This Week sure have had stuff happening left and right and too much for me to get around to mention in this newsletter, but at the beginning of last week twitter had one of their key data center going offline. Uber had a breach by a 18yo due to the company using weak passwords and hardcoded powershell.
Etherum was merged from a “Proof of Work” to a “Proof of stake” so now people can focus on its uselessness instead of it’s environmental impact for anything else but maybe a currency at best. Google also got hit by a 4.1 billion antitrust fine by the EU court and EVGA is exiting the GPU market due to various reasons.
Anyway, back to studying/working on stuff and forget about the newsletter until I remember about it the day before and stressing about getting it together in time like an idiot.
~Kazu
News of Interests
Ethereum Merge Completed
https://www.independent.co.uk/tech/ethereum-merge-crypto-energy-environment-b2167637.html
Kazu: ethereum. which NFT and Web 3.0 is built upon. initiated the merge from "Proof of Work" to "Proof of Stake" last week and by this should have reduced carbon emissions by 99% and should in theory no longer be as bad for the environment as before.
While this may be true, hopefully with this argument gone, people can start shifting to the fact that it's basically still as useless for anything but a currency at best. sure, it may no longer be bad for the environment, but anything it can do, there already exist better options.
Tags: Crypto, Etheruem, Technology, Merge, News
IHG hack: 'Vindictive' couple deleted hotel chain data for fun
https://www.bbc.com/news/technology-62937678
Kazu: Apparently some people decided to try to hit a hotel chain with ransomware which they gained access to due to weak password but were unable to do so as the security kept isolating servers so they couldn't deploy their ransomware, so they decided to just try to wipe everything out of spite.
now. the attack was obviously discovered long before while they were trying to deploy their ransomware and the security kept isolating servers. so they obviously knew which servers were compromised.
The fact they weren't kicked out much earlier at this stage but manage to get to the point of wiping everything suggest to me either that the security decided the servers had no sensitive customer data(a least usable) and that they had backups, so they decided to isolate the systems to try observe the attacker. or they used an automated system that automatically isolated servers that behaved strangely.
Regardless of the case, it seems it affected them enough to have problems for days. this may simple be that they needed to Digital Forensic the servers before restoring from backups, or the wipe may have had a bigger impact and more work was needed then just to clone and restore from backup.
Tags: News, InfoSec, Hack, IMG, TeaPea
Google, Microsoft can get your passwords via web browser's spellcheck
Kazu: Apparently if you have extended spell checking enabled in chrome it sends all you information that you type and view to google which very much causes infosec people some annoyance, and while such a thing is indeed not good, consider you need to manually activate it and it warns you that it does send what you type into chrome to google, i don't really see this as a major "sound the alarm" case. although, chrome may have done a better job on actually warning users from what details would be sent to google.
Tags: News, InfoSec, chrome, google, Microsoft, Edge
Google loses challenge against EU antitrust decision, other probes loom
Kazu: Google and the EU court keep bashing their heads against each other and it seems google keep losing, big this time with a antitrust ruling that fines google 4.1 billion euros which is google's 3th time losing against a ruling. Google keeps trying to be coy and assert dominance by stealthily hiding behind good will and excuses, but it seems they have started to finally feel some heat for it.
but considering the amount the company as a whole earns, they will have recovered that loss in a matter of weeks without a problem, so not really sure how much it really hurt them, but if they keep getting slapped like this, they may decide they can save money by playing ball.
Tags: Technology, News, EU Court, AntiTrust, Ruling, Google, Fines
Extreme California heat knocks key Twitter data center offline
https://edition.cnn.com/2022/09/12/tech/twitter-data-center-california-heat-wave/index.html
Kazu: seems like the heat has even started to affect services like twitter which have had one of their key data center taken offline due to it, while this may be a temporary issue, i would like to remind everyone...and myself. That at any time and at any day, services like twitter can stop function due to either hardware or software problems and that they have a backup function which i recommend to routinely use to create a backup of you account as well as making sure you have a secondary method to contact people you care about as you will regret it when the only place you know people on goes down.
Tags: Technology, Twitter, news
Uber hacked, internal systems breached and vulnerability reports stolen
Kazu: uber was hacked(again) and this time the attacker managed to gain access by pretty much just spamming 2FA requests until the person got tired of it and accepted it just to get it to go away. the attacker then found hardcoded powershell scripts when scanning for sensitive files and then used that information to gain access further into uber's internal systems including their communication channels and their bug bounty program account at HackerOne, where they downloaded all reported vulnerabilities and then using the account to tell uber was hacked.
Tags: Uber, Hack, InfoSec, News
EVGA Exits GPU Market
https://www.jonpeddie.com/news/evga-wont-offer-nvidia-next-gen-series
Forum post by EVGA staff:
https://forums.evga.com/m3574574.aspx
Kazu: EVGA which have been a long time partner of Nvidia has officially announced they are exiting their partnership with them, citing increasing frustration with dealing with them, EVGA also says they will not partner with Intel or AMD either and thus by this completely exiting the GPU market. EVGA state they will still continue to make existing RTX 30-series as long as the stock lasts but that they will not release 4000 series cards.
Tags: Technology, News, GPU, EVGA, Nvidia
Other interesting Stuff
Android’s New Notification Feature Is a Decade Overdue
https://www.wired.com/story/android-13-notifications-permission/
Kazu: For a while now, smartphones such as the Iphone have been having the ability to approve or deny notifications beforehand and not after the fact when they popped up like on Android. but with Android 13, it seems that this will finally be possible and silence those persky notifications before they even have a chance to appear, which is a great thing imo.
Tags: Android, phone, New Feature, release, google. Technology
China Accuses the NSA of Hacking a Top University to Steal Data
https://gizmodo.com/china-nsa-northwestern-polytechnical-university-hack-1849530364
Kazu: China accuses the US of attacking Chinese university which are heavily suspected to be a place for heavy military research and working together with People's Liberation Army(PLA) as well as attacking 10k other places according to the china.
Consider that the country LITERALLY has secret divisions itself which are attributed to chinese government(ex. APT1, APT2, etc) they are basically the dictionary definition of "Pot calling the kettle black".
Tags: China, NSA, InfoSec, Hacking, TAO
NASA Announces Another New Launch Date for Artemis I Rocket
https://www.reviewgeek.com/129946/nasa-announces-another-new-launch-date-for-artemis-i-rocket/
Kazu: after multiple delays, it seems that the launch attempt for Artemis I will be attempted again on the 27th September which hopefully won't be another scrubbed one
Tags: Space, NASA, Artemis, launch,
FireScan:A malware analysis service
Kazu: FileScan.io is another malware analysis service which I wasn't aware of before which provides a 'in-depth file assessments, threat intelligence and indicator of compromise extraction', and now have a new update with their own Automated YARA rule generator based upon IOC patterns and other threat indicators.
I don't know how good or bad it is compared to other ones out there, but I figured that since I wasn't aware of it much then others may not be either and you can never have too many tools in your toolbox.
Also, a reminder that like any other online service, you should not submit files which may possibly contain sensitive information as that can be made public for others to see.
Tags: DFIR, CTI, Malware, Analysis, Threat Hunting, InfoSec, Tool
Reverse engineering tools review
https://www.pelock.com/articles/reverse-engineering-tools-review
Kazu: are you perhaps trying to get into RE, Malware analysis, Threat Hunting or other related career paths? Well, then I got good news for you as I just found this article which goes through and reviews the most popular tools used for Reverse Engineering, Malware analysis and so forth. So if you even were uncertain what tool to learn, then this article can be of great help.
Tags: InfoSec, Reverse Engineering, Threat Hunting, hacking, Tools