Dr. Christopher Kunz

@christopherkunz@chaos.social
1.2K Followers
707 Following
2.1K Posts
Security (web, infra, app) nerd, slightly disillusioned VR enthusiast, author @heise Security
PGP fingerprint: C882 8ED1 7DD1 9011 C088  EA50 5CFA 2EEB 397A CAC1
where I workheise Security
Linktr.eehttps://linktr.ee/christopher.kunz
private bloghttps://www.christopher-kunz.de/
heise.dehttps://www.heise.de/autor/Dr-Christopher-Kunz-4325470
Dr. Christopher Kunz6d ago
Any sufficiently advanced technology is indistinguishable from magic. - Arthur C. Clarke
#39c3
Dr. Christopher KunzDec 12

In today's issue of "wtf am I doing here": Learning Binary Ninja on a friday afternoon.

Next up: Questioning life choices.

Dr. Christopher KunzDec 10
This thing certainly has a lot of pixels. #captcha #accessibility
Dr. Christopher KunzDec 8
The struggle is real.
Dr. Christopher KunzDec 5
IYKYK
Dr. Christopher KunzDec 5
Kann mal jemand bei Cloudflare den CDN-Server wieder einschalten?
Dr. Christopher KunzNov 27
Going all in on this retro crypto stuff.
Dr. Christopher KunzNov 26

Sha1-Hulud has a dead man's switch

The second iteration of the Shai-Hulud worm had a dead man's switch that destroys data on infected machines.
If it can't reach Github or npm to self-propagate, the worm spawns a cmd.exe / bash shell and tries to delete all data that can be written by the current user. Yikes.

It seems sha1-hulud is now contained though: Only about 300 infected repos are left.

https://about.gitlab.com/blog/gitlab-discovers-widespread-npm-supply-chain-attack/

Dr. Christopher KunzNov 25

Fundstück im Originalhandbuch der Enigma D (zivile Version ab 1926): "Schlüsselverwaltung ist lediglich eine Frage der Organisation"

99 Jahre später sind wir bei dieser Organisation gefühlt keinen Schritt weiter.

Dr. Christopher KunzNov 24
@wiz you sure about these iocs? They look like Shai-Hulud 1.0, not 2.0