cybersecurity

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

Weekly thread for highlighting and discussing the past week’s notable threats, vulnerabilities, breaches and more!

Feel free to comment on what I’ve collected or share things you have found useful or interesting!

• 5Ghoul: Unleashing Chaos on 5G Edge Devices
• Sierra:21 : Supply Chain Vulnerabilities in IoT/OT routers
• Struts 2 Critical RCE 😱
• China’s cyber army is invading critical U.S. services
• Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

I am reading a lot about this currently.

Basically:

• podman, flatpak, some Browsers use user namespaces to isolate activities from the main system
• they are widely used as a security measurement
• on Linux Flatpak uses them, as bubblewrap creates new user namespaces for each application
• Flatpakked browsers cant use user namespaces themselves, as this is not compatible with flatpak. So their security especially in Chromium is reduced.

But that is as far as I go. The hardened Linux Kernel disables user namespaces. There is bubblewrap-suid which avoids using user namespaces.

Unflatpakked browsers are more secure as they can use their builtin sandbox to do things like tab isolation. But does this even work when user namespaces are disabled, or does this also break sandboxing?

Are user namespaces secure, is not using them even worse, what are hidden implications?

I also read that firejail runs as root, so if it has a security hole the sandboxed program can get root privileges. Isnt that the same with bubblewrap-suid ?

I brought this display. I've read a few reviews, most are positive, but some say it doesnt work with the pwnagotchi. Can anyone tell me how to enable this display?

Introducing Threat Thursday! Weekly thread for highlighting and discussing the past week’s notable threats, vulnerabilities, breaches and more!

Feel free to comment on what I’ve collected or share things you have found useful or interesting!

• Design flaw in Google Workspace (DeleFriend)
• Sumo Logic concludes security breach investigation
• New Relic issues security incident advisory
• Explanation of “Looney Tunables“ (CVE-2023-4911) vulnerability by Mohamed Sayed
• Extracting Training Data from ChatGPT
• BLUFFS Bluetooth attack
• Update on most recent Okta breach
• AutoSpill vulnerability
• SLAM vulnerability
• LogoFAIL vulnerability

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

I talk about a report I've made to MSRC in the beginning of the year regarding vscode.

It's a bit different. There's no in depth technical stuff, because I basically just reported the feature, not a bug.

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

• Security researchers have discovered new Bluetooth security flaws that allow hackers to impersonate devices and perform man-in-the-middle attacks.

• The vulnerabilities impact all devices with Bluetooth 4.2 through Bluetooth 5.4, including laptops, PCs, smartphones, tablets, and others.

• Users can do nothing at the moment to fix the vulnerabilities, and the solution requires device manufacturers to make changes to the security mechanisms used by the technology.

Research paper: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066

Github: https://github.com/francozappa/bluffs

CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

(Final) Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

NOTE: I’ve decided to sunset this weekly thread. Doesn’t seem like there’s much interest by the community in this discussion at this time.

cross-posted from: https://links.hackliberty.org/post/454425

When I visit this post:

https://jlai.lu/post/2250911

the embedded short abstract intro to the article is “403 Blocked www.lecho.be” When I try visiting the link directly I get “403 bot detection”. This suggests that everyone who opens that thread independently visits that webpage by way of some javascript that’s not under the user’s control. If 1000 people open that thread, then 1000 separate fetches are made. That’s a poor design. The server could do that job just once and the results would be more reliable. As opposed to everyone getting different results.

This is also a #privacy #security bug. Someone who opens a thread does not necessarily intend to fetch the linked article. Non-tor users are under surveillance in some countries (e.g. the US, where Trump enacted law s.t. ISPs can collect data on users without consent). So they should have control over what sites they visit. Merely opening a thread is an abuse because it makes users actions instantly trackable. IOW, users share information with their ISP without their knowledge or control.

Note that the example thread shows the full text of the article because the author was diligent about copying it. But that’s not the general case.

#bug #lemmyBug

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

I am currently trying to learn cyber security, specifically pentesting. I also do blue team things now and then, but not too often. I've started about 2 years ago with programming in python, later golang. I feel like I am decent in both. However when it comes to pentesting and security in general. It doesn't feel like I'm doing progress whatsoever. I know about theoretical Linux, networking, programming and that stuff, but when it comes to the hands on tasks, I fail miserably. I know know how HTTP works, but can't do easy Hack the Box CTFs without a complete writeup (not just little hints). I solved a few CTFs on different platforms with the help of writeups because I thought I just lacked the creative thinking part, but I don't see any progress. And when I feel like doing CTFs, I quickly loose motivation because I don't get anything done. Can anyone relate? How can I overcome this?

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!