TikTok Tracked User Data Using Tactic Banned by Google
> TikTok skirted a privacy safeguard in Google’s Android operating system to collect unique identifiers from millions of mobile devices, data that allows the app to track users online without allowing them to opt out, a Wall Street Journal analysis has found.
Exposing and Circumventing China's Censorship of ESNI
The NSA on the Risks of Exposing Location Data
> Of course, turning off your wireless devices is itself a signal that something is going on. It’s hard to be clandestine in our always connected world.
Norway’s Largest Bank Starts Sharing Customer Information with Third Party Social Media
DNB has notified customers that they intend to exchange information with e.g. Facebook to provide relevant marketing. An example provided was to not provide a loan ad if you already have a loan with them.
The scheme is opt-out.
Shows the importance of randomizing identifiers for email and so on over several sites.
Canon confirms ransomware attack in internal memo
> Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications. In an internal alert sent to employees, Canon has disclosed the ransomware attack and working to address the issue.
source: Bleeping Computer
An update on our security incident
> The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
Garmin obtains decryption key after ransomware attack
> Smartwatch maker Garmin has obtained the decryption key to recover its computer files from a ransomware attack last Thursday, Sky News has learned.
ThinkPad BIOS update on a stick
Instructions on BIOS update for the Thinkpad.
1. Get firmware from support.lenovo.com (enter model number, e.g. x395, get bootable CD)
2. Check hash
3. geteltorito -o x230.img g2uj28us.iso (small deviation from article)
4. sudo dd if=x230.img of=/dev/sdb bs=64K (small deviation from article)
5. reboot and press F12, then follow instructions
OpenBSD on Lenovo ThinkPad X395 (20NL000AUS)
Brief overview about current status of X395 on OpenBSD.
Dragen og musa (NO)
Chronicle about the increasing dependence on the Chinese economy. About the Belt Road Initiative, the arctic and general investments in Norway and other western countries.
Spear Phishing Campaigns — They’re Sharper Than You Think
Evading WinDefender ATP credential-theft: a hit after a hit-and-miss start
Puffy's Encrypted Container Manager - A tool for simplifying secure virtual devices in OpenBSD
> I use the ctmg tool written by Jason Donenfeld (aka zx2c4) on my Linux machines. I wanted a tool like ctmg for OpenBSD.
> There are no dependencies, but this tool only works for OpenBSD.
Here's the Evidence That Links Russia’s Most Brazen Cyberattacks
Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271
> CVE-2019-14271 marks a security issue in the implementation of the Docker cp command that can lead to full container escape when exploited by an attacker. This is the first complete container breakout since the severe runC vulnerability discovered back in February.
Deep Dive: Machine Check Error Avoidance on Page Size Change
ACBackdoor: Analysis of a New Multiplatform Backdoor
> We have discovered an undetected Linux backdoor which does not have any known connections to other threat groups.
Fresh PlugX October 2019
Additional Analysis of Firefox 0-day Used in Targeted Attacks Against Cryptocurrency Firms