Politics
New Zealand loosens residency restrictions as record number of citizens leave
Disney reinstates Jimmy Kimmel after backlash over capitulation to FCC
Anti-vaccine groups melt down over RFK Jr. linking autism to Tylenol
He spilled Peter Thiel’s Antichrist secrets. Now he’s banned from the lectures
Infosec
Cache of Devices Capable of Crashing Cell Network Is Found Near U.N.
The Secret Service discovered more than 100,000 SIM cards and 300 servers, which could disable cellular towers or be used to conduct surveillance.
UK manufacturing sector falters amid Jaguar Land Rover cyber-attack
Britain’s biggest carmaker, Jaguar Land Rover, suffered a cyber-attack and has paused production for a month so far, harming a large portion of the UK economy. It's analagous to the Colonial Oil pipeline attack in the USA, and raises issues of security posture, backups, and outsourcing.
Verified Steam game steals streamer's cancer treatment donations
A gamer lost $32,000 after downloading from Steam a verified game named BlockBlasters that drained his cryptocurrency wallet. Two words, people: COLD WALLET. Buy a damn Ledger already.
New EDR-Freeze tool uses Windows WER to suspend security software
Unlike BYOVD attacks, this method uses only Microsoft's Windows Error Reporting (WER) system, which is already included in Windows. It requires no kernel driver and works entirely from user mode. EDR-Freeze uses WerFaultSecure to trigger MiniDumpWriteDump, which temporarily suspends all threads in the target process while the dump is written. During this process, the attacker suspends the WerFaultSecure process itself, so the dumper never resumes the target, leaving the AV process in a “coma” state.
A tool to perform this attack has been published, and a tool to detect it, but Microsoft hasn't even commented yet.
Three crashes in the first day? Tesla’s robotaxi test in Austin.
The Tesla crashed three times in just 7,000 miles of driving. Waymo's had 60 crashes logged over 50 million miles of driving; a rate less than 3000x smaller.
|