🚧 Brute-Forcing One-Time Passwords 🚧

My last two threads discussed the probability of brute-forcing OTPs, how to do it effectively and how to defend against attacks.

Here is an overview of the topics covered:

1. Bernoulli Processes 🧮
https://infosec.exchange/@kpwn/110520985360492457

2. Increasing and Decreasing Probabilities 🤞
https://infosec.exchange/@kpwn/110561329301840527

Here's everything compiled into a blog post 📰
https://kpwn.de/2023/06/brute-forcing-one-time-passwords/

Do you find my content valuable?

🔔 Follow me for more web security content.

🔁 Also, boost this toot to spread the word!

#Infosec #CyberSecurity #BugBounty #Pentesting #Hacking #Passwords #OTP #Authentication

Twitter has suspended every single API key not belonging to a Twitter Blue subscriber.

Every. Single. Key. 9to5Mac’s? Dead. Apple’s for iMessage previews? Dead.

Every single API key has been revoked. The Twitter API is officially dead.

Ransomware, but they install an unlicensed copy of Oracle somewhere in your organization and threaten to tell Oracle about it if you don’t pay up.

AI is a lot like fossil fuel industry. Seizing and burning something (in this case, the internet, and more broadly, written-down human knowledge) that was built up over a long time much faster than it could ever be replenished.

Sennheiser makes headphones. Some of its models are very pricy, and others are cheaper. This is a common tactic for firms, selling products at multiple “price points” so it can capture revenue from people willing to pay at different levels.

It’s apparently not very cost effective to make all sorts of different models. But then how do you justify selling headphones at different prices? Why would someone pay hundreds more for the same headphones?

Why, just make one version *shittier.* Turns out Sennheiser was inserting a piece of foam into some of its headphones, to deliberately lower the sound quality, in order to sell the same headphones at different prices to different people.

Once you recognize sabotage for what it is, you can’t help but start to see it in every aspect of your life: a deliberate shittiness imposed on us so someone else can earn a profit.

http://mikebeauchamp.com/misc/sennheiser-hd-555-to-hd-595-mod/

8/8

It is confirmed that Reddit is forcing subreddits to open again. This is according to /r/antiwork moderators.

#reddit #blackout #redditmigration

"Reddit represents one of the largest data sets of just human beings talking about interesting things," Huffman said. "We are not in the business of giving that away for free."

You and me, we're just data sets. Years of interaction with fellow human beings, building community, sharing insight and creativity…it’s all just data. Data to be mined and monetized.

Huffman's not mad Reddit was scraped for a chatbot. He's mad he wasn't paid for the privilege. It's his data, you see. His. Not yours.

Yesterday's new #moveIT vulnerability has been allocated CVE-2023-35708. Patch is out now. #CVE202335708

@jsmall I vaguely remember that? But a follow-up then: how do I know if the database is being updated now or MS just decided to rather implement this feature in MS Cloud Protector 365 Advanced Pro?

Search engines are useless. Windows is packaging Internet features few asked for. The major public sites are sealed tight to avoid third party tools.

Web 1.0 is back, baby!

No random open source application, I do not want to join your Discord channel for support.

There's this really cool technology called hypertext markup language, and if you use it for your documentation another piece of amazing technology called a search engine can help me find the answer I'm looking for

And the real magic is you only have to answer it once and the answer helps anyone. You don't have to answer the same question every day. This frees you up for more fun development

autoexec.bat (credit: Adam Koford)

Solar Designer keynote (https://www.sstic.org/2023/presentation/ouverture_2023/) was a bit hard to follow at first, but really interesting for the historical perspective. Some things we take for granted now but back in time we really were struggling at coordinating across distributors and oss-security/distros list (https://oss-security.openwall.org/wiki/mailing-lists) really helped.

Nowadays mails (and especially mailing lists) are a pain to handle, but right now I don't think we really have better solutions, unfortunately. So many thanks to Solar!

What can I add... the job market is kinda abysmal right now. A ton of companies have done substantial layoffs over the last few weeks and a lot of folks at all experience levels are looking all at once in the US.

Cybersecurity is still a substantially more stable space than a lot of other IT fields. My heart breaks for a lot of development roles right now. However, if you have something that is stable but just okay, I'd recommend sticking with it for the next year or so unless you have a solid and guaranteed move. The economy and investment is going to take a while to recover. Also, plan to have to move if you are part of layoffs. Have a resume ready to go, and a safety net of some sort and a plan if you are able to. Take care of your mental health.

If you're a student, I'm really sorry. I graduated during the last recession and I truly understand this is awful. Strongly suggest you target a specific niche and skillset within cybersecurity that is in higher demand and less competitive, and consider moving to something more specific later. Have your resume reviewed by a hiring manager and a professional editor. Participate in networking and in-person community events as much as you can. Meet people. Everything gives you an advantage!

US DOJ unseals a 2019 indictment charging two Russians with stealing ~647K BTC in a Mt. Gox hack; one of them is also charged with conspiring to operate BTC-e (Nikhilesh De/CoinDesk)

https://www.coindesk.com/policy/2023/06/09/mt-goxs-hackers-are-2-russian-nationals-us-doj-alleges-in-indictment/
http://www.techmeme.com/230609/p14#a230609p14

Well, I inadvertently discovered a zero-day RCE in acme.sh and got a Chinese CA to shut down overnight: https://github.com/acmesh-official/acme.sh/issues/4659

Patch for new (old) #moveIT vulnerability out now. No CVE allocated yet. https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-CVE-Pending-Reserve-Status-June-9-2023

hey could the criminals who somehow converted an application logic bug in a spam filter to “you have to throw the hardware in a shredder to be sure” please publish their own blog post about this https://www.rapid7.com/blog/post/2023/06/08/etr-cve-2023-2868-total-compromise-of-physical-barracuda-esg-appliances/

From a live tweet of the proceedings around the lawyer caught using ChatGPT:

"I thought ChatGPT was a search engine".

It is NOT a search engine. Nor, by the way are the version of it included in Bing or Google's Bard.

Language model-driven chatbots are not suitable for information access.

>>

A little cheeky of PrinterLogic to warn against PrintNightmare vulnerabilities after this savage thrashing on full-disclosure: https://seclists.org/fulldisclosure/2023/May/16

Shodan is only showing ~15 on the internet at least: https://www.shodan.io/search?query=title%3Aprinterlogic

The @runZeroInc query is similar: https://console.runzero.com/inventory/services?search=_asset.protocol%3Ahttp%20protocol%3Ahttp%20%28html.title%3A%3D%22Printer%20Logic%22%20OR%20favicon.ico.image.md5%3A%3Dab2fc8886bfbf3e986f8015539d29736%29

hat tip to @campuscodi for flagging at https://riskybiznews.substack.com/p/risky-biz-news-iranian-hacktivists (and @riskydotbiz for the mention)