📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #06/2024 is out! It includes the following and much more:
➝ 🔓 #Juniper Support Portal Exposed Customer Device Info
➝ 🔓 🇹🇭 Major #DataBreach in #Thailand Exposes Personal Data of 20 Million Elderly Citizens
➝ 🔓 🇫🇷 Millions at risk of fraud after massive health data hack in #France
➝ 🔓 🇺🇸 #Verizon employee inadvertently leaks data of 63 thousand colleagues
➝ 🔓 🖥️ #AnyDesk Hacked: Revokes Passwords, Certificates in Response
➝ 🔓 🇺🇸 #Clorox says #cyberattack caused $49 million in expenses
➝ 💸 📈 #Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
➝ 🇺🇸 💰 US offers $10 million for tips on #Hive ransomware leadership
➝ 🇨🇳 🇺🇸 #China-backed Volt Typhoon hackers have lurked inside US #criticalinfrastructure for ‘at least five years’
➝ 🇨🇳 🇳🇱 Chinese Hackers Exploited #FortiGate Flaw to Breach Dutch #Military Network
➝ 🇮🇷 🇮🇱 #Iran accelerates cyber ops against #Israel from chaotic start
➝ 🇧🇾 🇺🇸 Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion #Crypto Money Laundering
➝ 🇭🇰 💸 #Finance worker pays out $25 million after video call with #deepfake ‘chief financial officer’
➝ 🇺🇦 #ukraine is Creating a ‘Cyber Diplomat’ Post
➝ 🇩🇰 #Denmark orders schools to stop sending student data to #Google
➝ 🇪🇺 ⚖️ #EU proposes criminalizing AI-generated child sexual abuse and deepfakes
➝ 🇳🇱 💰 #Uber Fined 10 Million Euros by Dutch Data Regulator
➝ 🇺🇸 🛂 US to Roll Out Visa Restrictions on People Who Misuse #Spyware to Target Journalists, Activists
➝ 🦠 💬 Raspberry Robin #Malware Upgrades with #Discord Spread and New Exploits
➝ 🦠 🍎 New #macOS Backdoor Linked to Prominent Ransomware Groups
🦠 🪥 Surprising 3 Million Hacked #Toothbrushes Story Goes Viral—Is It True?
➝ 🇨🇦 🐬 #Canada declares #FlipperZero public enemy No. 1 in car-theft crackdown
➝ 🩹 #Ivanti: Patch new Connect Secure auth bypass bug immediately
➝ 🐛 📍 Security flaw in a popular smart helmet allowed silent location tracking
➝ 🩹 Critical Patches Released for New Flaws in #Cisco, #Fortinet, #VMware Products
➝ 🐛 🐧 Critical Boot Loader #Vulnerability in Shim Impacts Nearly All #Linux Distros
➝ 🐛 ✈️ #Airbus App Vulnerability Introduced Aircraft Safety Risk
➝ 🩹 #QNAP Patches High-Severity Bugs in QTS, Qsync Central
--
📚 This week's recommended reading is: "x86 Software Reverse-Engineering, Cracking, and Counter-Measure" by Stephanie Domas & Christopher Domas
--
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Option A: We never said that no passwords were stolen! We specifically said that no "passwords that could be exploited to connect to end user devices" were stolen.
Option B: We took the precaution in case we were caught lying, not to protect our users.
Option C: The dataset is not from this incident, but from another incident that we successfully kept secret!
❗ 📢 Achtung: Bei dem Hersteller der Fernzugriffssoftware #AnyDesk gab es eine Kompromittierung interner Systeme. Als Reaktion wird das Code-Signing-Zertifikat kurzfristig ausgetauscht.
Meine Befürchtungen haben sich leider bestätigt, Anbieter #AnyDesk (Fernwartungssoftware) ist gehackt worden. Ich habe die Bestätigung samt Historie in Teil 1 jetzt mal aufbereitet - Teil 2 folgt.
So it appears that #AnyDesk has decided to go down the route of every other remote desktop access software.
Restricting their free personal use access to try and force people to give them money.
This would be the 3rd time I've had to start looking for new software.
I use it to access the 3 systems in my own home only.
They keep cutting my sessions off... Last POS company that did that used to do it after 60 seconds. At least they're letting sessions last longer... for now.
Interesting. The Nested desktop mode on the #SteamDeck has been super useful, but cannot be remoted into via #AnyDesk and the like, cos it's in #Wayland rather than #X11/#Xorg. In that case, the Deck will still require the actual Desktop mode which still does run on X11.
Interesting. Updated my #Bazzite system and noticed that it’s now using #Wayland by default in desktop mode, so this will be my “first” time “main”-ing Wayland.
Haven’t done much on it yet but two immediate things I’ve noticed: The scaling looks pretty awful, and noticeably worse than on #X11/#Xorg. I use this PC on my TV and previously on X I’d scale it up and everything from text and icons look just as sharp as they would on 100%. Doesn’t seem to be the case here on Wayland.
The other thing I noticed was remoting into the desktop was no longer possible using #AnyDesk since they don’t support Wayland for that. I’ve heard a little of this issue in the past, not specific to AnyDesk. Not sure if there’s an alternative app similar to AnyDesk that might support remote desktop for Wayland, or if it’s a Wayland limitation entirely at the moment. All in all, pretty excited honestly to test more of this favourite little toy people love/hate so much.
HopToDesk is a free remote desktop tool allowing users to share their screen and allow remote control access to their computers and devices. Unlike other similar tools such as TeamViewer or AnyDesk, HopToDesk is free for both personal and business use, provides true end-to-end encryption for all peer communications, and open source.