Prisma/Channel

2021-11-27 11:20:50 What hackers don’t want you to know Open / Comment

2021-10-21 09:30:59 Still using voice assistants? Ever wonder what data they collect and persist? Here's a hint: everything. This data privacy blogger requested their data from Amazon and it had among others: precise location, a list of all contacts and audio recordings of all her requests to Alexa.

https://www.tiktok.com/@my.data.not.yours/video/7002745932064230662

https://www.mirror.co.uk/news/weird-news/woman-finds-amazon-thousands-recordings-25240984 Open / Comment

2021-09-14 11:35:42 Apple's new iOS v14.8 contains security fixes for vulnerabilities found by Citizen Lab in CoreGraphics and WebKit. Since exploits were found in the wild, it is highly recommended to update ASAP.

https://9to5mac.com/2021/09/13/apple-says-ios-14-8-patches-iphone-attack-that-defeated-blastdoor-protections/ Open / Comment

2021-03-12 10:38:44 #FridaySecurity Open / Comment

2021-02-05 08:49:30 I love these stories when a regular due diligence on a device security turns into a complete train wreck. A simple device that counts the passing by people to measure building occupancy turned into a wide-open welcoming gateway for everybody.

Just take a look, it gets worse and worse: https://threadreaderapp.com/thread/1357296455615197184.html

#FridaySecurity Open / Comment

2021-01-27 13:23:33 Wow, that's a big one (CVE-2021-3156): escalation of privilege in sudo ( ) through a buffer overflow. Almost everyone's affected, any local user can elevate to root.

Affected versions:
All legacy versions from 1.8.2 to 1.8.31p2
All stable versions from 1.9.0 to 1.9.5p1

To test if your system is vulnerable or not, login to the system as a non-root user.
Run command sudoedit -s /
If the system is vulnerable, it will respond with an error that starts with sudoedit:
If the system is patched, it will respond with an error that starts with usage:

More details: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit Open / Comment

2021-01-22 14:04:42 Open / Comment

2021-01-22 14:04:42 #FridaySecurity Open / Comment

2020-10-01 11:36:08 So the recent leak of Windows source code is confirmed, in fact the sources were for Windows XP SP1 and Windows Server 2003. This is huge for the community and I believe will in the end be beneficial to Microsoft's OS business itself.

A twitter user https://twitter.com/ntdev_ published a youtube tutorial on how to compile it, which was shortly taken down by copyright claims from Microsoft.

The video however is available and could be downloaded via torrent using this magnet link: magnet:?xt=urn:btih:7c370b5e00b91b12fc02e97bacdca24306dc12b5 Open / Comment

2020-09-25 12:42:37 The rumor has it, Windows XP source code was leaked today in a 43 GB archive. Open / Comment