Marvin's Dream - (Maybe the first) children's story written and illustrated entirely by AI models

The only input given to the models: "Marvin the robot was depressed but well-loved by his robot, alien and animal friends."

https://www.youtube.com/watch?v=CeYyYM4XVOU

#ai #video
🎥 @cRyPtHoN_INFOSEC_FR
🎥 @cRyPtHoN_INFOSEC_EN
🎥 @cRyPtHoN_INFOSEC_DE
🎥 @BlackBox_Archiv

The Catalog of Carceral Surveillance: Exploring the Future of Incarceration Technology

Prison technology and telecom companies such as Securus and Global Tel*Link are already notorious for their ongoing efforts to extract every last penny and destroy any last shred of privacy afforded to incarcerated people. They have so far succeeded in their goals, operating in thousands of prisons in every state in the U.S. But they are not content to rest on their laurels.

Securus and GTL have spent the last several years inventing new and improved ways to extract money from incarcerated people, violate human rights, and surveil not only prisoners but their families, and friends.

Over the next two weeks we will be shedding light on some of the patents and technologies these companies have been working on, which either are already actively used or may soon be coming to prisons across the country.

https://www.eff.org/deeplinks/2021/09/uncovering-incarceration-tech-introducing-catalog-prison-surveillance

#incarceration #surveillance #prison #eff
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Groove ransomware group is threatening the Ukrainian Government - demanding they stop extraditing citizens to the United States or else they will begin extortion. They have named the price: $30,000,000

https://nitter.pussthecat.org/vxunderground/status/1435948304601321476

via Twitter

💡 Read as well: 👇🏽

How Groove Gang is Shaking up the Ransomware-as-a-Service Market to Empower Affiliates
https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/how-groove-gang-is-shaking-up-the-ransomware-as-a-service-market-to-empower-affiliates/

#groove #ransomware #ukraine
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Join CPJ at @skylineforhuman's event about #Pegasus #spyware, featuring CPJ's @sherifmnsour, @thewire_in's @svaradarajan, @accessnow's @marwasf & @GulfCentre4HR's @khalidibrahim12.

Tune in September 23 at 11 a.m. EDT/5 p.m. Madrid time/6 p.m. Mecca time.

https://nitter.pussthecat.org/pressfreedom/status/1436363587409399818

via Twitter

#pressfreedom #nso
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

KrebsOnSecurity.com was hit last night by the same IoT botnet that launched a record DDoS recently against Cloudflare. Mine was *only* 2 million requests per second. For context, the Mirai IoT attack in 2016 that knocked this site offline for days was ~450k requests per sec.

https://nitter.pussthecat.org/briankrebs/status/1436309299131789326

via Twitter

#KrebsOnSecurity #briankrebs #iot #botnet #ddos
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apple wins Epic antitrust suit

The antitrust suit was filed by Epic after Apple kicked popular video game Fortnite out of its App Store in August 2020.

A federal judge sided with Apple on Friday, finding that the iPhone-maker isn't violating antitrust law by imposing tight restrictions on app developers and charging a 30 percent commission for digital goods and services offered on its platforms.

The decision by U.S. District Judge Yvonne Gonzalez Rogers was a blow to Epic Games, the maker of the popular video game Fortnite, which had sought to ride a wave of anti-big tech sentiment with a suit targeting Apple's lucrative App Store.

However, Gonzalez Rogers found that Apple has been violating California state laws by writing contracts with developers that prohibit them from telling customers that cheaper options exist online outside the App Store. She ordered the company to eliminate those provisions.

https://www.politico.com/news/2021/09/10/apple-wins-antitrust-challenge-as-judge-rules-commissions-dont-violate-law-511142

💡 Read as well: 👇🏽

Judge Orders Apple to Loosen App Store Restrictions in Mixed Verdict
https://www.wsj.com/articles/apple-trial-ends-in-mixed-verdict-after-fortnite-makers-monopoly-allegations-11631289792

#apple #epic #antitrust
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

S.O.V.A. - A new Android Banking trojan with fowl intentions

Intro

In the beginning of August 2021, during our daily threat hunting, ThreatFabric researchers came across a new Android banking trojan. Based on the login panel of the C2 server, we could see that it was called S.O.V.A. by its own creators.

Sova is the Russian word for owl. This name was chosen by the threat actor himself/herself possibly because of owl’s nature as nocturnal birds of prey, quiet but efficient in stalking and capturing their victims. This identifies a completely new, to the best of our knowledge, Android banking trojan. The trojan is currently in development and testing phase, and has the objective to add to his overlay and keylogging mechanisms, other higly dangerous features like DDoS and Ransomware in future versions. There are a few interesting aspects that differentiate this trojan to already existing ones, both in features as well as in development.

S.O.V.A. contains features that are usually available in current Android malware, including:

Overlay attacks;
Keylogging;
Notification manipulation.

In addition, it stands out for a feature that is not as common in Android malware:

Session cookies theft

This functionality allows the criminals to have access to valid logged in sessions from the users without the need of knowing the banking credentials.

https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html

💡 Read as well: 👇🏽

This is the first S. O. V. A. / SOVA sample that I saw ITW...
https://nitter.pussthecat.org/malwrhunterteam/status/1436246552465616896

via Twitter

#sova #android #banking #trojan #fowl
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Opposition of Quad9 to the preliminary injunction of Sony Music

PDF (German)
https://torrentfreak.com/images/Quad9_opposition_redacted_DE_20210901_15d3f14e21.pdf

💡 Read as well: 👇🏽

Sony Wins Pirate Site Blocking Order Against DNS-Resolver Quad9 (Updated)
https://t.iss.one/BlackBox_Archiv/2325

#sony #copyright #pirate #site #blocking #dns #resolver #quad9 #cannapower
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Anonymous Global OPs | Operation Tinfoil | Operation LonelyWolf

Hello World, Hello Europe, Hello Germany, Hello Attila Hildmann,

Do you remember June 17, 2020? This ordinary Wednesday morning, was for you Attila Hildmann, anything but ordinary.

On this Wednesday morning, you had to painfully realize that in your chat group at Telegram, not only loyal followers were among the admins appointed by you, but also those who in retrospect should turn out to be your greatest enemies.

https://pastebin.com/Y81bjLpP

https://www.youtube.com/watch?v=Y7zNM8894g8

https://anonleaks.net/2021/optinfoil/attila-hildmann-the-final-chapter/

#anonymous #anonleaks #optinfoil #hildmann #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

The 7 most dangerous vulnerabilities in Android applications 2021

Android application vulnerabilities have become a problem because of Google Play’s open format, and also because users can sideload apps, removing any oversight regarding the safety of apps.

There are also updates and patches to the Android operating system. You can’t count on Android to update itself in a timely manner, because wireless carries control update schedules on all but Google’s Pixel devices.

Expert testing of Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in android apps. According to a report, Vulnerabilities and Threats are slightly more common in Android applications, compared to iOS counterparts(43% vs 38%). But the experts categorize this difference as minimal: the security level of apps is roughly equivalent between the two platforms.

Comprehensive security checks of a mobile application include a search for vulnerabilities in the client and server, as well as data transmission between them.

https://www.serage2020.com/2021/09/the-7-most-dangerous-vulnerabilities-in.html

#android #apk #vulnerabilities
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

SCOOP: a group of "hackers on steroids" gained access to a large dataset belonging to Epik, the web host of the Texas GOP website, Texas Right to Life website, and anti-abortion snitch website.

https://nitter.pussthecat.org/stevanzetti/status/1437482759241469958

via Twitter

#scoop #epik #gop
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Now is a good time to remind people that the Saudi government would not be spying on activists' phones with no-click 0-days without knowledge and approval of the Israeli government, who could put a stop to NSO Group's sales right now.

https://nitter.pussthecat.org/evacide/status/1437501716765626369#m

via Twitter

#saudi #spying #pegasus #nso
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike

Key Findings

-Discovered Linux & Windows re-implementation of Cobalt Strike Beacon written from scratch
-Linux malware is fully undetected by vendors
-Has IoC and technical overlaps with previously discovered Windows DLL files
-Highly targeted with victims including telecommunications, government and finance

Cobalt Strike is a popular red team tool for Windows which is also heavily used by threat actors. At the time of this writing, there is no official Cobalt Strike version for Linux.

In August 2021, we at Intezer discovered a fully undetected ELF implementation of Cobalt Strike’s beacon, which we named Vermilion Strike. The stealthy sample uses Cobalt Strike’s Command and Control (C2) protocol when communicating to the C2 server and has Remote Access capabilities such as uploading files, running shell commands and writing to files. The malware is fully undetected in VirusTotal at the time of this writing and was uploaded from Malaysia.

Based on telemetry with collaboration from our partners at McAfee Enterprise ATR, this Linux threat has been active in the wild since August targeting telecom companies, government agencies, IT companies, financial institutions and advisory companies around the world. Targeting has been limited in scope, suggesting that this malware is used in specific attacks rather than mass spreading.

After further analysis, we found Windows samples that use the same C2. The samples are re-implementations of Cobalt Strike Beacon. The Windows and ELF samples share the same functionalities.

The sophistication of this threat, its intent to conduct espionage, and the fact that the code hasn’t been seen before in other attacks, together with the fact that it targets specific entities in the wild, leads us to believe that this threat was developed by a skilled threat actor.

In this post we will provide a technical analysis of the samples and explain how you can detect and respond to this threat.

https://www.intezer.com/blog/malware-analysis/vermilionstrike-reimplementation-cobaltstrike/

Samples:
https://vx-underground.org/samples/Families/Vermilion%20Strike/

#vermilionstrike #cobaltstrike #windows #linux
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Mozilla has defeated Microsoft’s default browser protections in Windows

It’s easier to switch to Firefox as default now

Mozilla has quietly made it easier to switch to Firefox on Windows recently. While Microsoft offers a method to switch default browsers on Windows 10, it’s more cumbersome than the simple one-click process to switch to Edge. This one-click process isn’t officially available for anyone other than Microsoft, and Mozilla appears to have grown tired of the situation.

In version 91 of Firefox, released on August 10th, Mozilla has reverse engineered the way Microsoft sets Edge as default in Windows 10, and enabled Firefox to quickly make itself the default. Before this change, Firefox users would be sent to the Settings part of Windows 10 to then have to select Firefox as a default browser and ignore Microsoft’s plea to keep Edge.

Mozilla’s reverse engineering means you can now set Firefox as the default from within the browser, and it does all the work in the background with no additional prompts. This circumvents Microsoft’s anti-hijacking protections that the company built into Windows 10 to ensure malware couldn’t hijack default apps. Microsoft tells us this is not supported in Windows.

https://www.theverge.com/2021/9/13/22671182/mozilla-default-browser-windows-protections-firefox

#firefox #mozilla #microsoft #windows
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Russian Man Allegedly Ran a Real Murder-for-Hire Darkweb Site

Authorities in Russia arrested a man for allegedly orchestrating murders through a platform on the darkweb.

The Main Investigation Department of the Investigative Committee of Russia arrested Sergei Magdanov, 38, resident of Izhevsk in Russia, in connection with at least two murders, one attempted murder, and trafficking weapons.

The investigation began in 2020 after Russian police launched an investigation into the murder of two alleged drug dealers in the Vladimir region. During the investigation, the police arrested alleged accomplices who provided logistical support to the parties responsible for the murders. In part, the accomplices followed the victims and provided the alleged hitman with the locations of the victims.

At some point, Russian authorities identified an onion service where suspects had allegedly ordered the murders. The operator of the site accepted cryptocurrency and fiat as payment. The announcement from Russian authorities did not reveal information about the identification of the site operator.

The investigators concluded that Magdanov orchestrated the murders through the site, assisted the actual hitmen by providing weapons and ammunition, and allegedly sold weapons too.

On September 9, 2021, the police executed search warrants at the suspect’s home and his safe house. The searches led to the seizure of mobile phones, computers, more than one thousand SIM cards, more than 500 bank cards, and large amounts of cash.

https://darknetlive.com/post/russian-man-allegedly-ran-a-real-murder-for-hire-darkweb-site/

#russia #murder #darkweb
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

iTimed: Cache Attacks on the Apple A10 Fusion SoC

Abstract—This paper proposes the first cache timing side- channel attack on one of Apple’s mobile devices. Utilizing a recent, permanent exploit named checkm8, we reverse- engineered Apple’s BootROM and created a powerful toolkit for running arbitrary hardware security experiments on Apple’s in-house designed ARM systems-on-a-chip (SoC).

https://eprint.iacr.org/2021/464.pdf

#itimed #apple #attacks #a10 #fusion #soc #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Facebook Knows Instagram Is Toxic for Teen Girls, Company Documents Show

Its own in-depth research shows a significant teen mental-health issue that Facebook plays down in public.

About a year ago, teenager Anastasia Vlasova started seeing a therapist. She had developed an eating disorder, and had a clear idea of what led to it: her time on Instagram.

She joined the platform at 13, and eventually was spending three hours a day entranced by the seemingly perfect lives and bodies of the fitness influencers who posted on the app.

“When I went on Instagram, all I saw were images of chiseled bodies, perfect abs and women doing 100 burpees in 10 minutes,” said Ms. Vlasova, now 18, who lives in Reston, Va.

Around that time, researchers inside Instagram, which is owned by Facebook Inc., were studying this kind of experience and asking whether it was part of a broader phenomenon. Their findings confirmed some serious problems.

“Thirty-two percent of teen girls said that when they felt bad about their bodies, Instagram made them feel worse,” the researchers said in a March 2020 slide presentation posted to Facebook’s internal message board, reviewed by The Wall Street Journal. “Comparisons on Instagram can change how young women view and describe themselves.”

For the past three years, Facebook has been conducting studies into how its photo-sharing app affects its millions of young users. Repeatedly, the company’s researchers found that Instagram is harmful for a sizable percentage of them, most notably teenage girls.

“We make body image issues worse for one in three teen girls,” said one slide from 2019, summarizing research about teen girls who experience the issues.

“Teens blame Instagram for increases in the rate of anxiety and depression,” said another slide. “This reaction was unprompted and consistent across all groups.”

Among teens who reported suicidal thoughts, 13% of British users and 6% of American users traced the desire to kill themselves to Instagram, one presentation showed.

https://www.wsj.com/articles/facebook-knows-instagram-is-toxic-for-teen-girls-company-documents-show-11631620739

#facebook #DeleteFacebook #instagram #teen #girls
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Wikipedia bans 7 mainland Chinese power users over ‘infiltration and exploitation’ in unprecedented clampdown

The move by the Wikimedia Foundation came after "long and deep investigations" into a group of mainland Chinese users, two months after HKFP revealed that some of them allegedly threatened to report their Hong Kong peers to the city's national security police.

The foundation that oversees Wikipedia has taken unprecedented action to ban seven mainland Chinese users from its websites globally and revoke administrator access and other privileges for 12 other users, following an HKFP report of alleged threats to Hong Kong users.

HKFP also reported on fears among Hong Kong users over election canvassing within the online encyclopaedia as users from the mainland, Hong Kong and Taiwan angled for coveted administrator access. There were also “editing wars” over politically sensitive articles about current events in the city.

Wikipedia hosts elections for users wishing to become administrators, who enjoy more access to users and greater powers to edit articles. There were past reports that users of the Chinese edition engaged in election canvassing outside of Wikipedia to try to ensure the election of mainland administrators.

The Wikimedia Foundation investigated an “unrecognized group” of Wikipedia users from mainland China and identified “security risks” relating to “infiltration of Wikimedia systems, including positions with access to personally identifiable information and elected bodies of influence,” Maggie Dennis, the foundation’s vice president of community resilience & sustainability, said in an online statement on Tuesday.

https://lists.wikimedia.org/hyperkitty/list/[email protected]/message/6ANVSSZWOGH27OXAIN2XMJ2X7NWRVURF/

https://hongkongfp.com/2021/09/14/exclusive-wikipedia-bans-7-mainland-chinese-power-users-over-infiltration-and-exploitation-in-unprecedented-clampdown/

#wikipedia #china #infiltration #exploitation
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

I think your site is hacked - @MassGov @USCERT_gov

https://nitter.pussthecat.org/idclickthat/status/1437809583045677064

via Twitter

https://urlscan.io/result/385e2ab9-44a7-4dd5-a397-7c2c4b2aedb4/#summary

#cybersec #threathunting #massgov #uscertgov
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

FreeBSD SSH Hardening

Hi! This might all look scary, but dont worry, instructions for backing up your ssh configuration and reverting change are included. Have fun, and if you're unsure, reach out for help or questions @ #freebsd libera IRC or Twitter #freebsd.

If you are running this hardening script and reporting results back here, it is important for validation purposes that the instructions are copied verbatim, as they will be sent upstream. Please copy-paste commands, rather than manually typing them.

Not doing so may result in an undefined system state. If errors occur, please report tham to koobs @ Libera Chat IRC.

https://gist.github.com/koobs/e01cf8869484a095605404cd0051eb11

#freebsd #ssh #hardening
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv