Monday, December 30, 2019
Wyze... Ain't
Security camera startup Wyze leaked data on millions of customers.
Email addresses, wi-fi network IDs, and body metrics exposed.
Are you still seriously using this crap?
CNET's Data breach hall of shame for 2019
Great progress has been made - it's only up 33% overall.
US Coast Guard says Ryuk ramsomware took out a maritime facility. It was most likely phishing. 30 hours downtime. We won't learn.
The year in security debacles
LINUX
Just in case it skipped your mind, ClamAV works well on Debian/Ubuntu, CLI or GUI.
Do as much research as possible before buying hardware to make sure it's linux-compatible.
Simulate linux commands without blowing anything up. Find out what it's going to do before you do it.
Thursday, December 26, 2019
The Maze of Pensacola
The group behind the Maze ransomware that they stole from the city of Pensacola put out 2G of files to prove they were serious. In other words, the city has thus far refused to pay the ransom. And they don't have backups.
Multiple Chrome vulns exist in SQLite let hackers execute arbitrary code remotely. Don't use Chrome. Ok, don't use Chrome prior to 79.0.3945.79 (divided by pi, minus 13).
How orgs can defend against advanced persistent threats
- disconnect everything from the internet
- buy any antivirus company's advanced persistent threat module
- don't worry about it - they're rare
- the VP needs a new boat - maybe next year
Be careful of Christmas, Hanukkah, Kwaanza and New Years themed malware. The initial version comes via snail mail, with a phrase like Merry Christmas on it. DO NOT OPEN IT. Later versions come in the form of email, with similar phrases on the subject line. Don't open these either. The most virulent, nasty malware is marked by subject lines with emojis on them. Never open these. Jonathan McAfree, from McAfree Antivirus Division (MAD) explains that if you delete them immediately, the authors will get tired and not send anymore of them.
Monday, December 23, 2019
Zombie Cicso Vuln
Friday, December 20, 2019
Vivaldi Plays Beethoven
If your browser is having trouble getting in the front door, just tell the door you're not that browser. Vivaldi changed its user agent string so it can get through blocks.
Oops - Honda exposed 26k North American customers' data.
Are you ready? It was a misconfigured Elasticsearch cluster. Misconfigured as in Wide Open. This wasn't a big deal for Honda, because the exact problem occurred in July.
Honda: Yes, we seem to have a bit of a spill in the.. uh.. American market.
Customers: All of our personal info was open to the planet?
Honda: Yes, terribly sorry.
Customers: But you had the same thing happen earlier this year. Didn't you learn anything?
Honda: Yes, yes we did. We learned from our mistake, enough to repeat it again exactly.
[apologies to Peter Cook and Dudley Moore]
If you need a quick, industry-related laugh, and who doesn't, read this little ditty on Faceyspaces, lawmakers, location tracking, and 'certain security functions.' The sheer creativity, legalese, and attempts to appear innocently-stupid are breathtaking.
"Stupid design decisions made by engineers who had no idea how to create a secure system. And this, in a nutshell, is the problem with the Internet-of-Things."
Bruce Schneier speaks like he's in my head.
Wawa, the convenience store chain around the Philly area (not the guitar pedal), said all 850 stores were affected by PoS malware skimmers. It took from March to December to discover it. Notice was given on their webpage, because everybody goes to Wawa's web page.
Linux environment variable tips and tricks
Wednesday, December 18, 2019
Yes, We Stole it, Yes, We'll Sell it Back to You
Hackers stole data for 15 million people, sold it back to the lab that lost it.
Who says there's nothing new under the sun?
Gee, Mrs Lubner, we're awful sorry our Chrome update made your android data disappear. It's ok, though - the next upgrade will make it visible.
Over 1,000 US schools hit by ransomware in 2019.
Never thought I'd be saying it's worse than I thought....
With all the schools, businesses, and state governments not backing up and falling victim to ransomware, it's a great time to be in ITSec.
7 ways to remember linux commands
Faceyspaces' TOR site down for 2 weeks due to expired TLS cert.
Tuesday, December 17, 2019
Malware for the Moon?
The Air Force is seeking proposals for technologies "for operations far beyond geosynchronous Earth orbit, near the moon's orbit: payloads for providing space domain awareness from the lunar surface, lightweight sensors for space-based space domain awareness, and methodologies for orbit determination and catalog maintenance in cislunar space.
They don't usually leak this kind of information.
So if you have these skills, give them a call.
For those of us who can't understand more than 2 words of the above (me): ask someone to tell you what Space Force is up to.
A New Jersey hospital 'had to' pay a fee after they got hit with ransomware.
Because, you know, backups are soooo hard.
Chinese e-commerce site lightinthebox.com operated in the sharing spirit: it shared 1.3TB of data, including server logs, user data, and more.
Snatch and Zeppelin ransomware recap.
Plundervolt: stealing secrets by 'undervolting'
The city of New Orleans, Louisiana, got themselves some ransomware. The mayor declared a state of emergency. It appears to be the threat actors behind Ryuk. The city is still working to recover data from the attack.
Hmmm..... the city's emergency preparedness campaign is managed by the Office of Homeland Security and Emergency Preparedness. From the way the article is worded, the city and Homeland Security don't think much of backups.
A WhatsApp bug could have let anyone crash WhatsApp of all group members.
I have one word for you: Signal.
The writers of Nginx were interrogated at gunpoint, in their homes, at 7am because a former employer claims it was developed while one of them worked there.
VISA warns that hackers are scraping card details from gas pumps.
LINUX
How to use the uniq command - a unique command.
They don't usually leak this kind of information.
So if you have these skills, give them a call.
For those of us who can't understand more than 2 words of the above (me): ask someone to tell you what Space Force is up to.
A New Jersey hospital 'had to' pay a fee after they got hit with ransomware.
Because, you know, backups are soooo hard.
Chinese e-commerce site lightinthebox.com operated in the sharing spirit: it shared 1.3TB of data, including server logs, user data, and more.
Snatch and Zeppelin ransomware recap.
Plundervolt: stealing secrets by 'undervolting'
The city of New Orleans, Louisiana, got themselves some ransomware. The mayor declared a state of emergency. It appears to be the threat actors behind Ryuk. The city is still working to recover data from the attack.
Hmmm..... the city's emergency preparedness campaign is managed by the Office of Homeland Security and Emergency Preparedness. From the way the article is worded, the city and Homeland Security don't think much of backups.
A WhatsApp bug could have let anyone crash WhatsApp of all group members.
I have one word for you: Signal.
The writers of Nginx were interrogated at gunpoint, in their homes, at 7am because a former employer claims it was developed while one of them worked there.
VISA warns that hackers are scraping card details from gas pumps.
LINUX
How to use the uniq command - a unique command.
Friday, December 13, 2019
Ring - Who's There?
A forum and associated livestream is behind a bunch of Ring camera hacks. These are the indoor cameras, not the doorbells. The cameras started 'talking' to people, making nasty comments, and demanding Bitcoin.
I'm having trouble typing (moreso) because of the laughter.
564 Siemens bugs that could allow hackers to pwn power plants.
Let's not speak only of these bugs... let's also speak of incredibly stupid to non-existent security designs.
If you think it's a good idea to replace your Ubuntu-provided VirtualBox installation with Oracle's, here's how. After the article, you might not want to.
In Ubuntu, you get whatever version is current when Ubuntu is released and you won't get an update til the next version. With Oracle, you'll get the regular updates, with the new features.
Google is now banning some linux browsers from their services.
Because they're 'not secure'.
What this means is that javascript is turned off, like the message I get when I try to access a Google site using Firefox, because I turn javascript off by default. Yay Google - help us some more!
7 ways to remember linux commands
Number 8: use all of them every day
Cigna uses AI to check if patients are taking their medications.
Gee, who has access to this data?
Another great push on the handcart to hell.
Wednesday, December 11, 2019
5G - not for thee
You'll like this: the next generation Snapdragon chip, which will be in everyone's flagship phone next year, requires a 2nd chip for 4+5G. Although the processor is 25% faster, the 2nd chip will suck power, resulting in less battery time. But 5G! Meanwhile, everyone needing 4G got less battery life. Considering the alleged availability of 5G, you should probably avoid new phones in 2020.
Microsoft Teams is now available for linux.
The end of the world is nigh.
Don't forget to patch Windows. The current one is important.
Tuesday, December 10, 2019
Uh-oh - Win 7
Half the NHS runs on Windows 7
Because it was a huge surprise that support ends January 14, 2020.
Speaking of the UK, government laptop losses soar 400%
What are they doing with them - leaving them on top of their cars?
Snatch ransomware reboots Windows in Safe Mode to bypass antivirus
Tricky.
Now let's debate MS products having a Safe Mode.
Trickbot credential stealing malware abuses Google Suite to hide malicious activity. Google Suite is malicious activity.
Over 750,000 applications for US birth certificate copies exposed online
Once again, unsecured buckets. What is the matter with us?
Linux
How to set up Rsyslog server on Ubuntu 18.04 LTS
WireGuard VPN is on its way into linux. It's approved for the new kernel, to arrive early 2020.
Monday, December 9, 2019
Diversity
This is one of those deceptively-titled posts:
Debian developers take to voting over init system diversity.
There are not enough female commands?
The command line is a tool of the patriarchy?
Women don't look good with pocket protectors?
Researchers have discovered a security flaw in macOS, Linux, and several other operating systems that could let attackers hijack a wide range of virtual private network (VPN) connections. The only positive point is that it's hard to exploit. Wait for a patch.
How to install Kali undercover mode on any XFCE distro
Hysterical.
Friday, December 6, 2019
Apple Sleight of Hand
Security Dude Brian Krebs discovered the iPhone 11 sent location data even when the service was disabled. Apple said they didn't see any problems. Now Apple says the chip necessitates constant location checks.
Bulldookey.
A bug in the way unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted traffic hijacked.
Affects "most" Linux distros, along with Android, iOS, macOS, FreeBSD, and OpenBSD.
New Mac malware hides behind a fake crypto trading platform called Union Crypto Trader. Probably North Korean Lazarus group.
VPN is going away - check out Zero Trust
Really good piece on why the user isn't a consideration in software.
Nor is privacy. Surprise - it's Google! Not surprise: don't use Chrome or any browser based on Chrome.
Have a fun weekend. We'll be back Monday, with another slate of specially curated (the ones I came across) stories. Remember: tell your friends about ThermionicMalware. Better yet, tell people you don't like. Reproduction of this blog is prohibited without express written consent of the Backyard Underwriter Liability Lobby of Swingset Hueristics, Investigative Trade (BULLSHIT).
Thursday, December 5, 2019
Microsoft - We're Listening
Microsoft is still planning a cheaper, disc-less next-gen Xbox.
They wanted to assure everyone that it will still include its always-on microphone.
Thousands of cell phone bills exposed by Sprint contractor.
Once again, open buckets. We. Will. Not. Learn.
Severe auth bypass and priv-esc vulns disclosed in OpenBSD
Mozilla is making great progress on their speech to text offering.
We need this so badly....
Two Malicious Python Packages Steal SSH and GPG Keys Exists in the Python Package Index for a Year
Instagram to collect ages in leap for youth safety, alcohol ads
They deny there's anything remotely invasive or creepy about this, and that no one would lie to them anyway.
Must-have portable apps
Very effective when the system won't let you install software.
Major US data center provider hit by ransomware
CyrusOne, a major data center.
Search engine that cryptographically protects your privacy?
Why do privacy-concerned search engines require a cookie to save your preferences? Well, we know why, but irony. Sometimes they give you a custom url that preserves your settings.
Wednesday, December 4, 2019
Hacker Zero
HackerOne breach lets outside hacker read customers' private bug reports.
With a cookie. Cookies are the panacea of life.
In the continuing march to more expensive doom and possibly crippling radiation, here's some more great 5g news. News: it's not going to make pancakes, watch your kids, or even let you use it.
In addition, the EU council is in a bit of a tizzy about 5g.
Firefox 71 released with native MP3 decoding, because patents expired. Other interesting features...including kiosk mode and password manager. Unfortunately the password manager requires a Firefox account. Just a little bit silly.
Are you ready for Nessus Map? It parses .Nessus files and shows output in interactive UI.
A coupla linux network troubleshooting commands (basic)
I've mentioned the Ring doorbell cameras.
So has Amazon: to the police. They gave the police a 'heatmap' of all devices in an area. While the feature was removed, you can be sure that Amazon would never do it again, nor would police expect them to.
The FBI applied for and received a search warrant to Sony on a PlayStation 4's owner. Apparently national security required the FBI to know what games the alleged cocaine seller had and how far he got in them.
Windows - it's not an OS, it's a virus.
A bug in the login system put users at risk of account hijacks.
Apple's i11 sends location data to Apple, even with location off. Apple sees no problem with this.
Tuesday, December 3, 2019
Quiet - Amazon is Listening
Amazon has introduced a way to let doctors record your conversations and attach them to your records. What could possibly go wrong?
I knew EHR was going to bite us in the buttocks, especially after having been in the industry. Now we figured out a way to make records more invasive. And Amazon is to blame. Wait til Google hears of this.
T-Mobil's "nationwide 5G" fails to cover 130 million Americans
Let's be fair: the 5G rollout is all press and very little rolling
Wanna know how Iran's internet blackout went down?
Of course your android phone is fully patched. Unfortunately, there's another vuln being exploited for banking info. You could always not bank with your phone.
This dude swapped his pc with a Raspberry Pi 4 for a week.
Alternatives to the TOP command
Monday, December 2, 2019
Billions and Millions Exposed....
A rather large database storing a rather large amount of business to potential customers sms (spam?) was wide open, courtesy of TrueDialog. Completely unprotected on the web.
Hey (friendly) hackers - Uncle Sam really does love you after all! Give him a ring.
The new version of Kali Linux has an 'undercover mode' to impersonate Windows 10. This is sheer brilliance. Security staff will see a Win 10 machine trying to hack the network, giggle a bit, then ignore it.
The world's first mobile phone detection cameras are in use in Australia, to 'cut fatalities'. Surveillance State at its finest. Australia is a test bed for rights confiscation. Expect it to infect the UK next, then possibly the US.
It's easy to get a .gov domain name.
That's not a problem, is it?
4 million fresh stolen cards tied to breaches at Krystal, Moe's, McAllister's Deli, and Schlotzky's. I'd stop eating there, if I ate there in the first place.
8 best linux desktops and laptops
4 reasons to encrypt your linux partition
Hey (friendly) hackers - Uncle Sam really does love you after all! Give him a ring.
Next Gen Tech - coming in 2020
EaaS
Employees as a Service.
Tired of the current ones?
Are they dumber than a box of rocks?
Want to outsource?
EaaS is your answer. Start using it as a buzzword and expect us in 2020 2q.
The new version of Kali Linux has an 'undercover mode' to impersonate Windows 10. This is sheer brilliance. Security staff will see a Win 10 machine trying to hack the network, giggle a bit, then ignore it.
The world's first mobile phone detection cameras are in use in Australia, to 'cut fatalities'. Surveillance State at its finest. Australia is a test bed for rights confiscation. Expect it to infect the UK next, then possibly the US.
It's easy to get a .gov domain name.
That's not a problem, is it?
4 million fresh stolen cards tied to breaches at Krystal, Moe's, McAllister's Deli, and Schlotzky's. I'd stop eating there, if I ate there in the first place.
8 best linux desktops and laptops
4 reasons to encrypt your linux partition
Subscribe to:
Posts (Atom)