Security and Windows TCO Leftovers
-
LinuxConfig ☛ Ubuntu 24.04 Firewall: A Quick Guide
-
Diffoscope ☛ Reproducible Builds (diffoscope): diffoscope 255 released
The diffoscope maintainers are pleased to announce the release of diffoscope version
255. -
Trail of Bits ☛ Enhancing trust for SGX enclaves [Ed: Well, it is not about trust; it's about mistrust]
Creating reproducible builds for SGX enclaves used in privacy-oriented deployments is a difficult task that lacks a convenient and robust solution.
-
Security Week ☛ Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware
The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan.
-
New York Times ☛ 23andMe Breach Targeted Jewish and Chinese Customers, Lawsuit Says
The class-action suit said the genetic testing company failed to notify customers whose personal information was compiled into “curated” lists that were sold on the dark web.
-
Security Week ☛ Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive
Participants have earned more than $1.3 million for hacking Teslas, EV chargers and infotainment systems at Pwn2Own Automotive.
-
Security Week ☛ Nozomi Unveils Wireless Security Sensor for OT, IoT Environments
Nozomi Networks extends its offering with Guardian Air, a security sensor designed to help organizations detect wireless threats in OT and IoT.
-
Security Week ☛ Critical Jenkins Vulnerability Leads to Remote Code Execution
A critical vulnerability in Jenkins’ built-in CLI allows remote attackers to obtain cryptographic keys and execute arbitrary code.
-
Security Week ☛ Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations
CISA informs organizations that Westermo Lynx switches are affected by eight vulnerabilities and some devices are reportedly exposed to the internet.
-
Federal News Network ☛ Protecting the supply chain and national security
Given the significant implications for our supply chain and national security, policymakers need to decide on an approach and act.
-
Security Week ☛ In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting
Noteworthy stories that might have slipped under the radar: guidance on secure use of AI, HHS grant money stolen by hackers, CISA director target of swatting.
-
Windows TCO
-
SANS ☛ A Batch File With Multiple Payloads, (Fri, Jan 26th)
Windows batch files (.bat) are often seen by people as very simple but they can be pretty complex or.. contain interesting encoded payloads! I found one that contains multiple payloads decoded and used by a Powershell process. The magic is behind how comments can be added to such files.
-
Ars Technica ☛ In major gaffe, hacked Microsoft test account was assigned admin privileges
The hackers who recently broke into Microsoft’s network and monitored top executives’ email for two months did so by gaining access to an aging test account with administrative privileges, a major gaffe on the company's part, a researcher said.
The new detail was provided in vaguely worded language included in a post Microsoft published on Thursday. It expanded on a disclosure Microsoft published late last Friday. Russia-state hackers, Microsoft said, used a technique known as password spraying to exploit a weak credential for logging into a “legacy non-production test tenant account” that wasn’t protected by multifactor authentication. From there, they somehow acquired the ability to access email accounts that belonged to senior executives and employees working in security and legal teams.
-