Category: Cyber

it might be the biggest “cyber” story of the year 2024 already: buy this guy MANY MANY COFFEES! he spotted the problem via know how but also luck 😀 it was a VERY VERY LONG and WILD COMPLEX and HIGHLY […]

keyring is a file that stores all sorts of (for example wifi) passwords encrypted Gnome2 based MATE per default creates keyring here: ~/.local/share/keyrings/login.keyring so if the keyring password is lost, only a new keyring can be created. rm -rf ~/.local/share/keyrings/login.keyring […]

Hetzner is already doing it with very energy efficient Ampere ARM servers delivering world-class-cost-and-energy-saving-virtual-servers. (Gigabyte has them as well UNTESTED!) #SuperCharge #IT processes with #OpenSource + #GNU #Linux (call it #GNU #Linux and give the dude that wrote gcc some […]

“execute built-in macros without warning” https://nvd.nist.gov/vuln/detail/CVE-2023-6186 why copy bad concepts aka mistakes? why repeat mistakes? NO MACRO LANG JAVASCRIPT BS SHALL BE EMBEDDABLE IN ANY FORMAT, NOT IN WORD.DOC NOT IN WRITER.ODT NOT FILE.PDF! UNLESS U ACTUALLY GET PAID BY […]

ssh can be regarded as “critical core infrastructure” time spend on it’s security is time well spend time + money well invested: https://www.openssh.com https://github.com/openssh current manpage: ssh.man.txt WARNING: this howto guide IS MOST LIKELY INCOMPLETE! WARNING! WHEN RUNNING THE SCRIPT: […]

this might be the ULTIMATE motivation to make companies (!) (finally?) migrate to GNU Linux? No? ‘The company also plans to publish further findings on the activities in Microsoft’s network in the future. Why the company does not manage to […]

per default Debian (unfortunately) does not log ssh logins (why? afraid of harddisk overflows?) every user and admin wants to see “who and what is going on” the system usefull also for debugging purposes: what if a ssh client is […]

ssh next to https (TLS/SSL) is probably THE most essential building block of secure (unhacked) open source networked computing. CVE-2023-48795  is a (wo)man-in-the-middle-attack, so an attacker would have to sit on the same network (LAN) or somewhere between ssh client […]

vendors & users can do: keep firmware and apps as up to date as possible this requires that vendors also publish patches for critical security problems for old devices (!!! AVM Fritz does it, Samsung & Apple can too!) install […]

https://source.android.com/docs/security/bulletin/2023-12-01?hl=en <- unfortunately does not export an RSS feed so a user needs to write a converter-aggregator https://www.heise.de/news/Patchday-Android-Android-11-12-13-und-14-fuer-Schadcode-Attacken-anfaellig-9548839.html as seen in https://www.heise.de/security/rss/alert-news-atom.xml for the news junkies – how to read news in the 21st century (APPs & RSS FEEDS) – […]

https://www.youtube.com/watch?v=UheOilps2zQ “know in some countries they believe Telegram is safe. I will show you how safe it is,” he said, before showing a screen in which he appeared to scroll through the Telegram contacts of one Kenyan strategist https://www.theguardian.com/world/2023/feb/15/revealed-disinformation-team-jorge-claim-meddling-elections-tal-hanan SS7 […]

a well faked Mail Attachment.pdf.zip was opened by a team member, infecting a (Windows 10?) PC in the background browser login tokens in the form of cookies & browser passwords were exfiltrated mail attachments are STILL the #No1 threat in […]

(knowing that manually auto-translating Russian CyberSec news to English, is not a feasable concept and need to be automated, but as this blog is non-profit, it is for curiosity.) Booking.com found an authentication vulnerability that allows account hijacking A vulnerability […]

JavaScript screwed up …. AGAIN! (another example for “why is it NOT cool for executable script languages to be allowed to embedd into PDF or any other file format”) used to steal BILLIONS of NF… ucking Ts: https://research.checkpoint.com/2022/how-hackers-make-nfts-disappear/ really should […]

“The biggest network security threat today is a remote code execution exploit for Intel’s Management Engine.” “Every computer with an Intel chipset produced in the last decade would be vulnerable to this exploit, and RCE would give an attacker full […]

Open Source is about enabling users “Amazon, Microsoft, Google” and the White House, want to help make Open Source more secure… https://www.golem.de/news/openssf-150-millionen-us-dollar-sollen-open-source-absichern-2205-165382.html https://www.golem.de/news/openssf-linux-foundation-will-security-praxis-vereinheitlichen-2008-150036.html src of src: “White House OSS Mobilization Plan” 2022: https://openssf.org/blog/2022/05/11/testimony-to-the-us-house-committee-on-science-and-technology/ 2020: “The OpenSSF is a cross-industry collaboration […]

cyber is on heightened alarm levels … ya’ll know why. timeline of a successful attack on the most basic tools like: exiftool cve-2021-22204 (failed to properly validate parsed input) This was reported by a security researcher on April 7, 2021, […]

https://cve.circl.lu/cve/CVE-2019-19781 https://www.healthcare-computing.de/bsi-warnt-vor-schwachstelle-bei-vpn-produkten-von-citrix-a-964940/ https://www.cnblogs.com/lsgxeva/p/12116150.html hits healthcare hospital in Germany, causing death of (at least) 1 person https://www.businessinsider.de/politik/deutschland/hacker-legen-uniklinik-duesseldorf-lahm-staatsanwaltschaft-ermittelt-wegen-todesfall-einer-patientin/

“The Duri malware, for example, uses the Javascript blob technique. The attacks are triggered by visiting a website with the malicious code.” (this could be a well known, sincere, but hacked website) “By downloading, the malware can install itself on […]

0) for security: keep all internet connected devices as up to date as possible! “Freifunk updates its router firmware and closes a critical security vulnerability that could allow attackers to install their own firmware on the devices” (src: heise.de) Also […]

criminals abusing tor for malicous behavior should be blocked, right? “50% of the attacks are leveraging the Tor anonymity service to mask their true origins” https://thehackernews.com/2021/12/new-local-attack-vector-expands-attack.html this could destroy the “honest” part of the network that truly exists, because it […]

update: 2022: ah oh: Pine community in Pain? https://blog.brixit.nl/why-i-left-pine64/ “In February 2021, PINE64 announced the end of the community editions. At this moment, PINE64’s focus shifted from supporting a diverse ecosystem of distributions and software projects around the PinePhone to […]