hacks

Linux Security

XZ Backdoor: Timeline and Overview

This video from Seytonic covers the XZ backdoor scandal. Sources: https://research.swtch.com/xz-timeline https://www.openwall.com/lists/oss-security/2024/03/29/4 https://bsky.app/profile/filippo.abyssdomain.expert/post/3kouaom62oi2b https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/

Read More
Apple Security

All Apple Products are Vulnerable to New Password Stealing Hack

This video is from Seytonic. Sources: https://arstechnica.com/?p=1978389 https://ileakage.com/ https://www.bleepingcomputer.com/news/security/new-ileakage-attack-steals-emails-passwords-from-apple-safari/ https://therecord.media/doj-seizure-web-domains-north-korean-tech-worker-scheme https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation https://www.darkreading.com/careers-and-people/freelance-market-flooded-with-north-korean-it-actors https://www.ic3.gov/Media/Y2023/PSA231018 https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation https://techcrunch.com/2023/09/05/flipper-zero-hacking-iphone-flood-popups/ https://techryptic.github.io/2023/09/01/Annoying-Apple-Fans/ https://www.bleepingcomputer.com/news/security/flipper-zero-can-be-used-to-launch-ios-bluetooth-spam-attacks/ https://www.instagram.com/p/Cyf5y2EtA_V/ https://www.youtube.com/watch?v=NBYiroTOOWg&ab_channel=TAKEAPART lockup spam demo https://www.youtube.com/watch?v=u5FKyRRaRjQ&t=386s&ab_channel=TalkingSasquach https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/ https://arstechnica.com/?p=1977141 https://www.bleepingcomputer.com/news/security/fake-keepass-site-uses-google-ads-and-punycode-to-push-malware/ https://www.malwarebytes.com/blog/threat-intelligence/2023/10/clever-malvertising-attack-uses-punycode-to-look-like-legitimate-website

Read More
Current Events Security

Hacktivists Target Israel… What’s Happened So Far?

This video is from Seytonic. Sources: https://go.theregister.com/feed/www.theregister.com/2023/10/09/hacktivism_middle_east/ https://www.wired.com/story/israel-hamas-war-hacktivism/ https://www.wired.com/story/israel-hamas-war-surveillance/ https://www.wired.com/story/x-israel-hamas-war-disinformation/ https://www.darkreading.com/dr-global/hacktivists-enter-fray-following-hamas-strikes-against-israel https://www.darkreading.com/dr-global/hackers-for-hire-hit-both-sides-in-israel-hamas-conflict

Read More
Security

Twitter Hacker Faces 77 Years in Prison

This video from Seytonic covers the latest in security news. Sources: https://www.hackread.com/british-hacker-guilty-hacking-schemes/ https://www.bleepingcomputer.com/news/security/hacker-plugwalkjoe-pleads-guilty-to-2020-twitter-breach/ https://thehackernews.com/2023/05/mastermind-behind-twitter-2020-hack.html https://www.darkreading.com/attacks-breaches/twitter-hacker-cops-to-cybercrimes-extradited-to-us-for-trial- https://go.theregister.com/feed/www.theregister.com/2023/05/10/guilty_plea_twitter_o_connor_case/ https://therecord.media/twitter-hack-guilty-plea-sim-swapping-cyberstalking https://www.justice.gov/opa/pr/uk-citizen-extradited-and-pleads-guilty-cyber-crime-offenses https://www.justice.gov/opa/pr/man-arrested-connection-alleged-role-twitter-hack https://www.nytimes.com/2020/07/17/technology/twitter-hackers-interview.html?action=click&module=Top https://www.justice.gov/usao-ndca/press-release/file/1413571/download https://krebsonsecurity.com/2021/07/plugwalkjoe-does-the-perp-walk/ https://arstechnica.com/tech-policy/2021/03/i-was-a-teenage-twitter-hacker-graham-ivan-clark-gets-3-year-sentence/

Read More
Apple Security

How Spyware is Exploiting Calendar Apps to Hack iPhones

This video from Seytonic explores a massive hole in iPhone security. Sources: https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/ https://www.hackread.com/quadream-israeli-cyber-mercenary-iphone-hacks/ https://www.microsoft.com/en-us/security/blog/2023/04/11/dev-0196-quadreams-kingspawn-malware-used-to-target-civil-society-in-europe-north-america-the-middle-east-and-southeast-asia/ https://www.bleepingcomputer.com/news/security/iphones-hacked-via-invisible-calendar-invites-to-drop-quadream-spyware/ https://securityaffairs.com/144723/malware/quadream-spyware.html https://www.darkreading.com/vulnerabilities-threats/microsoft-nso-group-like-quadream-actor-selling-mobile-spyware-governments https://thehackernews.com/2023/04/israel-based-spyware-firm-quadream.html https://therecord.media/israeli-spyware-company-quadream-surveilling-journalists https://www.cyberkendra.com/2023/04/quadream-spyware-used-to-target.html https://www.calcalistech.com/ctechnews/article/hy78kiym2

Read More
Security

Reverse Engineering a Virus Downloaded from Discord – A Cautionary Tale

This video is from Low Level Learning. A hacker put malware on a Discord server that I hang out on, so naturally I downloaded it to see what it did. Instead of just running the software, I tried to reverse engineer it to get a peek underneath the hood at the assembly and see what […]

Read More