IT Security Newsletter - 5/7/2024
Novel attack against virtually all VPN apps neuters their entire purpose
Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user's IP address. READ MORE...
MITRE Hack: China-Linked Group Breached Systems in December 2023
MITRE has shared more details on the recently disclosed hack, including the new malware involved in the attack, attribution information, and a timeline of the attacker's activities. MITRE, a not-for-profit company operating R&D centers on behalf of US government sponsors, revealed on April 19 that hackers had targeted its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network used for research, development, and prototyping. READ MORE...
Physical security biz exposes 1.2M files via unprotected database
A UK-based physical security business let its guard down, exposing nearly 1.3 million documents via a public-facing database, according to an infosec researcher. A researcher says they stumbled upon a trove of data belonging to Amberstone Security, which included thousands of pictures of its guards as well as pictures of individuals suspected of offenses including shoplifting. READ MORE...
Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway
Citrix appears to have quietly addressed a vulnerability in its NetScaler Application Delivery Control (ADC) and Gateway appliances that gave remote, unauthenticated attackers a way to obtain potentially sensitive information from the memory of affected systems. The bug was nearly identical to - but not as serious as - "CitrixBleed" (CVE-2023-4966), a critical zero-day vulnerability in the same two technologies that Citrix disclosed last year. READ MORE...
Lockbit's seized site comes alive to tease new police announcements
The NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday. On February 19, a law enforcement operation called Operation Cronos took down LockBit's infrastructure, including 34 servers hosting the data leak website and its mirrors, data stolen from the victims, cryptocurrency addresses, 1,000 decryption keys, and the affiliate panel. READ MORE...
LLMs & Malicious Code Injections: 'We Have to Assume It's Coming'
A rise in prompt injection engineering into large language models (LLMs) could emerge as a significant risk to organizations, an unintended consequence of AI discussed during a CISO roundtable discussion on Monday. The panel was held during Purple Book Community Connect-RSAC, an event at this week's RSA Conference in San Francisco. Karthik Swarnam, CISO at ArmorCode believes incidents arising from prompt injections in code are inevitable. READ MORE...
Google, Meta, Spotify break Apple's device fingerprinting rules - new claim
Last week, Apple began requiring iOS developers justify the use of a specific set of APIs that could be used for device fingerprinting. Yet the iGiant doesn't appear to be making much effort to ensure that Google, Meta, and Spotify comply with the rules, it's claimed. Device fingerprinting involves collecting information about various device settings and components, then combining those into a single identifier that's likely to be unique and thus useful for targeting people with ads. READ MORE...
Hackers discover how to reprogram NES Tetris from within the game
Earlier this year, we shared the story of how a classic NES Tetris player hit the game's "kill screen" for the first time, activating a crash after an incredible 40-minute, 1,511-line performance. Now, some players are using that kill screen-and some complicated memory manipulation it enables-to code new behaviors into versions of Tetris running on unmodified hardware and cartridges. READ MORE...
- ...in 1946, the Tokyo Telecommunications Engineering Corporation is founded in Japan. 12 years later, it changes its name to "Sony."
- ...in 1952, English scientist Geoffrey Dummer publishes a paper with the first public description of an integrated circuit, the basis of all modern electronics.
- ...in 1992, the Space Shuttle Endeavour is launched on its first mission, including the only three-person EVA ever attempted.
- ...in 1998, Mercedes-Benz buys Chrysler for $40 billion forming DaimlerChrysler.