KazukiLabs NewsLetter Vol. 3 Num. 13
KazukiLabs NewsLetter Vol. 3 Num. 13
If Elon.Deal.Twitter = False, Then Sue.
Hello there, kazu here again with another newsletter.
Seems after i made the changes to the newsletter, i have managed to mostly get back to actually releasing weekly again since it’s a lot easier for me to get one out then before the changes, which is nice.
Anyway, this last week had a lot of news of interests with Elon pulling out of the twitter deal, European Parliament voted to approve the “digital services Act”, Microsoft decide to be idiots and roll back blocking macros by default and a critical vulnerability being discovered in chrome for both windows and android, which include edge as well.
~Kazu
News Of Interest:
Elon Musk notifies Twitter he is terminating deal
https://www.cnbc.com/2022/07/08/elon-musk-notifies-twitter-he-is-terminating-deal.html
Kazu: Unsurprisingly, Elon Musk decided to pull out of the twitter deal citing twitter didn't follow their contract both related to internal staff changes and not providing appropriate evidence about less than 5% of active users on twitter being bots.
with a fee of 1billion on contract break and the fact that both twitter and elon is known not to have the best net profit, although, elon likely will deal with losing a billion better than twitter, so it's not surprising that both twitter and elon will fight on who are in right and will likely go on for a while.
i say all this is unsurprising as i personally had strong doubts that elon would go through with it, why? Elon had nothing to gain by actually getting twitter, only problems, as mentioned, twitter has a hard time financially, so it could possibly just be another money sink for him.
well, i say nothing to gain, which may not be strictly correct, but the gains would likely not outweigh the problems, when it was announced that he had entered a contract where the party that pulled out at to pay a billion, i started to think it may be possible it would go through, simple to avoid paying the break-fee.
but once i noticed his requirements of twitter, i quickly figure he never had any intention of actually going through with it, which is why he included the "almost impossible to prove for sure" requirement about 5% bots, this was the main thing he wanted to use to be able to pull out of the contract, and then he tried stacking twitter layoffs and twitter stock going down as additional reason to break of without paying the break fee.
The current situation has 3 possible outcomes.
Either twitter manage to challenge his reason for pulling out enough to force the billion from him. Elon manage use twitter's failure to fulfill its obligations as reason to force the billion from twitter. or alternatively, both sides decide they got too much to lose in the end and just agree that neither have to pay anyone anything and just put a lid on it all
Tags:Twitter, Elon Musk, Acquisition, Tech
Europe's Big Tech Law Is Approved. Now Comes the Hard Part
https://www.wired.com/story/digital-services-act-regulation/
Kazu: European Parliament seems to have voted very strongly in the favor of the "Digital Services Act" which i am honestly not entirely sure the full implication of it mean, as i have not set myself too much into everything, but from what it seems, it will be a long time before the law will archive much of anything. As mentioned in the article, they are nowhere close to actually putting into action the law they just approved.
Tags: Regulatory Changes, Law, Tech, European commission, EU
Microsoft rolls back decision to block Office macros by default
https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-back-decision-to-block-office-macros-by-default/
Kazu: after Microsoft finally decided to block enabling macros from untrusted sources as default, it seem they for some unfathomable reason decided to roll back the decision, affectively undoing one of the biggest way to have an effect against phishing attacks and it's the stupidest decision Microsoft have had from a security perspective in a long time.
Tags: Microsoft, InfoSec, Rollback, Microsoft Office, security
Google Warns Of Serious New Chrome Hack Attack Targeting Windows & Android
Kazu: seems yet another chrome related critical vulnerability has been found which are currently seeing active exploitation in the wild, most affected browsers should be patched at this point, which include MS Edge, so if you haven't updated to the new patch yet, you may want to put a priority on that.
Tags: Chrome, zero-day, exploit, Critical, android, windows, Microsoft Edge, InfoSec, Security
Projects, Tools, Writeups, etc
Red-Teaming Tool Being Abused by Malicious Actors
https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
Kazu: BruteRatel C4 is a penetration and adversary emulation tool which is effective at defeating modern detections capabilities, so naturally, the bad guys took note of it as well and just like CobaltStrike is now using it for themselves.
some may use this as a yet another example on why you shouldn't make tools that is shown to be effective on defeating security, but let's be honest, someone else would anyway sooner or later and not to mention, tools have no bias, the hammer is not evil or good, the user is, and hiding it just cause it can be abused is of course silly.
Tags: Tools, Abuse, InfoSec, Security, writeups, analysis
Malduck: The helpful Malware Analysis duck
https://github.com/CERT-Polska/malduck
Kazu: Malduck is a malware analysis tool which is based on the "Roach project" and is a fork from the "Cuckoo Sandbox project" with improved functions and is already known within the malware analysis community, but i figured it may be nice to share it for the people who don't know about yet.
Ah, it can also work together with IDA as well.
Tags: Malware analysis, Reverse Engineering, Reversing, GitHub, Python
XPEViewer: A pretty good PE file viewer/editor for Windows, Linux and MacOS
https://github.com/horsicq/XPEViewer
Kazu: A PE file viewer/editor which work on windows, Linux and MacOS i come across and from what i have read from others, is one of the better tools out there to view or edit PE files and is both valuable for malware and reverse engineering in general, i have not yet got chance to tried it out personally, but i figured i should mentioned it so people know about it:)
Tags: Reverse Engineering, PE, GitHub, Malware analysis, InfoSec