Do you know your OpSec?

Open Source Intelligence OSINT is any information in the public domain that an attacker can dig up about you. Because of that it forms the basis of every Red Team engagement, as threat actor scenarios are created using publicly available information. Bearing that in mind it makes sense to review...

WhatsApp’s Fight With India Has Global Implications

The country’s “traceability” requirement would undermine the privacy of the encrypted messaging app’s users far beyond its borders...

Is 85% of US Critical Infrastructure in Private Hands?

Most US critical infrastructure is run by private corporations. This has major security implications, because its putting a random power company in -- say -- Ohio -- up against the Russian cybercommand, which isnt a fair fight. When this problem is discussed, people regularly quote the statistic...

200K Veterans’ Med Records May Have Been Stolen by Ransomware Gang

UPDATE A database filled with the medical records of nearly 200,000 U.S. military veterans was exposed online by a vendor working for the Veterans Administration, according to an analyst, who also presented evidence the data might have been exfiltrated by ransomware attackers. The VA for it’s par...

Input validation

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs instead of 0s and 1s...

CVE-2021-32471

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs instead of 0s and 1s...

MIME sniffing in browsers and the security implications

Whenever a website in opened in a browser, there are many tasks that are being silently performed in the background. One of those tasks is fetching resources such as images, stylesheets and JavaScript from different domains on the internet and then parsing those resources...

100M More IoT Devices Are Exposed—and They Won’t Be the Last

The Name:Wreck flaws in TCP/IP are the latest in a series of vulnerabilities with global implications...

Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare

Hackers claim to have breached Silicon Valley startup Verkada to gain unauthorized access to live feeds of 150,000 security cameras. They claim, the hack gave them widespread access to surveillance footage within companies such as Tesla and Cloudflare, as well as hospitals, companies,...

Kubernetes: KOPS documentation references domains which were not registered

Summary: While researching the kubernetes documentation, I found that the KOPS project's Route53 configuration references dangling DNS servers. I was able to register 3 / 4 of these domain names. I was also able to verify that some companies have been using this configuration, making them...

Sustainability at Akamai: An Efficient Platform Powered by Energy Aggregation

If I had a dollar for every time I heard "2020 was an unprecedented year", I could fund a clean energy project myself. And while we're tired of hearing it, it's true. Among the pandemic, U.S. presidential election, social justice movements, the finalization of Brexit, and many other new and...

CISOs Prep For COVID-19 Exposure Notification in the Workplace

With the potential of employees going back into the workplace on the horizon, chief information security officers CISOs are mulling applications that utilize exposure notifications in order to track COVID-19’s spread in the office. Steve Moore, chief security strategist with Exabeam, said he is...

CVE-2020-29486

An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom0, thus running...

Design/Logic Flaw

An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom0, thus running...

CVE-2020-29486

CVE-2020-29486 affects Xen up to 4.14.x with oxenstored; an unprivileged client (guest) can modify xenstore node ownership, causing quota exhaustion and potential memory DoS that can crash a specific guest or the host. Systems using oxenstored are vulnerable; builds using C xenstored are not. Pub...

oxenstored: node ownership can be changed by unprivileged clients

ISSUE DESCRIPTION Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. But node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom0, thus running xenstored out of memory IMPACT A...

Why Paying to Delete Stolen Data is Bonkers

Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion...

Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles

The Electronic Frontier Foundation is echoing lawmaker concerns that California is not taking privacy seriously enough, as state legislators mull launching a COVID-19 exposure-notification app based on Apple and Google’s smartphone technology. The U.S. nonprofit, which is aimed at protecting...

CSRF vulnerability in save-server

Impact Versions prior to version v1.05 are affected by a CSRF vulnerability, as there is no CSRF mitigation Tokens etc.. The fix introduced in version v1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF attack woul...

Garmin Pays Up to Evil Corp After Ransomware Attack — Reports

Garmin, the GPS and aviation tech specialist, reportedly negotiated with Evil Corp for an decryption key to unlock its files in the wake of a WastedLocker ransomware attack. The attack, which started on July 23, knocked out Garmin’s fitness-tracker services, customer-support outlets and commercia...