Forwarded from cRyPtHoNβ’ INFOSEC (EN)
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
β€3π2
Operation Triangulation: The last (hardware) mystery
Today, on December 27, 2023, we (Boris Larin, Leonid Bezvershenko, and Georgy Kucherin) delivered a presentation, titled, βOperation Triangulation: What You Get When Attack iPhones of Researchersβ, at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg. The presentation summarized the results of our long-term research into Operation Triangulation, conducted with our colleagues, Igor Kuznetsov, Valentin Pashkov, and Mikhail Vinogradov.
This presentation was also the first time we had publicly disclosed the details of all exploits and vulnerabilities that were used in the attack. We discover and analyze new exploits and attacks using these on a daily basis, and we have discovered and reported more than thirty in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products, but this is definitely the most sophisticated attack chain we have ever seen.
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
#operationtriangulation #attack #iphone
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Today, on December 27, 2023, we (Boris Larin, Leonid Bezvershenko, and Georgy Kucherin) delivered a presentation, titled, βOperation Triangulation: What You Get When Attack iPhones of Researchersβ, at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg. The presentation summarized the results of our long-term research into Operation Triangulation, conducted with our colleagues, Igor Kuznetsov, Valentin Pashkov, and Mikhail Vinogradov.
This presentation was also the first time we had publicly disclosed the details of all exploits and vulnerabilities that were used in the attack. We discover and analyze new exploits and attacks using these on a daily basis, and we have discovered and reported more than thirty in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products, but this is definitely the most sophisticated attack chain we have ever seen.
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
#operationtriangulation #attack #iphone
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Securelist
Operation Triangulation: The last (hardware) mystery
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
π6
The Battle for Biometric Privacy
The pushback against ubiquitous surveillance and targeted deepfaking has begunβbut regulation may fail to keep up with AI advances.
In 2024, increased adoption of biometric surveillance systems, such as the use of AI-powered facial recognition in public places and access to government services, will spur biometric identity theft and anti-surveillance innovations. Individuals aiming to steal biometric identities to commit fraud or gain access to unauthorized data will be bolstered by generative AI tools and the abundance of face and voice data posted online.
https://www.wired.com/story/the-battle-for-biometric-privacy/
#biometric #privacy #deepfake
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The pushback against ubiquitous surveillance and targeted deepfaking has begunβbut regulation may fail to keep up with AI advances.
In 2024, increased adoption of biometric surveillance systems, such as the use of AI-powered facial recognition in public places and access to government services, will spur biometric identity theft and anti-surveillance innovations. Individuals aiming to steal biometric identities to commit fraud or gain access to unauthorized data will be bolstered by generative AI tools and the abundance of face and voice data posted online.
https://www.wired.com/story/the-battle-for-biometric-privacy/
#biometric #privacy #deepfake
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
WIRED
The Battle for Biometric Privacy
The pushback against ubiquitous surveillance and targeted deepfaking has begunβbut regulation may fail to keep up with AI advances.
π5
Mullvad VPN β an interview with the Swedish mole
The company was founded in March 2009 and we recently spoke to the Managing Director Jan Jonsson.
https://tarnkappe.info/artikel/interviews/mullvad-vpn-an-interview-with-the-swedish-mole-289150.html
#mullvad #vpn #interview
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The company was founded in March 2009 and we recently spoke to the Managing Director Jan Jonsson.
https://tarnkappe.info/artikel/interviews/mullvad-vpn-an-interview-with-the-swedish-mole-289150.html
#mullvad #vpn #interview
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
TARNKAPPE.INFO
Mullvad VPN - an interview with the Swedish mole
Mullvad means mole. The company was founded in March 2009 and we recently spoke to the Managing Director Jan Jonsson.
π8β€1π±1
To celebrate Conversations being back on the Play Store and to deny Google their 15% cut I made the app free for the next ~48 hours.
https://gultsch.social/@daniel/111933922710829462
#conversations #jabber #xmpp #app #free
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://gultsch.social/@daniel/111933922710829462
#conversations #jabber #xmpp #app #free
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Mastodon
Daniel Gultsch (@[email protected])
To celebrate Conversations being back on the Play Store and to deny Google their 15% cut I made the app free for the next ~48 hours. π
If you are new here: Check out #XMPP. It's federated, provider and vendor independent instant messaging. Itβs great!
β¦
If you are new here: Check out #XMPP. It's federated, provider and vendor independent instant messaging. Itβs great!
β¦
β€8π₯2π1
You can not simply publicly access private secure links, can you?
turns out, you can even search for them with powerful search engines!
Popular malware/url analysis tools such as urlscan.io, Hybrid Analysis, and Cloudflare radar url scanner store a large number of links for intelligence gathering and sharing. However, it is not as widely known that these services also store a large amount of private and sensitive links, thanks to:
- Sensitive links accidentally submitted for scanning by users unaware that they are public information
- Misconfigured scanners and extensions that submit private links scanned from emails as public data
https://vin01.github.io/piptagole/security-tools/soar/urlscan/hybrid-analysis/data-leaks/urlscan.io/cloudflare-radar%22/2024/03/07/url-database-leaks-private-urls.html
#securelinks #security #tools #urlscan #analysis
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
turns out, you can even search for them with powerful search engines!
Popular malware/url analysis tools such as urlscan.io, Hybrid Analysis, and Cloudflare radar url scanner store a large number of links for intelligence gathering and sharing. However, it is not as widely known that these services also store a large amount of private and sensitive links, thanks to:
- Sensitive links accidentally submitted for scanning by users unaware that they are public information
- Misconfigured scanners and extensions that submit private links scanned from emails as public data
https://vin01.github.io/piptagole/security-tools/soar/urlscan/hybrid-analysis/data-leaks/urlscan.io/cloudflare-radar%22/2024/03/07/url-database-leaks-private-urls.html
#securelinks #security #tools #urlscan #analysis
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Vin01βs Blog
You can not simply publicly access private secure links, can you?
turns out, you can even search for them with powerful search engines!
π5β€3
Docker Security β Step-by-Step Hardening (Docker Hardening)
This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.
My intention is to guide the reader step by step through the process of preparing a secure configuration. As such, this guide may prove to be more extensive than other similar publications. However, this is a conscious choice. My goal is not merely to present a dry list of parameters and ready-made configuration snippets, but to provide the reader with a fuller context. I want the reader to understand why certain modifications are necessary and what benefits their implementation will bring.
https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/
#docker #hardening #guide
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.
My intention is to guide the reader step by step through the process of preparing a secure configuration. As such, this guide may prove to be more extensive than other similar publications. However, this is a conscious choice. My goal is not merely to present a dry list of parameters and ready-made configuration snippets, but to provide the reader with a fuller context. I want the reader to understand why certain modifications are necessary and what benefits their implementation will bring.
https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/
#docker #hardening #guide
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
ReynardSec
Docker Security - Step-by-Step Hardening (Docker Hardening) - ReynardSec
This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.
π4
Ransomware Diaries Volume 5: Unmasking LockBit
Before you read this volume of the Ransomware Diaries, please understand that LockBitSuppβs identity only became known earlier today. Therefore, please make your own assessment and validate my findings before using this research for real-world actions. I have been chasing LockBit for a long time and when I found out the DoJ planned to release this information, I decided to publish my research quicker than I intended.
https://analyst1.com/ransomware-diaries-volume-5-unmasking-lockbit/
#lockbit
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Before you read this volume of the Ransomware Diaries, please understand that LockBitSuppβs identity only became known earlier today. Therefore, please make your own assessment and validate my findings before using this research for real-world actions. I have been chasing LockBit for a long time and when I found out the DoJ planned to release this information, I decided to publish my research quicker than I intended.
https://analyst1.com/ransomware-diaries-volume-5-unmasking-lockbit/
#lockbit
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Analyst1
Ransomware Diaries Volume 5: Unmasking LockBit
Jon DiMaggio will explore how RansomedVC has redefined the boundaries of cybercrime by combining propaganda, influence campaigns, and misinformation.
β€1π1
Proton Mail Discloses User Data Leading to Arrest in Spain
Proton Mail has come under scrutiny for its role in a legal request involving the Spanish authorities and a member of the Catalan independence organization, Democratic Tsunami.
https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
#protonmail
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Proton Mail has come under scrutiny for its role in a legal request involving the Spanish authorities and a member of the Catalan independence organization, Democratic Tsunami.
https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
#protonmail
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
CyberInsider
Proton Mail Discloses User Data Leading to Arrest in Spain
Proton Mail came under scrutiny for its role in a legal request by the Spanish authorities leading to the identification and arrest of a user.
π±9π2
Wireshark RDP resources
Looking for a way to capture and inspect RDP traffic in Wireshark? You've come to the right place!
https://github.com/awakecoding/wireshark-rdp
#wireshark #pentesting
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Looking for a way to capture and inspect RDP traffic in Wireshark? You've come to the right place!
https://github.com/awakecoding/wireshark-rdp
#wireshark #pentesting
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - awakecoding/wireshark-rdp: Wireshark RDP resources
Wireshark RDP resources. Contribute to awakecoding/wireshark-rdp development by creating an account on GitHub.
π1π₯1
7 Deadly Sins of Distrohopping
What are you doing wrong with distro-hopping? Can you do it better? Yes, you can. Here, we tell you how.
https://itsfoss.com/distrohopping-issues/
#linux #foss #distrohopping
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
What are you doing wrong with distro-hopping? Can you do it better? Yes, you can. Here, we tell you how.
https://itsfoss.com/distrohopping-issues/
#linux #foss #distrohopping
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
It's FOSS
7 Deadly Sins of Linux Distrohopping
What are you doing wrong with distro-hopping? Can you do it better? Yes, you can. Here, we tell you how.
π2β€1
Dell admits to data breach: sensitive user data in peril
The American technology giant has notified some of its customers about a data breach that involved sensitive data, including usersβ physical addresses.
Dell Technologies says that itβs currently investigating an incident βinvolving a Dell portal,β which contains a database with customer information related to purchases.
https://cybernews.com/news/dell-data-breach/
#dell #breach
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The American technology giant has notified some of its customers about a data breach that involved sensitive data, including usersβ physical addresses.
Dell Technologies says that itβs currently investigating an incident βinvolving a Dell portal,β which contains a database with customer information related to purchases.
https://cybernews.com/news/dell-data-breach/
#dell #breach
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Cybernews
Dell admits to data breach: sensitive user data in peril | Cybernews
Dell believes there is not a significant risk to customers given the type of information involved.
π4π±1
Lethal Injection: How We Hacked Microsoft's Healthcare Chat Bot
We have discovered multiple security vulnerabilities in the Azure Health Bot service, a patient-facing chatbot that handles medical information. The vulnerabilities, if exploited, could allow access to sensitive infrastructure and confidential medical data.
All vulnerabilities have been fixed quickly following our report to Microsoft. Microsoft has not detected any sign of abuse of these vulnerabilities. We want to thank the people from Microsoft for their cooperation in remediating these issues: Dhawal, Kirupa, Gaurav, Madeline, and the engineering team behind the service.
The first vulnerability allowed access to authentication credentials belonging to the customers. With continued research, weβve found vulnerabilities allowing us to take control of a backend server of the service. That server is shared across multiple customers and has access to several databases that contain information belonging to multiple tenants.
https://www.breachproof.net/blog/lethal-injection-how-we-hacked-microsoft-ai-chat-bot
#microsoft #healthcare #ai #chatbot #hacked
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
We have discovered multiple security vulnerabilities in the Azure Health Bot service, a patient-facing chatbot that handles medical information. The vulnerabilities, if exploited, could allow access to sensitive infrastructure and confidential medical data.
All vulnerabilities have been fixed quickly following our report to Microsoft. Microsoft has not detected any sign of abuse of these vulnerabilities. We want to thank the people from Microsoft for their cooperation in remediating these issues: Dhawal, Kirupa, Gaurav, Madeline, and the engineering team behind the service.
The first vulnerability allowed access to authentication credentials belonging to the customers. With continued research, weβve found vulnerabilities allowing us to take control of a backend server of the service. That server is shared across multiple customers and has access to several databases that contain information belonging to multiple tenants.
https://www.breachproof.net/blog/lethal-injection-how-we-hacked-microsoft-ai-chat-bot
#microsoft #healthcare #ai #chatbot #hacked
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
www.breachproof.net
Lethal Injection: How We Hacked Microsoft's Healthcare Chat Bot
A story of hacking Microsoft's flagship healthcare chatbot using a series of vulnerabilities. The vulnerabilities could allow access to sensitive healthcare data of Microsoft customers, and were fixed promptly by Microsoft.
π1
Telegram has launched a pretty intense campaign to malign Signal as insecure, with assistance from Elon Musk. The goal seems to be to get activists to switch away from encrypted Signal to mostly-unencrypted Telegram. I want to talk about this a bit....
https://twitter.com/matthew_d_green/status/1789687898863792453
#signal #telegram #durov #elonmusk
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://twitter.com/matthew_d_green/status/1789687898863792453
#signal #telegram #durov #elonmusk
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π8π5π±1
ShodanX
ShodanX is a versatile information gathering tool that harnesses the power of Shodan's extensive database. it offers multiple modes and flexible queries to extract valuable insights for security assessments, reconnaissance, and threat intelligence. With colorful output and intuitive commands, ShodanX empowers users to efficiently gather and analyze data from Shodan's facets, enhancing their cybersecurity efforts.
https://github.com/RevoltSecurities/ShodanX/tree/main
#shodan #shodanx #pentesting #cybersecurity #infosec
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
ShodanX is a versatile information gathering tool that harnesses the power of Shodan's extensive database. it offers multiple modes and flexible queries to extract valuable insights for security assessments, reconnaissance, and threat intelligence. With colorful output and intuitive commands, ShodanX empowers users to efficiently gather and analyze data from Shodan's facets, enhancing their cybersecurity efforts.
https://github.com/RevoltSecurities/ShodanX/tree/main
#shodan #shodanx #pentesting #cybersecurity #infosec
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - RevoltSecurities/ShodanX: ShodanX is a tool to gather information of targets using shodan dorksβ‘.
ShodanX is a tool to gather information of targets using shodan dorksβ‘. - RevoltSecurities/ShodanX
π3
A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000
In a concerning development, a threat actor known as βCvspβ has announced the sale of an alleged Outlook Remote Code Execution (RCE) exploit 0-day. This alleged exploit, designed to target various versions of Microsoft Office across both x86 and x64 architectures, poses a significant security threat to users worldwide.
https://dailydarkweb.net/a-threat-actor-claims-sale-of-outlook-rce-exploit-0-day-for-1700000/
#outlook #zeroday #exploit
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
In a concerning development, a threat actor known as βCvspβ has announced the sale of an alleged Outlook Remote Code Execution (RCE) exploit 0-day. This alleged exploit, designed to target various versions of Microsoft Office across both x86 and x64 architectures, poses a significant security threat to users worldwide.
https://dailydarkweb.net/a-threat-actor-claims-sale-of-outlook-rce-exploit-0-day-for-1700000/
#outlook #zeroday #exploit
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Daily Dark Web
A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000 - Daily Dark Web
A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000 Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber underground world.Stay informed about emerging cyber threatsβ¦
π3β€1
Firefox now collects data about search queries
https://blog.mozilla.org/en/products/firefox/firefox-search-update/
#firefox #privacy
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://blog.mozilla.org/en/products/firefox/firefox-search-update/
#firefox #privacy
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The Mozilla Blog
Whatβs new in Firefoxβs approach to search data
Innovation and privacy go hand in hand here at Mozilla. To continue developing features and products that resonate with our users, weβre adopting a new a
π11π±5π1
Tornado Cash Developer Found Guilty of Laundering $1.2 Billion of Crypto
Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars.
https://www.wired.com/story/tornado-cash-developer-found-guilty-of-laundering-crypto/
#crypto #tornadocash #pertsev
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars.
https://www.wired.com/story/tornado-cash-developer-found-guilty-of-laundering-crypto/
#crypto #tornadocash #pertsev
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
WIRED
Tornado Cash Developer Found Guilty of Laundering $1.2 Billion of Crypto
Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars.
π5π2
Foxit PDF βFlawed Designβ Exploitation
Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Point Research has observed variants of this exploit being actively utilized in the wild. Its low detection rate is attributed to the prevalent use of Adobe Reader in most sandboxes or antivirus solutions, as Adobe Reader is not susceptible to this specific exploit. Additionally, Check Point Research has observed various exploit builders, ranging from those coded in .NET to those written in Python, being used to deploy this exploit.
https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/
#exploit #foxit #pdf
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Point Research has observed variants of this exploit being actively utilized in the wild. Its low detection rate is attributed to the prevalent use of Adobe Reader in most sandboxes or antivirus solutions, as Adobe Reader is not susceptible to this specific exploit. Additionally, Check Point Research has observed various exploit builders, ranging from those coded in .NET to those written in Python, being used to deploy this exploit.
https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/
#exploit #foxit #pdf
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Check Point Research
Foxit PDF βFlawed Designβ Exploitation - Check Point Research
Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Pointβ¦
π2
CensysGPT Beta
CensysGPT beta simplifies building queries and empowers users to conduct efficient and effective reconnaissance operations. The tool enables users to quickly and easily gain insights into hosts on the internet, streamlining the process and allowing for more proactive threat hunting and exposure management.
https://gpt.censys.io/
#cybersecurity #infosec #ai #censys #gpt
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
CensysGPT beta simplifies building queries and empowers users to conduct efficient and effective reconnaissance operations. The tool enables users to quickly and easily gain insights into hosts on the internet, streamlining the process and allowing for more proactive threat hunting and exposure management.
https://gpt.censys.io/
#cybersecurity #infosec #ai #censys #gpt
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
CensysGPT Beta
Generate Censys Search Queries
π3
no-defender
A slightly more fun way to disable windows defender.
There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender.
This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation, so I decided to take an interesting approach for such a thing and used an already existing antivirus called Avast. This AV engine includes a so-called wsc_proxy.exe service, which essentially sets up the WSC API for Avast.
With a little bit of reverse engineering, I turned this service into a service that could add my own stuff there.
https://github.com/es3n1n/no-defender
#reverseengineering #windows #defender #microsoft
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
A slightly more fun way to disable windows defender.
There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender.
This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation, so I decided to take an interesting approach for such a thing and used an already existing antivirus called Avast. This AV engine includes a so-called wsc_proxy.exe service, which essentially sets up the WSC API for Avast.
With a little bit of reverse engineering, I turned this service into a service that could add my own stuff there.
https://github.com/es3n1n/no-defender
#reverseengineering #windows #defender #microsoft
π‘@cRyPtHoN_INFOSEC_IT
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender + firewall. (through the WSC api)
A slightly more fun way to disable windows defender + firewall. (through the WSC api) - es3n1n/no-defender
π₯7π5β€1