Wednesday, December 11, 2019
Errata Security

CrowdStrike-Ukraine Explained

Trump's conversation with the President of Ukraine mentions "CrowdStrike". I thought I'd explain this.What was said?This is the text from the conversation covered in this“I would like you to find out what happened with this whole situation with Ukraine,...
Errata Security

Thread on the OSI model is a lie

I had a Twitter thread on the OSI model. Below it's compiled into one blogpostYea, I've got 3 hours to kill here in this airport lounge waiting for the next leg of my flight, so let's discuss the "OSI...
Errata Security

Thread on network input parsers

This blogpost contains a long Twitter thread on input parsers. I thought I'd copy the thread here as a blogpost.I am spending far too long on this chapter on "parsers". It's this huge gaping hole in Computer Science where...
Errata Security

Hacker Jeopardy, Wrong Answers Only Edition

Among the evening entertainment at DEF CON is "Hacker Jeopardy", like the TV show Jeopardy, but with hacking tech/culture questions. In today's blog post, we are going to play the "Wrong Answers Only" version, in which I die upon...
Errata Security

Securing devices for DEFCON

There's been much debate whether you should get burner devices for hacking conventions like DEF CON (phones or laptops). A better discussion would be to list those things you should do to secure yourself before going, just in case.These...
Errata Security

Why we fight for crypto

This last week, the Attorney General William Barr called for crypto backdoors. His speech is a fair summary of law-enforcement's side of the argument. In this post, I'm going to address many of his arguments.The tl;dr version of this blog...
Errata Security

Censorship vs. the memes

The most annoying thing in any conversation is when people drop a meme bomb, some simple concept they've heard elsewhere in a nice package that they really haven't thought through, which takes time and nuance to rebut. These memes...
Errata Security

Some Raspberry Pi compatible computers

I noticed this spreadsheet over at r/raspberry_pi reddit. I thought I'd write up some additional notes.https://docs.google.com/spreadsheets/d/1jWMaK-26EEAKMhmp6SLhjScWW2WKH4eKD-93hjpmm_s/edit#gid=0Consider the Upboard, an x86 computer in the Raspberry Pi form factor for $99. When you include storage, power supplies, heatsinks, cases, and so...
Errata Security

Your threat model is wrong

Several subjects have come up with the past week that all come down to the same thing: your threat model is wrong. Instead of addressing the the threat that exists, you've morphed the threat into something else that you'd...
Errata Security

Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708)

Microsoft announced a vulnerability in it's "Remote Desktop" product that can lead to robust, wormable exploits. I scanned the Internet to assess the danger. I find nearly 1-million devices on the public Internet that are vulnerable to the bug....
Errata Security

A lesson in journalism vs. cybersecurity

A recent NYTimes article blaming the NSA for a ransomware attack on Baltimore is typical bad journalism. It's an op-ed masquerading as a news article. It cites many to support the conclusion the NSA is to be blamed, but...
Errata Security

Programming languages infosec professionals should learn

Code is an essential skill of the infosec professional, but there are so many languages to choose from. What language should you learn? As a heavy coder, I thought I'd answer that question, or at least give some perspective.The...
Errata Security

Was it a Chinese spy or confused tourist?

Politico has an article from a former spy analyzing whether the "spy" they caught at Mar-a-lago (Trump's Florida vacation spot) was actually a "spy". I thought I'd add to it from a technical perspective about her malware, USB drives,...
Errata Security

Assange indicted for breaking a password

In today's news, after 9 years holed up in the Ecuadorian embassy, Julian Assange has finally been arrested. The US DoJ accuses Assange for trying to break a password. I thought I'd write up a technical explainer what this...
Errata Security

Some notes on the Raspberry Pi

I keep seeing this article in my timeline today about the Raspberry Pi. I thought I'd write up some notes about it.The Raspberry Pi costs $35 for the board, but to achieve a fully functional system, you'll need to...
SC Magazine

Pensacola confirms ransomware attack

Pensacola officials confirmed that an ongoing cyberattack that began early Saturday morning is a ransomware attack. While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...

Trickbot Operators Now Selling Attack Tools to APT Actors

North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
Brian Krebs

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...

Intel Issues Fix for ‘Plundervolt’ SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.
TechRepublic

How to stop spam calls right now

Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.