June 21, 2022

Linux rootkit adore-ng is alive and well. Stealth wrote that code 20 years ago, and it is still going.

https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/

CVSS is bad, and it should feel bad.

History of the saying, “when it rains, it pours.” Which is fascinating.

https://historydaily.org/history-morton-salt-girl-umbrella

This thread is a contender for best on the internet.

https://www.tripadvisor.com/ShowTopic-g293809-i9491-k4796903-Vegetarian_Vegan_Madagascar-Antananarivo_Antananarivo_Province.html

This is a great story.

A look at the modern history of irregular warfare in Ukraine.

https://mwi.usma.edu/from-little-green-men-to-tanks-outside-kyiv-irregular-warfare-in-ukraine-since-2014/

Dave Aitel reviewed that Atlantic council paper from a while ago.

Paper: https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/victory-reimagined/

Review:

https://cybersecpolitics.blogspot.com/2022/06/the-atlantic-council-paper-and.html

Crypto isn’t broken, it’s bypassed.

Are blockchains decentralized? From Trail of Bits some security analysis on blockchains. They find some novel attacks and do a lot of other research. In particular they point out how network control can be used (by dropping packets) to lower the hash rate needed for a 51% attack. Given that 55% of Bitcoin nodes are only available via Tor, and 20% of Bitcoin nodes run old software…

I would just say, I think whatever attacks they found can’t be that trivial to implement because they didn’t implement them and steal billions of dollars of crypto. Just as a Proof of Concept. Of course. Bug bounty?

https://blog.trailofbits.com/2022/06/21/are-blockchains-decentralized/

Reply

or to participate.