In recent months, the House of Representatives has been hard at work drafting various spending bills for the 2023 fiscal year. While these bills provide funding for a vast array of government programs and agencies, there was one thing that really stands out.
U.S. Government Spending Billions on Cybersecurity
Manjaro, alternates?
I’ve installed Mamjaro a bunch of times over the years and liked it pretty much for the most part. Lately though been hearing a lot of issues going on with it. This isn’t the first time either.
New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
A novel data exfiltration technique has been found to leverage a covert ultrasonic channel to leak sensitive information from isolated, air-gapped computers to a nearby smartphone that doesn’t even require a microphone to pick up the sound waves.
Source: New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
ETHERLED: Air-gapped systems leak data via network card LEDs
Israeli researcher Mordechai Guri has discovered a new method to exfiltrate data from air-gapped systems using the LED indicators on network cards. Dubbed ‘ETHERLED’, the method turns the blinking lights into Morse code signals that can be decoded by an attacker.
Source: ETHERLED: Air-gapped systems leak data via network card LEDs
“As Nasty as Dirty Pipe” — 8 Year Old Linux Kernel Vulnerability Uncovered
Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is “as nasty as Dirty Pipe.” Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw ( CVE-2022-2588 ) to escalate privileges to the maximum level. “DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege,” researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing noted. “Instead of overwriting any critical data fields on kernel heap, DirtyCred abuses the heap memory reuse mechanism to get privileged.” This entails three steps – Free an in-use unprivileged credential with the vulnerability Allocate privileged credentials in the freed memory slot by triggering a privileged userspace process such as su, mount, or sshd Operate as a privileged user The novel exploitation method, according to the researchers, pushes the dirty pipe to the next level, making it more general as well as potent in a manner that could work on any version of the affected kernel. “First, rather than tying to a specific vulnerability, this exploitation method allows any vulnerabilities with double-free ability to demonstrate dirty-pipe-like ability,” the researchers said .
Source: “As Nasty as Dirty Pipe” — 8 Year Old Linux Kernel Vulnerability Uncovered
Innocence is Bliss
Shouldn’t be a surprise to anyone. Don’t put all of your eggs in one basket. #Google has implemented #CSAM protocols. #Europe started this BS, and now we’re finishing it!!! Something that can appear innocent is flagged inappropriately and cause an uncorrectable cascade failure.
The world’s biggest surveillance company you’ve never heard of
You may never have heard of Hikvision, but chances are you’ve already been captured by one of its millions of cameras. The Chinese company’s products can be found anywhere from police surveillance systems to baby monitors in more than 190 countries.
Source: The world’s biggest surveillance company you’ve never heard of
You be the judge?
Is it so? Is there such loathing for Linux via Microsoft that they put WSL2 just to satisfy developers?
Hackers Took Over a Commercial Satellite to Broadcast Hacker Movies
A group of hackers was able to take control of a decommissioned satellite and use it to stream a hacking conference’s talks and hacker movies. On Saturday, at the DEF CON hacking conference in Las Vegas, Karl Koscher, one of the members of a hacking enthusiasts group called Shadytel , explained how he and his friends were able to legally stream from a satellite in geostationary orbit—35,786 km or 22,236 miles from the surface of the planet.
Source: Hackers Took Over a Commercial Satellite to Broadcast Hacker Movies
Yes. Big Tech is Building SKYNET. AI Machine Learning
Very interesting but true. Storage is limitless now and we can store everything forever.
-
Recent Posts
-
Archives
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
-
Meta