Robert

@[email protected]
80 Followers
429 Following
148 Posts
Former I.T. Consultant with over 20 years experience now focused on cybersecurity🌟Pentester, Offensive Security Engineer. Currently working on my OSCP (Offensive Security Certified Professional)🌟In preparation for the OSCP certification, I have pwned a variety of vulnerable lab machines from the OSCP lab🌟Top 1% on the Try Hack Me platform🌟Pro Hacker Level on the Hack the Box platform🌟Gamer | Offensive Security Rocks !!! #cybersecurity #infosec
RobertAug 10, 2023
BrianKrebsApr 16, 2023

It only took 13+ years, but this week KrebsOnSecurity surpassed 50,000 subscribers to our newsletter, which is and always has been just been a text-based email alert with a blurb and link that goes out w/ every story that gets published.

Haven't ever tried to survey our subscribers, but finally considering it. Would be open to ideas about how best to do that without annoying everyone.

The last time we did an informal analysis of our subscriber base -- ignoring all the gmails, yahoo etc addresses and looking at corporate domains -- we had something close to 70 percent of US financial institutions represented, which is a lot. But beyond that I don't have a lot of insight into my own base, and I'm unwilling to entrust our subscriber list to anyone else.

RobertMay 9, 2023
Avoid The Hack!May 9, 2023

QR codes used in fake parking tickets, surveys to steal your money

Careful what QR codes you are scanning... never a good idea to scan random QR codes.

Be extra warry of QR codes that lead you to install a third-party app - could be #malware or #spyware designed to give threat actors access to your phone.

#cybersecurity #infosec #security #informationsecurity

https://www.bleepingcomputer.com/news/security/qr-codes-used-in-fake-parking-tickets-surveys-to-steal-your-money/

QR codes used in fake parking tickets, surveys to steal your money

As QR codes continue to be heavily used by legitimate organizations—from Super Bowl advertisements to enforcing parking fees and fines, scammers have crept in to abuse the very technology for their nefarious purposes. A woman in Singapore reportedly lost $20,000 after using a QR code to fill out a "survey" at a bubble tea shop.

BleepingComputer
RobertApr 26, 2023
Show threadThe Duality of XanApr 23, 2023

"But why are you still on Twitter?"

Listen. I am an internet ancient. I stood amidst LiveJournal as it crumbled while I watched the fall of Flickr. I was there both times Tumblr burned down, toasting marshmallows over its smouldering ruin, laughing at the folly of Verizon. The death of Twitter was foretold by the dark prophecies of the forgotten internets. I am there to witness its passing as the old internet is dying and the new internet struggles to be born. Now is the time of monsters.

RobertApr 7, 2023
Paul AsadoorianApr 7, 2023
I mean, of course we can: "Hackers can open Nexx garage doors remotely, and there's no fix " https://www.bleepingcomputer.com/news/security/hackers-can-open-nexx-garage-doors-remotely-and-theres-no-fix/
Hackers can open Nexx garage doors remotely, and there's no fix

Multiple vulnerabilities discovered Nexx smart devices can be exploited to control garage doors, disable home alarms, or smart plugs.

BleepingComputer
RobertApr 4, 2023
Alyssa Miller 🛩️​   â€‹Apr 4, 2023
"Steel braided optical cable" was not a search term I expected to need, but here we are. #Cats
RobertMar 25, 2023
BleepingComputerMar 25, 2023

Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability.

https://www.bleepingcomputer.com/news/microsoft/microsoft-pushes-oob-security-updates-for-windows-snipping-tool-flaw/

Microsoft pushes OOB security updates for Windows Snipping tool flaw

Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability.

BleepingComputer
RobertMar 25, 2023
Patrick C Miller Mar 25, 2023
City of Toronto confirms data theft, Clop claims responsibility https://www.bleepingcomputer.com/news/security/city-of-toronto-confirms-data-theft-clop-claims-responsibility/
City of Toronto confirms data theft, Clop claims responsibility

City of Toronto is among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree. Other victims listed alongside the Toronto city government include UK's Virgin Group and the statutory corporation, Pension Protection Fund.

BleepingComputer
RobertMar 23, 2023
Katie Moussouris (she/her)🥜👋🏼Mar 23, 2023

What’s the opposite of impostor syndrome?

Where you KNOW you belong, you’ve earned your seat at every table you’re invited to, you’re certain your contribution will make a positive difference in ways unique to you based on your experience?

Whatever it’s called it pisses ppl off

RobertMar 11, 2023
BleepingComputerMar 10, 2023

CISA has added a critical severity vulnerability in VMware's Cloud Foundation to its catalog of security flaws exploited in the wild.

https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-vmware-rce-flaw-exploited-in-attacks/

CISA warns of critical VMware RCE flaw exploited in attacks

CISA has added a critical severity vulnerability in VMware's Cloud Foundation to its catalog of security flaws exploited in the wild.

BleepingComputer
RobertMar 6, 2023
Dan GoodinMar 6, 2023

Unkillable UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

Researchers on Wednesday announced a major cybersecurity find—the world’s first-known instance of real-world malware that can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.

Dubbed BlackLotus, the malware is what’s known as a UEFI bootkit. These sophisticated pieces of malware infect the UEFI—short for Unified Extensible Firmware Interface—the low-level and complex chain of firmware responsible for booting up virtually every modern computer. As the mechanism that bridges a PC’s device firmware with its operating system, the UEFI is an OS in its own right. It’s located in an SPI-connected flash storage chip soldered onto the computer motherboard, making it difficult to inspect or patch.

While researchers have found Secure Boot vulnerabilities in the past, there has been no indication that threat actors have ever been able to bypass the protection in the 12 years it has been in existence. Until now.

On Wednesday, researchers at security firm ESET presented a deep-dive analysis of the world’s first in-the-wild UEFI bootkit that bypasses Secure Boot on fully updated UEFI systems running fully updated versions of Windows 10 and 11.

To defeat Secure Boot, the bootkit exploits CVE-2022-21894, a vulnerability in all supported versions of Windows that Microsoft patched in January 2022. The memory corruption flaw can be exploited to remove Secure Boot functions from the boot sequence during startup. Attackers can also abuse the flaw to obtain keys for BitLocker, a Windows feature for encrypting hard drives.

CVE-2022-21894 has proven to be especially valuable to the BlackLotus creators. Despite Microsoft releasing new patched software, the vulnerable signed binaries have yet to be added to the UEFI revocation list that flags boot files that should no longer be trusted. As a result, fully updated devices remain vulnerable because attackers can simply replace patched software with the older, vulnerable software.

https://arstechnica.com/information-technology/2023/03/unkillable-uefi-malware-bypassing-secure-boot-enabled-by-unpatchable-windows-flaw/

Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

BlackLotus represents a major milestone in the continuing evolution of UEFI bootkits.

Ars Technica