United States: A Warning from the NSA, CISA and NIST on Post-Quantum Cryptography.
https://medium.com/asecuritysite-when-bob-met-alice/a-warning-from-the-nsa-cisa-and-nist-on-post-quantum-cryptography-fc406a5ade71
https://medium.com/asecuritysite-when-bob-met-alice/a-warning-from-the-nsa-cisa-and-nist-on-post-quantum-cryptography-fc406a5ade71
Medium
All Change in Cybersecurity!
A Warning from the NSA, CISA and NIST on Post-Quantum Cryptography
MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file.
https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html
https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html
JPCERT/CC Eyes
MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file – - JPCERT/CC Eyes
JPCERT/CC has confirmed that a new technique was used in an attack that occurred in July, which bypasses detection by embedding a malicious Word file into a PDF file. This blog article calls the technique “MalDoc in PDF” hereafter and...
🚨 BLASTPASS NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild.
● Update your Apple devices.
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
● Update your Apple devices.
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
The Citizen Lab
BLASTPASS
Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We…
Active North Korean campaign targeting security researchers.
https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/
https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/
Google
Active North Korean campaign targeting security researchers
Threat Analysis Group shares findings on a new campaign by North Korean actors targeting security researchers.
United States: Cyber-Terrorism; Washington DC-based group targeted in apparent Pegasus hack by NSO Group (an Israeli state sponsored cyber-terrorist organization).
Citizen Lab discovers alleged attack using ‘zero-click exploit’ on individual employed by DC organization.
https://www.theguardian.com/us-news/2023/sep/08/pegasus-hack-washington-dc-group-nso
Citizen Lab discovers alleged attack using ‘zero-click exploit’ on individual employed by DC organization.
https://www.theguardian.com/us-news/2023/sep/08/pegasus-hack-washington-dc-group-nso
the Guardian
Washington DC-based group targeted in apparent Pegasus hack
Citizen Lab discovers alleged attack using ‘zero-click exploit’ on individual employed by DC organization
In a first, spyware is found on phone of prominent Russian journalist.
● This is highly likely that Russia deployed the same Zero-Day vulnerability in the (almost) publicly available mobile application hosting a false flag Cyber-Attack on the victim.
https://www.washingtonpost.com/technology/2023/09/13/pegasus-infection-meduza-founder/
● This is highly likely that Russia deployed the same Zero-Day vulnerability in the (almost) publicly available mobile application hosting a false flag Cyber-Attack on the victim.
https://www.washingtonpost.com/technology/2023/09/13/pegasus-infection-meduza-founder/
● Real world OSINT challenge.
United States' military loses F35B over its territory. Unable to track, the US government has requested civilian help to find the missing plane.
https://twitter.com/flightradar24/status/1703827299412455459
https://twitter.com/TeamCharleston/status/1703523385475534968
https://www.businessinsider.com/missing-f35-flying-after-pilot-ejected-soviet-jet-cold-war-2023-9
United States' military loses F35B over its territory. Unable to track, the US government has requested civilian help to find the missing plane.
https://twitter.com/flightradar24/status/1703827299412455459
https://twitter.com/TeamCharleston/status/1703523385475534968
https://www.businessinsider.com/missing-f35-flying-after-pilot-ejected-soviet-jet-cold-war-2023-9
X (formerly Twitter)
Flightradar24 (@flightradar24) on X
The US military is searching for a missing F-35B in South Carolina after the pilot ejected yesterday and the jet kept flying. If you have seen an F-35 in the woods, please contact the US Marines.
Signal adds quantum-resistant encryption to its E2EE messaging protocol.
https://signal.org/blog/pqxdh/
https://www.bleepingcomputer.com/news/security/signal-adds-quantum-resistant-encryption-to-its-e2ee-messaging-protocol/
https://signal.org/blog/pqxdh/
https://www.bleepingcomputer.com/news/security/signal-adds-quantum-resistant-encryption-to-its-e2ee-messaging-protocol/
Signal
Quantum Resistance and the Signal Protocol
The Signal Protocol is a set of cryptographic specifications that provides end-to-end encryption for private communications exchanged daily by billions of people around the world. After its publication in 2013, the Signal Protocol was adopted not only by…
Telegram policy violated privacy 🔏 as the platform mentions that any government with "high democracy index" can request information of any telegram account and telegram shall comply with IP address of the username.
The following thread from Kashmir deals with such a request from telegram. Forget a similar incident was reported by the Dutch.
https://twitter.com/R_J_0ppenheimer/status/1704842373476520329
The following thread from Kashmir deals with such a request from telegram. Forget a similar incident was reported by the Dutch.
https://twitter.com/R_J_0ppenheimer/status/1704842373476520329
REArchive: Reverse engineering APT37’s GOLDBACKDOOR dropper.
https://www.0x0v1.com/rearchive-goldbackdoor/
https://www.0x0v1.com/rearchive-goldbackdoor/
[0x0v1]
REarchive: Reverse Engineering GOLDBACKDOOR dropper
Reverse Engineering Archive: APT37's GOLDBACKDOOR has been a prominent dropper used by North Korea.
Mozilla: Say (an encrypted) hello to a more private internet.
https://blog.mozilla.org/en/products/firefox/encrypted-hello/
https://blog.mozilla.org/en/products/firefox/encrypted-hello/
The Mozilla Blog
Related Articles
As web users, what we say and do online is subject to pervasive surveillance. Although we typically associate online tracking with ad networks and other th
● Thought of sharing: There are high changes that I will reject a candidate in an interview, if they are a bug-bounty hunter.
Following are some reasons for most and not all the hunters.
1. They are technically not sound. They only have limited information about the bug they identified or they usually identify like web based attacks or sometimes mobile apps.
2. They are mostly check-lists and tool reliant people.
3. They know very few bugs and start spraying on multiple targets. They are nuclei attackers (maybe this is a right term to have them associated).
4. They omit hard bugs almost always. They go for easy rewarding bugs. And not for zero-days or tricky RCEs.
5. Most hunters cannot perform a pentest. Since they're good (not in depth though) in specific bug or set of bugs.
6. Most of them are not researchers (as they are often called). They do not have patents, CVEs or published researches.
On the other hand, some top CTF players are excellent. And those who perform research are good for the job.
In an interview, I ask candidate what vulnerability class or type they are comfortable. They choose the easiest like IDOR or XSS or even SQLi. And are almost always web based attacks.
And then I ask them to tell me what mutation or universal XSS is. They be; we know reflected and stored and a bit about DOM (since they automate DOM).
For SQLi, 90% rely upon SQL-Map. The remaining use single quote combos 😂
If this skillset is at my gate. I'll choose to outsource through hacker-one; since they have bounty hunters.
I would need something more professional in the organisation to find issues. Because our goal is not to protect against nuclei templates but APT groups' that are nation-state.
Following are some reasons for most and not all the hunters.
1. They are technically not sound. They only have limited information about the bug they identified or they usually identify like web based attacks or sometimes mobile apps.
2. They are mostly check-lists and tool reliant people.
3. They know very few bugs and start spraying on multiple targets. They are nuclei attackers (maybe this is a right term to have them associated).
4. They omit hard bugs almost always. They go for easy rewarding bugs. And not for zero-days or tricky RCEs.
5. Most hunters cannot perform a pentest. Since they're good (not in depth though) in specific bug or set of bugs.
6. Most of them are not researchers (as they are often called). They do not have patents, CVEs or published researches.
On the other hand, some top CTF players are excellent. And those who perform research are good for the job.
In an interview, I ask candidate what vulnerability class or type they are comfortable. They choose the easiest like IDOR or XSS or even SQLi. And are almost always web based attacks.
And then I ask them to tell me what mutation or universal XSS is. They be; we know reflected and stored and a bit about DOM (since they automate DOM).
For SQLi, 90% rely upon SQL-Map. The remaining use single quote combos 😂
If this skillset is at my gate. I'll choose to outsource through hacker-one; since they have bounty hunters.
I would need something more professional in the organisation to find issues. Because our goal is not to protect against nuclei templates but APT groups' that are nation-state.
Cordyceps: C++ self-Injecting dropper based on various EDR evasion techniques.
This project consists of a simple C++ self-Injecting dropper focused on EDR evasion. To implement it, I have combined the use of Windows Thread Pooling to hide the call stack and the use of indirect syscalls to avoid hooking in the NTDLL.
https://github.com/pard0p/Cordyceps
This project consists of a simple C++ self-Injecting dropper focused on EDR evasion. To implement it, I have combined the use of Windows Thread Pooling to hide the call stack and the use of indirect syscalls to avoid hooking in the NTDLL.
https://github.com/pard0p/Cordyceps
Spam iOS, Android and Windows with Bluetooth pairing messages using Flipper Zero or Android smartphone.
https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/
https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/
Mobile Hacker
Spam iOS, Android and Windows with Bluetooth pairing messages using Flipper Zero or Android smartphone Mobile Hacker
So far, it was possible to spam through proximity paring messages only iOS devices, either using Flipper Zero, Arduino board or any Android as explained in my previous blog here. However, recently developers of Xtreme firmware for Flipper Zero pushed and…
DARPA worried battlefield mixed reality vulnerable to 'cognitive attacks'.
Hacks, physical tricks could turn headsets into vomit extractors, but tests already show no ops needed for that.
https://www.theregister.com/2023/10/12/darpa_worried_battlefield_mixed_reality/
Hacks, physical tricks could turn headsets into vomit extractors, but tests already show no ops needed for that.
https://www.theregister.com/2023/10/12/darpa_worried_battlefield_mixed_reality/
The Register
DARPA worried battlefield mixed reality vulnerable to 'cognitive attacks'
Hacks, physical tricks could turn headsets into vomit extractors, but tests already show no ops needed for that
GAP by x.com/xnl_h4ck3r
A BurpSuite extension that can help you bruteforce and enumerate undiscovered parameters!
This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing.
https://github.com/xnl-h4ck3r/GAP-Burp-Extension
A BurpSuite extension that can help you bruteforce and enumerate undiscovered parameters!
This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing.
https://github.com/xnl-h4ck3r/GAP-Burp-Extension