European cable cut may impact transoceanic routes
What has happened?
We are aware of a major cable cut in the South of France that has impacted major subsea cables with connectivity to Asia, Europe, US and potentially other parts of the world. As a result of the cable cut, customers may see packet loss and or latency for websites and applications which traverse these impacted paths.
What is Zscaler doing?
Zscaler has made routing adjustments where possible to route around the problem but in certain cases we see the reverse path from the Application/Content providers which is under the control of the Application/Content Providers still traverses the impacted paths.
What can you do?
Zscaler is working with the content providers to have them influence their portion of the path. If you experience slowness with specific applications, especially applications hosted overseas, please contact the application provider and refer them to this trust post.
At this time, based on the information we have, the local authorities are investigating and repair crews are on scene but can not access the site until police complete their evidence collection.
There is currently no estimated time to repair available
We will provide an update as additional information becomes available.
Zscaler Incident# INC-000000047
Update - Wed, 19 Oct 2022 23:01:23 UTC
The following links have been identified as being cut. We have received an update that one of the links has been fixed, currently we are not able to confirm which link.
Marseille-Lyon : Team on site repair on hold due to Police intervention for investigation.
Marseille-Milano : Cable Cut Confirmed by Fiber Testing β searching of cut point in progress.
Marseille-Barcelona : Cable Cut Confirmed by Fiber Testing β searching of cut point in progress.
Update - Thu, 20 Oct 2022 01:03:15 UTC
The Zscaler Operations team have confirmed that one of the links has been fixed and we have observed a drop in packet loss and latency for some destinations. We will continue to monitor and update on any changes to the situation.
https://trust.zscaler.com/zscloud.net/posts/12256
#cablecut
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
What has happened?
We are aware of a major cable cut in the South of France that has impacted major subsea cables with connectivity to Asia, Europe, US and potentially other parts of the world. As a result of the cable cut, customers may see packet loss and or latency for websites and applications which traverse these impacted paths.
What is Zscaler doing?
Zscaler has made routing adjustments where possible to route around the problem but in certain cases we see the reverse path from the Application/Content providers which is under the control of the Application/Content Providers still traverses the impacted paths.
What can you do?
Zscaler is working with the content providers to have them influence their portion of the path. If you experience slowness with specific applications, especially applications hosted overseas, please contact the application provider and refer them to this trust post.
At this time, based on the information we have, the local authorities are investigating and repair crews are on scene but can not access the site until police complete their evidence collection.
There is currently no estimated time to repair available
We will provide an update as additional information becomes available.
Zscaler Incident# INC-000000047
Update - Wed, 19 Oct 2022 23:01:23 UTC
The following links have been identified as being cut. We have received an update that one of the links has been fixed, currently we are not able to confirm which link.
Marseille-Lyon : Team on site repair on hold due to Police intervention for investigation.
Marseille-Milano : Cable Cut Confirmed by Fiber Testing β searching of cut point in progress.
Marseille-Barcelona : Cable Cut Confirmed by Fiber Testing β searching of cut point in progress.
Update - Thu, 20 Oct 2022 01:03:15 UTC
The Zscaler Operations team have confirmed that one of the links has been fixed and we have observed a drop in packet loss and latency for some destinations. We will continue to monitor and update on any changes to the situation.
https://trust.zscaler.com/zscloud.net/posts/12256
#cablecut
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π3
Qatar 'requires' World Cup visitors to install state-sponsored 'spyware' on their phones
Security experts believe Qatar's required mobile app will be like giving the World Cup country's authorities the key to your house.
If you were hoping to attend the World Cup in Qatar next month, you might be rethinking your plans once you find out what the country will require of you. To enter the country, travelers must download two apps. Both function similarly to spyware and grant Qatar authorities permissions that security experts find questionable.
https://www.nrk.no/sport/everyone-going-to-the-world-cup-must-have-this-app---experts-are-now-sounding-the-alarm-1.16139267
#quatar #worldcup
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Security experts believe Qatar's required mobile app will be like giving the World Cup country's authorities the key to your house.
If you were hoping to attend the World Cup in Qatar next month, you might be rethinking your plans once you find out what the country will require of you. To enter the country, travelers must download two apps. Both function similarly to spyware and grant Qatar authorities permissions that security experts find questionable.
https://www.nrk.no/sport/everyone-going-to-the-world-cup-must-have-this-app---experts-are-now-sounding-the-alarm-1.16139267
#quatar #worldcup
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
NRK
Everyone going to the World Cup must have this app - experts are now sounding the alarm
Security experts believe Qatar's required mobile app will be like giving the World Cup country's authorities the key to your house.
π±9π5
Check out CISAgovβs RedEye
RedEye is an open-source analytic tool developed by CISA and DOEβs Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. The tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEyeβs presentation mode to present findings and workflow to stakeholders.
π‘RedEye can assist an operator to efficiently:
- Replay and demonstrate Red Teamβs assessment activities as they occurred rather than manually pouring through thousands of lines of log text.
- Display and evaluate complex assessment data to enable effective decision making.
- Gain a clearer understanding of the attack path taken and the hosts compromised during a Red Team assessment or penetration test.
https://github.com/cisagov/RedEye/
#RedEye
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
RedEye is an open-source analytic tool developed by CISA and DOEβs Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. The tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEyeβs presentation mode to present findings and workflow to stakeholders.
π‘RedEye can assist an operator to efficiently:
- Replay and demonstrate Red Teamβs assessment activities as they occurred rather than manually pouring through thousands of lines of log text.
- Display and evaluate complex assessment data to enable effective decision making.
- Gain a clearer understanding of the attack path taken and the hosts compromised during a Red Team assessment or penetration test.
https://github.com/cisagov/RedEye/
#RedEye
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - cisagov/RedEye: RedEye is a visual analytic tool supporting Red & Blue Team operations
RedEye is a visual analytic tool supporting Red & Blue Team operations - cisagov/RedEye
π7
Meredith Whittaker: the Signal messenger is not for profit (Interview)
Meredith Whittaker is looking for new strategies as the new CEO. She doesn't want to earn a cent by selling user data to any companies.
Signal basically doesnβt want to sell any data to cover the gigantic operating costs, the new CEO Meredith Whittaker tells us. During our conversation with Tarnkappe.info, we asked how this is supposed to work. The question of the revenue model is particularly interesting. Why? Because Whittaker worked for the data octopus Google, before she changed jobs.
https://tarnkappe.info/artikel/interviews/meredith-whittaker-the-signal-messenger-is-not-for-profit-258190.html
#signal #interview
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Meredith Whittaker is looking for new strategies as the new CEO. She doesn't want to earn a cent by selling user data to any companies.
Signal basically doesnβt want to sell any data to cover the gigantic operating costs, the new CEO Meredith Whittaker tells us. During our conversation with Tarnkappe.info, we asked how this is supposed to work. The question of the revenue model is particularly interesting. Why? Because Whittaker worked for the data octopus Google, before she changed jobs.
https://tarnkappe.info/artikel/interviews/meredith-whittaker-the-signal-messenger-is-not-for-profit-258190.html
#signal #interview
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
TARNKAPPE.INFO
Meredith Whittaker: the Signal messenger is not for profit
Meredith Whittaker is looking for new strategies as the new CEO. She doesn't want to earn a cent by selling user data to any companies.
π18π3
This media is not supported in your browser
VIEW IN TELEGRAM
Stealing passwords from infosec Mastodon - without bypassing CSP
The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP.
Everybody on our Twitter feed seemed to be jumping ship to the infosec.exchange Mastodon server, so I decided to see what the fuss was all about. After figuring out why exactly you had to have loads of @ symbols in your username, I began to have a look at how secure it was. If you've followed me on Twitter you'll know I like to post vectors and test the limits of the app I'm using, and today was no exception.
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
#mastodon #vulnerability #poc
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP.
Everybody on our Twitter feed seemed to be jumping ship to the infosec.exchange Mastodon server, so I decided to see what the fuss was all about. After figuring out why exactly you had to have loads of @ symbols in your username, I began to have a look at how secure it was. If you've followed me on Twitter you'll know I like to post vectors and test the limits of the app I'm using, and today was no exception.
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
#mastodon #vulnerability #poc
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π±6π4
This media is not supported in your browser
VIEW IN TELEGRAM
Do you need to create a local user account on a Windows 11 test VM?
Try using "[email protected]" with password "nope", let it fail, and then the installer will let you create a local user account.
https://nitter.pussthecat.org/awakecoding/status/1597663967375396865
via Twitter
#windows #vm
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Try using "[email protected]" with password "nope", let it fail, and then the installer will let you create a local user account.
https://nitter.pussthecat.org/awakecoding/status/1597663967375396865
via Twitter
#windows #vm
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π7π±1
Telegram Insider Server Access Offered To Dark Web Customers
For the non-negotiable price of 20,000 USD, the merchant claims to have unhindered access to Telegram servers βthrough their employeesβ; in other words, thanks to at least one insider contact.
The trade offer was discovered on a darknet marketplace for sellers worldwide. However, as with many traders on the Dark Web, it is difficult to verify claims made by individuals concerning their illegal products and services.
https://www.safetydetectives.com/news/telegram-servers-report/
#telegram
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
For the non-negotiable price of 20,000 USD, the merchant claims to have unhindered access to Telegram servers βthrough their employeesβ; in other words, thanks to at least one insider contact.
The trade offer was discovered on a darknet marketplace for sellers worldwide. However, as with many traders on the Dark Web, it is difficult to verify claims made by individuals concerning their illegal products and services.
https://www.safetydetectives.com/news/telegram-servers-report/
#telegram
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π4π2π±2
Threema-PST22.pdf
413.8 KB
Breaking Threema - Three Lessons From Threema: Analysis of a Secure Messenger
We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models.
https://breakingthe3ma.app/
https://breakingthe3ma.app/files/Threema-PST22.pdf
#threema #messenger #audit #analysis #pdf
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models.
https://breakingthe3ma.app/
https://breakingthe3ma.app/files/Threema-PST22.pdf
#threema #messenger #audit #analysis #pdf
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π6π1
On PBKDF2 iterations - Some cryptography knowledge and opinion related but not limited to the LastPass data breach incident in 2022
There has been a lot of discussion recently around the LastPass breach, especially with regards to the number of PBKDF2 iterations applied to the master password to derive the vault encryption key. Other people have already dissected this particular breach, but I want to more generally talk about PBKDF2 iterations and security models. (Iβm not going to talk about Argon2 or Bcrypt or any other algorithms).
There are two related reasons for using a password-based key derivation function like PBKDF2. One is to protect password hashes used for login on a website. The other is to derive a cryptographic key from a password to use for encryption. LastPass were actually doing both of these things, but I want to talk about the latter case in this post: using a password as a secret to encrypt data that you want to remain private.
https://neilmadden.blog/2023/01/09/on-pbkdf2-iterations/
#pbkdf2 #kdf #password #cryptography
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
There has been a lot of discussion recently around the LastPass breach, especially with regards to the number of PBKDF2 iterations applied to the master password to derive the vault encryption key. Other people have already dissected this particular breach, but I want to more generally talk about PBKDF2 iterations and security models. (Iβm not going to talk about Argon2 or Bcrypt or any other algorithms).
There are two related reasons for using a password-based key derivation function like PBKDF2. One is to protect password hashes used for login on a website. The other is to derive a cryptographic key from a password to use for encryption. LastPass were actually doing both of these things, but I want to talk about the latter case in this post: using a password as a secret to encrypt data that you want to remain private.
https://neilmadden.blog/2023/01/09/on-pbkdf2-iterations/
#pbkdf2 #kdf #password #cryptography
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Neil Madden
On PBKDF2 iterations
There has been a lot of discussion recently around the LastPass breach, especially with regards to the number of PBKDF2 iterations applied to the master password to derive the vault encryption key.β¦
π3
Abusing Signal Desktop Client for fun and for Espionage (CVE-2023-24068 && CVE-2023-24069)
A flaw in how files are stored in Signal Desktop before 6.2.0 allows a threat actor to potentially obtain sensitive attachments sent in messages. Subsequently, a similar issue with Signal Desktop before 6.2.0 exists, allowing an an attacker to modify conversation attachments within the same directory. Client mechanisms fail to validate modifications of existing cached files, resulting in the ability to implement malicious code or overwrite pre-existing files and masquerade as pre-existing files. Local access is needed.
https://johnjhacking.com/blog/cve-2023-24068-cve-2023-24069/
#signal #messenger #poc #cve
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
A flaw in how files are stored in Signal Desktop before 6.2.0 allows a threat actor to potentially obtain sensitive attachments sent in messages. Subsequently, a similar issue with Signal Desktop before 6.2.0 exists, allowing an an attacker to modify conversation attachments within the same directory. Client mechanisms fail to validate modifications of existing cached files, resulting in the ability to implement malicious code or overwrite pre-existing files and masquerade as pre-existing files. Local access is needed.
https://johnjhacking.com/blog/cve-2023-24068-cve-2023-24069/
#signal #messenger #poc #cve
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Johnjhacking
CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage
A flaw in how files are stored in Signal Desktop β€ 6.2.0 allows a threat actor to potentially obtain sensitive attachments sent in messages. Subsequently, a similar issue with Signal Desktop β€ 6.2.0 exists, allowing an an attacker to modify conversation attachmentsβ¦
π9π₯2
Little-Known Surveillance Program Captures Money Transfers Between U.S. and More Than 20 Countries
Law-enforcement agencies across the U.S. have direct access to over 150 million transactions housed at an Arizona nonprofit
WASHINGTONβHundreds of federal, state and local U.S. law-enforcement agencies have access without court oversight to a database of more than 150 million money transfers between people in the U.S. and in more than 20 countries, according to internal program documents and an investigation by Sen. Ron Wyden.
The database, housed at a little-known nonprofit called the Transaction Record Analysis Center, or TRAC, was set up by the Arizona state attorney generalβs office in 2014 as part of a settlement reached with Western Union to combat cross-border trafficking of drugs and people from Mexico. It has since expanded to allow officials of more than 600 law-enforcement entitiesβfrom federal agencies such as the Federal Bureau of Investigation, the Drug Enforcement Administration, and Immigration and Customs Enforcement to small-town police departments in nearly every stateβto monitor the flow of funds through money services between the U.S. and countries around the world.
https://www.wsj.com/articles/little-known-surveillance-program-captures-money-transfers-between-u-s-and-more-than-20-countries-11674019904
#surveillance #usa
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Law-enforcement agencies across the U.S. have direct access to over 150 million transactions housed at an Arizona nonprofit
WASHINGTONβHundreds of federal, state and local U.S. law-enforcement agencies have access without court oversight to a database of more than 150 million money transfers between people in the U.S. and in more than 20 countries, according to internal program documents and an investigation by Sen. Ron Wyden.
The database, housed at a little-known nonprofit called the Transaction Record Analysis Center, or TRAC, was set up by the Arizona state attorney generalβs office in 2014 as part of a settlement reached with Western Union to combat cross-border trafficking of drugs and people from Mexico. It has since expanded to allow officials of more than 600 law-enforcement entitiesβfrom federal agencies such as the Federal Bureau of Investigation, the Drug Enforcement Administration, and Immigration and Customs Enforcement to small-town police departments in nearly every stateβto monitor the flow of funds through money services between the U.S. and countries around the world.
https://www.wsj.com/articles/little-known-surveillance-program-captures-money-transfers-between-u-s-and-more-than-20-countries-11674019904
#surveillance #usa
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The Wall Street Journal
WSJ News Exclusive | Little-Known Surveillance Program Captures Money Transfers Between U.S. and More Than 20 Countries
Law-enforcement agencies across the U.S. have direct access to over 150 million transactions housed at an Arizona-based nonprofit.
π2β€1
No more free access to the Twitter API
Starting February 9, we will no longer support free access to the Twitter API, both v2 and v1.1.
A paid basic tier will be available instead.
Over the years, hundreds of millions of people have sent over a trillion Tweets, with billions more every week.
Twitter data are among the worldβs most powerful data sets. Weβre committed to enabling fast & comprehensive access so you can continue to build with us.
Weβll be back with more details on what you can expect next week.
https://nitter.pussthecat.org/TwitterDev/status/1621026986784337922
Via Twitter
#twitter #api
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Starting February 9, we will no longer support free access to the Twitter API, both v2 and v1.1.
A paid basic tier will be available instead.
Over the years, hundreds of millions of people have sent over a trillion Tweets, with billions more every week.
Twitter data are among the worldβs most powerful data sets. Weβre committed to enabling fast & comprehensive access so you can continue to build with us.
Weβll be back with more details on what you can expect next week.
https://nitter.pussthecat.org/TwitterDev/status/1621026986784337922
Via Twitter
#twitter #api
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Nitter
Twitter Dev (@TwitterDev)
Starting February 9, we will no longer support free access to the Twitter API, both v2 and v1.1. A paid basic tier will be available instead π§΅
π±10π9π2β€1π₯1
BIG DATA IS DEAD
For more than a decade now, the fact that people have a hard time gaining actionable insights from their data has been blamed on its size. βYour data is too big for your puny systems,β was the diagnosis, and the cure was to buy some new fancy technology that can handle massive scale. Of course, after the Big Data task force purchased all new tooling and migrated from Legacy systems, people found that they still were having trouble making sense of their data. They also may have noticed, if they were really paying attention, that data size wasnβt really the problem at all.
The world in 2023 looks different from when the Big Data alarm bells started going off. The data cataclysm that had been predicted hasnβt come to pass. Data sizes may have gotten marginally larger, but hardware has gotten bigger at an even faster rate. Vendors are still pushing their ability to scale, but practitioners are starting to wonder how any of that relates to their real world problems.
https://motherduck.com/blog/big-data-is-dead/
#bigdata
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
For more than a decade now, the fact that people have a hard time gaining actionable insights from their data has been blamed on its size. βYour data is too big for your puny systems,β was the diagnosis, and the cure was to buy some new fancy technology that can handle massive scale. Of course, after the Big Data task force purchased all new tooling and migrated from Legacy systems, people found that they still were having trouble making sense of their data. They also may have noticed, if they were really paying attention, that data size wasnβt really the problem at all.
The world in 2023 looks different from when the Big Data alarm bells started going off. The data cataclysm that had been predicted hasnβt come to pass. Data sizes may have gotten marginally larger, but hardware has gotten bigger at an even faster rate. Vendors are still pushing their ability to scale, but practitioners are starting to wonder how any of that relates to their real world problems.
https://motherduck.com/blog/big-data-is-dead/
#bigdata
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π7β€2
Twitter already had a $400m paid API business with $360m(ish) in profits. This API provided real value to large enterprises. They fired the entire team so that business will go to $0 soon. Now they are going to charge a few dollars to developers who have no money. Sound trade.
https://nitter.pussthecat.org/chrismoodycom/status/1623123171842097153
via Twitter
ππΌ Read as well: No more free access to the Twitter API
https://t.iss.one/BlackBox_Archiv/3060
#twitter #appi
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://nitter.pussthecat.org/chrismoodycom/status/1623123171842097153
via Twitter
ππΌ Read as well: No more free access to the Twitter API
https://t.iss.one/BlackBox_Archiv/3060
#twitter #appi
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Nitter
Chris Moody (@chrismoodycom)
Twitter already had a $400m paid API business with $360m(ish) in profits. This API provided real value to large enterprises. They fired the entire team so that business will go to $0 soon. Now they are going to charge a few dollars to developers who haveβ¦
π3π₯3
Reddit had a security incident
We had a security incident. Hereβs what we know.
TL:DR Based on our investigation so far, Reddit user passwords and accounts are safe, but on Sunday night (pacific time), Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to some internal documents, code, and some internal business systems.
What Happened?
On late (PST) February 5, 2023, we became aware of a sophisticated phishing campaign that targeted Reddit employees. As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens.
After successfully obtaining a single employeeβs credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems. We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).
Exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information. Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Redditβs information has been published or distributed online.
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
#reddit #hacked
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
We had a security incident. Hereβs what we know.
TL:DR Based on our investigation so far, Reddit user passwords and accounts are safe, but on Sunday night (pacific time), Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to some internal documents, code, and some internal business systems.
What Happened?
On late (PST) February 5, 2023, we became aware of a sophisticated phishing campaign that targeted Reddit employees. As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens.
After successfully obtaining a single employeeβs credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems. We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).
Exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information. Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Redditβs information has been published or distributed online.
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
#reddit #hacked
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Reddit
From the reddit community on Reddit
Explore this post and more from the reddit community
π5π±2π₯1
Kim_2023_Data_Brokers_and_the_Sale_of_Americans_Mental_Health_Data.pdf
397.5 KB
Data Brokers and the Sale of Americansβ Mental Health Data
Joanne Kim asked 34 data brokers in the US to buy personal data on people with mental health issues, talked to them via phone and video, approved by DukeCyberPolicy IRB.
10 of them would sell with minimal vetting. Excellent & disturbing study:
https://techpolicy.sanford.duke.edu/wp-content/uploads/sites/4/2023/02/Kim-2023-Data-Brokers-and-the-Sale-of-Americans-Mental-Health-Data.pdf
#databroker #pdf #study
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Joanne Kim asked 34 data brokers in the US to buy personal data on people with mental health issues, talked to them via phone and video, approved by DukeCyberPolicy IRB.
10 of them would sell with minimal vetting. Excellent & disturbing study:
https://techpolicy.sanford.duke.edu/wp-content/uploads/sites/4/2023/02/Kim-2023-Data-Brokers-and-the-Sale-of-Americans-Mental-Health-Data.pdf
#databroker #pdf #study
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π2
Hacks, Bots and Blackmail: How Secret Cyber Mercenaries Disrupt Elections
Undercover reporters recorded a group of covert cyber influence specialists as they pitched their services, which involve using disinformation campaigns, false intelligence, hacks and blackmail to promote their clientsβ interests. The group, which calls itself Team Jorge, claims to have worked on dozens of presidential elections around the world and charges multimillion dollar fees.
https://www.occrp.org/en/storykillers/hacks-bots-and-blackmail-how-secret-cyber-mercenaries-disrupt-elections
#hacks #bots #blackmail #occrp
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Undercover reporters recorded a group of covert cyber influence specialists as they pitched their services, which involve using disinformation campaigns, false intelligence, hacks and blackmail to promote their clientsβ interests. The group, which calls itself Team Jorge, claims to have worked on dozens of presidential elections around the world and charges multimillion dollar fees.
https://www.occrp.org/en/storykillers/hacks-bots-and-blackmail-how-secret-cyber-mercenaries-disrupt-elections
#hacks #bots #blackmail #occrp
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
OCCRP
Hacks, Bots and Blackmail: How Secret Cyber Mercenaries Disrupt Elections
Undercover reporters recorded a group of covert cyber influence specialists as they pitched their services, which involve using disinformation campaigns, false intelligence, hacks and blackmail to promote their clientsβ interests. The group, which calls itselfβ¦
π2
An update on two-factor authentication using SMS on Twitter
Either pay Β£11 or go without two-factor SMS authentication
https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter
#twitter #2fa
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Either pay Β£11 or go without two-factor SMS authentication
https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter
#twitter #2fa
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π4β€2
Twitter about to give hackers a huge gift
by *REMOVING text message authentication* for non paying accounts.
Yes, there are better forms of #2FA.
But this is blackmail.
Expect waves of takeovers as hackers run through password dumps.
https://twitter.com/jsrailton/status/1626791204238008320
#twitter
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
by *REMOVING text message authentication* for non paying accounts.
Yes, there are better forms of #2FA.
But this is blackmail.
Expect waves of takeovers as hackers run through password dumps.
https://twitter.com/jsrailton/status/1626791204238008320
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π₯8
Indian Ticketing Platform RailYatri Hacked β 31 Million Impacted
The RailYatri hack took place in December 2022, but the stolen data has only been leaked earlier today on a prominent hacker forum.
Among personal information, the RailYatri hack has also exposed the location details of millions of travellers across India.
RailYatri, a popular Indian train ticket booking platform, has suffered a massive data breach that has exposed the personal information of over 31 million (31,062,673) users/travellers. The breach is believed to have occurred in late December 2022, with the database of sensitive information now being leaked online.
The compromised data includes email addresses, full names, genders, phone numbers, and locations, which could put millions of users at risk of identity theft, phishing attacks, and other cyber crimes.
Hackread.com can confirm that the database has been leaked on Breachforums, a hacker and cybercrime forum that surfaced as an alternative to the popular and now-seized Raidforums.
https://www.hackread.com/indian-ticketing-platform-railyatri-hacked/
#railyatri #india
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The RailYatri hack took place in December 2022, but the stolen data has only been leaked earlier today on a prominent hacker forum.
Among personal information, the RailYatri hack has also exposed the location details of millions of travellers across India.
RailYatri, a popular Indian train ticket booking platform, has suffered a massive data breach that has exposed the personal information of over 31 million (31,062,673) users/travellers. The breach is believed to have occurred in late December 2022, with the database of sensitive information now being leaked online.
The compromised data includes email addresses, full names, genders, phone numbers, and locations, which could put millions of users at risk of identity theft, phishing attacks, and other cyber crimes.
Hackread.com can confirm that the database has been leaked on Breachforums, a hacker and cybercrime forum that surfaced as an alternative to the popular and now-seized Raidforums.
https://www.hackread.com/indian-ticketing-platform-railyatri-hacked/
#railyatri #india
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Hackread
Indian Ticketing Platform RailYatri Hacked β 31 Million Impacted
The RailYatri hack took place in December 2022, but the stolen data has only been leaked earlier today on a prominent hacker forum.
π2
Reversing a βGame Cheatβ ;)
One day I was chilling on Telegram, when someone who shared a group with me decided to mass spread some leaked game cheats & other tools! Lets take a look and see if they are what they say they areβ¦
https://0xwyvn.github.io/reversinggamecheat.html
#reversinggamecheat
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
One day I was chilling on Telegram, when someone who shared a group with me decided to mass spread some leaked game cheats & other tools! Lets take a look and see if they are what they say they areβ¦
https://0xwyvn.github.io/reversinggamecheat.html
#reversinggamecheat
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
wyvnzwriteupz
First writeup: Reversing a βGame Cheatβ ;)
a place for me to post shit
π6π₯6