| Blog | https://randomoracle.wordpress.com/ |
| Website | https://randomoracle.wordpress.com/about/ |
Props to scammers on clever use of a commercial security service to improve their phishing
This is a garden-variety scam, but the twist is that link to Exodus Wallet is a redirector through ProofPoint— ironically an email security company.
(Presumably helps bypass recipient-side URL scanning/blocking rules associated with cryptocurrency sites.)
Way to go Proofpoint. 🥇
Maybe they can brag about this at BH? "9 out of 10 scammers launder their URLs through our service"
Enshittification comes for the venerable MSFT office franchise.
https://beebom.com/microsoft-free-ad-supported-office-quietly-launched/
Periodic reminder:
Every security incident is an opportunity for vendors to shill for their particular product, whether or not it would have made any difference.
Two great examples from the Bybit fiasco:
1. Fireblocks (aka "Dumpster-Fire Blocks") pushing MPC over multsig, when it would have exactly the same threat model if all key shard-holders are tricked into approving the wrong transaction
2. Ledger inventing a non-existent category of transaction review called "Clear Signing" when plenty of existing hardware wallets (such as Grid+ Lattice1) already have the capability to parse Ethereum calldata and present human-readable explanation of contract calls.
The typing-and-deleting from DeepSeek is absurdly hilarious.
Here the model initially attributes the 2009 "Aurora" attacks Google and against other US companies to Chinese APT, and then deletes its own answer once it realizes it uttered uncomfortable truths.
This LLM sounds like a conflicted white-collar criminal who confesses and then promptly retracts the confession behind an unconvincing ploy about changing the subject away from political concerns.
If only the same trick worked to prevent Chinese APT from breaching a website 🤷♂️
https://unseen-japan.com/tokyo-university-chinese-students-tiananmen/
Note that this is only now officially CVE-2024-38217, and Microsoft has released a fix for it:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217
Why did this public, exploited-in-the-wild vulnerability not get a CVE for more than a month?
It's because Microsoft doesn't follow CVE CNA rules, and they only assign CVEs to updates, rather than vulnerabilities.
It's also because MITRE doesn't follow the CVE CNA rules, functioning as a CNA-LR (they ignored the request to get this issue a CVE).
Great job, folks!
The most troubling part of this bug report is MSFT having hard-coded an ECDSA private key into a binary that ships with every copy of Windows
🤦♂️
It's still amateur hour for key management in Redmond.
Nothing resets the expectations of a petulant tech-bro faster than doing the perp-walk in handcuffs 🤷🏽
https://techcentral.co.za/pavel-durov-changes-to-telegram-arrest/251203/
Not often one finds themselves being sympathetic to AT&T
But this is not the first time Broadcom has done a rug-pull after an acquisition, either discontinuing products or greatly undermining ongoing support.
https://www.channelfutures.com/channel-business/att-sues-broadcom-over-vmware-contracts-bullying
kottke.org
Mr. Bitterness
