Notices by Marcus Hutchins :verified: (malwaretech@infosec.exchange)

@GossiTheDog Paying $400 for a game is actually insane lol

FWIW, BlueSky is probably worth also maintaining a presence on. They went the decentralized route too, and It took a bit of time but the users finally managed to bully Jack into leaving the company and selling all of his ownership.

I'm mostly active here & on BlueSky.

https://bsky.app/profile/malwaretech.com

Hello Sharks, I'm seeking $50bn for my business. My idea is that we build the same business that already exists, but instead of just paying a living wage, we spend 50x that amount trying to replace the employees with extremely expensive and unsustainable arrays of graphic cards that guess sentences

Dang, I got put in LinkedIn jail over my choice of words for that dude. I won't say I didn't deserve it, but if anyone here works for LinkedIn and wants to get me release early for good behavior, I won't commit anymore crimes I promise

𝐂𝐔𝐏𝐒 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐀𝐭𝐭𝐚𝐜𝐤 𝐒𝐮𝐫𝐟𝐚𝐜𝐞 𝐃𝐚𝐭𝐚
Since there were some questions about the severity of the CUPS vulnerability due to it requiring the presence of the cups-browsed daemon and UDP port 631 being open to the internet, I performed a global scan to gather more data.

Of the 61,763 systems I found which had CUPS exposed to the internet, 13,289 of them returned a valid response when probed on UDP port 631, indicating the port was reachable and cups-browsed daemon was running.

The top affected countries are as follows: US: 3381, DE: 2790, RU: 853, FR: 724, NL: 634, SG: 582, IN: 579, FI: 566, GB: 533, CA: 282, BR: 227, JP: 202, KR: 151, ID: 141, PL: 136, CN: 131, HK: 121

My Google history from today legit makes me look like a straight up terrorist. There was speculation that the pager explosions were triggered by overheating the batteries (which is what lead to the whole "it was malware" insane speculation).

It's pretty much widely accepted at this point that the pagers were intercepted and implanted with PETN, but that doesn't actually answer the question. PETN is a secondary explosive (i.e. it's fairly stable and highly resistant to detonation from force or ignition). So the (IMO) most interesting question, which is currently still unanswered, is how did they detonated the PETN, and how did they build a detonator that would not be discovered by inspection, explosive detectors, etc.

While malware is 100% out of the question, custom lithium batteries could be made with a mechanism designed to reliably cause thermal runaway via an internal short circuit. So, I was curious if theoretically you could use a maliciously modified LiPo battery as a detonator PETN.

What I can gather from my research, is that PETN can't reliably be detonated by an open flame, and the heat produced by thermal runaway from a LiPo battery would be so hot that it would actually cause the PETN to undergo chemical decomposition and become inactive.

So, basically, the result of my entire Google history now looking like "hello, yes, CIA, I am doing a terrorism" is thermal runaway as a trigger is unlikely.

@Suiseiseki Out of interest, how many invites to parties have you received in your lifetime?

Can you imagine being an intelligent life form visiting earth and finding out that we've figured out how to harness nuclear fission as well as produce artificial fusion, but all we've done with it is make really big bombs and our current solution to climate change is to basically just put fucking solar panels and windmills on every surface

"Hey, why don't you guys use nuclear power?"
"Some soviets were really stupid one time so we decided to just kill everyone's brain cells and make the planet uninhabitable by burning obscene amounts of dinosaur juice"
"Ok, makes sense"

@GossiTheDog 😭

@GossiTheDog It was so weird to see media outlets interviewing cybersecurity professionals about bombs. Even agreeing to those kinds of interviews seems like malpractice

Living in the US feels like being on a prank show where you know it’s a prank show and you’re just patiently waiting for the presenters to make the big reveal so you can go on with your day

@GossiTheDog Have you or anyone looked at the data yet? I'm interested to hear more

I can't believe people are actually going with the cybersecurity angle here. Sure, in some super rare edge cases, there are probably circuits that could be hacked and overloaded to cause the Lithium-Ion batter powering it to combust. But Lithium-Ion batteries don't explode. They combust over the course of a couple of second to minutes. Not to mention, even if batteries did explode, which they don't, we're talking a single triple A battery not an EV cell.

We've all been so busy worrying about what if AI becomes self-aware, we forgot to consider what if Elon Musk becomes self aware? Right now he's dangerously close to realizing that he actually isn't at all funny and that people only laugh at his jokes because they need his money.

I love that we now have a summer version of the iconic Los Angeles skyline photo

This is the first time I've ever seen a screenshot of a post from Elon that was so unbelievably creepy and weird that I actually had to log in to Twitter and confirm it was real

I have so much beef with PowerShell over them choosing to use C-Style syntax, but then stray so far from the norms of other C-like languages. I'm certain that replacing all the comparison operators with their own was the work of Satan.

I can code C, C++, GoLang, Python, JavaScript, PHP fairly effortlessly, but 90% of my dev time with PowerShell is just looking up some random syntax change they made for seemingly no reason.

@Suiseiseki Both my website and the CDN rely on JavaScript to work

Analyzing and Exploiting CVE-2024-38063, an RCE Vulnerability In the Windows TCP/IP Stack

https://malwaretech.com/2024/08/exploiting-CVE-2024-38063.html