| Me | https://sebastian-schinzel.de/ |
| FH Münster | https://www.fh-muenster.de/de/eti/ueber-uns/personen/schinzel/ |
Sebastian Schinzel
- 1.3K Followers
- 483 Following
- 477 Posts
Husband, dad, mountain biker, professor of computer security at FH Münster and department lead @fraunhofersit. Private account.
The gnupg team's toxicity remains outstanding. https://gnupg.org/blog/20250117-aheinecke-on-sequoia.html
Regarding today's talk at #38c3 "Wir wissen wo dein Auto steht - Volksdaten von Volkswagen" https://fahrplan.events.ccc.de/congress/2024/fahrplan/talk/Q8ZAV9/:
We wrote two papers about this topic:
ARES 2021: "Grand Theft App: Digital Forensics of Vehicle Assistant Apps" https://www.hb.fh-muenster.de/opus4/frontdoor/deliver/index/docId/13903/file/ebbers_Grand_Theft_App.pdf
DFRWS 2024: "Grand theft API: A forensic analysis of vehicle cloud data" https://www.sciencedirect.com/science/article/pii/S266628172300210X?via%3Dihub
Helped a teacher friend install the software stack of this for his school lectures. Setting this up was quite painful and time consuming.
Still worth it.
Four days ago, I unfollowed everyone on Twitter and posted about it. I currently still have 4783 followers on Twitter and the tweet received no likes and no retweets (which is fine). I stopped posting there two years ago, and since then, only posted links to my Mastodon toots.
The tweet was viewed 379 times, and assuming that each Twitter user only viewed it once, less than 8% of my followers saw the tweet. Good riddance.
We found 82,000 live LDAP servers on the public Internet. Out of these, 12,000 responded with personal data if queried anonymously (without authentication). Only less than 1,400 had a strong TLS configuration, the rest only allowed weak ciphersuites, untrusted TLS certificates, or no TLS at all. Around 600 servers ran a LDAP server product version that is linked to at least one CVE.
Even worse, our sampling revealed that 1,817 IPs (2.21%) leak passwords, either hashed or plaintext. To further minimize harm to users, we develop a method for counting the total number of passwords within a directory without actually downloading them. In total, the affected servers leak 3.9 million passwords.
New paper "LanDscAPe: Exploring LDAP Weaknesses and Data Leaks at Internet Scale", just presented at USENIX Security 2024. It is joint work with Jonas Kaspereit, Gurur Öndarö, Gustavo Cesar, Simon Ebbers, Fabian Ising, Christoph Saatjohann, Mattijs Jonker, and Ralph Holz. https://www.usenix.org/conference/usenixsecurity24/presentation/kaspereit
Have you heard of LDAP, the lightweight directory access protocol? If you are registered or work at any larger organization, chances are your data is stored within an LDAP server, including your password.
So surely all organizations keep these LDAP servers well secured behind firewalls and such, you think? Not quite because LDAP can also be used as addressbook and some organizations intentionally expose their LDAP server on the internet because of this. Isn't this very dangerous you ask? Yes it is and we scanned the full IPv4 Internet to look for LDAP servers leaking sensitive information.
Lateral movement, privilege escalation, undetected persistance for 4 weeks is only briefly mentioned in the article.
They don't seem to understand that they could have detected so many of these steps.
Blaming that employee just seems very bad style.
The article says that Continental blames an employee who downloaded a non-authorized browser. This browser was somehow malware infected and this was the reason they lost 40 TB of data.