whoknows 331 Posted December 21, 2020 Author Share Posted December 21, 2020 Apple targets car production by 2024 reuters.com/article/us-apple-autos-exclusive/exclusive-apple-targets-car-production-by-2024-and-eyes-next-level-battery-technology-sources-idUSKBN28V2PY Link to post
whoknows 331 Posted December 22, 2020 Author Share Posted December 22, 2020 Hackers believed to have stolen Treasury Department's encryption keys businessinsider.com/hackers-seem-to-have-stolen-treasury-departments-encryption-keys-2020-12 Link to post
whoknows 331 Posted December 23, 2020 Author Share Posted December 23, 2020 DOSBox Pure github.com/schellingb/dosbox-pure youtube.com/watch?v=rHkIz4-SewI Link to post
whoknows 331 Posted December 23, 2020 Author Share Posted December 23, 2020 (edited) The FBI Is Breaking into Encrypted Devices. We’re Suing aclu.org/news/privacy-technology/the-fbi-is-secretly-breaking-into-encrypted-devices-were-suing/ Seznam.cz, the Czech Republic's leading home-grown web search platform, said on Thursday it had claimed 9.072 billion crowns ($417 million) in damages from Google techdirt.com/articles/20201218/07211345910/czech-search-engine-seznam-joins-lets-sue-google-fun-seeks-417-million-damages.shtml Zelda Hit Detection - Behind the Code youtube.com/watch?v=FBk-QkzMeIk List of SolarWinds victims slowly growing bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ bleepingcomputer.com/news/security/solarwinds-victims-revealed-after-cracking-the-sunburst-malware-dga/ Cellebrite has claimed that it can decrypt messages from Signal's bbc.com/news/technology-55412230 signal.org/blog/cellebrite-and-clickbait/ Malware Unpacking Tutorial - How to unpack FlawedAmmyy youtube.com/watch?v=D1-O19AwW8U VPN Safe-Inet has been taken down by Europol europol.europa.eu/newsroom/news/cybercriminals%E2%80%99-favourite-vpn-taken-down-in-global-action Edited December 23, 2020 by whoknows adding shits (see edit history) Link to post
whoknows 331 Posted December 24, 2020 Author Share Posted December 24, 2020 (edited) Citrix confirms ongoing DDoS attack impacting NetScaler ADCs bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/ The Australian government actually set up a Department of Christmas Affairs zdnet.com/article/the-australian-government-actually-set-up-a-department-of-christmas-affairs/ Telegram's Getting Ads gizmodo.com/oh-great-telegrams-getting-ads-1845940099 PC DOS Reimagined pcjs.org/blog/2020/12/22/ Web Authentication Methods Compared testdriven.io/blog/web-authentication-methods/ Edited December 24, 2020 by whoknows (see edit history) Link to post
whoknows 331 Posted December 25, 2020 Author Share Posted December 25, 2020 today powered by white wine @ 2015 ( ITA @tonyweb ) src - otondo.com 2 Link to post
Armour 2 Posted December 25, 2020 Share Posted December 25, 2020 6 hours ago, whoknows said: today powered by white wine @ 2015 ( ITA @tonyweb ) src - otondo.com @tonywebmust be drunk on that wine by now lol! 1 Link to post
whoknows 331 Posted December 27, 2020 Author Share Posted December 27, 2020 Reverse Engineered Google Docs features.jsomers.net/how-i-reverse-engineered-google-docs/ Link to post
whoknows 331 Posted December 27, 2020 Author Share Posted December 27, 2020 Fun with IP address parsing blog.dave.tf/post/ip-addr-parsing/ Link to post
whoknows 331 Posted December 30, 2020 Author Share Posted December 30, 2020 SolarWinds - goal was the cloud data Microsoft also detailed the step by step procedure used by the attackers to gain access to their victims' cloud assets: Using the compromised SolarWinds DLL to activate a backdoor that enables attackers to remotely control and operate on a device Using the backdoor access to steal credentials, escalate privileges, and move laterally to gain the ability to create valid SAML tokens using any of two methods: Stealing the SAML signing certificate (Path 1) Adding to or modifying existing federation trust (Path 2) Using attacker-created SAML tokens to access cloud resources and perform actions leading to the exfiltration of emails and persistence in the cloud bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/ Link to post
whoknows 331 Posted January 7 Author Share Posted January 7 The more we learn, the worse it looks zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/ Link to post
whoknows 331 Posted January 7 Author Share Posted January 7 Gained access to thousands of 'US Department of Justice' email accounts techradar.com/news/solarwinds-hackers-gained-access-to-thousands-of-doj-email-accounts Link to post
whoknows 331 Posted January 7 Author Share Posted January 7 JetBrain's TeamCity May Be Entry Point nytimes.com/2021/01/06/us/politics/russia-cyber-hack.html Link to post
whoknows 331 Posted January 8 Author Share Posted January 8 An Update on SolarWinds blog.jetbrains.com/blog/2021/01/07/an-update-on-solarwinds/ Link to post
deepzero 220 Posted January 12 Share Posted January 12 SUNSPOT: An Implant in the Build Process https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/ 1 Link to post
whoknows 331 Posted January 13 Author Share Posted January 13 Solarwind, Fireeye, Microsoft and Cisco leaks are offered for sale news.ycombinator.com/item?id=25754895 solarleaks.net Link to post
whoknows 331 Posted January 20 Author Share Posted January 20 Malwarebytes Hit by SolarWinds Attackers "They are trying to feed the beast, the more power they have, it gives them more tools and capabilities to attack more companies" threatpost.com/malwarebytes-solarwinds-attackers/163190/ Link to post
whoknows 331 Posted January 22 Author Share Posted January 22 (edited) Microsoft shares how SolarWinds hackers evaded detection bleepingcomputer.com/news/security/microsoft-shares-how-solarwinds-hackers-evaded-detection/ bleepingcomputer.com/news/security/solarwinds-hackers-used-7-zip-code-to-hide-raindrop-cobalt-strike-loader/ Edited January 22 by whoknows (see edit history) Link to post
whoknows 331 Posted January 26 Author Share Posted January 26 After the SolarWinds Hack, We Have No Idea What Cyber Dangers We Face newyorker.com/news/daily-comment/after-the-solarwinds-hack-we-have-no-idea-what-cyber-dangers-we-face Link to post
whoknows 331 Posted February 3 Author Share Posted February 3 SolarWinds patches critical vulnerabilities bleepingcomputer.com/news/security/solarwinds-patches-critical-vulnerabilities-in-the-orion-platform/ Link to post
whoknows 331 Posted February 4 Author Share Posted February 4 Hack Just Keeps Getting More Wild gizmodo.com/the-solarwinds-hack-just-keeps-getting-wilder-1846193313 Link to post
deepzero 220 Posted February 15 Share Posted February 15 https://www.theregister.com/2021/02/15/solarwinds_microsoft_fireeye_analysis/ 1 1 Link to post
Kurapica 716 Posted February 16 Share Posted February 16 It's indeed a sophisticated attack, but all these analyses keep showing up and shouting about how "smart" those guys were won't hide the fact that the security measures at those companies were weak and they had it coming someday. 1 Link to post
kao 2,184 Posted February 16 Share Posted February 16 @Kurapica: It reminds me a quote from the book "Ten Laws for Security": Quote The attacker needs to succeed only once, whereas the defender has to succeed every time. It's a great book, perhaps you should read it someday! Brings a totally different perspective on protecting company assets.. P.S. I'm not looking for an excuse, just reminding how hard the defender's job is... 2 Link to post
Kurapica 716 Posted February 16 Share Posted February 16 @kao : you are working with the defenders so it's understandable I just had that idea when I read several articles on the attack and thought "That could have been stopped easily !" but I'm just a spectator so my opinion is worthless in such topics. Link to post
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now