Forwarded from Pegasus NSO & other spyware
How a cloud flaw gave Chinese spies a key to Microsoft’s kingdom
#Storm0558 #China #Infosec
#espionage
For most IT professionals, the move to the cloud has been a godsend. Instead of protecting your data yourself, let the security experts at Google or Microsoft protect it instead. But when a single stolen key can let hackers access cloud data from dozens of organizations, that trade-off starts to sound far more risky.
Late Tuesday evening, Microsoft revealed that a China-based hacker group, dubbed Storm-0558, had done exactly that. The group, which is focused on espionage against Western European governments, had accessed the cloud-based Outlook email systems of 25 organizations, including multiple government agencies.
This latest attack uses a unique trick: Microsoft says hackers stole a cryptographic key that let them generate their own authentication “tokens”—strings of information meant to prove a user’s identity—giving them free rein across dozens of Microsoft customer accounts.#Storm0558 #China #Infosec
#espionage
Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability - SecurityWeek
Several instances of the Reddit alternative Lemmy were hacked in recent days by attackers who had apparently exploited a zero-day vulnerability.
Lemmy is an open source software designed for running self-hosted news aggregation and discussion forums. Each Lemmy instance is run by a different individual or organization, but they are interconnected, allowing users from one instance to interact with posts on other servers. Currently there are more than 1,100 instances with a total of nearly 850,000 users.
A few days ago, someone started exploiting a cross-site scripting (XSS) vulnerability related to the rendering of custom emojis.
The attacker leveraged the vulnerability to deface pages on some popular instances, including Lemmy.world, the most popular instance, which has over 100,000 users.
#Lemmy #RedditAlternative #ZeroDay #Infosec
Several instances of the Reddit alternative Lemmy were hacked in recent days by attackers who had apparently exploited a zero-day vulnerability.
Lemmy is an open source software designed for running self-hosted news aggregation and discussion forums. Each Lemmy instance is run by a different individual or organization, but they are interconnected, allowing users from one instance to interact with posts on other servers. Currently there are more than 1,100 instances with a total of nearly 850,000 users.
A few days ago, someone started exploiting a cross-site scripting (XSS) vulnerability related to the rendering of custom emojis.
The attacker leveraged the vulnerability to deface pages on some popular instances, including Lemmy.world, the most popular instance, which has over 100,000 users.
#Lemmy #RedditAlternative #ZeroDay #Infosec
Android Pentesting Methodology | Redfox Security – Part 1
Android Pentesting Methodology Part 2
#MobileSecurity #AndroidSecurity #Infosec
In this blog, we’ll discuss Android architecture and the different layers of Android architecture. This blog is part 1 of the “Android Pentesting Methodology” series and forms a basis for our upcoming blog.
Before we get into the nitty-gritty of the Android Pentesting Methodology, it’s crucial to understand the inner workings of the Android platform.
Android Pentesting Methodology Part 2
We briefly discussed the Android architecture in part 1 of the "Android Pentesting Methodology" series. In part 2 of the same series, we will explore what APKs are, start reversing Android applications and discuss popular debugging tools.#MobileSecurity #AndroidSecurity #Infosec
BleepingComputer@infosec.exchange -
A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.
#AI #Infosec
A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.
#AI #Infosec
BleepingComputer
New acoustic attack steals data from keystrokes with 95% accuracy
A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.
0xor0ne (@0xor0ne): "Nice short reading for anyone interested in starting with embedded/IoT devices analysis and reversing.
https://whiterose-infosec.super.site/mjsxj09cm-recovering-firmware-and-backdooring
#embedded #infosec
https://whiterose-infosec.super.site/mjsxj09cm-recovering-firmware-and-backdooring
#embedded #infosec
0xor0ne (@0xor0ne): "List with more than 300 links to blog posts, write-ups and papers related to cybersecurity, reverse engineering and exploitation (continuously updated) https://github.com/0xor0ne/awesome-list/blob/main/topics/cybersec.md?ref=0xor0ne.xyz #cybersecurity #infosec" | nitter –
Forwarded from Pegasus NSO & other spyware
Bypassing the “run-as” debuggability check on Android via newline injection | Meta Red Team X –
#Infosec #Vulnerabilities #CVE #Android #ADB
An attacker with ADB access to an Android device can trick the “run-as” tool into believing any app is debuggable. By doing so, they can read and write private data and invoke system APIs as if they were most apps on the system—including many privileged apps, but not ones that run as the system user. Furthermore, they can achieve persistent code execution as Google Mobile Services (GMS) or as apps that use its SDKs by altering executable code that GMS caches in its data directory.
Google assigned the issue CVE-2024-0044 and fixed it in the March 2024 Android Security Bulletin, which becomes public today. Most device manufacturers received an advance copy of the Bulletin a month ago and have already prepared updates that include its fixes.#Infosec #Vulnerabilities #CVE #Android #ADB
Forwarded from Pegasus NSO & other spyware
Attacking Android
"
#Android #Infosec #Vulnerabilities
"
In this comprehensive guide, we delve into the world of Android security from an offensive perspective, shedding light on the various techniques and methodologies used by attackers to compromise Android devices and infiltrate their sensitive data. From exploiting common coding flaws to leveraging sophisticated social engineering tactics, we explore the full spectrum of attack surfaces present in Android environments."#Android #Infosec #Vulnerabilities
Unpatchable vulnerability in Apple chip leaks secret encryption keys | Ars Technica –
A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday
#Apple #Vulnerability #Infosec
A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday
#Apple #Vulnerability #Infosec
Ars Technica
Unpatchable vulnerability in Apple chip leaks secret encryption keys
Fixing newly discovered side channel will likely take a major toll on performance.
Free Android VPN Security Flaws: 100 Apps Tested
I tested the 100 most popular free VPNs in the Google Play store and found significant security and privacy flaws affecting Android apps that have been installed over 2.5 billion times worldwide.
#Android #VPN #Infosec
I tested the 100 most popular free VPNs in the Google Play store and found significant security and privacy flaws affecting Android apps that have been installed over 2.5 billion times worldwide.
#Android #VPN #Infosec