yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
Automatically tagging Belgian politician when they use their #smartphone on the daily livestreams. The software is written in #Python and is using machine learning to detect phones and facial recognition to identify the politician. #python
Partage d'une note très simplifiée explicative et curative et préventive suite à des opérations de « Maintien en Condition de Sécurité » (MCS) concernant la vulnérabilité CVE-2021-1675 (PrintNightmare)
https://blog.saxx.fr/2021/07/05/printnightmare-pour-les-nuls-pas-de-vacances-pour-les-imprimantes/
Édition 2021 du « Baromètre du #numérique » - Ce rapport d'enquête de 350 pages dresse un portrait de la diffusion des technologies de l'information et de la communication (#ICT) en #France. 92% des personnes qui habitent sur le territoire Français sont des internautes. Parmi ces internautes, plus de 39% d'entre eux ne voient aucun frein à #Internet. Pour 26% des sondés ( échantillon de 4029 personnes âgées de +12 ans ), le manque de protection des données personnelles n'est pas un frein à l'adoption et à l'utilisation d'Internet soit une baisse de 14pts par rapport à 2018, le plus bas depuis 2010. L'ordinateur (43%) passe devant le smartphone (41%) comme équipement le plus utilisé pour se connecter à Internet #informatique
https://www.arcep.fr/uploads/tx_gspublication/rapport-barometre-numerique-edition-2021.pdf
💥 D'après plusieurs sources, un simple point d'accès (AP) nommé « %secretclub%power » semble avoir la capacité de neutraliser de manière permanente le #WiFi de n'importe quel appareil #Apple #iOS. Concrètement, un iPhone qui est à portée de ce réseau Wi-Fi se retrouvera privé de connexion #Wi-Fi. Il n'est donc pas nécessaire de s'y connecter pour que la connexion soit momentanément impossible. Là encore, il sera impossible de réactiver le Wi-Fi en se rendant dans les réglages de l'appareil. Étrange, non ? « It's not a #bug, it's a feature » #threats
https://www.phonandroid.com/iphone-nouveau-bug-etrange-desactive-completement-wi-fi.html
Wake-on-LAN (WoL) using Python sending Magic Packet, or forwarding it.
Independence Day : REvil uses supply chain exploit to attack hundreds of businesses
CVE-2021-34527 - mimikatz 2.2.0 (20210705) : Printnightmare improvements #informatique
The police had warned last month that WhatsApp accounts could be hacked_ by crooks using a complex method that exploits default PINs for accessing voicemail. **StarHub still using default voicemail PINs likely abused by scammers to hack WhatsApp accounts. Scammers had found a way to take over people's WhatsApp accounts to pose as a friend and trick them into parting with money in a gold scam.
eu-LISA Consolidated Annual Activity Report 2020
The Management Board of the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) has analysed and assessed the Agency's Consolidated Annual Activity Report on the achievements and results for 2020.
https://www.eulisa.europa.eu/Publications/Corporate/eu-LISA%20Annual%20Activity%20Report%202020.pdf
#Ransomware : mois de juin 2021, entre espoirs douchés & nouvelles menaces
CYBERCRIME : THIRD REPORT OF THE OBSERVATORY FUNCTION ON ENCRYPTION
People in the EU are becoming increasingly worried about security online, as well as about rising exposure to hate speech, other abusive and criminal behaviour, and use of encryption as a weapon in the form of #ransomware. Law enforcement continue to argue that important parts of the #digital world are « going dark », and there is a need for reliable and sufficiently rapid and scalable ways to access plaintext (decrypted data and messages).
This 3rd report of the Observatory Function on encryption builds on previous reports and looks at the relevant technical and legislative developments, re-visiting some topics, which deserved further consideration. In the interim between this and previous reports, there have only been a few developments in European Union (EU) Member States' national legal regimes to incorporate new provisions that tackle the challenge of encryption in criminal investigations. These new approaches can be categorised into two distinct parts: one deals with tools that directly tackle encryption and the others category provides for tools to gain access to content before it is encrypted, or after it is decrypted and bypass encryption altogether. This is further underpinned by jurisprudence that exemplifies the use of the provisions mentioned. Insights are shared on encryption in the context of cross-border cases. #europe #informatique
RadioSploit is an #Android application allowing to sniff and inject Zigbee, Mosart and Enhanced ShockBurst packets from a Samsung Galaxy S20 #smartphone without requiring any additional hardware : it diverts the Bluetooth controller to add new offensive capabilities #cyber #threats
Europe : COST - research & innovation networks
U.S Federal law enforcement agencies secretly seek the data of #Microsoft #customers thousands of times a year, according to congressional testimony Wednesday by a senior executive at the technology company.
« Most shocking is just how routine secrecy orders have become when law enforcement targets an American's email, text messages or other sensitive data stored in the cloud » said Tom Burt ( Microsoft's corporate vice president for customer security and trust), describing the widespread clandestine #surveillance as a major shift from historical norms. « Without reform, abuses will continue to occur and they will occur in the dark »
An EPYC escape: Case-study of a KVM breakout
https://googleprojectzero.blogspot.com/2021/06/an-epyc-escape-case-study-of-kvm.html
Collections of tools and methods created to aid in OSINT collection
World-leading chemical distribution company Brenntag has shared additional info on what data was stolen from its network by #DarkSide #ransomware operators during an attack from late April 2021 that targeted its North America division. The chemical distribution company is headquartered in Germany and has more than 17,000 employees worldwide at over 670 sites. The data exfiltrated by the DarkSide attackers includes « Social Security Number, Date of Birth, driver's license number and select medical information. The chemical distributor company paid a $4.4 million ransom to DarkSide for a decryptor and to prevent the ransomware gang from leaking the stolen data.
Dutch police have seized a server of the Russian-affiliated hacker group DarkSide. Data stored on DarkSide's server was not encrypted and the police were therefore able to investigate the information. Strangely, police found no data on the Colonial Pipeline cyberattack.
After talking to Kaseya we can now give the background story on who found the 0-day and how we collaborated with them to cope with the current Kaseya VSA #ransomware attacks. It's time to be a bit more clear on our role in this incident. First things first, yes, Wietse Boonstra, a DIVD researcher, has previously identified a number of the 0-day vulnerabilities [CVE-2021-30116] which are currently being used in the ransomware attacks. And yes, we have reported these vulnerabilities to Kaseya under responsible disclosure guidelines.
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
