Hak5
Microsoft Fined For Violating Children’s Privacy - ThreatWire
updated
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ patreon.com/threatwire
0:00 0 - Intro
00:12 1 - Two Final Updates
02:26 2 - 💻📄➡️👾👹
04:24 3 - Scattered Spider Is Scattered No More
05:18 4 - Outro
LINKS
🔗 Story 1: Two Final Updates
blogs.windows.com/windowsexperience/2024/06/07/update-on-the-recall-preview-feature-for-copilot-pcs
wired.com/story/epam-snowflake-ticketmaster-breach-shinyhunters
🔗 Story 2: 💻📄➡️👾👹
techworm.net/2024/06/hackers-discord-emojis-command-linux-malware.html
volexity.com/blog/2024/06/13/disgomoji-malware-used-to-target-indian-government
🔗 Story 3: Scattered Spider Is Scattered No More
krebsonsecurity.com/2024/06/alleged-boss-of-scattered-spider-hacking-group-arrested
darkowl.com/blog-content/threat-actor-spotlight-scattered-spider
panther.com/blog/the-scattered-spider-attack-safeguarding-your-okta-infrastructure
murciatoday.com/video-fbi-take-down-uk-hacker-in-spain-for-stealing-27m-usd-of-bitcoins_1000077536-a.html
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Community → hak5.org/community
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ patreon.com/threatwire
0:00 0 - Intro
00:12 1 - PHP is Vulnerable - Again!
01:21 2 - What is Happening with Snowflake?
05:24 3 - Jakoby
06:19 4 - Recall Update
08:04 5 - Outro
LINKS
🔗 Story 1: PHP is Vulnerable - Again!
https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/
securityweek.com/php-patches-critical-remote-code-execution-vulnerability
🔗 Story 2: What is Happening with Snowflake?
community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access
techcrunch.com/2024/06/07/snowflake-ticketmaster-lendingtree-customer-data-breach
techcrunch.com/2024/05/31/live-nation-confirms-ticketmaster-was-hacked-says-personal-information-stolen-in-data-breach
cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion
bleepingcomputer.com/news/security/shinyhunters-claims-santander-breach-selling-data-for-30m-customers
theverge.com/2024/6/3/24170876/snowflake-ticketmaster-santander-data-breach-details
securityweek.com/snowflake-attacks-mandiant-links-data-breaches-to-infostealer-infections
🔗 Story 3: Jakoby
https://x.com/I_Am_Jakoby/status/1798476894146281650
🔗 Story 4: Recall Update
windowscentral.com/software-apps/windows-11/microsoft-has-lost-trust-with-its-users-windows-recall-is-the-last-straw
github.com/xaitax/TotalRecall
blogs.windows.com/windowsexperience/2024/06/07/update-on-the-recall-preview-feature-for-copilot-pcs
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Community → hak5.org/community
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ patreon.com/threatwire
0:00 0 - Intro
00:11 1 - What is Happening with Ticketmaster
01:19 2 - Security Breakdown Of Microsoft AI
04:21 3 - Bricked Routers Source Discovered
05:53 4 - Outro
LINKS
🔗 Story 1: What is Happening with Ticketmaster
sec.gov/Archives/edgar/data/1335258/000133525824000081/lyv-20240520.htm
itwire.com/business-it-news/security/not-us-snowflake-wrongly-implicated-in-ticketmaster-leak.html
securityweek.com/hackers-boast-ticketmaster-breach-on-relaunched-breachforums
https://x.com/vxunderground/status/1796063116574314642
🔗 Story 2: Security Breakdown Of Microsoft AI
blogs.microsoft.com/blog/2024/05/20/introducing-copilot-pcs
theverge.com/2024/6/3/24170305/microsoft-windows-recall-ai-screenshots-security-privacy-issues
https://cyberplace.social/@GossiTheDog/112531054138802168
doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e
bbc.com/news/articles/cpwwqp6nx14o
🔗 Story 3: Bricked Routers Source Discovered
bleepingcomputer.com/news/security/malware-botnet-bricked-600-000-routers-in-mysterious-2023-attack
blog.lumen.com/the-pumpkin-eclipse
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Community → hak5.org/community
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ patreon.com/threatwire
0:00 Intro
00:10 1 - GitHub Enterprise Authentication Bypass
01:10 2 - Apple’s Accidental Stalkerware
03:55 3 - New DNSBomb Attack
06:16 4 - Outro
LINKS
🔗 Story 1:
docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.15
darkreading.com/vulnerabilities-threats/github-authentication-bypass-opens-enterprise-server-attackers
🔗 Story 2: Apple’s Accidental Stalkerware
theregister.com/2024/05/23/apple_wifi_positioning_system
govinfosecurity.com/surveillance-risk-apples-wifi-based-positioning-system-a-25330
krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag
cybersecuritynews.com/apples-wi-fi-positioning-system
https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf
🔗 Story 3: New DNSBomb Attack
dnsbomb.net
cybersecuritynews.com/new-dos-attack-dnsbomb-exploiting
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Community → hak5.org/community
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Ali’s New Video: youtube.com/watch?v=NIpOeHFYZrM
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ patreon.com/threatwire
00:00 Intro
00:09 Fluent Bit Memory Corruption Catastrophe
01:22 Slack Training AI Using User Data
02:42 Cybersecurity Fear Mongering on Twitter
04:37 Outro
LINKS
🔗 Story 1: Fluent Bit Memory Corruption Catastrophe
tenable.com/blog/linguistic-lumberjack-attacking-cloud-services-via-logging-endpoints-fluent-bit-cve-2024-4323
darkreading.com/cloud-security/critical-bug-dos-rce-data-leaks-in-all-major-cloud-platforms
🔗 Story 2: Slack Training AI Using User Data
https://x.com/QuinnyPig/status/1791220276350390575
slack.com/help/articles/25076892548883-Guide-to-Slack-AI
slack.com/help/articles/28310650165907-Security-for-Slack-AI
slack.com/help/articles/28244420881555-Manage-Slack-AI-settings-for-your-organization
🔗 Story 3: Cybersecurity Fear Mongering on Twitter
https://x.com/alifcoder/status/1792108250248380451
https://x.com/Parul_Gautam7/status/1791836699888079127
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Community → hak5.org/community
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
Want to work with Ali? endingwithalicollabs@gmail.com
[❗] Join the Patreon→ patreon.com/threatwire
0:00 Intro
00:10 1 - NextJS Vulnerabilities Discovered
02:06 2 - New Technique Allows VPN Bypass
04:31 3 - FIDO2 Flaw Exposes MITM Attack
05:51 4 - Signal Vs Telegram
08:24 5 - Outro
LINKS
🔗 Story 1: NextJS Vulnerabilities Discovered
portswigger.net/web-security/request-smuggling/advanced/response-queue-poisoning
github.com/advisories/GHSA-77r5-gw3j-2mpf
github.com/advisories/GHSA-fr5h-rqp8-mj6g
cybersecuritynews.com/next-js-server-compromise
🔗 Story 2: New Technique Allows VPN Bypass
leviathansecurity.com/blog/tunnelvision
cybersecuritynews.com/tunnelvision
🔗 Story 3: FIDO2 Flaw Exposes MITM Attack
silverfort.com/blog/using-mitm-to-bypass-fido2
gbhackers.com/fid02-mitm-vulnerability
🔗 Story 4: Signal Vs Telegram
city-journal.org/article/signals-katherine-maher-problem
ccn.com/news/technology/telegram-vs-signal-elon-musk-claims-vulnerabilities
businessinsider.com/elon-musk-encrypted-messenger-app-wars-telegram-signal-2024-5
twitter.com/elonmusk/status/1787589564917490059
news.ycombinator.com/item?id=40341716
nitter.poast.org/matthew_d_green/status/1789687898863792453
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
hak5.org/omg
https://o.mg.lol
Music by KANGA (kanga.bandcamp.com)
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
[❗] Join the Patreon→ patreon.com/threatwire
0:00 Intro
00:00:08 1 - CISA and FBI Release New Developer Warning
00:01:42 2 - GitLab Vuln is Leading to Account Takeovers
00:03:02 3 - Ministry of Defence Hacked
00:04:08 4 - LockBit Troll
00:05:52 Outro
LINKS
🔗 Story 1: CISA and FBI Release New Developer Warning
cisa.gov/sites/default/files/2024-05/Secure_by_Design_Alert_Eliminating_Directory_Traversal_Vulnerabilities_in_Software_508c%20%283%29.pdf
bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-path-traversal-vulnerabilities
🔗 Story 2: GitLab Vuln is Leading to Account Takeovers
bleepingcomputer.com/news/security/cisa-says-gitlab-account-takeover-bug-is-actively-exploited-in-attacks
cisa.gov/news-events/alerts/2024/01/10/cisa-adds-one-known-exploited-vulnerability-catalog
darkreading.com/application-security/critical-gitlab-bug-exploit-account-takeover-cisa
thehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html
🔗 Story 3: Ministry of Defence Hacked
bbc.com/news/uk-68966497
news.sky.com/story/china-hacked-ministry-of-defence-sky-news-learns-13130757
news.sky.com/story/china-responsible-for-two-cyber-attack-campaigns-in-uk-says-dowden-13101680
🔗 Story 4: LockBit Troll
twitter.com/NCA_UK/status/1787492550342799746
twitter.com/vxunderground/status/1787234502323978385
techcrunch.com/2024/05/06/police-resurrect-lockbits-site-and-troll-the-ransomware-gang
twitter.com/vxunderground/status/1787845917803946131/photo/1
twitter.com/vxunderground/status/1787854092406083800
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
[❗] Join the Patreon→ patreon.com/threatwire
0:00 Intro
00:07 1 - Net Neutrality is BACK
01:12 2 - Ivanti Connect Secure Zero Days Still Hitting Hard
02:32 3 - AntiVirus is A Virus
04:13 4 - UK has outlawed Passwords
05:22. 5 - Outro
LINKS
🔗 Story 1: Net Neutrality is BACK
docs.fcc.gov/public/attachments/DOC-402091A1.pdf
pbs.org/newshour/politics/net-neutrality-reinstated-as-fcc-passes-measure-to-regulate-internet-providers
kvpr.org/npr-news/2024-04-29/net-neutrality-is-back-u-s-promises-fast-safe-and-reliable-internet-for-all
fcc.gov/net-neutrality
🔗 Story 2: Ivanti Connect Secure Zero Days Still Hitting Hard
cybersecuritydive.com/news/ivanti-connect-secure-state-linked-threat/708706
thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html
mitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networks
securityweek.com/mitre-hacked-by-state-sponsored-group-via-ivanti-zero-days
linkedin.com/feed/update/urn:li:activity:7187127053253586944
cyberscoop.com/ivanti-linked-breach-of-cisa-potentially-affected-more-than-100000-individuals
🔗 Story 3: AntiVirus is A Virus
decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining
🔗 Story 4: UK has outlawed Passwords
arstechnica.com/gadgets/2024/04/connected-devices-with-awful-default-passwords-now-illegal-in-uk
etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
[❗] Join the Patreon→ patreon.com/threatwire
0:00 Sophia d’Antoine
0:36 - Potential T-Mobile Directory Leak
2:32 - Palo Alto Networks Firewall Python Backdoor
4:20 - Twitter Hosted the Phishing Olympics
6:14 - PuTTY Project Vulnerable
7:28 - Outro
LINKS
🔗 Story 1: Potential T-Mobile Directory Leak
t-mobile.com/support/plans-features/sim-protection
sciencedaily.com/releases/2016/05/160512085123.htm
https://tmo.report/2024/04/t-mobile-employees-across-the-country-receive-cash-offers-to-illegally-swap-sims/
🔗 Story 2: Palo Alto Networks Firewall Python Backdoor
volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400
unit42.paloaltonetworks.com/cve-2024-3400
security.paloaltonetworks.com/CVE-2024-3400
labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400
twitter.com/HackingLZ/status/1780239802496864474
🔗 Story 3: Twitter Hosted the Phishing Olympics
krebsonsecurity.com/2024/04/twitters-clumsy-pivot-to-x-com-is-a-gift-to-phishers
🔗 Story 4: PuTTY Project Vulnerable
chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html
openwall.com/lists/oss-security/2024/04/15/6
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
-
-
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company and (2️⃣) what your company does.
[❗] Join the book club on Patreon→ patreon.com/threatwire
0:00 Intro
0:08 - New Kind of Phishing Attack
1:01 - Latrodectus
3:24 - Discord DOS
3:53 - Unsupported NAS devices left Vulnerable
6:03 - OUTRO
LINKS
🔗 Story 1: New Kind of Phishing Attack
- lutrasecurity.com/en/articles/kobold-letters
🔗 Story 2: Latrodectus
- darkreading.com/threat-intelligence/new-loader-takes-over-where-qbot-left-off
- darkreading.com/cyber-risk/microsoft-warns-of-malware-delivery-via-google-urls
- proofpoint.com/us/blog/threat-insight/latrodectus-spider-bytes-ice
- thehackernews.com/2024/04/watch-out-for-latrodectus-this-malware.html
🔗 Story 3: Discord DOS
- twitter.com/vxunderground/status/1777199692184498257
🔗 Story 4: Unsupported NAS devices left Vulnerable
- supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383
- github.com/netsecfish/dlink
- computerworld.com/article/1723844/microsoft-sets-post-retirement-patching-record-with-windows-xp-fix-5-years-after-support-ended.html
- neowin.net/news/ten-years-ago-windows-xp-received-its-final-update
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
YouTube: youtube.com/@endingwithali
Everywhere else: https://links.ali.dev
@0xTib3rius
Twitter: twitter.com/0xTib3rius
Twitch: twitch.tv/0xTib3rius
YouTube: youtube.com/Tib3rius
Everywhere else: tib3rius.com
@TracketPacer
Twitter: twitter.com/TracketPacer
YouTube: youtube.com/c/tracketpacer
TikTok: tiktok.com/@tracketpacer
Everywhere else: tracketpacer.com
[❗] Join the book club on Patreon→ patreon.com/threatwire
0:00 Intro
0:11 - Backdoor in XZ-Utils
4:46 - OWASP Oopsies
5:30 - UPDATE: NVD has broken its silence
8:14 - UPDATE: AT&T Finally Admits The L
8:57 - OUTRO
LINKS
🔗 Story 1: Backdoor in XZ-Utils
https://mastodon.social/@AndresFreundTec/112180406142695845
wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils
https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b
mail-archive.com/xz-devel@tukaani.org/msg00566.html
openwall.com/lists/oss-security/2024/03/29/4
boehs.org/node/everything-i-know-about-the-xz-backdoor#fnref2
gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
🔗 Story 2: OWASP Oopsies
twitter.com/owasp/status/1774851614752313460
bleepingcomputer.com/news/security/owasp-discloses-data-breach-caused-by-wiki-misconfiguration
owasp.org/blog/2024/03/29/OWASP-data-breach-notification.html
🔗 Story 3: UPDATE: NVD has broken its silence
first.org/conference/vulncon2024
infosecurity-magazine.com/news/nist-unveils-new-nvd-consortium/?&web_view=true
sos-vo.org/news/nist-unveils-new-consortium-operate-its-national-vulnerability-database
nvd.nist.gov/general/news/nvd-program-transition-announcement
🔗 Story 4: UPDATE: AT&T Finally Admits The L
securityweek.com/att-says-data-on-73-million-customers-leaked-on-dark-web
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 - Intro
0:13 - US Cyber Trust Mark is Now Official
2:24 - Apple’s Unfixable Vulnerability
4:23 - Another Python Supply Chain Attack
5:50 - Outro
LINKS
🔗 Story 1: US Cyber Trust Mark is Now Official
whitehouse.gov/briefing-room/statements-releases/2022/10/11/fact-sheet-biden-harris-administration-delivers-on-strengthening-americas-cybersecurity
docs.fcc.gov/public/attachments/FCC-24-26A1.pdf
jdsupra.com/legalnews/fcc-launches-u-s-cyber-trust-mark-4990595
cyberscoop.com/fcc-cyber-trust-mark
🔗 Story 2: Apple’s Unfixable Vulnerability
Apple Mitigation: developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations
bleepingcomputer.com/news/security/new-gofetch-attack-on-apple-silicon-cpus-can-steal-crypto-keys
arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips
https://gofetch.fail/
cyberkendra.com/2024/03/gofetch-flaw-exposes-cryptographic-key.html
🔗 Story 3: Another Python Supply Chain Attack
checkmarx.com/blog/over-170k-users-affected-by-attack-using-fake-python-infrastructure
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 Intro
0:12 - The NVD is MIA
2:09 - Linux Foundation CVE Reporting Changed
4:16 - Cisco Acquires Splunk
4:20 - It’s Literally Black Market Extortion
6:06 - Is the AT&T Leak Real?
7:02 - OUTRO
LINKS
🔗 Story 1: The NVD is MIA
blog.morphisec.com/national-vulnerability-database-defend-unpatched-vulnerabilities
anchore.com/blog/national-vulnerability-database-opaque-changes-and-unanswered-questions
nvd.nist.gov
hackread.com/nist-nvd-halt-leaves-vulnerabilities-untagged
🔗 Story 2: Linux Foundation CVE Reporting Changed
github.com/torvalds/linux/blob/master/Documentation/process/cve.rst
community.synopsys.com/s/question/0D5Uh000007i8czKAA/black-duck-nvd-and-linux-kernel-cve-process
lwn.net/ml/linux-kernel/2024021314-unwelcome-shrill-690e@gregkh
lwn.net/Articles/961961
openssf.org/blog/2024/02/14/linux-kernel-achieves-cve-numbering-authority-status
This story had help with sourcing by Karl and Lacey! Thank you for the help!
🔗 Story 3: Cisco Acquires Splunk
cisco.com/site/us/en/about/corporate-strategy-office/acquisitions/splunk/index.html
🔗 Story 4: It’s Literally Black Market Extortion
grahamcluley.com/incognito-market-the-not-so-secure-dark-web-drug-marketplace
krebsonsecurity.com/2024/03/incognito-darknet-market-mass-extorts-buyers-sellers
🔗 Story 5: Is the AT&T Leak Real?
scmagazine.com/brief/att-denies-alleged-data-leak-of-over-70m-individuals
bleepingcomputer.com/news/security/att-says-leaked-data-of-70-million-people-is-not-from-its-systems
theregister.com/2024/03/18/att_alleged_data_leak
nextgov.com/cybersecurity/2024/02/fcc-gives-telecom-companies-7-days-alert-authorities-discovered-data-breaches/394074
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 Intro
0:10 - Encryption market is heating up
2:07 - Toddler Aged Malware Found
3:11 - Admitting to human error
4:08 - Outro
LINKS
🔗 Story 1: Encryption market is heating up
bughunters.google.com/blog/5108747984306176/google-s-threat-model-for-post-quantum-cryptography
bleepingcomputer.com/news/security/tuta-mail-adds-new-quantum-resistant-encryption-to-protect-email
bleepingcomputer.com/news/security/signal-adds-quantum-resistant-encryption-to-its-e2ee-messaging-protocol
nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms
csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions
thenextweb.com/news/zama-holy-grail-cryptography-fully-homomorphic-encryption
🔗 Story 2: Toddler Aged Malware Found
research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities
arstechnica.com/security/2024/02/as-if-two-ivanti-vulnerabilities-under-explot-wasnt-bad-enough-now-there-are-3
arstechnica.com/security/2024/03/never-before-seen-linux-malware-gets-installed-using-1-day-exploits
🔗 Story 3: Admitting to human error
blog.knowbe4.com/88-percent-of-data-breaches-are-caused-by-human-error
thecyberexpress.com/cybersecurity-mistakes-knowledge-gaps
kaspersky.com/blog/human-factor-360-report-2023
media.isc2.org/-/media/Project/ISC2/Main/Media/documents/research/ISC2_Cybersecurity_Workforce_Study_2023.pdf?rev=28b46de71ce24e6ab7705f6e3da8637e
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 - Intro
0:11 - LockBit Update
1:23 - White House recommends Rust
2:54 - Apple Quantum Safe
4:03 - Outro
LINKS
🔗 Story 1: LockBit Update
hackread.com/lockbit-ransomware-returns-taunts-fbi-data-leaks
hackread.com/nca-lockbit-gang-source-code-arrest-tool-revealed
justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant
https://therecord.media/lockbit-relaunch-attempt-follwing-takedown
reuters.com/technology/cybersecurity/us-indicts-two-russian-nationals-lockbit-cybercrime-gang-bust-2024-02-20
🔗 Story 2: White House Recommends Rust
youtube.com/watch?v=xVYSvkogoUM&t=2s&ab_channel=TheWhiteHouse
bleepingcomputer.com/news/security/white-house-urges-devs-to-switch-to-memory-safe-programming-languages
whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report
whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf
🔗 Story 3: Apple Quantum Safe
security.apple.com/blog/imessage-pq3
schneier.com/blog/archives/2024/02/apple-announces-post-quantum-encryption-algorithms-for-imessage.html
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 Intro
0:11 - What is happening with LockBit?
0:48 - Linux Kernel Added as CNA
1:02 - I-S00N China file drop
2:12 - Using Audio to Generate Fingerprint Attacks
4:02 - ChatGPT Accounts Linked to APTs Deleted
5:51 - Outro
LINKS
🔗 Story 1: What is happening with LockBit?
inforisktoday.com/lockbit-infrasttructure-seized-by-us-uk-police-a-24395
bleepingcomputer.com/news/security/lockbit-ransomware-disrupted-by-global-police-operation
🔗 Story 2: Linux Kernel Added as CNA
cve.org/Media/News/item/news/2024/02/13/kernel-org-Added-as-CNA
http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna
🔗 Story 3: I-S00N China file drop
threadreaderapp.com/thread/1759326049262019025.html
thecyberexpress.com/chinese-ministry-of-public-security-breach
github.com/I-S00N/I-S00N
🔗 Story 4: Using Audio to Generate Fingerprint Attacks
ndss-symposium.org/wp-content/uploads/2024-618-paper.pdf
tomshardware.com/tech-industry/cyber-security/your-fingerprints-can-be-recreated-from-the-sounds-made-when-you-swipe-on-a-touchscreen-researchers-new-side-channel-attack-can-reproduce-partial-fingerprints-to-enable-attacks
beebom.com/master-print-ai-generated-fingerprint-unlock-smartphone
🔗 Story 5: ChatGPT Accounts Linked to APTs Deleted
bleepingcomputer.com/news/security/openai-blocks-state-sponsored-hackers-from-using-chatgpt
microsoft.com/en-us/security/blog/2024/02/14/staying-ahead-of-threat-actors-in-the-age-of-ai
openai.com/blog/disrupting-malicious-uses-of-ai-by-state-affiliated-threat-actors
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 Intro
0:12 - Is this app speedrunning getting hacked?
2:07 - Can your Toothbrush be used DDOS someone?
2:20 - FCC finalizes data breach regulations for telecom companies
3:11 - DEFCON was actually canceled?
4:50 - OUTRO
LINKS
🔗 Story 1: Is this app speedrunning getting hacked?
techcrunch.com/2022/02/22/stalkerware-network-spilling-data
hackread.com/stalkerware-app-thetruthspy-hacked-data-stolen
https://maia.crimew.gay/posts/fuckstalkerware-4/
techcrunch.com/2024/02/12/new-thetruthspy-stalkerware-victims-is-your-android-device-compromised
🔗 Story 2: Can your Toothbrush be used DDOS someone?
bleepingcomputer.com/news/security/no-3-million-electric-toothbrushes-were-not-used-in-a-ddos-attack
businessinsider.com/girl-tweets-smart-fridge-mom-confiscated-devices-viral-2019-8
🔗 Story 3: FCC finalizes data breach regulations for telecom companies
sec.gov/news/press-release/2023-139
fcc.gov/fcc-seeks-comment-proposed-updates-trs-data-breach-reporting-requirements
insideprivacy.com/technology/the-fcc-expands-scope-of-data-breach-notification-rules
federalregister.gov/documents/2024/02/12/2024-01667/data-breach-reporting-requirements#p-16
🔗 Story 4: DEFCON was actually canceled?
forum.defcon.org/node/248360
forum.defcon.org/node/248358
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails.
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
00:00 Intro
0:12 - SEC Twitter (x) Hacked!
1:52 - IT kind of does their job and gets in trouble
3:16 - China is able to trace your Airdrops
4:09 - Outro
LINKS
🔗 Story 1: SEC Twitter (x) Hacked!
sec.gov/secgov-x-account
bleepingcomputer.com/news/security/sec-confirms-x-account-was-hacked-in-sim-swapping-attack
twitter.com/GulGeeOfficial/status/1744864569712144760
🔗 Story 2: IT kind of does their job and gets in trouble
bleepingcomputer.com/news/security/court-charges-dev-with-hacking-after-cybersecurity-issue-disclosure
https://www.heise.de/news/Warum-ein-Sicherheitsforscher-im-Fall-Modern-Solution-verurteilt-wurde-9601392.html
🔗 Story 3: China is able to trace your Airdrops
https://sfj.beijing.gov.cn/sfj/sfdt/ywdt82/flfw93/436331732/index.html
time.com/6553473/china-cracked-apple-airdrop
🔗 Bonus Story - arstechnica.com/gadgets/2024/01/convicted-murderer-filesystem-creator-writes-of-regrets-to-linux-list
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails.
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 - Intro
0:14 - What is happening with Carta?
2:14 - Cyber Kidnapping?
2:50 - Crypto-hackers are active on Twitter
3:35 - Outro
LINKS
🔗 Story 1: What is going on with Carta?
twitter.com/karrisaarinen/status/1743824345334714587
twitter.com/henrysward/status/1743794996732735679
twitter.com/henrysward/status/1743794996732735679
🔗 Story 2: Cyber Kidnapping?
cybertalk.org/2024/01/08/the-latest-cyber-kidnapping-victim-u-s-exchange-student
newsnationnow.com/cybersecurity/cyber-kidnapping-scam-trend
🔗 Story 3: Crypto-hackers are active on Twitter
bleepingcomputer.com/news/security/netgear-hyundai-latest-x-accounts-hacked-to-push-crypto-drainers
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails.
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
00:00 Intro
0:00 - Intro
0:12 - Insane iPhone Exploit Revealed to the World
1:42 - Zombie Cookies Hijack Google Accounts
2:51 - Outro
LINKS
🔗 Story 1: Insane iPhone Exploit Revealed to the World
arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/2
securelist.com/operation-triangulation-the-last-hardware-mystery/111669
youtube.com/watch?v=7VWNUUldBEE&ab_channel=auth
🔗 Story 2: Zombie Cookies Hijack Google Accounts
cloudsek.com/blog/compromising-google-accounts-malwares-exploiting-undocumented-oauth2-functionality-for-session-hijacking
hackread.com/malware-google-cookie-exploit-via-oauth2
bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accounts
darktrace.com/blog/the-rise-of-the-lumma-info-stealer
youtube.com/watch?v=NzAtZzzFoOs&ab_channel=HudsonRock
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company (2️⃣) what your role title is and (3️⃣) a little summary of what your job entails.
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
00:00 Intro
0 - PSA: SEC Regulations Are Live
1 - GTA Hacker Sentenced
2 - An Update to the MongoDB story
3 - What is happening with AlphV?
4 - Major Vulnerability Found in SSH
5 - Outro
LINKS
🔗Story 1 - PSA: SEC Regulations Are Live
sec.gov/news/press-release/2023-139
cyberscoop.com/sec-cybersecurity-incidents-disclosure-rule
sec.gov/news/statement/gerding-cybersecurity-disclosure-20231214
🔗Story 2 - GTA Hacker Sentenced
bbc.com/news/technology-67663128
insider-gaming.com/gta-6-hacker-vows-to-continue-to-commit-crimes-after-being-released-from-jail
en.wikipedia.org/wiki/Lapsus$
youtube.com/watch?v=v_z2HkVfcEA&ab_channel=Crumb
🔗Story 3 - MongoDB Update
mongodb.com/alerts
🔗Story 4 - What is happening to AlphV
justice.gov/opa/pr/justice-department-disrupts-prolific-alphvblackcat-ransomware-variant
arstechnica.com/security/2023/12/alphv-ransomware-site-is-seized-by-the-fbi-then-its-unseized-and-so-on
🔗Story 5 - Major Vulnerability Found in SSH
arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
terrapin-attack.com
bleepingcomputer.com/news/security/terrapin-attacks-can-downgrade-security-of-openssh-connections
openssh.com/releasenotes.html#9.6p1
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali →
Twitch: twitch.tv/endingwithali
Twitter: twitter.com/endingwithali
Everywhere else: https://links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com → Please include (1️⃣) the size of your company (2️⃣) what your role title and (3️⃣) a little summary of what your job entails.
[❗] ThreatWire Patreon has moved to → patreon.com/threatwire
0:00 - Intro
0:15 - Twitter Bug Bounty Program Flop
2:11 - 16 Year Reverse Engineers the iMessage Protocol
3:46 - Still Developing: MongoDB Breach
4:59 - Ledger Supply Chain Attack and A Research Project
6:00 - Outro
LINKS
🔗Story 1 - Twitter Bug Bounty Program Flop
twitter.com/shoucccc/status/1734802168723734764
twitter.com/shoucccc/status/1734802177263313091
twitter.com/shoucccc/status/1734684850173739412
twitter.com/rabbit_2333/status/1734712416074879162
twitter.com/rabbit_2333/status/1734881873099379189
twitter.com/rabbit_2333/status/1735886436195529048
🔗Story 2 - 16 Year Reverse Engineers the iMessage Protocol
beeper.com
blog.beeper.com/p/introducing-beeper-mini-get-blue
https://jjtech.dev/reverse-engineering/imessage-explained/
github.com/JJTech0130/pypush
theverge.com/2023/12/18/24006037/apple-beeper-doj-investigation-imessage-letter-android
techradar.com/phones/it-took-a-genius-teenager-to-break-imessage-code-but-itll-take-apple-to-wake-up-and-realize-its-time-for-an-android-version-of-imessage
🔗Story 3 - Breaking: MongoDB Data Breach
hackread.com/mongodb-data-breach-hackers-access-customer-info
twitter.com/vxunderground/status/1736134217321370109/photo/1
mongodb.com/alerts
🔗Story 4 - Ledger Supply Chain Attack
securityaffairs.com/156029/hacking/ledger-supply-chain-attack.html
ledger.com/blog/a-letter-from-ledger-chairman-ceo-pascal-gauthier-regarding-ledger-connect-kit-exploit
securityboulevard.com/2023/12/three-lessons-from-the-ledger-connect-kit-supply-chain-attack
techcrunch.com/2023/12/14/supply-chain-attack-targeting-ledger-crypto-wallet-leaves-users-hacked
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Payloads → payloads.hak5.org
____________________________________________
Hak5: Cyber Security Education, Inspiration & Community since 2005.
____________________________________________
Shop → shop.hak5.org
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Payloads → payloads.hak5.org
____________________________________________
Hak5: Cyber Security Education, Inspiration & Community since 2005.
____________________________________________
Shop → hakshop.myshopify.com
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali Twitch → twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to patreon.com/threatwire
0:00 - Intro
0:27 - All your logos are belong to us
2:08 - Just another Wordpress vulnerability
2:55 - Counter-Strike 2 HTML Injection DOS attack?
LINKS
Story 1
binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html
binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html
arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack
cyberscoop.com/logofail-vulnerability-boot-process
scmagazine.com/news/logofail-vulnerabilities-may-affect-95-of-computers-researchers-say
Story 2
bleepingcomputer.com/news/security/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin
wordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugin
cve.org/CVERecord?id=CVE-2023-6553
Story 3
bleepingcomputer.com/news/security/counter-strike-2-html-injection-bug-exposes-players-ip-addresses
hackread.com/gamers-warned-of-cs2-exploit-reveal-ip-address
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali Twitch → twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
0:00 - Intro
0:27 - Windows Fingerprint Sensors are Spoofable
1:41 - Okta oopsie turns into a big mess
2:59 - Citrix Netscaler causing issues across the board
4:00 - Outro
LINKS
blackwinghq.com/blog/posts/a-touch-of-pwn-part-i
arstechnica.com/gadgets/2023/11/researchers-beat-windows-hello-fingerprint-sensors-with-raspberry-pi-and-linux
computerworld.com/article/3244347/what-is-windows-hello-microsofts-biometrics-security-system-explained.html
darkreading.com/application-security/otka-breach-widens-entire-customer-base
sec.okta.com/harfiles
sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause
reuters.com/technology/cybersecurity/okta-says-hackers-stole-data-all-customer-support-users-cyber-breach-2023-11-29
techcrunch.com/2023/11/29/okta-admits-hackers-accessed-data-on-all-customers-during-recent-breach/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAAuidLSeCn9R8nNTjiKKHMgPEcnprYT0tAjYnx4iH7XP2IBiO4Th079erwec0SE5woM5Nl5kCukXt3j0V_GE2q6ty46bv6vUA3h8GcD8mT54hJfZvR1ikotQyAzzjS4bG61jkl8gKAghckJSn-N1tAoo2AJnuHlltxAUFcCGj3I1
malwarebytes.com/blog/news/2023/11/okta-breach-happened-after-employee-logged-into-personal-google-account
assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966
bleepingcomputer.com/news/security/us-health-dept-urges-hospitals-to-patch-critical-citrix-bleed-bug
siliconangle.com/2023/12/04/new-citrix-bleed-ransomware-threat-hits-many-credit-unions
doublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4f
https://therecord.media/hhs-warns-of-citrix-bleed-bug
siliconangle.com/2023/12/04/new-citrix-bleed-ransomware-threat-hits-many-credit-unions
dashboard.shadowserver.org/statistics/combined/time-series/?date_range=7&source=http_vulnerable&source=http_vulnerable6&tag=cve-2023-4966%2B&group_by=geo&style=stacked
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
@endingwithali Twitch → twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
LINKS
forbes.com/sites/daveywinder/2023/11/27/law-enforcement-issues-ios-17-security-warning-over-namedrop-feature/?sh=1c0492ff4182
cybertalk.org/police-departments-issue-ios-17-warning
facebook.com/OCSOMichigan/posts/pfbid02nCJYFLJfpu4GuDtfB2NoH4ZevCVE22WAd4ymoqEhF599Bp4krntoDQocsLCSV2oPl
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali Twitch → twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
LINKS
bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach
bleepingcomputer.com/news/security/sec-now-requires-companies-to-disclose-cyberattacks-in-4-days
en.wikipedia.org/wiki/BlackCat_(cyber_gang)
securityscorecard.com/research/deep-dive-into-alphv-blackcat-ransomware
databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec
gridinsoft.com/blogs/alphv-blackcat-reports-to-sec
schneier.com/blog/archives/2023/11/ransomware-gang-files-sec-complaint.html
hackread.com/google-reptar-vulnerability-intel-processors
cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability
lock.cmpxchg8b.com/reptar.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583
intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
arstechnica.com/gadgets/2023/11/nothings-imessage-app-was-a-security-catastrophe-taken-down-in-24-hours
theverge.com/2023/11/18/23966781/nothing-chats-imessage-unencrypted-sunbird-plaintext
https://texts.blog/2023/11/18/sunbird-security/
sunbirdapp.com
twitter.com/nothing/status/1725902458189119690
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → patreon.com/threatwire
@endingwithali Twitch → twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
LINKS
reuters.com/technology/cybersecurity/icbc-ransomware-attack-triggers-global-regulator-trader-scrutiny-2023-11-10
infosecurity-magazine.com/news/icbc-and-allen-overy-hit-by
time.com/6333716/china-icbc-bank-hack-usb-stick-trading
reuters.com/world/china/chinas-largest-bank-icbc-hit-by-ransomware-software-ft-2023-11-09
bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-data
usa.kaspersky.com/resource-center/threats/lockbit-ransomware
checkmarx.com/blog/python-obfuscation-traps
security.snyk.io/vuln/SNYK-PYTHON-PYOBFGOOD-6052826
csoonline.com/article/654560/why-open-source-software-supply-chain-attacks-have-tripled-in-a-year.html
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
0:00 - Intro
0:38 - Previous Payload Review
3:44 - Upgrades to our Payload
7:10 - Caps lock trigger as a function
9:26 - Obfuscation as a payload option
17:35 - Hiding the payload / only run once
18:52 - DEPLOY THE PAYLOAD
20:51 - Payload Q&A
22:30 - Lock Key Demo
24:37 - Setting up a SMB canary listener
Our Site → hak5.org
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
A new dropper as a service bypasses android security, Okta has another breach, and yes, this is Shannon's last episode. All that coming up now on ThreatWire.
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
LINKS
threatfabric.com/blogs/droppers-bypassing-android-13-restrictions
bleepingcomputer.com/news/security/cybercrime-service-bypasses-android-security-to-install-malware
thehackernews.com/2023/11/securidropper-new-android-dropper-as.html
bleepingcomputer.com/news/security/spynote-android-malware-spreads-via-fake-volcano-eruption-alerts
bleepingcomputer.com/news/security/new-ermac-20-android-malware-steals-accounts-wallets-from-467-apps
bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps
arstechnica.com/security/2023/11/okta-hit-by-another-breach-this-one-stealing-employee-data-from-3rd-party-vendor
documentcloud.org/documents/24110001-okta-individual-notice-general?responsive=1&title=1
apps.web.maine.gov/online/aeviewer/ME/40/08edf96f-d599-4db9-9e1f-52453c0ba058.shtml
bleepingcomputer.com/news/security/okta-hit-by-third-party-data-breach-exposing-employee-information
sec.okta.com/articles/2023/10/tracking-unauthorized-access-oktas-support-system
sec.okta.com/harfiles
#threatwire #hak5
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Potential advances in quantum crypto cracking, the ongoing challenges with Citrix Bleed, and npm packages riddled with malware.
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
LINKS
Researcher Claims to Crack RSA-2048 With Quantum Computer
bankinfosecurity.com/blogs/researcher-claims-to-crack-rsa-2048-quantum-computer-p-3536
researchgate.net/publication/373516233_QC_Algorithms_Faster_Calculation_of_Prime_Numbers
en.wikipedia.org/wiki/Shor%27s_algorithm
Citrix Bleed Mass Exploitation
arstechnica.com/security/2023/10/critical-citrix-bleed-vulnerability-allowing-mfa-bypass-comes-under-mass-exploitation
support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967
https://cyberplace.social/@GossiTheDog/111313594140810442
viz.greynoise.io/query?gnql=tags%3A%22Citrix%20ADC%20Netscaler%20CVE-2023-4966%20Information%20Disclosure%20Attempt%22
dashboard.shadowserver.org/statistics/combined/time-series/?date_range=30&source=http_vulnerable&source=http_vulnerable6&tag=cve-2023-4966%2B&group_by=geo&style=stacked
services.google.com/fh/files/misc/citrix-netscaler-adc-gateway-cve-2023-4966-remediation.pdf
Dozens of npm Packages Caught Attempting to Deploy Reverse Shell
blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell
npmjs.com/~hktalent
github.com/hktalent/rshNpm
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Cisco's recent zero-day exploit takes an obfuscation turn, VMware alerts users of a significant auth bypass flaw, and Citrix grapples with session hijacking attacks that have CISA raising an eyebrow.
[!!] ThreatWire Patreon has moved to patreon.com/threatwire - thanks for your support!
LINKS
Cisco
thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html
twitter.com/VulnCheckAI/status/1716541908489543725
twitter.com/onyphe/status/1715633541264900217
blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-dublin-17121/221128-software-fix-availability-for-cisco-ios.html
cisa.gov/news-events/alerts/2023/10/23/cisa-updates-guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities
VMWare
thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html
vmware.com/security/advisories/VMSA-2023-0021.html
github.com/horizon3ai/CVE-2023-34051
Citrix
thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html
github.com/assetnote/exploits/tree/main/citrix/CVE-2023-4966
support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967
cisa.gov/news-events/alerts/2023/10/19/cisa-adds-two-known-exploited-vulnerabilities-catalog
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
0:00 - Intro
2:03 - Setup
3:17 - Payload Writing
4:22 - Cloning USB devices with ATTACKMODE
5:51 - Passive Windows Detection Extension
9:08 - Activity Detection with DuckyScript 3
12:08 - SMB Canary Keystroke Injection
15:10 - Payload Arming
15:45 - Testing the Payload
17:22 - USB Rubber Ducky Mouse Implant Tips
17:53 - Thank you Hak5 community
18:21 - Review
Our Site → hak5.org
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Products used in this video:
USB Rubber Ducky: shop.hak5.org/products/usb-rubber-ducky
Mouse: amzn.to/3tE9KHD
USB Hub: amzn.to/3S9M48c
Glytch's Soldering Kit Breakdown: youtube.com/watch?v=GI9eWmk54ro
Hak5 Wrap: https://shop.hak5.org/products/hak5-e...
Tweezers: amzn.to/3kvRRUU
Side Cutters: amzn.to/3kxwpyI
Electric Screwdriver: amzn.to/3kAo8ds
Thick Lead Mechanical Pencil: amzn.to/3kEp6Fs
Solder Flux Pen: amzn.to/3ikTLVS
Solder: amzn.to/3xSr1Ko
TS80P Soldering Iron: amzn.to/3ezilRB
As an Amazon Associate, Glytch earns from qualifying purchases through the links above at no extra cost to you.
Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Darren Kitchen → https://darren.kitchen
LINKS
nvd.nist.gov/vuln/detail/CVE-2023-20198
arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control
blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
vulncheck.com/blog/cisco-implants
• Ali → https://links.ali.dev
• Support → patreon.com/threatwire
LINKS:
twitter.com/signalapp/status/1713789257599353084
twitter.com/joernchen/status/1713495612266520884
twitter.com/vxunderground/status/1713824495742447739
bleepingcomputer.com/news/security/signal-says-there-is-no-evidence-rumored-zero-day-bug-is-real
+++
Hak5 -- Cyber Security Education, Inspiration, News & Community. Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
#threatwire #hak5
• Ali → https://ali.dev/ || tiktok.com/@endingwithali || twitter.com/endingwithali || twitch.tv/endingwithali
• Support → patreon.com/threatwire
+++
Hak5 -- Cyber Security Education, Inspiration, News & Community. Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Find all O.MG Devices for sale at hak5.org/omg
Get started with several HIDX StealthLink examples:
github.com/O-MG/O.MG-Firmware/wiki#features
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
23andMe data was found being sold online, Linux was hit with a glibc vulnerability, and Curl schedules a security patch! All that coming up now on ThreatWire.
#threatwire #hak5
ThreatWire by Shannon Morse is a weekly news journalism show covering cybersecurity topics for network admins, information security professionals, and consumers.
Watch this on youtube: youtu.be/HQ2ZwJCkqKc
Chapters:
00:00 23andMe Data Sold Online
02:27 Linux Hit With Glibc Vuln
05:28 Curl To Release Patch
Links:
Resources for stories are available on Patreon exclusively, to protect our channel from being inappropriately flagged as “malicious content”. All links included in my videos are news articles or sources related to each story and are both appropriate for the discussion and legitimate. Access source links at patreon.com/threatwire
Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → hak5.org
Shop → http://hakshop.myshopify.com
Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1
Support → patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.