King Buzzo

@[email protected]
45 Followers
36 Following
102 Posts
Lead a global SOC / security is my drug / thinks too much / rides bikes like I stole them
King BuzzoJul 19, 2024
Zack WhittakerJul 19, 2024

U.S. cybersecurity agency CISA has acknowledged that while the CrowdStrike outage is *not* a cyberattack, it has observed malicious actors "taking advantage" of the s(h)ituation for "phishing and other malicious activity" and warned organizations to "avoid clicking on phishing emails or suspicious links."

More: https://www.cisa.gov/news-events/alerts/2024/07/19/widespread-it-outage-due-crowdstrike-update

King BuzzoJul 19, 2024
Ernie SmithJul 19, 2024

Southwest’s tech debt hurt it back in 2022 but it seems to be doing it some favors today.

Old Windows taketh away, but sometimes old Windows giveth.

https://www.digitaltrends.com/computing/southwest-cloudstrike-windows-3-1/

EDIT: Fix date

EDIT: @peterbutler pushed me to do a little more research, and I’m more comfortable saying it the underlying software probably dates to Windows NT or XP.

A Windows version from 1992 is saving Southwest’s butt right now

Southwest hasn't been impacted by the CrowdStrike outage, and that's reportedly because it's still running Windows 3.1.

Digital Trends
King BuzzoOct 16, 2023
BleepingComputerOct 16, 2023

Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens.

https://www.bleepingcomputer.com/news/security/discord-still-a-hotbed-of-malware-activity-now-apts-join-the-fun/

Discord still a hotbed of malware activity — Now APTs join the fun

Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens.

BleepingComputer
King BuzzoOct 16, 2023
BleepingComputerOct 16, 2023

Signal messenger has investigated rumors spreading online over the weekend of a zero-day security vulnerability related to the 'Generate Link Previews' feature, stating that there is no evidence this vulnerability is real.

https://www.bleepingcomputer.com/news/security/signal-says-there-is-no-evidence-rumored-zero-day-bug-is-real/

Signal says there is no evidence rumored zero-day bug is real

Signal messenger has investigated rumors spreading online over the weekend of a zero-day security vulnerability related to the 'Generate Link Previews' feature, stating that there is no evidence this vulnerability is real.

BleepingComputer
King BuzzoMar 9, 2023

Stupid Persistent Threat (SPT). Noun
Direct opposite of an Advanced Persistent Threat (APT).

Example: Type of threat actor who locates a person in a company via LinkedIn, triangulates their cell phone number, and sends an SMS text purporting to be the CEO. Except the SPT has the SMS coming from an area code not associated with the company. Stupid.

King BuzzoJan 17, 2023
Matt BurgessJan 17, 2023

I read through 70,000 words of Apple's privacy policy and associated guides so you don't have to.

Apple's advertising business has grown massively in recent years, with ads appearing in the App Store, News and Stocks apps. Part of this is its personalized advertising. Everything you do in the App Store is tracked, every tap of the screen and scroll of a page.

https://www.wired.com/story/apple-privacy-data-collection/

#apple #wired #data #privacy #news #advertising #infosec

All the Data Apple Collects About You—and How to Limit It

Cupertino puts privacy first in a lot of its products. But Apple still gathers a bunch of your information.

WIRED
King BuzzoJan 17, 2023
​cve-2022-41099
King BuzzoJan 16, 2023
kind of cray folks aint burning down the Redmond campus cause of the #Bitlocker/WinRE CVE-2022-41099 boondockle
King BuzzoJan 16, 2023
Rairii Nov 8, 2022

Hmm, CVE-2022-41099 BitLocker Security Feature Bypass Vulnerability

Not sure if this is the issue I reported, will have to bindiff the actual patch to make sure...

King BuzzoJan 16, 2023
OPSEC Cybersecurity News LiveJan 14, 2023
Why/When does patching CVE-2022-41099 (BitLocker Bypass) require extra steps?

https://security.stackexchange.com/questions/267720/why-when-does-patching-cve-2022-41099-bitlocker-bypass-require-extra-steps

#vulnerability #windows10 #bitlocker
Why/When does patching CVE-2022-41099 (BitLocker Bypass) require extra steps?

Microsoft has published information about a recent security problem classified as "BitLocker Security Feature Bypass" identified as CVE-2022-41099 which points out that Windows Recovery

Information Security Stack Exchange