Forwarded from Uhtred Ragnarson
This media is not supported in your browser
VIEW IN TELEGRAM
Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service
TL;DR: Researchers have discovered XMPP (Jabber) instant messaging protocol encrypted TLS connection wiretapping (Man-in-the-Middle attack) of jabber.ru (aka xmpp.ru) service’s servers on Hetzner and Linode hosting providers in Germany.
The attacker has issued several new TLS certificates using Let’s Encrypt service which were used to hijack encrypted STARTTLS connections on port 5222 using transparent MiTM proxy. The attack was discovered due to expiration of one of the MiTM certificates, which haven’t been reissued.
There are no indications of the server breach or spoofing attacks on the network segment, quite the contrary: the traffic redirection has been configured on the hosting provider network.
The wiretapping may have lasted for up to 6 months overall (90 days confirmed). Researchers believe this is lawful interception Hetzner and Linode were forced to setup.
(source)
TL;DR: Researchers have discovered XMPP (Jabber) instant messaging protocol encrypted TLS connection wiretapping (Man-in-the-Middle attack) of jabber.ru (aka xmpp.ru) service’s servers on Hetzner and Linode hosting providers in Germany.
The attacker has issued several new TLS certificates using Let’s Encrypt service which were used to hijack encrypted STARTTLS connections on port 5222 using transparent MiTM proxy. The attack was discovered due to expiration of one of the MiTM certificates, which haven’t been reissued.
There are no indications of the server breach or spoofing attacks on the network segment, quite the contrary: the traffic redirection has been configured on the hosting provider network.
The wiretapping may have lasted for up to 6 months overall (90 days confirmed). Researchers believe this is lawful interception Hetzner and Linode were forced to setup.
(source)
Critical vulnerability in AHash: complete key recovery of AES-based hash through side-channels
AHash is the fastest, DOS resistant hash currently available in Rust. AHash is intended exclusively for use in in-memory hashmaps.
The AES version of aHash only performs a single round of AES between inputs. This is not sufficient, a single-bit difference only gets amplified once in the SubBytes step, leading to one of 256 possibilities, but nothing further. An attacker can guess this to recover the key byte-by-byte, leading to a complete key recovery in ~4000 tests. Note that the only thing an attacker has to see is whether two inputs collide, nothing else. The attack can thus be done entirely through side-channels.
(source)
AHash is the fastest, DOS resistant hash currently available in Rust. AHash is intended exclusively for use in in-memory hashmaps.
The AES version of aHash only performs a single round of AES between inputs. This is not sufficient, a single-bit difference only gets amplified once in the SubBytes step, leading to one of 256 possibilities, but nothing further. An attacker can guess this to recover the key byte-by-byte, leading to a complete key recovery in ~4000 tests. Note that the only thing an attacker has to see is whether two inputs collide, nothing else. The attack can thus be done entirely through side-channels.
(source)
Forwarded from Brickspacer
Каждый день вы обязаны уделять хотя бы по одному часу своей мечте, от которой вы не можете отказаться.
Кто бы что не говорил, какие бы оправдания вы не находили.
Дисциплина. Дисциплина бьет талант.
Кто бы что не говорил, какие бы оправдания вы не находили.
Дисциплина. Дисциплина бьет талант.
This media is not supported in your browser
VIEW IN TELEGRAM
All users with Safari running on iPhones, iPads and MacBooks are vulnerable
------
iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices
iLeakage, a transient execution side channel targeting the Safari web browser present on Macs, iPads and iPhones. iLeakage shows that the Spectre attack is still relevant and exploitable, even after nearly 6 years of effort to mitigate it since its discovery.
Researchers show how an attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using speculative execution. In particular, we demonstrate how Safari allows a malicious webpage to recover secrets from popular high-value targets, such as Gmail inbox content.
Finally, researchers demonstrate the recovery of passwords, in case these are autofilled by credential managers.
(source)
------
iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices
iLeakage, a transient execution side channel targeting the Safari web browser present on Macs, iPads and iPhones. iLeakage shows that the Spectre attack is still relevant and exploitable, even after nearly 6 years of effort to mitigate it since its discovery.
Researchers show how an attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using speculative execution. In particular, we demonstrate how Safari allows a malicious webpage to recover secrets from popular high-value targets, such as Gmail inbox content.
Finally, researchers demonstrate the recovery of passwords, in case these are autofilled by credential managers.
(source)
Tomorrow Island (Big Diomede) and Yesterday Island (Little Diomede).
The Diomede islands are just three miles apart but the bigger island is almost one day ahead of its smaller neighbour (21 hours) because they sit on either side of the International Date Line which passes through the Pacific Ocean and marks the boundary between one calendar day and the next. They sit in the Bering Strait between mainland Alaska and Siberia
Big Diomede is located on the Russian side while Little Diomede is on the US side. The ice bridge that forms between the two islands in winter makes it possible, although illegal, to walk the short distance between them and 'travel through time'
So, basically, Russia is tomorrow land, but US is yesterday
(source)
The Diomede islands are just three miles apart but the bigger island is almost one day ahead of its smaller neighbour (21 hours) because they sit on either side of the International Date Line which passes through the Pacific Ocean and marks the boundary between one calendar day and the next. They sit in the Bering Strait between mainland Alaska and Siberia
Big Diomede is located on the Russian side while Little Diomede is on the US side. The ice bridge that forms between the two islands in winter makes it possible, although illegal, to walk the short distance between them and 'travel through time'
So, basically, Russia is tomorrow land, but US is yesterday
(source)
https://vxtwitter.com/camchis_/status/1719354374818783359
WalletConnect banned RU and UA, modern time — modern solutions.
Update: UA has been unbanned
WalletConnect banned RU and UA, modern time — modern solutions.
Update: UA has been unbanned
vxTwitter / fixvx
Cameron (@camchis_)
seems @WalletConnect have added Russia and Ukraine to their list of blocked countries
https://github.com/WalletConnect/blockchain-api/commit/fcdab76b7ac983e2ac0f638ceda01861366f619f
【QRT of banteg (@bantg):】
'hearing reports that @WalletConnect has started…
https://github.com/WalletConnect/blockchain-api/commit/fcdab76b7ac983e2ac0f638ceda01861366f619f
【QRT of banteg (@bantg):】
'hearing reports that @WalletConnect has started…
https://twitter.com/zachxbt/status/1717901088521687330 — Attack against LostPass's users.
Stanger, remember, your keys — your money.
Stanger, remember, your keys — your money.
X (formerly Twitter)
ZachXBT (@zachxbt) on X
Just on October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack.
Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately.
Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately.
Happy Halloween! 😈 🧸
Where did this holiday come from?
It is believed that the origins come from the ancient Celtic festival Samhain. The Celts, who lived in Europe before the great migration, celebrated Samhain as the end of the harvest season and the beginning of winter. The word Samhain is a combination of sam + hain, which translates as summer + sunset. The Celts divided the year into two parts — light and dark, and it was the transition between them that they celebrated.
With the adoption of Christianity, this holiday was localized and replaced with "All Souls' Day". The Orthodox Church did something similar, replacing pagan holidays with religious ones.
Our ancestors were skilled in long-term motivation, which is good. Instead of idly living each day, they worked and celebrated the result of their labor, for example, in such a holiday. You can try to imagine how they could feast on such days, having worked for months beforehand.
Over time, the tradition of asking for sweets (spiced cakes with raisins) emerged, in exchange for which prayers were offered for the repose of souls. It was then that "Jack's lantern," a character from Irish folklore with a lantern carved from a beet, appeared. This tradition was transferred to America, where the beet was replaced by a pumpkin, which over time transformed into one of the features of the holiday in the form of various carvings.
Now, in the modern secular world, people humorously perceive this holiday and use it as an occasion to rejoice.
Where did this holiday come from?
It is believed that the origins come from the ancient Celtic festival Samhain. The Celts, who lived in Europe before the great migration, celebrated Samhain as the end of the harvest season and the beginning of winter. The word Samhain is a combination of sam + hain, which translates as summer + sunset. The Celts divided the year into two parts — light and dark, and it was the transition between them that they celebrated.
With the adoption of Christianity, this holiday was localized and replaced with "All Souls' Day". The Orthodox Church did something similar, replacing pagan holidays with religious ones.
Our ancestors were skilled in long-term motivation, which is good. Instead of idly living each day, they worked and celebrated the result of their labor, for example, in such a holiday. You can try to imagine how they could feast on such days, having worked for months beforehand.
Over time, the tradition of asking for sweets (spiced cakes with raisins) emerged, in exchange for which prayers were offered for the repose of souls. It was then that "Jack's lantern," a character from Irish folklore with a lantern carved from a beet, appeared. This tradition was transferred to America, where the beet was replaced by a pumpkin, which over time transformed into one of the features of the holiday in the form of various carvings.
Now, in the modern secular world, people humorously perceive this holiday and use it as an occasion to rejoice.
Please open Telegram to view this post
VIEW IN TELEGRAM
https://www.linkedin.com/feed/update/urn:li:activity:7125215279688601600/
https://www.researchgate.net/profile/Ed-Gerck
Unverified, but scarry news
Update: I requested pre-print
Update2: looks like fake, I didn’t find any technique or algorithm that can help repeat and/or prove the attack. Keep calm :)
https://www.researchgate.net/profile/Ed-Gerck
Unverified, but scarry news
Update: I requested pre-print
Update2: looks like fake, I didn’t find any technique or algorithm that can help repeat and/or prove the attack. Keep calm :)
This message is not supported by your version of Telegram. Update app to view:
https://telegram.org/update
https://telegram.org/update
What do you see wrong there?
This code example from matic snapshot downloader.
They just copied 2TB of parts into a single one, spending a lot of IOPS and wasting time.
It would be much better to write:
And save about 30 minutes of life
(source)
output_tar="$client-$network-snapshot-${date_stamp}.tar.zst"
echo "Join parts for ${date_stamp} then extract"
cat $client-$network-snapshot-${date_stamp}-part* > "$output_tar"
rm $client-$network-snapshot-${date_stamp}-part*
pv $output_tar | tar -I zstd -xf - -C . --strip-components=3 && rm $output_tarThis code example from matic snapshot downloader.
They just copied 2TB of parts into a single one, spending a lot of IOPS and wasting time.
It would be much better to write:
output_tar="$client-$network-snapshot-${date_stamp}.tar.zst"
echo "Join parts for ${date_stamp} then extract"
cat $client-$network-snapshot-${date_stamp}-part* | pv | tar -I zstd -xf - -C . --strip-components=3 && rm $output_tar
rm $client-$network-snapshot-${date_stamp}-part*
And save about 30 minutes of life
(source)