crackerjack @jack@nerfherders.io
Admin
◘ CySec
◘ DevSecOps
◘ GameDev
◘ Linux Nerd
◘ Entrepreneur
◘ Student
Joined May 2022
Pinned post
I did a thing! I decided to jump into this mastodon business and figured why not host it. Any fellow scruffy looking star wars fans are welcome to join me on it!
I'm Jack, a Cybersecurity Specialist, and all around tech enthusiast. I like to be social from time to time, and I'll probably share quite a few interesting Cybersecurity news and articles that I come across.
Nice to meet you lovely internetizens. If you took the time to read this far, I give you a heartfelt thanks!
Lots of activity lately targeting defi apps. Juicy target for most criminals, large amounts of liquidity is a strong attractor.
https://www.trustnodes.com/2022/06/25/defi-dapps-dns-attacked
I for one thinkb it's great to see work like this being done. I also recognize how small a drop in the bucket sized problem this is. But it's a great effort and hopefully one that will continue. Online scams are one of the biggest issues facing the average netizen today.
#cybersecuritynews #cybercrime #scams #socialengineering
https://gizmodo.com/interpol-50-million-first-light-social-engineering-scam-1849067588
crackerjack
boosted
Love the name of this one: #hertzbleed. Using power analysis attacks as a viable side-channel exploit.
I've always been leery of storing my credentials in a browser. Interesting article lending my paranoia a little credence. For the record, bitwarden (self hosted) is my password solution currently.
#passwords #browser #plaintext #cybersecurity #cybersecuritynews
Magic packets to open a backdoor, pretty nifty. This rootkit appears to target Linux 3.x kernels
crackerjack
boosted
Still love my M1 MacBook though...
#cybersecuritynews #M1 #PACMAN #unpatchable
https://thehackernews.com/2022/06/mit-researchers-discover-new-flaw-in.html
crackerjack
boosted
crackerjack
boosted
The Surreal Case of a C.I.A. Hacker’s Revenge https://www.newyorker.com/magazine/2022/06/13/the-surreal-case-of-a-cia-hackers-revenge
This looks interesting. Not sure how I feel about installing unofficial patches on windows though...
bleh, so much schoolwork this week. Yay summer session! On the upside, only about 4 weeks left, and I'll have a month without classes before Fall semester begins.
Looks like we've got more information on how this bug was found to be actively exploited in the wild, from the cybersecurity firm that original found the vulnerability (Volexity):
https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
Can't we just all collectively agree to not open untrusted office docs? This is the recent 0day making headlines still, "Follina" - but you better believe there are others that aren't making headlines yet.
https://techcrunch.com/2022/06/01/china-backed-hackers-are-exploiting-unpatched-microsoft-zero-day/
That recent M$ Office 0day now has a name and crap logo to go with it, lol.
#cybersec #cybersecuritynews #0day #ArbitraryCodeExecution
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
Remember folks, don't open any attachments from untrusted sources!
Interesting 0day here...
From the article:
"It uses Word's external link to load the HTML and then uses the 'ms-msdt' scheme to execute PowerShell code," the researchers noted in a series of tweets last week.
#0day #msoffice #ArbitraryCodeExecution #cybersec #cybersecurity
https://thehackernews.com/2022/05/watch-out-researchers-spot-new.html
crackerjack
boosted
Widely Available AI Could Have Deadly Consequences https://www.wired.com/story/ai-dr-evil-drug-discovery/
Admin
◘ CySec
◘ DevSecOps
◘ GameDev
◘ Linux Nerd
◘ Entrepreneur
◘ Student
Joined May 2022
