Lightnews — Scholar-powered news

Reposted by Sudheer Varma

Nicolas Caproni

@caproni.fr

Inside a New OT/IoT Cyberweapon: IOCONTROL

Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by the Iran-affiliated attackers to attack Israel- and U.S.-based OT/IoT devices.

buff.ly

December 13, 2024 at 7:00 AM

Reposted by Sudheer Varma

tlansec

@tlansec.bsky.social

Excited that we @volexity.com are able to share a writeup of one of our most interesting incidents! This case involves:

* A 0-day exploit
* Physical trips to the customer site to determine root cause
* Compromise via Wi-Fi.

www.volexity.com/blog/2024/11...

#nearestneighbor #threatintel

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access

In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever w...

www.volexity.com

November 22, 2024 at 3:05 PM

Reposted by Sudheer Varma

ESET Research

@esetresearch.bsky.social

#ESET research has identified #Linux malware samples, one of which we named #WolfsBane and attribute with high confidence to #Gelsemium. This 🇨🇳 China-aligned APT group, active since 2014, has not previously been publicly reported to use Linux malware. www.welivesecurity.com/en/eset-rese... 🧵(1/6)

Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine

ESET researchers analyzed previously unknown Linux backdoors that are connected to known Windows malware used by the China-aligned Gelsemium group, as well as to Project Wood.

www.welivesecurity.com

November 21, 2024 at 10:30 AM

Reposted by Sudheer Varma

dell cameron

@dell.bsky.social

WIRED has tracked thousands of US military & intel personnel coming & going from classified sites, incl. NSA hubs & nuclear vaults. We know where they sleep, what they eat, and which brothels they visit.

It's an ocean of blackmail & national secrets within reach of every spy agency in the world.

Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany

More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany—and the Pentagon is powerless to stop it.

www.wired.com

November 20, 2024 at 4:00 AM

Sudheer Varma

@pwnisher.bsky.social

Post a pic YOU took to bring some zen to the timeline.

November 18, 2024 at 11:01 AM

Reposted by Sudheer Varma

jiska

@naehrdine.bsky.social

How does the new iOS inactivity reboot work? What does it protect from?

I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.

naehrdine.blogspot.com/2024/11/reve...

Reverse Engineering iOS 18 Inactivity Reboot

Wireless and firmware hacking, PhD life, Technology

naehrdine.blogspot.com

November 17, 2024 at 9:42 PM

Reposted by Sudheer Varma

Andy Greenberg

@agreenberg.bsky.social

Israel-linked hacker group Predatory Sparrow has carried out some of the most disruptive hacking of civilian targets ever. Yet they also claim to limit their cyberattacks' harm. I dug into the recent history of this hyper-aggressive, contradictory player in cyberwar.

www.wired.com/story/predat...

How a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar

From repeatedly crippling thousands of gas stations to setting a steel mill on fire, Predatory Sparrow’s offensive hacking has now targeted Iranians with some of history's most aggressive cyberattac...

www.wired.com

January 25, 2024 at 3:00 PM

Reposted by Sudheer Varma

Costin G. Raiu

@craiu.bsky.social

The Three Buddy Problem podcast Episode 19 just published! We explore Ivan Kwiatkowski’s essay on the limits of threat intel, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’, geopolitical layers of cyber espionage&more: securityconversations.com/episode/the-...