For the three reporters who have written articles about this, and the one who provided invaluable guidance, my gratitude is endless. This post doesn't apply to you, nor "the feds", the cybersecurity experts, or #lawyers (including and especially @eff), who were extremely helpful. The rest, however, should take note.
I've willingly laid my neck on a chopping block, unprotected, for over six months.
My outreach has been exhaustive:
• Attempted to engage with over 150 journalists and #news organizations,
• Coordinated frequently with the Cybersecurity and Infrastructure Security Agency (#CISA or "the feds"),
• Consulted with numerous cybersecurity experts,
• Sought advice from multiple lawyers,
• Spoke with ten state and state court CISOs,
• Attempted to talk to several dozen state and county court clerks and judges,
• Sent emails to every Florida State Senator, State Representative, and Supreme Court justice, and to multiple governors,
• Discussed with the staff of multiple U.S. Senators and U.S. Representatives,
• Contacted twelve vendors and over 40 employees
I've offered to write articles -- for free.
I've had no fewer than eight background checks done on me.
I've been cyberstalked by the Arizona Supreme Court.
I've put my job and my family's livelihood at risk in more ways than one.
I've made a grand total of $0; in fact, I've invested several hundred.
When I'm able to sleep, it's with one eye open, always waiting for "that" knock on the door.
After my first #disclosure, I prepared for a week to deal with what I expected to be a #media circus. What I received was one preemptive email from a state court #CISO (who was not affected) and one kind person (who is not a #journalist) on the #fediverse.
I've spent over 900 hours discovering, documenting, reporting, and disclosing vulnerabilities, trying to get this fixed on a mass scale, and attempting to contact the above list. I see no signs of this slowing down any time soon. All of this for what is merely a #hobby.
I've done my part. It's time for reporters to step up. The real-world harm these vulnerabilities have caused — and continue to cause — cannot be overstated. The need for widespread awareness and action is urgent.
Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen — Chinese and US researchers show new side channel can reproduce fingerprints to enable attacks
An interesting new attack on biometric security has been outlined by a group of researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Fi ...continues
Recorded Future has an 18 page report on Ransomware Exploitation of vulnerabilities for the past six years (2017). Here are the key findings:
Ransomware groups alone in exploiting three or more vulnerabilities exhibit a clear targeting focus, which defenders can use to prioritize security measures. For example, CL0P has uniquely and infamously focused on file transfer software from Accellion, SolarWinds, and MOVEit. Other ransomware groups with high levels of unique exploitation exhibit similar patterns.
All of the vulnerabilities ransomware groups have targeted most widely are in software frequently used by major enterprises and can be easily exploited via penetration testing modules or single lines of curl code. These vulnerabilities are ProxyShell (CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207), ZeroLogon (CVE-2020-1472), Log4Shell (CVE-2021-44228), CVE-2021-34527, and CVE-2019-19781.
Vulnerabilities requiring unique or custom vectors to exploit (for example, malicious files using particular forms of compression) are more likely to be exploited by only one or two groups.
Ransomware operators and affiliates are highly unlikely to discuss specific vulnerabilities, but the cybercriminal ecosystem that supports them has discussed publicly known vulnerabilities andproducts as targets of interest for exploitation
The #HTTP Garden is a collection of HTTP #servers and #proxies configured to be composable, along with scripts to interact with them in a way that makes finding #vulnerabilities much much easier.
SonicWall next-gen firewall (NGFW) series 6 and 7 devices are affected by 2 DoS #vulnerabilities that can lead to remote code execution (RCE): #CVE-2022-22274 and CVE-2023-0656. Bishop Fox research revealed that these issues are fundamentally the same, but exploitable at different HTTP URI paths. Read more & download our test script at our blog.
We've published a new article on the @hnsec blog: “A collection of weggli patterns for C/C++ vulnerability research”, in which @raptor shares his experience with #weggli and provides patterns that cover common C/C++ #vulnerabilities.