberattack on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast.
Colonial has been using its shipper nomination system to schedule batches of fuel deliveries to bring flows back to normal. A prolonged network outage could prevent shippers from adding to or making changes to deliveries - which would hamper delivery across the U.S. southeast and east coasts just after the line reopened.
After the ransomware attack forced Colonial to shut its entire network, thousands of gas stations across the U.S. southeast ran out of fuel. Motorists fearing prolonged shortages raced to fill up their cars.
Colonial's shipping nomination system is operated by a third party, privately-held Transport4, or T4, which handles similar logistics for other pipeline companies. T4 could not say when the issue would be fixed, and did not comment on whether its systems for other pipelines were affected.
https://money.usnews.com/investing/news/articles/2021-05-18/colonial-pipeline-nomination-system-shut-tuesday-market-sources
https://twitter.com/IntelPointAlert/status/1394672389464670212
#colonial #pipeline #network #issues
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
US News & World Report
Colonial Pipeline Hit by Brief Network Outage Amid Efforts to Harden System | Investing News | US News
US News is a recognized leader in college, grad school, hospital, mutual fund, and car rankings. Track elected officials, research health conditions, and find news you can use in politics, business, health, and education.
Media is too big
VIEW IN TELEGRAM
Hackers - 23 part -I - (1990) The KGB, the Computer and Me (Part 1)
What was it like to be a hacker back in the 80โs? 23 looks into the life of legendary hacker Karl Koch and his tragic end.
https://archive.org/details/Hackers_-_23_part_-I_-_
#hackers #movie #video
๐ฝ@cRyPtHoN_INFOSEC_FR
๐ฝ@cRyPtHoN_INFOSEC_EN
๐ฝ@cRyPtHoN_INFOSEC_DE
๐ฝ@BlackBox_Archiv
What was it like to be a hacker back in the 80โs? 23 looks into the life of legendary hacker Karl Koch and his tragic end.
https://archive.org/details/Hackers_-_23_part_-I_-_
#hackers #movie #video
๐ฝ@cRyPtHoN_INFOSEC_FR
๐ฝ@cRyPtHoN_INFOSEC_EN
๐ฝ@cRyPtHoN_INFOSEC_DE
๐ฝ@BlackBox_Archiv
Media is too big
VIEW IN TELEGRAM
Hackers - 23 part -II -(1998) Nothing is as it seems (Part 2)
What was it like to be a hacker back in the 80โs? 23 looks into the life of legendary hacker Karl Koch and his tragic end.
https://archive.org/details/Hackers_-_23_part_-II_-
#hackers #movie #video
๐ฝ@cRyPtHoN_INFOSEC_FR
๐ฝ@cRyPtHoN_INFOSEC_EN
๐ฝ@cRyPtHoN_INFOSEC_DE
๐ฝ@BlackBox_Archiv
What was it like to be a hacker back in the 80โs? 23 looks into the life of legendary hacker Karl Koch and his tragic end.
https://archive.org/details/Hackers_-_23_part_-II_-
#hackers #movie #video
๐ฝ@cRyPtHoN_INFOSEC_FR
๐ฝ@cRyPtHoN_INFOSEC_EN
๐ฝ@cRyPtHoN_INFOSEC_DE
๐ฝ@BlackBox_Archiv
Improving Firefox stability on Linux
Roughly a year ago at Mozilla we started an effort to improve Firefox stability on Linux. This effort quickly became an example of good synergies between FOSS projects.
Every time Firefox crashes, the user can send us a crash report which we use to analyze the problem and hopefully fix it:
https://hacks.mozilla.org/2021/05/improving-firefox-stability-on-linux/
#ff #firefox #stability #linux
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Roughly a year ago at Mozilla we started an effort to improve Firefox stability on Linux. This effort quickly became an example of good synergies between FOSS projects.
Every time Firefox crashes, the user can send us a crash report which we use to analyze the problem and hopefully fix it:
https://hacks.mozilla.org/2021/05/improving-firefox-stability-on-linux/
#ff #firefox #stability #linux
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Mozilla Hacks โ the Web developer blog
Improving Firefox stability on Linux
A year ago at Mozilla we started to improve Firefox stability on Linux. This effort quickly became an example of good synergies between FOSS.
Recycle Your Phone, Sure, But Maybe Not Your Number
Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating.
Even so, plenty of people willingly abandon a mobile number without considering the potential fallout to their digital identities when those digits invariably get reassigned to someone else. New research shows how fraudsters can abuse wireless provider websites to identify available, recycled mobile numbers that allow password resets at a range of email providers and financial services online.
Researchers in the computer science department at Princeton University say they sampled 259 phone numbers at two major wireless carriers, and found 171 of them were tied to existing accounts at popular websites, potentially allowing those accounts to be hijacked.
The Princeton team further found 100 of those 259 numbers were linked to leaked login credentials on the web, which could enable account hijackings that defeat SMS-based multi-factor authentication.
https://krebsonsecurity.com/2021/05/recycle-your-phone-sure-but-maybe-not-your-number/
๐ก read as well: (PDF)
Security and Privacy Risks of Number Recycling at Mobile Carriers in the United States
https://t.iss.one/BlackBox_Archiv/2135
#security #privacy #phone #number #recycling #usa #mobile #carriers #pdf
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating.
Even so, plenty of people willingly abandon a mobile number without considering the potential fallout to their digital identities when those digits invariably get reassigned to someone else. New research shows how fraudsters can abuse wireless provider websites to identify available, recycled mobile numbers that allow password resets at a range of email providers and financial services online.
Researchers in the computer science department at Princeton University say they sampled 259 phone numbers at two major wireless carriers, and found 171 of them were tied to existing accounts at popular websites, potentially allowing those accounts to be hijacked.
The Princeton team further found 100 of those 259 numbers were linked to leaked login credentials on the web, which could enable account hijackings that defeat SMS-based multi-factor authentication.
https://krebsonsecurity.com/2021/05/recycle-your-phone-sure-but-maybe-not-your-number/
๐ก read as well: (PDF)
Security and Privacy Risks of Number Recycling at Mobile Carriers in the United States
https://t.iss.one/BlackBox_Archiv/2135
#security #privacy #phone #number #recycling #usa #mobile #carriers #pdf
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Krebs on Security
Recycle Your Phone, Sure, But Maybe Not Your Number
Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to aโฆ
How Myanmar's military moved in on the telecoms sector to spy on citizens
In the months before the Myanmar military's Feb. 1 coup, the country's telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledge of the plan told Reuters.
The technology gives the military the power to listen in on calls, view text messages and web traffic including emails, and track the locations of users without the assistance of the telecom and internet firms, the sources said.
The directives are part of a sweeping effort by the army to deploy electronic surveillance systems and exert control over the internet with the aim of keeping tabs on political opponents, squashing protests and cutting off channels for any future dissent, they added.
Decision makers at the civilian Ministry of Transport and Communications that delivered the orders were ex-military officials, according to one industry executive with direct knowledge of the plans and another briefed on the matter.
"They presented it as coming from the civilian government, but we knew the army would have control and were told you could not refuse," the executive with direct knowledge said, adding that officials from the military-controlled Ministry of Home Affairs also sat in on the meetings.
More than a dozen people with knowledge of the intercept spyware used in Myanmar have been interviewed by Reuters. All asked to remain anonymous, citing fear of retribution from the military junta.
https://www.reuters.com/world/asia-pacific/how-myanmars-military-moved-telecoms-sector-spy-citizens-2021-05-18/
#myanmar #military #telecom #surveillance #internet #spyware
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
In the months before the Myanmar military's Feb. 1 coup, the country's telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledge of the plan told Reuters.
The technology gives the military the power to listen in on calls, view text messages and web traffic including emails, and track the locations of users without the assistance of the telecom and internet firms, the sources said.
The directives are part of a sweeping effort by the army to deploy electronic surveillance systems and exert control over the internet with the aim of keeping tabs on political opponents, squashing protests and cutting off channels for any future dissent, they added.
Decision makers at the civilian Ministry of Transport and Communications that delivered the orders were ex-military officials, according to one industry executive with direct knowledge of the plans and another briefed on the matter.
"They presented it as coming from the civilian government, but we knew the army would have control and were told you could not refuse," the executive with direct knowledge said, adding that officials from the military-controlled Ministry of Home Affairs also sat in on the meetings.
More than a dozen people with knowledge of the intercept spyware used in Myanmar have been interviewed by Reuters. All asked to remain anonymous, citing fear of retribution from the military junta.
https://www.reuters.com/world/asia-pacific/how-myanmars-military-moved-telecoms-sector-spy-citizens-2021-05-18/
#myanmar #military #telecom #surveillance #internet #spyware
๐ก@cRyPtHoN_INFOSEC_FR
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@BlackBox_Archiv
Reuters
Insight: How Myanmarโs military moved in on the telecoms sector to spy on citizens
In the months before the Myanmar military's Feb. 1 coup, the country's telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledgeโฆ