Why did the recent OpenSSL punycode vulnerability happened?
Good analysis:
https://words.filippo.io/dispatches/openssl-punycode/
"
Why does something like OpenSSL need to decode punycode?"
The answer is: an explicit IETF design choice, that made punycode decoding part of X.509 verification, without even a line of acknowledgement in the Security Considerations."
8.11.2022 17:31Why did the recent OpenSSL punycode vulnerability happened?Good analysis:https://words.filippo.io/dispatches/openssl-punycode/"Why does...You should probably not use #AWS . Probably. Agree?
https://www.karlsutt.com/articles/you-should-not-be-using-aws/
6.11.2022 16:33You should probably not use #AWS . Probably. Agree?https://www.karlsutt.com/articles/you-should-not-be-using-aws/#cloudEverything you probably don't need to know about NGINX logs.
Very detailed analysis of the source code and related error logs:
https://trunc.org/learning/everything-you-dont-need-to-know-about-nginx-error-logs
#nginx #linux #security #infosec #logs
5.11.2022 19:38Everything you probably don't need to know about NGINX logs.Very detailed analysis of the source code and related error...Create an empty 8G file to save you in case your disk gets full:
https://brianschrader.com/archive/why-all-my-servers-have-an-8gb-empty-file/
Not sure I like this technique, but I have to agree that is pretty difficult to troubleshoot a server when the disks gets full.
That little file can save you a lot of hours.
25.3.2021 23:21Create an empty 8G file to save you in case your disk gets...Quoting Chris Krebs:
"This is the real deal. If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03. Check for 8 character aspx files in C:\\inetpub\wwwroot\aspnet_client\system_web\. If you get a hit on that search, you’re now in incident response mode."
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
5.3.2021 04:46Quoting Chris Krebs:"This is the real deal. If your organization runs an OWA server exposed to the internet, assume compromise between..."The only way to force companies to provide safety and security features for customers and users is with government intervention.
They routinely legislate safety — pollution standards, automobile seat belts, lead-free gasoline, food service regulations.
We need to do the same with cybersecurity: the federal government should set minimum security standards for software and software development."
https://www.schneier.com/blog/archives/2021/03/national-security-risks-of-late-stage-capitalism.html
Agree?
1.3.2021 15:46"The only way to force companies to provide safety and security features for customers and users is with government intervention. They...Before buying a NYT subscription, here's what it will take you to cancel it.
I was expecting them to require a snail mail or a fax, but still a pain to have it cancelled.
Until they fix it, might be better not to subscribe to the NYT.
18.2.2021 15:35Before buying a NYT subscription, here's what it will take you to cancel it.https://imgur.com/a/K8m7p2tI was expecting them to require a...Barcode Scanner app on Google Play infects 10 million users with one update
Do you have this Barcode scanner app on your Android?
8.2.2021 06:55Barcode Scanner app on Google Play infects 10 million users with one update...In August and September 2020, Verisign quantified that upwards of 45.80% of total DNS traffic to the root servers was, at the time, the result of Chromium intranet redirection detection tests...
https://blog.apnic.net/2021/02/04/how-chromium-reduces-root-dns-traffic/
After a code change, Chrome was able to reduce this number significantly...
5.2.2021 15:58In August and September 2020, Verisign quantified that upwards of 45.80% of total DNS traffic to the root servers was, at the time, the...If you had email issues lately....
Spamcop let their domain expire:
Causing false positives to anyone using them.
1.2.2021 19:56If you had email issues lately....Spamcop let their domain...Any unprivileged user can gain root privileges on a vulnerable host using a default sudo configuration by exploiting this vulnerability.
If you allow users into your system via ssh, check this out asap.
26.1.2021 20:41Any unprivileged user can gain root privileges on a vulnerable host using a default sudo configuration by exploiting this...Tim Cook: Why I kicked Parler off Apple's App Store.
Apple, along with Amazon and Google, effectively kicked Parler off the internet in the wake of the January 6 US Capitol siege. Despite criticism that Big Tech wields too much power over speech, Apple CEO Tim Cook defended his decision....
https://www.cnn.com/2021/01/17/tech/tim-cook-apple-parler/index.html
What do you think? Do you agree?
Complicated battle between fighting misinformation/abuse vs free speech.
17.1.2021 20:53Tim Cook: Why I kicked Parler off Apple's App Store.Apple, along with Amazon and Google, effectively kicked Parler off the internet in...How I hijacked the top-level domain of a sovereign state
https://labs.detectify.com/2021/01/15/how-i-hijacked-the-top-level-domain-of-a-sovereign-state/
He registered an expired domain used by the .cd ccTLD. Great report.
15.1.2021 17:17How I hijacked the top-level domain of a sovereign...NSA warns against using DoH inside enterprise networks
The NSA urges companies to host their own DoH resolvers and avoid sending DNS traffic to third-parties.
https://www.zdnet.com/article/nsa-warns-against-using-doh-inside-enterprise-networks/
15.1.2021 01:31NSA warns against using DoH inside enterprise networksThe NSA urges companies to host their own DoH resolvers and avoid sending DNS traffic...Stealing Your Private YouTube Videos, One Frame at a Time
https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/
Really cool discovery and great bug bounty $$.
11.1.2021 18:01Stealing Your Private YouTube Videos, One Frame at a Time...SolarWinds, whose software was backdoored to allow hackers to breach U.S. government agencies, was warned last year that anyone could access its update server using the password "solarwinds123"...
... APT they said... ?
16.12.2020 10:58SolarWinds, whose software was backdoored to allow hackers to breach U.S. government agencies, was warned last year that anyone could access...Over the last months, hackers have quietly added a subtle security flaw to over 50 large online stores, only to exploit them right before Black Friday...
The backdoor would ensure future access for the attackers, even if their primary operation was blown.
Sansec has been tracking this developing campaign since April this year, and found numerous stealthy tactics to dodge detection.
Good research:
https://sansec.io/research/magento-2-persistent-parasite
9.12.2020 18:04Over the last months, hackers have quietly added a subtle security flaw to over 50 large online stores, only to exploit them right before...Why is the Google Cloud UI so slow?
https://www.debugbear.com/blog/slow-google-cloud-ui
"Here's what happens when the browser wants to run some JavaScript code.
-Parsing
-Compilation (also happens lazily)
Initialization – the browser runs module initialization code,
-Running core app code – renders the application using the initialized modules
For the whole Google Cloud page, just parsing the source code takes 250ms, and compilation takes another 750ms ...
9.12.2020 15:43Why is the Google Cloud UI so slow?https://www.debugbear.com/blog/slow-google-cloud-ui"Here's what happens when the browser wants...Linkedin is a weird social network.
https://divinations.substack.com/p/linkedins-alternate-universe
6.12.2020 17:34Linkedin is a weird social network.https://divinations.substack.com/p/linkedins-alternate-universeNearly 70% of smart TVs and 46% of game consoles were found to contain hardcoded DNS settings - allowing them to simply ignore your local network’s DNS server entirely.
On average, Smart TVs generate an average of 60 megabytes of outgoing Internet traffic per day, all the while bypassing tools like PiHole - and DNS filters.
...
https://labzilla.io/blog/force-dns-pihole
6.12.2020 03:15Nearly 70% of smart TVs and 46% of game consoles were found to contain hardcoded DNS settings - allowing them to simply ignore your local...⬆️
⬇️