cybersec

Linux Security

XZ Backdoor: Timeline and Overview

This video from Seytonic covers the XZ backdoor scandal. Sources: https://research.swtch.com/xz-timeline https://www.openwall.com/lists/oss-security/2024/03/29/4 https://bsky.app/profile/filippo.abyssdomain.expert/post/3kouaom62oi2b https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/

Read More
Privacy

Is the NSA is BUYING Your Internet History?!

This video is from Seytonic. Sources: https://www.documentcloud.org/documents/24376615-signed_wyden_letter_to_dni_re_nsa_purchase_of_domestic_metadata_and_ftc_order_on_data_brokers_with_attachments https://twitter.com/RonWyden/status/1750645396639199470 https://therecord.media/nsa-purchases-american-personal-data-from-brokers-wyden https://www.wired.com/story/pentagon-data-purchases-wyden-letter/ https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/ https://www.sec.gov/Archives/edgar/data/789019/000119312524011295/d708866d8k.htm https://gur.gov.ua/content/znyshchyly-vorozhu-planietu-detali-kiberataky-proty-tsentru-kosmichnoi-hidrometeorolohii-rf.html https://therecord.media/ukrainian-hackers-hit-russian-scientific-center

Read More
Security

Stuxnet Saboteur Revealed.

This video is from Seytonic. Sources: https://www.volkskrant.nl/kijkverder/v/2024/sabotage-in-iran-een-missie-in-duisternis~v989743/ https://www.darkreading.com/cyberattacks-data-breaches/brief-history-of-ics-tailored-attacks https://www.darkreading.com/ics-ot-security/us-israel-dutch-spy-stuxnet-malware-against-iran https://nltimes.nl/2024/01/08/dutch-man-sabotaged-iranian-nuclear-program-without-dutch-governments-knowledge-report https://www.theregister.com/2024/01/05/breachforums_admin_arrested_again/ https://www.bleepingcomputer.com/news/security/breachforums-admin-jailed-again-for-using-a-vpn-unmonitored-pc/ https://therecord.media/breachforums-administrator-arrested-violating-parole https://www.bloomberg.com/news/articles/2024-01-09/china-says-cracked-apple-s-airdrop-to-identify-message-sources?embedded-checkout=true&leadSource=uverify%20wall https://sfj.beijing.gov.cn/sfj/sfdt/ywdt82/flfw93/436331732/index.html https://www.bleepingcomputer.com/news/security/china-claims-it-cracked-apples-airdrop-to-find-numbers-email-addresses/ https://cyberhoot.com/blog/apple-airdrop-vulnerability/ https://privatedrop.github.io/

Read More
Privacy Security

Ads Targeted on What You Say? New Evidence

Seytonic says something out loud that we were all wondering about. Sources: https://www.404media.co/cmg-cox-media-actually-listening-to-phones-smartspeakers-for-ads-marketing/ https://www.404media.co/mindsift-brags-about-using-smart-device-microphone-audio-to-target-ads-on-their-podcast/ https://www.darkreading.com/cyberattacks-data-breaches/pro-israeli-hacktivists-attack-iranian-gas-stations https://therecord.media/iran-cyberattack-gas-stations-israel https://www.hackread.com/iran-gas-stations-disruptions-cyberattack/ https://go.theregister.com/feed/www.theregister.com/2023/12/18/hacktivists_shut_down_irans_petrol/ https://www.bleepingcomputer.com/news/security/ubiquiti-users-report-having-access-to-others-unifi-routers-cameras/ https://arstechnica.com/?p=1991239 https://community.ui.com/questions/Bug-Fix-Cloud-Access-Misconfiguration/fe8d4479-e187-4471-bf95-b2799183ceb7

Read More
Privacy Security

Leaked: The Feds Can See Your Notifications

This video from Seytonic points to a disturbing lea. Sources: https://www.macrumors.com/2023/12/06/apple-governments-surveil-push-notifications/ https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/ https://forums.macrumors.com/threads/apple-confirms-governments-using-push-notifications-to-surveil-users.2412959/ https://www.engadget.com/apple-and-google-are-probably-spying-on-your-push-notifications-154543184.html https://appleinsider.com/articles/23/12/06/senators-paranoia-opens-door-for-apple-to-speak-out-on-government-censorship https://blog.davidlibeau.fr/push-notifications-are-a-privacy-nightmare/

Read More
Security

iMessage for Android: A Security Risk You Should Know About

This video from Seytonic highlights the latest happenings in security. Sources: https://9to5google.com/2023/11/18/nothing-chats-sunbird-unencrypted-data-privacy-nightmare/ https://arstechnica.com/gadgets/2023/11/nothings-imessage-app-was-a-security-catastrophe- taken-down-in-24-hours/?comments=1&comments-page=1 https://arstechnica.com/gadgets/2023/11/nothing-phone-says-it-will-hack-into-imessage-bring- blue-bubbles-to-android/ https://texts.blog/2023/11/18/sunbird-security/ https://nothing.tech/pages/nothing-chats https://go.theregister.com/feed/www.theregister.com/2023/11/22/nuclear_lab_hacked/ https://therecord.media/agencies-investigating-breach-at-nuclear-lab https://www.darkreading.com/ics-ot/idaho-national-nuclear-lab-targeted-in-major-data-breach https://www.bleepingcomputer.com/news/security/hacktivists-breach-us-nuclear-research-lab-steal-employee-data/ https://www.eastidahonews.com/2023/11/idaho-national-laboratory-experiences-massive-data-breach-employee-information-leaked-online/ https://therecord.media/fcc-new-rules-stop-sim-swapping https://news.ycombinator.com/item?id=38331480 https://docs.fcc.gov/public/attachments/DOC-398483A1.pdf https://arstechnica.com/security/2023/11/the-fcc-says-new-rules-will-curb-sim-swapping-im-pessimistic/ https://docs.fcc.gov/public/attachments/DOC-398483A3.pdf https://therecord.media/sim-swapping-lapsus-cyber-safety-review-board-report

Read More
Apple Security

All Apple Products are Vulnerable to New Password Stealing Hack

This video is from Seytonic. Sources: https://arstechnica.com/?p=1978389 https://ileakage.com/ https://www.bleepingcomputer.com/news/security/new-ileakage-attack-steals-emails-passwords-from-apple-safari/ https://therecord.media/doj-seizure-web-domains-north-korean-tech-worker-scheme https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation https://www.darkreading.com/careers-and-people/freelance-market-flooded-with-north-korean-it-actors https://www.ic3.gov/Media/Y2023/PSA231018 https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation https://techcrunch.com/2023/09/05/flipper-zero-hacking-iphone-flood-popups/ https://techryptic.github.io/2023/09/01/Annoying-Apple-Fans/ https://www.bleepingcomputer.com/news/security/flipper-zero-can-be-used-to-launch-ios-bluetooth-spam-attacks/ https://www.instagram.com/p/Cyf5y2EtA_V/ https://www.youtube.com/watch?v=NBYiroTOOWg&ab_channel=TAKEAPART lockup spam demo https://www.youtube.com/watch?v=u5FKyRRaRjQ&t=386s&ab_channel=TalkingSasquach https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/ https://arstechnica.com/?p=1977141 https://www.bleepingcomputer.com/news/security/fake-keepass-site-uses-google-ads-and-punycode-to-push-malware/ https://www.malwarebytes.com/blog/threat-intelligence/2023/10/clever-malvertising-attack-uses-punycode-to-look-like-legitimate-website

Read More