Just analyzed a spyware sample that bypasses Android 13 Restricted Settings so as to drop another malware with full access to Accessibility API.
+ use of malformed ZIP to break apktool and other tools.

https://cryptax.medium.com/android-spynote-bypasses-restricted-settings-breaks-many-re-tools-8791b3e6bf38

#SpyNote #SpyMax #Android #malware #accessibility #ZIP

So someone dumped a ton of internal Chinese gov’t docs, and I’m working on translations here. From what I can tell, the company An Xun International has been dropping spyware in its products? More to come.

https://github.com/mttaggart/I-S00N/blob/main/README-en.md

This week, Super Bowl 2024 shattered records, with the #NFL championship broadcast on CBS becoming the most-watched televised event in #US history.

Also riding high from the big game? #Elon #Musk's #X.

A whopping 75.85 percent of traffic from X to its advertising clients' websites during the weekend of the Super Bowl was fake.

https://mashable.com/article/x-twitter-elon-musk-bots-fake-traffic

#Ukraine #Russia

The (edit:) CURRENT beta version of #Signal is version 7.0.0.
There's a good reason for the round number. This will be the first version where usernames and phone number privacy are available outside of the staging environment.
From this version on, you'll be able to talk to people on Signal without revealing your phone number, and also, you may use Signal without revealing to people who have your number saved that you do.
This is huge.
https://github.com/signalapp/Signal-Android/compare/v6.47.4...v7.0.0

#Privacy #FOSS #OpenSource #PNP

This is fantastic and I think it's going to fuck up software engineering so much.

https://www.theverge.com/2024/2/15/24074214/justice-in-forensic-algorithms-act-democrats-mark-takano-dwight-evans

This was honestly super hard to write. The subject has been bugging me all day. I'm worried that people are going to hate my guts for saying it, but everything feels right to me.

https://wedistribute.org/2024/02/tear-down-walls-not-bridges/

Dear @mozilla
Please, please, please put the RSS indicator back in Firefox.

People need to know about this technology which empowers users over greedy, controlling corporations.

Update: As many have pointed out, you *can* use @thunderbird as an RSS feed reader, and there are many #firefox add-ons to restore the RSS indicator (one of which I'm already using). But my point is that Firefox needs to lean into RSS as an answer to all the crap that is the modern web, and help educate users about it

no centralised social network could ever produce "the taliban deleted my account". that's a mastodon special.

The 0day dumpster fire that is the security hardware industry rn continues unabated this week.

From Rapid7:

"Critical Fortinet FortiOS CVE-2024-21762 Exploited
Feb 12, 2024

On February 8, 2024 Fortinet disclosed multiple critical vulnerabilities affecting FortiOS, the operating system that runs on Fortigate SSL VPNs. The critical vulnerabilities include CVE-2024-21762, an out-of-bounds write vulnerability in SSLVPNd that could allow remote unauthenticated attackers to execute arbitrary code or commands on Fortinet SSL VPNs via specially crafted HTTP requests.

According to Fortinet’s advisory for CVE-2024-21762, the vulnerability is “potentially being exploited in the wild.” The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21762 to their Known Exploited Vulnerabilities (KEV) list as of February 9, 2024, confirming that exploitation has occurred."

https://www.rapid7.com/blog/post/2024/02/12/etr-critical-fortinet-fortios-cve-2024-21762-exploited/

https://www.cisa.gov/news-events/alerts/2024/02/09/cisa-adds-one-known-exploited-vulnerability-catalog

Broadcom Ends Support For Free ESXi Vmware Hypervisor https://tech.slashdot.org/story/24/02/12/1816248/broadcom-ends-support-for-free-esxi-vmware-hypervisor?utm_source=rss1.0mainlinkanon

Meanwhile in Canada

Updated #radare2 #cheatsheet

Okay, so I did a quick dive into sudo in Windows and here are my initial findings. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html

The main take away is, writing Rust won't save you from logical bugs :)

I gave #linkedin an honest try, for a year or more, in terms of finding #work. It's a cesspool of #toxicpositivity and fake job postings.

Now I'm asking, with all urgency -- to anyone who has anything #tech to offer, please consider a guy who has:

- 30 yrs of exp
- out of work 20 mo
- 3 kids, one approaching her 1st birthday
- a track record for secure systems
- a month before eviction
- low salary reqs

CV: https://jrlenz.com/files/cv-2023-12.pdf

US citizen | PH resident

#GetFediHired #Remote

Shout out to the Security Research Legal Defense Fund for helping us go public about our train research! We're honored to have been their first grantees.

Without their financial assistance we would've had to crowdfund our legal bills, or even worse, stay quiet about the locks we've found in Impuls trains.

If you're facing legal threats (or even anticipate the possibility of such threats) as the result of security research we definitely recommend reaching out to them.

https://www.securityresearchlegaldefensefund.org/

google has unleashed ungodly AI nightmares beyond my comprehension

so awhile ago, i've set up screen call on my android phone, because it's pretty useful for stopping robocalls from annoying me, since usually they just hang up, or google knows it is just a scam call.

well. i got another call in, but it couldn't get the transcript. so, i played the audio back.

to my fucking horror, GOOGLE IS USING MY OWN VOICE TO ANNOUNCE IT'S PRESENCE AS THE VIRTUAL ASSISTANT.

nowhere, i mean fucking NOWHERE did they ever tell me this was a thing they'd do. in fact, i'm not able to find a single fucking thing about this online!

i don't even have the fucking option set for them to preserve my voice history, the fact they have audio recordings of my voice, and enough of them to make a fucking AI-generated version of my voice, without my god damn consent, is... i don't even know how to put it.

google, i sincerely hope someone burns down all your data centers

GitS is RIGHT NOW, and the laughing man incident is literally today

whoa

https://thelaughingman2024.jp

AnyDesk was popped, with 170,000 advertised users.

They claim their install base is secure, but that the code signing cert was stolen. From the changelog, its clear that they knew this on January 29th but didn't announce until the end of the day on a Friday. Not cool.

Based upon their actions so far, I would recommend all enterprises kill AnyDesk across their fleet using EDR or other means for now until we know more.

https://anydesk.com/en/public-statement
https://anydesk.com/en/changelog/windows

I wanna surface this to my main timeline because it's kinda important to say out loud from time to time:

Businesses do NOT "have to" focus exclusively on their return to shareholders. Not legally, not morally.

That is the misguided OPINION of a 1970 essay by Milton Friedman, and the fact that everyone seemed to just hop on board that opinion is a significant reason why we switched gears into hyper-hell-capitaliam since then.

Push back on this every time you see it.

Given Okta's recent troubles with keeping their network secure, I guess I shouldn't be surprised by this blog post.

Still, a company that supposedly markets and sells security services, you would think they would have a better handle on something as rudimentary as password hashing.

TL;DR- Use SHA-2 or SHA-3 to hash passwords.

🤦🏻

https://auth0.com/blog/hashing-passwords-one-way-road-to-security/