Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Securing The Nation With Insecure Databases: CBP Vendor Hacked, Exposing Thousands Of License Plate, Car Passenger Photos

    US Customs and Border Protection has suffered an inevitability in the data collection business. The breach was first reported by the Washington Post. It first appeared to affect the DHS's airport facial recognition system, but further details revealed it was actually a border crossing database that was compromised.

    The breach involved photos of travelers and their vehicles, which shows the CPB is linking people to vehicles with this database, most likely to make it easier to tie the two together with the billions of records ICE has access to through Vigilant's ALPR database.

    The breach involved a contractor not following the rules of its agreement with the CBP. According to the vendor agreement, all harvested data was supposed to remain on the government's servers. This breach targeted the vendor, which means the contractor had exfiltrated photos and plate images it was specifically forbidden from moving to its own servers.

  • PHP version 7.2.20RC1 and 7.3.7RC1
  • The GoldBrute botnet is trying to crack open 1.5 million RDP servers

    The latest round of bad news emerged last week when Morphus Labs’ researcher Renato Marinho announced the discovery of an aggressive brute force campaign against 1.5 million RDP servers by a botnet called ‘GoldBrute’.

  • New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide

    The campaign, discovered by Renato Marinho at Morphus Labs, works as shown in the illustrated image, and its modus operandi has been explained in the following steps: [...]

  • 32 bit is dead - Long live 32 bit

    This is another follow-up post on the Intel processor vulnerabilities. Yay. With more bad news. Yay!

    Instead of a long build-up, I will just give you the point: 32 bit is broken

    Well, is that really news? Not really. The real news is that Intel processors are broken - but you already know that. You also know that there are fixes around. Patches for the kernel. Disabling Intel(R) Hyper-Threading.