HAQ.NEWS

// Jared Folkins

# Latest Podcast

# Description

Today, Trail of Bits releasing weAudit, which helps with code auditing in VSCode. There's a tool called Instagram User ID Finder for users to find Instagram IDs without logging in. The site Kontragenta.net offers a database for verifying information about legal subjects and others. Various OSINT tools are listed for cyber intelligence like search engines, and domain info. A text talks about a free phone number search tool for investigating numbers. An expert released a kernel exploit analysis for Android 14 on Google Pixel devices. Geowifi helps find WiFi networks by BSSID/SSID. ShodanX is a cybersecurity tool for using Shodan for free. Firefox's security is improved through JSIPC and tooling for identifying sandbox vulnerabilities. NoArgs hides Windows process arguments for privacy. The xai-org/grok-1 repository has a huge Grok-1 model requiring a strong GPU. Shodan is a search engine for finding exposed internet devices. There's a discussion on military tech showing a pivot to drones over traditional aircraft. Techniques like Return Oriented Programming for buffer overflow exploits and a new method called JSON Smuggling are explained.

# Tradecraft

[#] Trail of Bits has released weAudit, a VSCode extension designed for effective code auditing with features like tracking bugs, bookmarking, collaboration, and direct creation of GitHub issues.
Read More @ trailofbits.com
[#] The Instagram User ID Finder is a tool that allows anyone to retrieve a unique numeric identifier for any Instagram account using just the username, without needing to log in, and it includes features for converting a User ID back into a username.
Read More @ commentpicker.com
[#] The website Kontragenta.net provides a collection of regularly updated links to official and private databases where you can verify information on legal entities, individuals, real estate, legal disputes, construction firms, phone numbers, bank details, vehicles, and more, without storing any personal user data.
Read More @ kontragenta.net
[#] The text lists various OSINT tools and resources that can be utilized for cyber intelligence gathering, including people search engines, image and face search platforms, domain and IP aggregators, forensic tools, leak databases, and more.
Read More @ github.com
[#] The provided text outlines a free phone number search tool used for investigating different phone number formats on various search engines.
Read More @ no-nonsense-intel.com
[#] A cyber security expert discloses a complete analysis and exploit for Android 14 kernel vulnerabilities on Google Pixel 7 and 8 Pro devices, with solutions for achieving root access and disabling SELinux included.
Read More @ github.com
[#] Geowifi is a tool that enables users to search for WiFi networks by their BSSID or SSID using various public databases and it provides the results in different formats, such as maps or JSON.
Read More @ github.com
[#] ShodanX is a free and open-source command-line tool for cybersecurity enthusiasts to gather information about targets using Shodan without requiring a paid API key, providing various search modes and colorful outputs to enhance data analysis.
Read More @ github.com
[#] In order to enhance Firefox's security, engineers utilize JavaScript Inter-Process Communication for privilege separation, with JSActors for process-specific messaging and MessageManagers for broader communication, while debugging tools aid in identifying sandbox escape vulnerabilities.
Read More @ mozilla.org
[#] NoArgs is a cybersecurity tool that hides or changes the command-line arguments of processes on Windows by hooking into the system's API and manipulating the Process Environment Block to avoid detection.
Read More @ github.com
[#] The xai-org/grok-1 repository contains JAX code to load and run the Grok-1 model with 314 billion parameters, and you can get the weights using a torrent link or from HuggingFace, but a powerful GPU is needed due to the model's size.
Read More @ github.com
[#] Shodan is a search engine for internet-connected devices where you can use specific queries, known as Shodan Dorks, to find devices like webcams, databases, and industrial control systems that may be exposed due to misconfiguration or security weaknesses.
Read More @ kitploit.com
[#] A discussion around drone warfare reveals a shift from expensive traditional aircraft like the F-35A to cost-effective drones for both attack and reconnaissance, showing a strategic pivot in military technology and tactics.
Read More @ schneier.com
[#] To exploit buffer overflow vulnerabilities, adversaries use Return Oriented Programming, manipulating the stack to execute code sequences called gadgets available in the system's memory, circumventing security defenses like ASLR; this technique is demonstrated using a C program that forcefully links to a system function and opens a shell without triggering security fault logs.
Read More @ vandanpathak.com
[#] The text describes a proof of concept for a technique called JSON Smuggling, which encodes arbitrary files into JSON using invisible characters to evade detection.
Read More @ github.com

# News

[#] Radiant Earth is a non-profit that improves data sharing for community projects using initiatives like Source Cooperative for secure data exchange and the Cloud-Native Geospatial Foundation for efficient geospatial data handling.
Read More @ radiant.earth
[#] IDINFO is a search and analytical system that offers subscriptions for entrepreneurs, providing analytical reports and has a public offer and data processing policy available on its website.
Read More @ idinfo.net
[#] The website namebook.club requires a security check to confirm that a user is not a robot before granting access to its content.
Read More @ namebook.club
[#] YooSonar is a search engine tailored for indexing and searching the darknet's verified resources, offering access to typically hard-to-find materials without phishing sites and irrelevant ads.
Read More @ yoosonar.cc
[#] A Russian website offers a people search service using personal data gathered from social networks and other internet sources, which raises concerns about privacy and data protection compliance.
Read More @ botsman.org
[#] The text appears to be mainly a list of countries along with search options for profiles on a Russian social network site, BigBookName.com, detailing the names and locations of various individuals.
Read More @ bigbookname.com
[#] The provided text appears to be from an information and search system named "Тут Найдут!" which includes a vast list of regions and segments for property and population searches in the year 2024.
Read More @ ininterests.com
[#] VIN01.RU is a Russian website that provides free information on vehicles, including registration history, accident involvement, legal status, and mileage, using public databases like the traffic police and state technical inspection sites.
Read More @ vin01.ru
[#] An analysis using Sergei Shpilkin's method suggests around half the votes reported for Putin in a Russian election were fraudulent, shining a light on significant electoral integrity issues.
Read More @ ecency.com
[#] Ukrainian hackers have exposed detailed Russian plans for extensive internal reforms and further international aggression following the 2024 elections, based on leaked documents signed by Putin.
Read More @ informnapalm.org
[#] Fujitsu, a global information and communication technology company, has announced recruitment plans, strengthened its partnership with AWS to modernize legacy applications through cloud solutions, and joined forces with a Japanese research group to develop a high-performance computing platform using a newly created 64-qubit quantum computer.
Read More @ fujitsu.com
[#] Cyble's latest analysis reveals a new ransomware called Darkrace, showing similarities to LockBit, targeting Windows systems and employing double-extortion tactics by encrypting files and threatening to release stolen data.
Read More @ cyble.com
[#] The Apex Legends Global Series North American finals were delayed because players' game clients were hacked during the tournament, revealing a potential remote code execution vulnerability which is currently being investigated.
Read More @ bleepingcomputer.com
[#] A recent cyber attack campaign named DEEP#GOSU, suspected to be connected with North Korean group Kimsuky, uses sophisticated malware tactics including PowerShell and VBScript to infect Windows systems, evade detection, and steal sensitive information using cloud services like Dropbox and Google Docs for command and control.
Read More @ thehackernews.com
[#] A significant vulnerability in the Spring Security framework for Java applications could allow unauthorized access, and users must upgrade to the latest patched versions to mitigate this risk.
Read More @ securityonline.info
[#] A significant security flaw in Podman and Buildah, identified as CVE-2024-1753, could allow attackers to access the host system during container builds, and users should update to patched versions immediately.
Read More @ securityonline.info
[#] Japanese IT company Fujitsu confirmed a malware infection on their systems led to a data breach compromising customer information and is currently investigating the extent of data exfiltration.
Read More @ bleepingcomputer.com
[#] Fortra recently fixed a critical vulnerability in its FileCatalyst software that could have let hackers run their code on servers, and users should update to the corrected version to stay secure.
Read More @ thehackernews.com
[#] The Lazarus Group has laundered over $23 million of stolen funds through Tornado Cash, despite U.S. sanctions and law enforcement actions against similar crypto-mixers.
Read More @ scmagazine.com
[#] Instant messaging service Viber is investigating a claim by Handala Hack that they stole 740GB of data, while other security breaches have occurred at Fujitsu and Mintlify, and a new AI cybersecurity collaboration has been announced between CrowdStrike and Nvidia.
Read More @ scmagazine.com
[#] Check Point's Threat Intelligence Bulletin reports cyber incidents including a Nissan data breach affecting customers and an Adobe security patch, plus analytical insights on malware trends and ransomware campaign tactics.
Read More @ checkpoint.com
[#] Hackers exploit Ethereum's CREATE2 function to trick users into authorizing transactions for smart contracts that aren't deployed yet, allowing them to later deploy malicious contracts and access victims' cryptocurrency funds, which highlights the need for updated security measures in digital wallets to prevent such attacks.
Read More @ checkpoint.com
[#] The Apex Legends Global Series tournament was postponed due to a cyberattack that gave players unauthorized cheating abilities, suspected to be from exploiting a remote code execution vulnerability.
Read More @ theregister.com
[#] The National Vulnerability Database has stopped updating critical metadata for software vulnerabilities since February 12, 2024, which prevents organizations from effectively managing their cybersecurity risks.
Read More @ hackread.com
[#] Cybersecurity experts have found a widespread malware campaign using fake Google Sites and a method called HTML smuggling to infect devices with AZORult, which steals sensitive data and cryptocurrency wallet contents.
Read More @ thehackernews.com
[#] The aviation and aerospace sectors are experiencing a sharp increase in cyber threats, prompting the need for improved cybersecurity risk assessments and proactive threat intelligence, especially in light of recent Lockbit 3.0 ransomware attacks on airlines and aerospace firms around the globe.
Read More @ securityaffairs.com
[#] South Africa's pension agency GPAA is probing a data leak after the LockBit ransomware gang claimed it had stolen and dumped 668GB of sensitive data online; protective measures against such threats include multifactor authentication, regular backup testing, endpoint protection, and managing vulnerabilities.
Read More @ darkreading.com
[#] Gartner analysts recommend that cyber security teams should plan and rehearse incident recovery, report small incidents to improve responses, and support staff mental health to maintain effective operations.
Read More @ theregister.com
[#] Trend Micro discovered an advanced persistent threat named Earth Krahang, affiliated with China and targeting global government entities, using spear-phishing, exploiting vulnerabilities, and weaponizing compromised infrastructure, with recommendations to patch systems timely, enhance employee phishing awareness, implement zero-trust, and use multi-layered defenses.
Read More @ securityonline.info
[#] The International Monetary Fund confirmed that eleven of its email accounts were breached, and after securing them, it continues to investigate without signs of additional compromise.
Read More @ securityaffairs.com
[#] Security professionals report a new Android trojan called PixPirate targeting Brazilian bank users, using invisible icons and service-based execution to avoid detection, and capable of manipulating transactions and stealing credentials.
Read More @ securityonline.info
[#] Filipino police have liberated 875 individuals from a fraudulent online gaming company involved in romance scams, resulting in nine arrests and the seizure of weapons, mobile phones, and vehicles.
Read More @ theregister.com
[#] WordPress admins should immediately delete miniOrange's Malware Scanner and Web Application Firewall plugins due to a critical flaw that allows unauthenticated attackers to gain administrative privileges.
Read More @ thehackernews.com
[#] The hacker group APT28, also known by many other names, is conducting widespread phishing campaigns in multiple regions by using deceptive documents and exploiting various software vulnerabilities to insert malware such as MASEPIE, OCEANMAP, and STEELHOOK.
Read More @ thehackernews.com
[#] Recent cybersecurity incidents include a multi-million dollar hack of the Remilia Collective, a significant theft from NFPrompt, an accidental burn of $1.36 million in Tether, the recovery of 90% of stolen assets by Mozaic Fi, a $2.3 million civil forfeiture action related to a romance scam, a $2 million loss due to a phishing attack, extortion by Incognito Market drug marketplace, Kickstarter's abandoned blockchain pivot influenced by a secret $100 million investment, and the theft of over $46 million through Twitter phishing in February 2024.
Read More @ web3isgoinggreat.com
[#] Two command injection vulnerabilities found in TRENDnet AC2600 routers, CVE-2024-28353 and CVE-2024-28354, permit remote takeovers if the remote admin feature is active; a firmware patch is expected by March 27th, turn off remote admin as a temporary measure.
Read More @ securityonline.info
[#] Autodesk has resolved critical security flaws in design software by releasing patches for CVE-2024-23138 and CVE-2024-23139, which could crash applications, steal data, or take over systems if exploited.
Read More @ securityonline.info
[#] Fujitsu has reported a breach in their security due to malware, compromising customer and personal information, and advises users to change passwords, monitor accounts, and beware of phishing scams.
Read More @ securityonline.info
[#] Cybersecurity experts are alerting about SVG files being used to deliver malware such as remote access trojans and keyloggers, recommending proactive defense and user education against this rising threat vector.
Read More @ securityonline.info
[#] Cloudflare has mitigated a side-channel threat to its ChatGPT-based AIs by adding variable-length padding to its JSON-streamed tokens, while security flaws in various industrial systems and a malicious infostealer targeting Roblox users have prompted advisories for patches and user caution.
Read More @ theregister.com
[#] A hacker group leaked personal information of 71 million AT&T customers from a supposed 2021 breach, but AT&T denies the data came from their systems; users should be cautious of phishing attacks.
Read More @ bleepingcomputer.com

# F.A.Q

Problem

Many websites are using AI/ML to create clickbait which actually doesn't have any valuable content.

Value

I use AI to de-clickbait the clickbait by allowing AI to read my news for me. Then it creates a meaningful tldr; regarding the articles of interest which helps discern what I should read. It is saving me a ton of time.

Why

FWIW HAQ.NEWS really started out as my personal news feed, enriched by Ai, and converted into something quick and easy to read. But then I started getting requests for features like rss, Gracie got involved, and with the super-power of Ai things have taken on a life of their own.

Sharing

I currently post daily infosec news to x, linkedin, mastodon and rss.

I also post daily infosec podcasts and interviews to apple podcasts and spotify.

Ads

This isn't an Ad.

current friend of haq 2024-03-19

I want to encourage people and projects that impress me, by posting a banner linking their work, as it's my desire to help others. I do not take or make any money.

Thanks,
Jared Folkins