All About Circuits

Privacy lost...

Search Forums New Posts
Reloadron

Reloadron

Joined Jan 15, 2015
7,891
joeyd999 said:
We (my daughter and I) do. Lots.
Click to expand...
Hopefully you don't get a bill from a credit card asking about the $247 payment to an escort company in Las Vegas. :) Seriously one of my credit card numbers was scammed and I got a text from the credit card company asking if I just charged $247 with an escort company in Vegas. No I didn't. :)

I guess you just wait and see or order new cards? Best of luck to you on this.

Ron
 
nsaspook

nsaspook

Joined Aug 27, 2009
16,329
https://www.windowscentral.com/soft...th-its-users-windows-recall-is-the-last-straw
A PR disaster: Microsoft has lost trust with its users, and Windows Recall is the straw that broke the camel's back
Microsoft is fully aware that the concept of Windows Recall sounds creepy. I know that the company spent a lot of time internally figuring out how to communicate this feature to the world, but it turns out there's no good way to communicate something like this when your users don't trust you.

Users are describing the feature as literal spyware or malware, and droves of people are proclaiming they will proudly switch to Linux or Mac in the wake of it. Microsoft simply doesn't enjoy the same benefit of the doubt that other tech giants like Apple may have.
Click to expand...
 
nsaspook

nsaspook

Joined Aug 27, 2009
16,329
https://www.bleepingcomputer.com/ne...ensions-with-millions-of-installs-discovered/
Malicious VSCode extensions with millions of installs discovered

Typosquatting the Dracula theme
For their recent experiment, researchers Amit Assaraf, Itay Kruk, and Idan Dardikman, created an extension that typosquats the 'Dracula Official' theme, a popular color scheme for various applications that has over 7 million installs on the VSCode Marketplace.

Dracula is used by a large number of developers due to its visually appealing dark mode with a high-contrast color palette, which is easy on the eyes and helps reduce eye strain during long coding sessions.

The fake extension used in the research was named 'Darcula,' and the researchers even registered a matching domain at 'darculatheme.com.' This domain was used to become a verified publisher on the VSCode Marketplace, adding credibility to the fake extension.
...
VSCode Marketplace status
After the successful experiment, the researchers decided to dive into the threat landscape of the VSCode Marketplace, using a custom tool they developed named 'ExtensionTotal' to find high-risk extensions, unpack them, and scrutinize suspicious code snippets.

Through this process, they have found the following:

  • 1,283 with known malicious code (229 million installs).
  • 8,161 communicating with hardcoded IP addresses.
  • 1,452 running unknown executables.
  • 2,304 that are using another publisher's Github repo, indicating they are a copycat.
Below is an example of code found in a malicious Visual Studio Code Marketplace extension that opens a reverse shell to the cybercriminal's server.
 
nsaspook

nsaspook

Joined Aug 27, 2009
16,329
https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says
To Harris, who had previously spent nearly seven years working for the Defense Department, it was a security nightmare. Anyone using the software was exposed, regardless of whether they used Microsoft or another cloud provider such as Amazon. But Harris was most concerned about the federal government and the implications of his discovery for national security. He flagged the issue to his colleagues.

They saw it differently, Harris said. The federal government was preparing to make a massive investment in cloud computing, and Microsoft wanted the business. Acknowledging this security flaw could jeopardize the company’s chances, Harris recalled one product leader telling him. The financial consequences were enormous. Not only could Microsoft lose a multibillion-dollar deal, but it could also lose the race to dominate the market for cloud computing.

Harris said he pleaded with the company for several years to address the flaw in the product, a ProPublica investigation has found. But at every turn, Microsoft dismissed his warnings, telling him they would work on a long-term alternative — leaving cloud services around the globe vulnerable to attack in the meantime.
Click to expand...
Microsoft itself was also breached.

In the immediate aftermath of the attack, Microsoft advised customers of Microsoft 365 to disable seamless SSO in AD FS and similar products — the solution that Harris proposed three years earlier.

As the world dealt with the consequences, Harris took his long simmering frustration public in a series of posts on social media and on his personal blog. Challenging Brad Smith by name, and criticizing the MSRC’s decisions — which he referred to as “utter BS” — Harris lambasted Microsoft for failing to publicly warn customers about Golden SAML.

Microsoft “was not transparent about these risks, forced customers to use ADFS knowing these risks, and put many customers and especially US Gov’t in a bad place,” Harris wrote on LinkedIn in December 2020. A long-term fix was “never a priority” for the company, he wrote. “Customers are boned and sadly it’s been that way for years (which again, sickens me),” Harris said in the post.
Click to expand...
 
nsaspook

nsaspook

Joined Aug 27, 2009
16,329
Wow! Very impressive backdoor coding.
https://securelist.com/xz-backdoor-part-3-hooking-ssh/113007/

Key findings
Our analysis revealed the following interesting details about the backdoor’s functionality:

  • The attacker set an anti-replay feature to avoid possible capture or hijacking of the backdoor communication.
  • The backdoor author used a custom steganography technique in the x86 code to hide the public key, a very clever technique to hide the public key.
  • The backdoor hides its logs of unauthorized connections to the SSH server by hooking the logging function.
  • The backdoor hooks the password authentication function to allow the attacker to use any username/password to log into the infected server without any further checks. It also does the same for public key authentication.
  • It has remote code execution capabilities that allow the attacker to execute any system command on the infected server.
 
nsaspook

nsaspook

Joined Aug 27, 2009
16,329
https://apnews.com/article/julian-assange-wikileaks-australia-7daeb8f54c0604fb0e78c0b171046013
WikiLeaks founder Julian Assange returns to Australia a free man after US legal battle ends
The Justice Department, facing a defendant who had already served substantial jail time, was able to resolve — without trial — a case that raised thorny legal issues and that might never have reached a jury at all given the plodding pace of the extradition process. Assange, for his part, signaled a begrudging contentment with the resolution, saying in court that though he believed the Espionage Act contradicted the First Amendment, he accepted the consequences of soliciting classified information from sources for publication.
Click to expand...
A fair settlement.

1719435422943.png
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
bertus Privacy and security tips for windows android and ios Off-Topic 0
B Kindle privacy issue. Off-Topic 16
Analog Ground Indeed and California's latest privacy law Jobs & Career Advising 0
S Is this a wi-fi system? General Electronics Chat 5
MrAl Internet Privacy Repeal, For or Against? Off-Topic 35
Similar threads
Privacy and security tips for windows android and ios
Kindle privacy issue.
Indeed and California's latest privacy law
Is this a wi-fi system?
Internet Privacy Repeal, For or Against?

You May Also Like

Top