Update your openssh, now

Unbelievable...

Drew always has a hot take about a problem

@catsalad@infosec.exchange 🥳

Recent HN Thread: https://news.ycombinator.com/item?id=39976225

The PoC thickens

UEFI IRC, the perfect companion to asking why your Linux boot partition no longer exists #joke

Now that is a Gaming Router

Video link for those on clients who don't show links when they are videos: https://i.imgur.com/5jtvxPQ.mp4

Practical attacks with a Raspberry Pi.

An interesting talk

linux_gaming@lemmy.ml

Pretty scary stuff in here

> https://github.com/Staacks/gbinterceptor

Abstract

Intel’s Software Guard Extensions (SGX) promises an isolated execution environment, protected from all software running on the machine. As such, numerous works have sought to leverage SGX to provide confidentiality and integrity guarantees for code running in adversarial environments. In the past few years however, SGX has come under heavy fire, threatened by numerous hardware attacks. With Intel repeatedly patching SGX to regain security while consistently launching new (micro)architectures, it is increasingly difficult to track the applicability of various attacks techniques across the SGX design landscape. Thus, in this paper we set out to survey and categorize various SGX attacks, their applicability to different SGX architectures, as well as the information leaked by them. We then set out to explore the effectiveness of SGX’s update mechanisms in preventing attacks on real-world deployments. Here, we study two commercial SGX applications. First, we investigate the SECRET network, an SGX-backed blockchain aiming to provide privacy preserving smart contracts. Next, we also consider PowerDVD, a UHD Blu-Ray Digital Rights Management (DRM) software licensed to play discs on PCs. We show that in both cases vendors are unable to meet security goals originally envisioned for their products, presumably due to SGX’s long update timelines and the complexities of a manual update process. This in turn forces vendors into mak- ing difficult security/usability trade offs, resulting in security compromises.

-----

A worthwhile read for those who don't mind a more technical paper

Relevant Links:

• https://www.wsj.com/articles/with-ai-hackers-can-simply-talk-computers-into-misbehaving-ad488686
• https://www.wired.com/story/chatgpt-prompt-injection-attack-security/

They are also doing a 37C3 talk on the matter: https://www.devever.net/~hl/ortega-37c3/ortega-37c3-web.pdf

This is the write up of the OpenZFS bug. Very interesting and well explained.

Could be worse. People could own a Nissan.

Today, the NES Tetris community achieved a new milestone. A player known as “Blue Scuti” reached level 157, a total of 1510 lines deep into the game, placed a piece, and his game crashed.

This post will describe why that is not only interesting, but a thing to be celebrated.

There will be topics in this post that assume you know everything from my previous post about Tetris. That post has no assumed prior knowledge, so start there and then come back if you want to know more.

5 - 6 mins (if you are a slow reader)

Police in 34 countries arrested 3500 people and seized assets worth $300 million in the latest iteration of what has become an annual coordinated global crackdown on cybercrime.

According to Interpol, Operation HAECHI IV ran from July to December and targeted seven types of scams: voice phishing, romance scams, online sextortion, investment fraud, money laundering associated with illegal online gambling, business email compromise fraud, and e-commerce fraud.

As a result of the operation, authorities blocked 82,112 suspicious bank accounts, seizing a total of $199 million in hard currency and a further $101 million worth of virtual assets.

Interpol’s executive director of police services, Stephen Kavanagh, said the “staggering” sum seized was a clear illustration of the incentives that were driving an explosive growth in transnational organized crime.

“This represents the savings and hard-earned cash of victims,” he said. “This vast accumulation of unlawful wealth is a serious threat to global security and weakens the economic stability of nations worldwide.”

Interpol said Operation HAECHI IV involved investigators working together to detect online fraud and freeze associated bank and virtual asset service provider accounts using Interpol’s Global Rapid Intervention of Payments (I-GRIP), a stop-payment mechanism which helps countries work together to block criminal proceeds.

Interpol helped frontline officers identify 367 virtual asset accounts linked to transnational organized crime. Assets in those accounts have been frozen as local police continue their investigations. Dragnet pulls in more AI-powered crime

In one case resulting from the operation, Filipino and Korean authorities worked together to apprehend a “high-profile online gambling criminal” who was arrested in Manila after spending two years on the run from Korea's National Police Agency. The illegal gambling operation the man allegedly ran was dismantled.

Interpol published two “purple notices” – warnings about emerging digital investment fraud practices – during the operation.

One alerted police around the world to a new scam detected in Korea involving the sale of non-fungible tokens (NFTs) with promises of huge returns, which turned out to be a “rug pull” scam where the developers abruptly abandon a project and investors lose their money.

The second purple notice warned about the use of AI and deep fake technology to lend credibility to scams by enabling criminals to hide their identities and to pretend to be a family member, friend, or love interests of the person they are attempting to dupe.

“The UK leg of the operation reported several cases where AI-generated synthetic content was used to deceive, defraud, harass, and extort victims, particularly through impersonation scams, online sexual blackmail, and investment fraud,” Interpol said.

“Cases also involved the impersonation of people known to the victims through voice cloning technology.”

Investment fraud, business email compromise and e-commerce fraud accounted for 75 per cent of cases investigated during the operation. Arrests and seizures keep growing

A similar operation last year, HAECHI III, netted almost 1000 arrests and $130 million in assets.

“HAECHI IV’s 200 per cent surge in arrests shows the persistent challenge of cyber-enabled crime, reminding us to stay alert and keep refining our tactics against online fraud, which is why INTERPOL operations like this are so important” Kavanagh said.

The first operation in the series, HAECHI-I, involved police from nine countries in Asia working together between September 2020 and March 2021 to make 585 arrests and seize $83 million.

Interpol’s head of National Central Bureau in Korea, Kim Dong Kwon, praised the international policing effort that led to the increased results achieved by HAECHI IV.

“Despite criminals' endeavors to gain illicit advantages through contemporary trends, they will eventually be apprehended and face due punishment. To accomplish this, Project HAECHI will consistently evolve and expand its scope.”

As SentinalOne explained in a 2021 post about HAECHI-II: in Korea, Haechi is a popular mythical animal widely used as a symbol of justice. The countries participating in this year’s operation were: Argentina, Australia, Brunei, Cambodia, Cayman Islands, Ghana, India, Indonesia, Ireland, Japan, Kyrgyzstan, Laos, Liechtenstein, Malaysia, Maldives, Mauritius, Nigeria, Pakistan, Philippines, Poland, Korea, Romania, Seychelles, Singapore, Slovenia, South Africa, Spain, Sweden, Thailand, United Arab Emirates, United Kingdom, United States and Vietnam. Hong Kong also participated.

Who thought that when you integrate with Apple services as a third party you would be blocked 🤔

Watchout after 27th to 29th of December when everyone releases the tools/PoCs at 37C3

Unpatched devices are vulnerable under the following conditions:

• Android devices are vulnerable whenever Bluetooth is enabled
• Linux/BlueZ requires that Bluetooth is discoverable/connectable
• iOS and macOS are vulnerable when Bluetooth is enabled and a Magic Keyboard has been paired with the phone or computer

----

Time to disable Bluetooth on all your old android phones!

Is it DNS? It's always DNS!

PS. I'd recommend their other writeups too! Such as: https://garyodernichts.blogspot.com/2022/06/exploiting-wii-us-usb-descriptor-parsing.html?m=1

Now this is some nice reverse engineering