information security

Privacy

Is the NSA is BUYING Your Internet History?!

This video is from Seytonic. Sources: https://www.documentcloud.org/documents/24376615-signed_wyden_letter_to_dni_re_nsa_purchase_of_domestic_metadata_and_ftc_order_on_data_brokers_with_attachments https://twitter.com/RonWyden/status/1750645396639199470 https://therecord.media/nsa-purchases-american-personal-data-from-brokers-wyden https://www.wired.com/story/pentagon-data-purchases-wyden-letter/ https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/ https://www.sec.gov/Archives/edgar/data/789019/000119312524011295/d708866d8k.htm https://gur.gov.ua/content/znyshchyly-vorozhu-planietu-detali-kiberataky-proty-tsentru-kosmichnoi-hidrometeorolohii-rf.html https://therecord.media/ukrainian-hackers-hit-russian-scientific-center

Read More
Hardware Security

How to Build a Powerful Home SIEM Lab Without Hassle! (Step by Step Guide)

This video is from Gerald Auger, PhD – Simply Cyber. Welcome to your one-stop guide for building a Free valuable Home SIEM Lab quickly and efficiently! This tutorial will help aspiring SOC analysts get practical experience without having the job yet. Get Ahead in Your Cybersecurity Career: Practical experience is key in the cybersecurity field. […]

Read More
Security

Stuxnet Saboteur Revealed.

This video is from Seytonic. Sources: https://www.volkskrant.nl/kijkverder/v/2024/sabotage-in-iran-een-missie-in-duisternis~v989743/ https://www.darkreading.com/cyberattacks-data-breaches/brief-history-of-ics-tailored-attacks https://www.darkreading.com/ics-ot-security/us-israel-dutch-spy-stuxnet-malware-against-iran https://nltimes.nl/2024/01/08/dutch-man-sabotaged-iranian-nuclear-program-without-dutch-governments-knowledge-report https://www.theregister.com/2024/01/05/breachforums_admin_arrested_again/ https://www.bleepingcomputer.com/news/security/breachforums-admin-jailed-again-for-using-a-vpn-unmonitored-pc/ https://therecord.media/breachforums-administrator-arrested-violating-parole https://www.bloomberg.com/news/articles/2024-01-09/china-says-cracked-apple-s-airdrop-to-identify-message-sources?embedded-checkout=true&leadSource=uverify%20wall https://sfj.beijing.gov.cn/sfj/sfdt/ywdt82/flfw93/436331732/index.html https://www.bleepingcomputer.com/news/security/china-claims-it-cracked-apples-airdrop-to-find-numbers-email-addresses/ https://cyberhoot.com/blog/apple-airdrop-vulnerability/ https://privatedrop.github.io/

Read More
Privacy Security

Ads Targeted on What You Say? New Evidence

Seytonic says something out loud that we were all wondering about. Sources: https://www.404media.co/cmg-cox-media-actually-listening-to-phones-smartspeakers-for-ads-marketing/ https://www.404media.co/mindsift-brags-about-using-smart-device-microphone-audio-to-target-ads-on-their-podcast/ https://www.darkreading.com/cyberattacks-data-breaches/pro-israeli-hacktivists-attack-iranian-gas-stations https://therecord.media/iran-cyberattack-gas-stations-israel https://www.hackread.com/iran-gas-stations-disruptions-cyberattack/ https://go.theregister.com/feed/www.theregister.com/2023/12/18/hacktivists_shut_down_irans_petrol/ https://www.bleepingcomputer.com/news/security/ubiquiti-users-report-having-access-to-others-unifi-routers-cameras/ https://arstechnica.com/?p=1991239 https://community.ui.com/questions/Bug-Fix-Cloud-Access-Misconfiguration/fe8d4479-e187-4471-bf95-b2799183ceb7

Read More
Privacy Security

Leaked: The Feds Can See Your Notifications

This video from Seytonic points to a disturbing lea. Sources: https://www.macrumors.com/2023/12/06/apple-governments-surveil-push-notifications/ https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/ https://forums.macrumors.com/threads/apple-confirms-governments-using-push-notifications-to-surveil-users.2412959/ https://www.engadget.com/apple-and-google-are-probably-spying-on-your-push-notifications-154543184.html https://appleinsider.com/articles/23/12/06/senators-paranoia-opens-door-for-apple-to-speak-out-on-government-censorship https://blog.davidlibeau.fr/push-notifications-are-a-privacy-nightmare/

Read More
Security

ICMP Data Exfiltration – USB Rubber Ducky/Exfiltration [PAYLOAD MINUTE]

Hak5 delves into the ICMP Data Exfiltration payload by TW-D for the USB Rubber Ducky, this time on [PAYLOAD MINUTE]

Read More
Security

Hax 4 BIOS, WordPress & Counter-Strike, oh my! – ThreatWire

Hak5 rounds up the latest news in security. LINKS Story 1 https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/ https://cyberscoop.com/logofail-vulnerability-boot-process/ https://www.scmagazine.com/news/logofail-vulnerabilities-may-affect-95-of-computers-researchers-say Story 2 https://www.bleepingcomputer.com/news/security/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin/ https://www.wordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugin/ https://www.cve.org/CVERecord?id=CVE-2023-6553 Story 3 https://www.bleepingcomputer.com/news/security/counter-strike-2-html-injection-bug-exposes-players-ip-addresses/ https://www.hackread.com/gamers-warned-of-cs2-exploit-reveal-ip-address/

Read More