Hello, Fediverse! We're Kagi, and we're on a mission to create a friendlier, more human-centric internet that has the users' best interest in mind.

Our core product is a search engine that is ad-free, tracking-free, and fully supported by our users. We've worked hard to deliver a high-quality, fast, and reliable search experience without compromising user privacy: https://kagi.com/

Excited to engage with the community here.

#Search #Privacy #AdFree

Absolute funniest TikTok trend in history went down this weekend. Someone posted about this “ATM glitch” they found. They went on to explained that you can deposit checks into ATMs and some of the money becomes available for withdrawal immediately, so you can write fake checks, deposit them, then withdraw the money before the check clears.

They made it sound like some kind of life hack and I guess most of TikTok is too young to know what check fraud is, so they had like hundreds of people uploading videos of themselves writing and depositing fraudulent checks into their own bank accounts tied to their real identities 💀

@soatok @duxsco @filippo @mbmcloughlin The flaw was fixed in firmware 5.7, which is also the firmware that added Ed25519 support to PIV. So the mitigation for vulnerable YubiKeys can't be Ed25519 for the PIV applet as it doesn't exist there.

Between that and explaining the difference between ECC and ECDSA to users, I'm not surprised they just say "use RSA".

Saying the quiet part out loud

https://futurism.com/the-byte/openai-copyrighted-material-parliament

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains brief physical access to it, researchers said Tuesday.

The cryptographic flaw, known as a side channel, resides in a small microcontroller that’s used in a vast number of other authentication devices, including smartcards used in banking, electronic passports, and the accessing of secure areas. While the researchers have confirmed all YubiKey 5 series models can be cloned, they haven’t tested other devices using the microcontroller, which is SLE78 made by Infineon and successor microcontrollers known as the Infineon Optiga Trust M and the Infineon Optiga TPM. The researchers suspect that any device using any of these three microcontrollers and the Infineon cryptographic library contains the same vulnerability.

https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/

fuck yeah, another ghidra feature that I could never find in IDA 😎

You can make a typedef for an offset pointer, as in, “this is a pointer to offset 0x4 within a FooClass object”. And then the decompiler sees code like `SUB dword ptr [ESP + 0x8], 4` and figures out “ah, this turns it into a normal FooClass*” and makes things readable. Quite nice for inspecting C++ inheritance forests.

@LinuxAndYarn @zackwhittaker if i was elon musk rich, i'd never have let thinkgeek go away

This is a real story. https://www.nytimes.com/2024/09/03/us/politics/trump-prank-devices.html

Security Week: CISA Warns of Avtech Camera Vulnerability Exploited in Wild
In yesterday's CISA ICS Advisory AVTECH IP Camera, CISA includes the following verbiage:

ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation

Additionally, "An anonymous third-party organization confirmed Akamai's report and identified specific affected products and firmware versions." AVTECH SECURITY Corporation has not responded to requests to work with CISA to mitigate these vulnerabilities.

So there you have it CVE-2024-7029 (8.8 high) command injection vulnerability is likely an unpatched and exploited zero-day.

#CVE_2024_7029 #activeexploitation #zeroday #vulnerability #cve #avtech #cisa

A couple notes about the Infineon timing side channel affecting most YubiKeys.

1. yubikey-agent is unaffected in the evil maid threat model as the attacker needs physical access *and PIN*

2. lol, Infineon

3. Go mitigates timing side-channels in ECDSA nonce inversion by not being clever and just using Fermat's little theorem, which is as simple as a constant time exponentiation by p - 2 (which can be optimized with @mbmcloughlin's addchain)

https://ninjalab.io/eucleak/
https://www.yubico.com/support/security-advisories/ysa-2024-03/

@tychotithonus Yubico advisory is up: https://www.yubico.com/support/security-advisories/ysa-2024-03/

We've updated our blog on abusing file deletes to escalate privileges. We've also released PoC to demonstrate this. The exploit offers a high degree of reliability and eliminates all race conditions. It has been tested on the latest Windows 11 Enterprise. https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks

D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported.

https://www.bleepingcomputer.com/news/security/d-link-says-it-is-not-fixing-four-rce-flaws-in-dir-846w-routers/

SecureLayer7: CVE-2024-37084: Spring Cloud Remote Code Execution
SecureLayer7 has been churning out zero-day vulnerabilities (publicly releasing information about vulnerabilities without a coordinated vulnerability disclosure with the impacted vendor or assigning CVEs) and proofs of concepts for vulnerabilities. According to Spring.io, Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing platform deployed in Cloud Foundry and Kubernetes. CVE-2024-37084 (9.8 CRITICAL) is an arbitrary file write. SecureLayer7 used patch diffing to determine that it’s an insecure deserialization vulnerability that leads to remote code execution, and provides a proof of concept for it.

#vulnerability #CVE_2024_37084 #spring #cve #proofofconcept #poc

Mozilla Foundation security advisories:

• 2024-39 Security Vulnerabilities fixed in Firefox 130
• 2024-40 Security Vulnerabilities fixed in Firefox ESR 128.2
• 2024-41 Security Vulnerabilities fixed in Firefox ESR 115.15
• 2024-42Security Vulnerabilities fixed in Focus for iOS 130

No mention of Firefox for iOS or Thunderbird (which would arrive in 2 separate advisories). Expect future advisories likely later today. No mention of exploitation.

Edited to include late advisory for Focus for iOS 130.

#mozilla #firefox #PatchTuesday #vulnerability #cve

The recording of our @WEareTROOPERS presentation is now online, enjoy!

#TROOPERS24 - IBM i for Wintel Hackers

https://www.youtube.com/watch?v=t4fUvfzgUbY

#IBMi

Analysis of CVE-2024-37084: Spring Cloud Remote Code Execution https://blog.securelayer7.net/spring-cloud-skipper-vulnerability/

AI slide for the talk (work in progress):

AI does not save us

AI fools researchers think they found problems

AI assisted reports take longer to debunk

AI is an added burden for maintainers

Traceeshark: Deep Linux runtime visibility meets Wireshark https://github.com/aquasecurity/traceeshark

'The Dutch Data Protection Authority imposes a fine of 30.5 million euro and orders subject to a penalty for non-compliance up to more than 5 million euro on Clearview AI... Clearview has built an illegal database with billions of photos of faces, including of Dutch people. The Dutch DPA warns that using the services of Clearview is also prohibited.' https://www.autoriteitpersoonsgegevens.nl/en/current/dutch-dpa-imposes-a-fine-on-clearview-because-of-illegal-data-collection-for-facial-recognition #Netherlands #clearview #law #tech #ai #privacy #dataprotection #surveillance