Infosec.Pub

4,699 readers
107 users here now

To support infosec.pub, please consider donating through one of the following services:

Paypal: jerry@infosec.exchange

Ko-Fi: https://ko-fi.com/infosecexchange

Patreon: https://www.patreon.com/infosecexchange

founded 2 years ago
ADMINS
jerry
shellsharks
modbot
listing: all - local
976
3
What’s Coming in Lace (www.youtube.com)
submitted 1 month ago by rss@ibbit.at to c/cardano
0 comments fedilink
 
 

From Input Output via this RSS feed

977
2
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) (labs.watchtowr.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
978
3
Amazon disrupts watering hole campaign by Russia’s APT29 | Amazon Web Services (aws.amazon.com)
submitted 1 month ago* (last edited 1 month ago) by digicat to c/blueteamsec
1 comments fedilink
979
4
feddit.uk is down (edit: or only dead to Tor users) (lemmy.sdf.org)
submitted 1 month ago* (last edited 1 month ago) by evenwicht@lemmy.sdf.org to c/isitdown
6 comments fedilink
980
4
Does Apple silicon like the M1 chip have a spy chip (management engine) of sorts? [Answer: yes] (lemmy.sdf.org)
submitted 1 month ago* (last edited 1 month ago) by evenwicht@lemmy.sdf.org to c/infosec
3 comments fedilink
 
 

cross-posted from: https://lemmy.sdf.org/post/41050620

Spy chips are:

  • Intel CPUs after ~2008
  • AMD CPUs after ~2013
  • Arm CPUs (not sure when they started the trustzone stuff but likely around 2013 since AMD uses trustzone)

I believe IBM Power9 chips are spy chip free, but not sure about the successors.

Anyway, the question is about Apple chips. Web searches are lousy these days. I find nothing to confirm or deny the presence of management engines in Apple (Motorola?) CPUs.

Intuitively, I don’t think it would make business sense for Apple to do that because a majority of their customers are non-corporate individuals (unlike intel). OTOH, if that were sound logic then it would seem to contradict Arm chips which are also largely bought by non-corporate individuals.

Anyway, if anyone knows plz mention it here, ideally with a source.

Thanks!

981
6
Mint Linux project’s hostility toward Tor and privacy is why I dropped support for Mint users (sopuli.xyz)
submitted 1 month ago* (last edited 1 month ago) by freedomPusher@sopuli.xyz to c/tor
0 comments fedilink
982
18
New BruteForceAI Tool Automatically Detects Login Pages and Executes Smart Brute-Force Attacks (cybersecuritynews.com)
submitted 1 month ago by cm0002@piefed.world to c/cybersecurity
2 comments fedilink
983
3
Detecting Velociraptor misuse :: Velociraptor (docs.velociraptor.app)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
984
4
Two New feeds from CERT-FR integrated in Vulnerability-Lookup (discourse.ossbase.org)
submitted 1 month ago by cm0002@lemmy.world to c/cybersecurity
0 comments fedilink
985
2
Netherlands Confirms China’s Salt Typhoon Hacking Group Targeted Small Dutch Telcos (www.infosecurity-magazine.com)
submitted 1 month ago by Hotznplotzn@lemmy.sdf.org to c/cybersecurity
0 comments fedilink
 
 

cross-posted from: https://lemmy.sdf.org/post/41271046

Archived

Dutch intelligence agencies have revealed that the Chinese hacking group Salt Typhoon targeted organizations in the Netherlands.

In a joint statement published August 28 on the Dutch Ministry of Defence’s website, the Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) said they have now “independently confirmed parts of the US findings with their own intelligence.”

[...]

While Dutch organizations “most likely were not as heavily targeted as those in the US,” the MIVD and AIVD have identified victims in the Netherlands.

They stated that they observed evidence indicating Salt Typhoon gained access to the routers of Dutch targets, primarily small internet service providers (ISPs) and hosting providers.

However, their probe concluded that there is no evidence that the hackers penetrated deeper into those companies’ internal networks.

[...]

“Chinese cyber operations […] have become so advanced that constant vigilance and proactive measures are required to detect and mitigate threats against Dutch interests,” the statement on the Dutch Ministry of Defence website said.

986
4
A Nightmare on EDR Street: WDAC's Revenge (beierle.win)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
987
14
Open Source is one person (opensourcesecurity.io)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Comments

988
21
Apple pulls iPhone torrent app from AltStore PAL in Europe (www.theverge.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
3 comments fedilink
 
 

Apple has removed the iPhone torrenting client, iTorrent, from AltStore PAL’s alternative iOS marketplace in the EU, showing that it can still exert control over apps that aren’t listed on the official App Store. iTorrent developer Daniil Vinogradov told TorrentFreak that Apple has revoked his distribution rights to publish apps in any alternative iOS stores, […]

989
11
FBI cyber cop: Salt Typhoon pwned 'nearly every American' (www.theregister.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
2 comments fedilink
 
 

Plus millions of other people across 80+ countries China's Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to a top FBI cyber official.…

990
7
ShadowSilk: A Cross-Border Binary Union for Data Exfiltration (www.group-ib.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
991
4
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents (www.trendmicro.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
992
9
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide (www.bitdefender.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
993
6
Loophole allows threat actors to claim VS Code extension names (www.reversinglabs.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
994
7
Anklage gegen ein mutmaßliches Mitglied einer deutschen „Anonymous“-Gruppierung - Charges against a suspected member of a German “Anonymous” group (www.berlin.de)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
995
5
Malicious versions of Nx and some supporting plugins were published (github.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
 
 

https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/

996
13
Taiwan traces Chinese hackers selling stolen data to trafficking ring - Focus Taiwan (focustaiwan.tw)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
997
5
DPRK IT WORKERS UNVEILED (theravenfile.com)
submitted 1 month ago by digicat to c/blueteamsec
0 comments fedilink
998
0
Ergo PoW Blockchain - Weekly Update & AMA - August 28th (www.youtube.com)
submitted 1 month ago by rss@ibbit.at to c/ergonauts
0 comments fedilink
 
 

From Ergo Platform via this RSS feed

999
7
Catch-22: Uncovering Compromised Hosts using SSH Public Keys | USENIX (www.usenix.org)
submitted 1 month ago by jstangroome to c/cybersecurity
0 comments fedilink
 
 

In this paper, we present a method to identify compromised SSH servers at scale. For this, we use SSH's behavior to only send a challenge during public key authentication, to check if the key is present on the system. Our technique neither allows us to access compromised systems (unlike, e.g., testing known attacker passwords), nor does it require access for auditing.

1000
6
The personhood trap: How AI fakes human personality (arstechnica.com)
submitted 1 month ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

AI assistants don't have fixed personalities—just patterns of output guided by humans.

view more: ‹ prev next ›