Blog

A significant backdoor in millions of contactless cards made by China-based Shanghai Fudan Microelectronics Group allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.

French security services firm Quarkslab has made an eye-popping discovery… Although the backdoor requires just a few minutes of physical proximity to an affected card to conduct an attack, an attacker in a position to carry out a supply chain attack could execute such attacks instantaneously at scale, researcher Philippe Teuwen explained in a paper.

Thanks to Slashdot reader wiredmikey for sharing the article.

Read more of this story at Slashdot.

26 Aug

Hackers Have Found an Entirely New Way To Backdoor Into Microsoft Windows

A university in Taiwan was breached with “a previously unseen backdoor (Backdoor.Msupedge) utilizing an infrequently seen technique,” Symantec reports.

The most notable feature of this backdoor is that it communicates with a command-and-control server via DNS traffic… The code for the DNS tunneling tool is based on the publicly available dnscat2 tool. It receives commands by performing name resolution… Msupedge not only receives commands via DNS traffic but also uses the resolved IP address of the C&C server (ctl.msedeapi[.]net) as a command. The third octet of the resolved IP address is a switch case. The behavior of the backdoor will change based on the value of the third octet of the resolved IP address minus seven…

The initial intrusion was likely through the exploit of a recently patched PHP vulnerability (CVE-2024-4577). The vulnerability is a CGI argument injection flaw affecting all versions of PHP installed on the Windows operating system. Successful exploitation of the vulnerability can lead to remote code execution.
Symantec has seen multiple threat actors scanning for vulnerable systems in recent weeks. To date, we have found no evidence allowing us to attribute this threat and the motive behind the attack remains unknown.

More from The Record:
Compared to more obvious methods like HTTP or HTTPS tunneling, this technique can be harder to detect because DNS traffic is generally considered benign and is often overlooked by security tools.
Earlier in June, researchers discovered a campaign by suspected Chinese state-sponsored hackers, known as RedJuliett, targeting dozens of organizations in Taiwan, including universities, state agencies, electronics manufacturers, and religious organizations. Like many other Chinese threat actors, the group likely targeted vulnerabilities in internet-facing devices such as firewalls and enterprise VPNs for initial access because these devices often have limited visibility and security solutions, researchers said.
Additional coverage at The Hacker News.

Thanks to Slashdot reader joshuark for sharing the article.

Read more of this story at Slashdot.

25 Aug

7 Best Handheld Gaming Consoles (2024): Switch, Steam Deck, and More

The second golden age of portable gaming is here! Mostly. These are the top gadgets for taking your video games on the go.

25 Aug

The Boeing Starliner Astronauts Will Come Home on SpaceX’s Dragon Next Year

The decision will leave the crew on the ISS until February. The mission was initially supposed to last about a week.

25 Aug

How to Switch From iPhone to Android (2024)

If you’re leaving Apple behind to try Google’s Pixel, a Samsung Galaxy, or another Android phone, this guide covers all your bases.

25 Aug

Netflix Shares First Six Minutes of New Anime Series ‘Terminator Zero’

“It’s going to be violent,” warns the creator of Terminator Zero, an eight-episode anime series premiering Thursday August 29th on Netflix. “It’s going to be dark, it’s going to be horrific, and it’s going to be arresting.”

And the Netflix blog has now shared the first six minutes online:

In the world of Terminator, the future is never set, yet some things are guaranteed: The Terminator is still a cyborg that feels no remorse, pity, or fear. The anime series TERMINATOR ZERO, landing on Netflix on Aug. 29 — known to fans as Judgment Day — looks different from any incarnation of the Terminator franchise we’ve seen before, but you can tell from these opening six minutes that the brutal, sophisticated action will remain.
“I realized the first minutes of the show have to declare what it is,” creator and executive producer Mattson Tomlin tells Tudum. A joint production between Skydance and the Japanese animation studio Production I.G, TERMINATOR ZERO has the challenge of drawing in both anime fans and fans of the Terminator series. “The way to do that was to have a sequence that had no dialogue, that was really planting a flag in letting everybody know this is going to be violent, it’s going to be dark, it’s going to be action-driven, it’s going to be horrific, and it’s going to be arresting,” says Tomlin, who previously wrote Project Power for Netflix and is currently writing The Batman Part II. “That’s just what it has to be.”

The series follows “a new batch of characters who live in Japan in 1997,” writes CBR — and in an interview the show’s director said “There’s a balance” when representing Japan’s actual culture while keeping the show futuristic:
One of the things that I really took for granted was guns. [Points to self] Dumb American over here had to write a scene where Eiko gets into a parking lot and smashes the window of a car, goes to the glove box, takes out a revolver, and it instantly gets flagged. [Other people working on the series] were like, “No, we don’t have guns. What you are describing, that’s over there. We’re over here in civilization where that can’t happen.” That triggered a really fruitful and creatively challenging discussion about weapons. The military has guns and the police have guns. That’s kind of it. So these characters have to arm themselves. How are they going to do it? What could we do? And that’s why the Terminator has a crossbow. Eiko has all of these different weapons that she concocted from a hardware store. It was all born out of that.

Read more of this story at Slashdot.

25 Aug

Telegram CEO Arested In France

Telegram’s billionaire founder/CEO Pavel Durov was arrested Saturday night outside Paris, reports Reuters, citing French TV news stations TF1 TV and BFM TV which attributed the news to unnamed sources:

Durov was travelling aboard his private jet, TF1 said on its website, adding he had been targeted by an arrest warrant in France as part of a preliminary police investigation. TF1 and BFM both said the investigation was focused on a lack of moderators on Telegram, and that police considered that this situation allowed criminal activity to go on undeterred on the messaging app.

Thanks to long-time Slashdot reader sinij for sharing the news.

Read more of this story at Slashdot.

25 Aug

How Should Cybersecurity Evolve After Crowdstrike’s Outage?

Microsoft will meet with CrowdStrike and other security companies” on September 10, reports CNBC, to “discuss ways to evolve” the industry after a faulty CrowdStrike software update in July caused millions of Windows computers to crash:

[An anonymous Microsoft executive] said participants at the Windows Endpoint Security Ecosystem Summit will explore the possibility of having applications rely more on a part of Windows called user mode instead of the more privileged kernel mode… Attendees at Microsoft’s September 10 event will also discuss the adoption of eBPF technology, which checks if programs will run without triggering system crashes, and memory-safe programming languages such as Rust, the executive said.

Wednesday Crowdstrike argued no cybersecurity vendor could “technically” guarantee their software wouldn’t cause a similar incident.

On a possibly related note, long-time Slashdot reader 278MorkandMindy shares their own thoughts:

The “year of the Linux desktop” is always just around the corner, somewhat like nuclear fusion. Will Windows 11, with its general advert and telemetry BS, along with the recall feature, FINALLY push “somewhat computer literate” types like myself onto Linux?