Zum Inhalt der Seite gehen

Suche

Beiträge, die mit engineer getaggt sind


5 Vulnerabilities found in Ubuntu's Needrestart.

That could allow a local attacker to gain root privileges without requiring user interaction. Needrestart is a utility that scans a system to determine the services that need to be restarted after applying shared library updates.

https://blog.qualys.com/vulnerabilities-threat-research/2024/11/19/qualys-tru-uncovers-five-local-privilege-escalation-vulnerabilities-in-needrestart

#linux #ubuntu #it #security #privacy #engineer #tech #media #news
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package.

The vulnerabilities are believed to have existed since the introduction of interpreter support in needrestart 0.8, which was released on April 27, 2014.

"These needrestart exploits allow Local Privilege Escalation (LPE) which means that a local attacker is able to gain root privileges," Ubuntu said in an advisory, noting they have been addressed in version 3.8.

<https://ubuntu.com/blog/needrestart-local-privilege-escalation>

The 5 flaws are listed below:

• CVE-2024-48990 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
• CVE-2024-48991 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition & tricking needrestart into running their own, fake Python interpreter.
• CVE-2024-48992 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
• CVE-2024-11003 [CVSS score: 7.8] and CVE-2024-10224 [CVSS score: 5.3] - Two vulnerabilities that allows a local attacker to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package. (before version 1.36)


T-Mobile US monitoring China's 'Industry-wide Attack' amid fresh Security Breach Fears.

T-Mobile has joined a list of major organizations like AT&T, Verizon & Lumen Technologies that have been singled out as part of what appears to be a full-blown Chinese threat actors cyber espionage campaign.

https://www.wsj.com/politics/national-security/t-mobile-hacked-in-massive-chinese-breach-of-telecom-networks-4b2d7f92

#us #telecom #companies #breach #it #security #privacy #engineer #media #tech #news
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information.

The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone communications of "high-value intelligence targets." It's not clear what information was taken, if any, during the malicious activity.

"T-Mobile is closely monitoring this industry-wide attack, and at this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information," a spokesperson for the company was quoted as saying to The Wall Street Journal. "We will continue to monitor this closely, working with industry peers and the relevant authorities."
The FBI and CISA noted that the cyber-attacks the telecoms providers resulted in the "theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to US law enforcement requests pursuant to court orders."

Previous reports suggested that the Chinese snoops, after breaking into the telco’s networks, accessed the wiretapping backdoor-like systems used for court-ordered surveillance and targeted phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, as well as Republican president-elect Donald Trump and VP-elect JD Vance.

<https://www.fbi.gov/news/press-releases/joint-statement-from-fbi-and-cisa-on-the-peoples-republic-of-china-targeting-of-commercial-telecommunications-infrastructure>


BASIC Co-Inventor Thomas E. Kurtz has Passed Away.

It’s with sadness that we note the passing of Thomas Eugene Kurtz, on November 12th. He was co-inventor of the BASIC programming language back in the 1960s. The legacy of his work lives on in the generation of technologists.

>10 PRINT "Rest in Peace"
>20 GOTO 10

https://computerhistory.org/blog/in-memoriam-thomas-e-kurtz-1928-2024/

#memoriam #ThomasKurtz #rip #basic #programming #language #tech #science #history #it #engineer #media #news
The origins of BASIC lie in the Dartmouth Timesharing System, like similar timesharing operating systems of the day, designed to allow the resources of a single computer to be shared across many terminals. In this case the computer was at Dartmouth College, and BASIC was designed to be a language with which software could be written by average students who perhaps didn’t have a computing background. In the decade that followed it proved ideal for the new microcomputers, and few were the home computers of the era which didn’t boot into some form of BASIC interpreter. Kurtz continued his work as a distinguished academic and educator until his retirement in 1993, but throughout he remained as the guiding hand of the language.
[ImageSource: Computerhistory.org]

“Thomas Eugene Kurtz (Feb. 22 1928–Nov. 12, 2024) was an American mathematician, computer scientist and co-inventor, with John Kemeny, of the BASIC programming language and Dartmouth Timesharing System.”


The newest Device to run Doom: Nintendo's Alarm Clock [Alarmo].

A hardware hacker [GaryOberNichts] has successfully modified Nintendo's $100 Alarmo device to run the classic video game Doom. This marking another milestone in the gaming community's tradition of porting the 1993 shooter to unconventional devices.

https://github.com/GaryOderNichts/alarmo_doom

#doom #nintendo #alarmo #port #hack #it #engineer #programming #retro #gaming #art #media #tech #artist #news
Doom, the iconic first person shooter, is often used to showcase how the open source game can run on almost any device you can think of.

The hack came after researchers discovered vulnerabilities in the Alarmo's STM32H7 microcontroller, enabling custom firmware installation through its USB-C port.
YouTuber GaryOderNichts demonstrated the 2.8-inch circular alarm clock running Chocolate Doom natively, using the device's wheel for movement and side buttons for weapons. The hack requires no hardware modifications and works on the current 2.0 software version.

Gary said it’s “possible to load the shareware version of Doom entirely from USB, without modifying the Alarmo.” And they’ve put the software and instructions for running it on Github, so almost any sufficiently knowledgeable and determined Alarmo owner can do it, too. Best of all, it can be done without opening the clock up at all.

<https://youtu.be/5IOVYvSMAoU>
While everyone was waiting on news for the successor of the Nintendo Switch, Nintendo released the Alarmo. A small plastic alarm clock that can wake one up with sounds from ones favorite Nintendo games.

The Alarmo has a small 2.8-inch LCD at the front, a back and notification button on top and a dial on top which can be turned and pressed to act as a confirm button. The dial also includes an RGB LED. What makes it different from other alarm clocks? It has 2.4 GHz Wi-Fi to download software updates and additional themes, and it comes with a 24GHz mmWave presence sensor to react to your movements.

<Inside there is an STM32H730ZBI6 MCU and a KIOXIA 4GB eMMC.>


Microsoft fixes 91 Vulnerabilities & 4 Zero-Days.

Microsoft’s November Patch Update fixes 91 Windows security vulnerabilities, including 4 zero-days. The critical fixes address actively exploited flaws in Windows. It is strongly recommended that users apply these updates as soon as possible to mitigate possible security risks. Updates can be installed via Windows Update.

https://msrc.microsoft.com/update-guide/

#microsoft #windows #update #it #security #privacy #engineer #media #tech #news
It is worth noting that, four vulnerabilities are rated as critical, including two remote code executions and two elevations of privilege flaws.

The two actively exploited zero-day vulnerabilities are:

• CVE-2024-43451: An NTLM Hash Disclosure Spoofing Vulnerability that exposes NTLMv2 hashes to remote attackers with minimal user interaction, such as selecting or right-clicking a malicious file.
• CVE-2024-49039: A Windows Task Scheduler Elevation of Privilege Vulnerability allowing attackers to execute RPC functions typically restricted to privileged accounts, potentially leading to unauthorized code execution or resource access.

Additionally, two publicly disclosed but not actively exploited vulnerabilities were addressed:

• CVE-2024-49040: A Microsoft Exchange Server Spoofing Vulnerability enabling threat actors to spoof sender email addresses to local recipients.
• CVE-2024-49041: A Windows MSHTML Platform Spoofing Vulnerability that could be leveraged to deceive users into interacting with malicious content.

The 91 vulnerabilities fixed in this update are categorized as follows:

• 3 Spoofing vulnerabilities
• 4 Denial of Service vulnerabilities
• 1 Information Disclosure vulnerability
• 26 Elevation of Privilege vulnerabilities
• 2 Security Feature Bypass vulnerabilities
• 52 Remote Code Execution vulnerabilities.


Mozilla's Firefox Browser turns 20. :firefox:

Exactly 20 years ago, Mozilla started shipping version 1.0 of its Firefox browser. Mozilla celebrated its 20th anniversary of Firefox with new and upcoming features like tab previews, marking up PDFs, tab grouping and Mozilla's exploration of AI, via mozilla.ai, gets more cautious support.

https://www.mozilla.org/en-US/firefox/132.0/whatsnew/

#mozilla #firefox #20th #anniversary #web #it #engineer #media #tech #news
Mozilla is also thinking about how AI will change how people browse the web. There, the organization is mostly looking at giving people choice. It’s starting to build some smaller models into the browser already, mostly around translation, but with Firefox 130, it also introduced a model that automatically adds alt text for PDF images, for example. For all of this work with AI models, Mozilla plans to follow the Open Source Initiative’s guidance for what constitutes an open source model.

<https://blog.mozilla.org/en/mozilla/ai/help-us-improve-our-alt-text-generation-model/>
The movement (advocacy for choice, privacy and transparency) continues. But web browsers and the battle for browser market share no longer lead that movement, according to a former Mozilla executive.

"Firefox turns 20 today!" said CEO Laura Chambers in a social media post. "It’s so inspiring to think of all we’ve achieved together to keep the internet open and people-first. Firefox has always been more than just a browser – it’s a movement powered by those who believe in choice, privacy and transparency. Thank you to our community and everyone who has contributed to this impact, and helped make Firefox what it is today."

<https://www.linkedin.com/posts/chamberslaura_firefox-turns-20-today-its-so-inspiring-activity-7260782133881810945-zkp8/>


[Important Update] Google patches two Android Zero-Days used in targeted Attacks. :android:

Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 & CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks.

https://source.android.com/docs/security/bulletin/2024-11-01

#google #android #update #zerodays #it #security #privacy #engineer #media #tech #news
The security issues fixed this month impact Android versions between 12 and 15.

• The CVE-2024-43047 flaw is a high-severity use-after-free issue in closed-source Qualcomm components within the Android kernel that elevates privileges. The flaw was first disclosed in early October 2024 by Qualcomm as a problem in its Digital Signal Processor (DSP) service.

• CVE-2024-43093 is also a high-severity elevation of privilege flaw, this time impacting the Android Framework component and Google Play system updates, specifically in the Documents UI. Google did not disclose who discovered the CVE-2024-43093 vulnerability.

To apply the latest update, head to Settings > System > Software updates > System update. Alternatively, go to Settings > Security & privacy > System & updates > Security update. A restart will be required to apply the update.


The Turing Machine made Real, In LEGO.

A working Turing Machine was submitted to Lego Ideas, consisting of approximately 2,900 parts and a bucketload of extreme cleverness. The original machine was devised by mathematician Alan Turing in 1936. Turing's idea was a hypothetical system that could simulate any computer algorithm.

https://youtu.be/8AA3E05axHw?si=MWCSLoUNAxo2TiWD

#turing #machine #history #retro #computing #lego #artist #it #engineer #media #tech #art #news
The British mathematician and pioneer of computing Alan Turing published a paper in 1936 which described a Universal Machine, a theoretical model of a computer processor that would later become known as a Turing Machine.

Physical representations on Turing's model are an interesting engineering and computational challenge, and while any algorithm can be simulated, such machines are nowhere near as performant as purpose-built silicon. The Turing Machine still does, however, represent a useful model for students of computation.
[ImageSource: Bananaman 2018]

The design consisted of an infinitely long tape with symbols that could be moved left and right, a 'head' that could read the symbols and overwrite them with new ones, a finite control that described the machine's state, and a table to link each combination of state and symbol to an instruction for what to do next.

In addition to the constraints of making the device out of Lego, there was also the challenge of fitting into the limits imposed by Lego Ideas. At the time of submission, this was 3,000 parts and The Bananaman's contraption finally managed to come in at around 2,900. The limit has since been raised to 5,000 parts.

Fans of 3D printing will no doubt be pleased to note that some of the parts (notably one of the large gears) came from a printer, but only because buying missing bits online tends to take longer and cost more. A real-world version of the model was designed and built first to make sure it worked.
[ImageSource: 6zacl8.blogspot]

The original Alan Turing machine.

First demonstrated in 1950, this is one of Britain's earliest stored program computers and the oldest complete general purpose electronic computer in Britain. Designed and built at the National Physical Laboratory, Middlesex in 1949-1950, it was based on plans for a larger computer (the ACE) designed by the mathematician Alan Turing (1912-1954) at NPL between 1945 and 1947. Previously Turing worked on the Colossus computer used in codebreaking at Bletchley Park during World War II. Pilot ACE was estimated to have cost £50,000 to design and build, but by 1954 had earned over £240,000 from advanced scientific and engineering work in various fields including crystallography, aeronautics and computing bomb trajectories.


I’ve waited Years for Apple to give a Damn about Gaming — with Cyberpunk 2077 coming to the Mac, it’s finally happening.

Apple silicon Macs will get their ultimate gaming test. One of the most graphically demanding and visually impressive games in recent years, will soon get a Mac release, according to CD Projekt Red.

https://www.cyberpunk.net/en/news/50947/just-announced-cyberpunk-2077-ultimate-edition-coming-to-mac

#apple #silicon #mac #cyberpunk2077 #gaming #engineer #media #it #tech #news
The announcement was published on CD Projekt Red's blog and also appeared briefly during Apple's pre-recorded MacBook Pro announcement video. The game will be sold on the Mac App Store, Steam, GOG and the Epic Game Store when it launches, and it will be labeled the Cyberpunk 2077: Ultimate Edition, which simply means it also includes Phantom Liberty, the expansion that was released a couple of years after the original game.

Apple has been working with AAA game publishers to try to get the games they made for consoles or Windows gaming PCs onto the Mac or iPhone, including Assassin's Creed Mirage, Death Stranding and Resident Evil Village, among others. But the addition of Cyberpunk 2077 is notable because of its history of running poorly on low-end hardware and because it uses new technologies like ray-traced illumination, reflections and shadows. It also heavily relies on AI upscaling like DLSS or FSR to be playable even on high-end machines.


Floppy Discs still run a U.S. Metro? Japan steps in with 'Project kill Floppy'.

Yes, we're talking about the good old floppy disk, which is somehow still being utilized for something as important as a critical function of a public transport network within a major city’s.

https://www.govtech.com/transportation/s-f-muni-will-spend-212m-to-move-train-control-off-disk

#us #rail #train #control #metro #floppydisk #publictransport #travel #hitachirail #retrocomputing #engineer #media #tech #news


LiteSpeed Cache Plugin Vulnerability poses significant Risk to WordPress Websites.

The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated actors to gain admin rights.

[CVE-2024-50550 CVSS score: 8.1]

https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/

#wordpress #litespeed #flaw #it #security #privacy #engineer #media #tech #news
LiteSpeed Cache is a popular site acceleration plugin for WordPress that, as the name implies, comes with advanced caching functionality and optimization features. It's installed on over six million sites.

The newly identified issue, per Patchstack, is rooted in a function named is_role_simulation and is similar to an earlier flaw that was publicly documented back in August 2024 (CVE-2024-28000, CVSS score: 9.8).

It stems from the use of a weak security hash check that could be brute-forced by a bad actor, thus allowing for the crawler feature to be abused to simulate a logged-in user, including an administrator.

The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin.

<https://wordpress.org/plugins/litespeed-cache/>


[BEWARE!!!] Android Malware "FakeCall" now reroutes Bank Calls to Attackers. :androidalt:

Researchers have found new versions of a sophisticated Android financial-fraud Trojan that’s notable for its ability to intercept calls a victim tries to place to customer-support personnel of their banks.

https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/

#android #fakecall #vishing #malware #it #security #privacy #engineer #media #tech #news
FakeCall (or FakeCalls) is a banking trojan with a focus on voice phishing, in which victims are deceived through fraudulent calls impersonating banks, asking them to convey sensitive information.

In addition to vishing (voice phishing), FakeCall could also capture live audio and video streams from the infected devices, allowing attackers to steal sensitive data without victim interaction.

The malware also exploits the Android Accessibility Service to capture screen content and manipulate the device’s display to create a deceptive user interface while mimicking the legitimate phone app.
[ImageSource: Zimperium]

Overview of latest FakeCall attacks.

The FakeCall malware typically infiltrates a device through a malicious app downloaded from a compromised website or a phishing email. The app requests permission to become the default call handler. If granted, the malware gains extensive privileges.

A fake call interface mimics the actual Android dialer, displaying trusted contact information and names, elevating the level of deception to a point that's hard for victims to realize.

What makes this malware so dangerous is that when a user attempts to call their financial institution, the malware secretly hijacks the call and redirects it to an attacker's phone number instead.


Apple creates Private Cloud Compute VM to let Researchers find Bugs. :apple_inc:

The company also seeks to improve the system's security and has expanded its security bounty program to include rewards of up to [$1 Million] for vulnerabilities that could compromise “the fundamental security and privacy guarantees of PCC”.

https://security.apple.com/blog/pcc-security-research

#apple #pcc #vm #securityresearch #bug #bounty #programming #ai #it #security #privacy #engineer #media #tech #news
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system, and released the source code for some “key components” to help researchers analyze the privacy and safety features on the architecture.

The company also makes available the Private Cloud Compute Security Guide, which explains the architecture and technical details of the components and the way they work.

<https://security.apple.com/documentation/private-cloud-compute>
[ImageSource: Apple]

Interacting with the Private Cloud Compute client from the Virtual Research Environment.

Apple provides a Virtual Research Environment (VRE), which replicates locally the cloud intelligence system and allows inspecting it as well as testing its security and hunting for issues.

“The VRE runs the PCC node software in a virtual machine with only minor modifications. Userspace software runs identically to the PCC node, with the boot process and kernel adapted for virtualization,” Apple explains, sharing documentation on how to set up the Virtual Research Environment on your device.

VRE is present on macOS Sequia 15.1 Developer Preview and it needs a device with Apple silicaon and at least 16GB of unified memory.

<https://security.apple.com/documentation/private-cloud-compute/vresetup>