The FBI has dismantled a massive network of compromised devices that Chinese state-sponsored hackers have used for four years to mount attacks on government agencies, telecoms, defense contractors, and other targets in the US and Taiwan.
Posts
-
The FBI has dismantled a massive network of compromised devices that Chinese state-sponsored hackers have used for four years to mount attacks on government agencies, telecoms, defense contractors, and other targets in the US and Taiwan. -
My periodic reminder to reboot your routers at least 1x/week.And no, it's not paranoid for everyday people to think nation states are trying to hack their routers. It happens all the time. Nation states infect routers opportunistically and often in large numbers. They do this not because they're targeting the router owner. They do it to use the router to hack government agencies, universities, etc. of interest. Everyone's threat model should include "nation state actors have taken over my router."
-
My periodic reminder to reboot your routers at least 1x/week.The reason: Router malware has grown increasingly sophisticated as nation states like China and Russia have jumped all in over the past 5 or 10 years. Actors working on behalf of these governments regularly build large IoT botnets for use in attacks against targets they want to hack. These bots are ideal because they have US-based IP addresses, which generally have good reputations.
Despite the sophistication, the vast majority of router malware lacks persistence, meaning the device is disinfected each time is rebooted. Security firms have regularly advised the period rebooting of routers. So has CISA:
-
My periodic reminder to reboot your routers at least 1x/week.My periodic reminder to reboot your routers at least 1x/week.
-
From the WTAF dept: 3 killed, > 1,000 wounded in Beirut by exploding pagers:Electronic pager devices also exploded in Syria, according to Iran’s Tasnim news agency and to Saberin News, an outlet affiliated with the Revolutionary Guards. Saberin reported that seven people were killed in Syria from the blast targeting their devices in the Seyedah Zeinab neighborhood, a Shia stronghold in Damascus.
-
From the WTAF dept: 3 killed, > 1,000 wounded in Beirut by exploding pagers:NYT: Lebanon's health minister, Firas al-Abyad, said in a press conference that eight people were killed by exploding paging devices and at least 2,780 were wounded, including 200 in serious condition.
-
It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to lan...It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to land. But that’s exactly what happened recently to Benjamin Harris.
-
The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains brief physical access to it, resea...The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains brief physical access to it, researchers said Tuesday.
The cryptographic flaw, known as a side channel, resides in a small microcontroller that’s used in a vast number of other authentication devices, including smartcards used in banking, electronic passports, and the accessing of secure areas. While the researchers have confirmed all YubiKey 5 series models can be cloned, they haven’t tested other devices using the microcontroller, which is SLE78 made by Infineon and successor microcontrollers known as the Infineon Optiga Trust M and the Infineon Optiga TPM. The researchers suspect that any device using any of these three microcontrollers and the Infineon cryptographic library contains the same vulnerability.
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel
Sophisticated attack breaks security assurances of the most popular FIDO key.
Ars Technica (arstechnica.com)
-
A source with knowledge of the incident said the cemetery official tried to prevent Trump staffers from filming and photographing in a section where recent U.S.A source with knowledge of the incident said the cemetery official tried to prevent Trump staffers from filming and photographing in a section where recent U.S. casualties are buried. The source said Arlington officials had made clear that only cemetery staff members would be authorized to take photographs or film in the area, known as Section 60.
When the cemetery official tried to prevent Trump campaign staff from entering Section 60, campaign staff verbally abused and pushed the official aside, according to the source.
Trump campaign staff had altercation with official at Arlington National Cemetery
The cemetery official tried to prevent Trump staffers from filming and photographing in a section where recent U.S. casualties are buried, a source with knowledge of the incident told NPR.
NPR (www.npr.org)
-
@lauren has discovered that Chrome 128, released in the past 24 hours, no longer works on Ubuntu 18.04, a release that Canonical is supporting until 2028. Can anyone point me to Chrome 128 not working on other OS versions still in support?@lauren has discovered that Chrome 128, released in the past 24 hours, no longer works on Ubuntu 18.04, a release that Canonical is supporting until 2028. Can anyone point me to Chrome 128 not working on other OS versions still in support?
(Please boost.)
-
Last Tuesday, loads of Linux users—many running packages released as early as this year—started reporting their devices were failing to boot. Instead, they received a cryptic error message that included the phrase: “Something has gone seriously wrong.”Last Tuesday, loads of Linux users—many running packages released as early as this year—started reporting their devices were failing to boot. Instead, they received a cryptic error message that included the phrase: “Something has gone seriously wrong.”
The cause: an update Microsoft issued as part of its monthly patch release. It was intended to close a 2-year-old vulnerability in GRUB, an open source boot loader used to start up many Linux devices. The vulnerability, with a severity rating of 8.6 out of 10, made it possible for hackers to bypass secure boot. CVE-2022-2601 was discovered in 2022, but for unclear reasons, Microsoft patched it only last Tuesday.