Prisma/Channel

Description
All things cyber security — news, tips, discussions, and occasional humor.

⭐️ Please rate and review here: ⭐️
https://tchannels.me/c/prisma_channel

🕊 Twitter: https://twitter.com/aprismatic_sg
🌐 Website: https://Aprismatic.com/
💬 Feedback: t.me/bazzilic
Advertising
We recommend to visit

Community chat: https://t.me/hamster_kombat_chat_2

Twitter: x.com/hamster_kombat

YouTube: https://www.youtube.com/@HamsterKombat_Official

Bot: https://t.me/hamster_kombat_bot
Game: https://t.me/hamster_kombat_bot/

Last updated 3 months, 2 weeks ago

Your easy, fun crypto trading app for buying and trading any crypto on the market.

📱 App: @Blum
🆘 Help: @BlumSupport
ℹ️ Chat: @BlumCrypto_Chat

Last updated 3 months, 1 week ago

Turn your endless taps into a financial tool.
Join @tapswap_bot


Collaboration - @taping_Guru

Last updated 6 days, 5 hours ago

2 years, 11 months ago

It's hard to believe that this story is true, but then again - I wouldn't be surprised.

https://twitter.com/SchizoDuckie/status/1474087696247279626

Twitter

🦆 SchizoDuckie 🦆

Thread: (1/8) @Belastingdienst gave me the go-ahead to share the story of how the Lamest Hacker You Know***®*** received this epic #ResponsibleDisclosure award from them. Looking back on it I don't think I can tell it any better than this chat log interaction,…

It's hard to believe that this story is true, but then again - I wouldn't be surprised.
3 years ago
What hackers don’t want you to …

What hackers don’t want you to know

3 years, 2 months ago

? Still using voice assistants? Ever wonder what data they collect and persist? Here's a hint: everything. This data privacy blogger requested their data from Amazon and it had among others: precise location, a list of all contacts and audio recordings of all her requests to Alexa.

? https://www.tiktok.com/@my.data.not.yours/video/7002745932064230662

? https://www.mirror.co.uk/news/weird-news/woman-finds-amazon-thousands-recordings-25240984

3 years, 3 months ago

?⚠️ Apple's new iOS v14.8 contains security fixes for vulnerabilities found by Citizen Lab in CoreGraphics and WebKit. Since exploits were found in the wild, it is highly recommended to update ASAP.

https://9to5mac.com/2021/09/13/apple-says-ios-14-8-patches-iphone-attack-that-defeated-blastdoor-protections/

9to5Mac

Apple says iOS 14.8 patches iPhone attack that defeated Blastdoor protections

Apple has published a full support document detailing what’s new in iOS 14.8, watchOS 7.6.2, iPadOS 14.8, and macOS Big Sur 11.6. Apple says that the updates address security vulnerabilities that “may have been actively exploited in the wild.” Update: Citizen…

***?******⚠️*** Apple's new iOS v14.8 contains security fixes for vulnerabilities found by Citizen Lab in CoreGraphics and WebKit. Since exploits …
3 years, 9 months ago
3 years, 10 months ago

? I love these stories when a regular due diligence on a device security turns into a complete train wreck. A simple device that counts the passing by people to measure building occupancy turned into a wide-open welcoming gateway for everybody.

Just take a look, it gets worse and worse: https://threadreaderapp.com/thread/1357296455615197184.html

#FridaySecurity

Threadreaderapp

Thread by @OverSoftNL on Thread Reader App

@OverSoftNL: Infosec fail thread: So, in the last couple of weeks I've been looking into a product we were thinking of offering to our customers. This time, we were looking into the FootfallCam 3D plus. A...…

***?*** I love these stories when a regular due diligence on a device security turns into a complete train wreck. …
3 years, 11 months ago

⚠️ Wow, that's a big one (CVE-2021-3156): escalation of privilege in sudo (‼️) through a buffer overflow. Almost everyone's affected, any local user can elevate to root.

Affected versions:? All legacy versions from 1.8.2 to 1.8.31p2
? All stable versions from 1.9.0 to 1.9.5p1

To test if your system is vulnerable or not, login to the system as a non-root user.
Run command sudoedit \-s /If the system is vulnerable, it will respond with an error that starts with sudoedit:If the system is patched, it will respond with an error that starts with usage:More details: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Qualys Security Blog

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog

Update Feb 3, 2021: It has been reported that macOS, AIX, and Solaris are also vulnerable to CVE-2021-3156, and that others may also still be vulnerable. Qualys has not independently verified the…

***⚠️*** Wow, that's a big one (CVE-2021-3156): escalation of privilege in `sudo` (***‼️***) through a buffer overflow. Almost everyone's affected, …
3 years, 11 months ago
3 years, 11 months ago
4 years, 2 months ago
So the recent leak of Windows …

So the recent leak of Windows source code is confirmed, in fact the sources were for Windows XP SP1 and Windows Server 2003. This is huge for the community and I believe will in the end be beneficial to Microsoft's OS business itself.

A twitter user https://twitter.com/ntdev_ published a youtube tutorial on how to compile it, which was shortly taken down by copyright claims from Microsoft.

The video however is available and could be downloaded via torrent using this magnet link: magnet:?xt=urn:btih:7c370b5e00b91b12fc02e97bacdca24306dc12b5

We recommend to visit

Community chat: https://t.me/hamster_kombat_chat_2

Twitter: x.com/hamster_kombat

YouTube: https://www.youtube.com/@HamsterKombat_Official

Bot: https://t.me/hamster_kombat_bot
Game: https://t.me/hamster_kombat_bot/

Last updated 3 months, 2 weeks ago

Your easy, fun crypto trading app for buying and trading any crypto on the market.

📱 App: @Blum
🆘 Help: @BlumSupport
ℹ️ Chat: @BlumCrypto_Chat

Last updated 3 months, 1 week ago

Turn your endless taps into a financial tool.
Join @tapswap_bot


Collaboration - @taping_Guru

Last updated 6 days, 5 hours ago