Tux Machines
Posted by Roy Schestowitz on Jan 01, 2023
=> Red Hat, Ansible, and opensource.com Meta | today's howtos
=> ↺ Attackers bypass Coinbase and MetaMask 2FA via TeamViewer, fake support chat
A crypto-stealing phishing campaign is underway to bypass multi-factor authentication and gain access to accounts on Coinbase, MetaMask, Crypto.com, and KuCoin and steal cryptocurrency.
The threat actors abuse the Microsoft Azure Web Apps service to host a network of phishing sites and lure victims to them via phishing messages impersonating bogus transaction confirmation requests or suspicious activity detection.
For example, one of the phishing emails seen in the attacks pretended to be from Coinbase, which says they locked the account due to suspicious activity.
=> ↺ What Is Speculative Execution?
With a new Apple security flaw in the news, it’s a good time to revisit the question of what speculative execution is and how it works. This topic received a great deal of discussion a few years ago when Spectre and Meltdown were frequently in the news and new side-channel attacks were popping up every few months.
Speculative execution is a technique used to increase the performance of all modern microprocessors to one degree or another, including chips built or designed by AMD, ARM, IBM, and Intel. The modern CPU cores that don’t use speculative execution are all intended for ultra-low power environments or minimal processing tasks. Various security flaws like Spectre, Meltdown, Foreshadow, and MDS all targeted speculative execution a few years ago, typically on Intel CPUs.
=> ↺ How to share what you’ve learned from our audits
Trail of Bits recently completed a security review of cURL, which is an amazing and ubiquitous tool for transferring data. We were really thrilled to see cURL founder and lead developer Daniel Stenberg write a blog post about the engagement and the report, and wanted to highlight some important things he pointed out.
In this post, Daniel dives into cURL’s growth since its last audit in 2016: the project; the codebase; and then into the work with Trail of Bits. He touched on both the engagement experience and the final report.
=> ↺ Password managers must encrypt metadata too
In Australia’s previous government, attorney general George Brandis struggled to define metadata in one of the defining moments in modern political TV history. At one point he said it was details on an envelope, before recanting, then saying it was, sort of. His argument, when he eventually got to it, was that metadata was meaningless without the contents of the envelope anyway, and that security professionals were overplaying their significance.
This was, to use the technical term, nonsense. An envelope from a suicide line, then a GP, then a psychologist, can be interpreted pretty easily. PGP email has the same weakness.
LastPass’s most recent security disclosures are worrying for this reason. While attackers can only hope to brute force the leaked binary blobs containing credentials (assuming we trust their implementation), the service is unique among password managers in that it doesn’t encrypt the URLs of sites themselves. This has been known about for years, and it still floors me. I’m practically parquet at this point.
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB