The Weekly Accountability 3

Security

Attacks

• SolarWinds products Serv-U Managed File Transfer and Serv-U Secure FTP have a Remote Code Execution vulnerability which is being actively exploited by a threat actor. They have issued a patch for fixing the issue. More
• A Social Engineering attack targeting journalists, professors, and professors, attributed to Iranian APT TA453, impersonating two scholars from University of London has been discovered. The APT has a history of conducting similar phishing attacks. More
• Visitors to certain Chinese gambling sites were infected with BIOPASS, a RAT with the capability to live stream the victim’s computer screens. More
• Yet another vulnerability was found in the Microsoft Print Spooler service, though this is a privilege escalation which compared to the older RCE is less worrying. Turn off the Print Spooler service permanently at this point and start looking for alternatives. More

Write-Ups

• A HTTP request smuggling vulnerability has been discovered in Apache Tomcat, for which patches have been released. More
• A risk assessment of Github’s Copilot. More
• Write-up of the XSS and argument injection vulnerabilities found in Etherpad, out of which argument injection has not been fixed yet. More
• Write-up of the Kaseya VSA Zero Day exploit which the REvil used to conduct a mass ransomware attack. More
• A backdoor was found in KiwiSDR, an open source SDR tool. The backdoor allowed the developer to have root access to the system it was running on. More
• Cloudflare fixed a Remote Code Execution vulnerability in CDNJS, used by 12.7% of the entire internet. More

Tools

• CyberChef: A suite of security utilities created by GCHQ for (almost) any trivial task you could think of
• Ransomwhere: A platform to collect crowd-sourced data about ransomware payments happening all around the world
• Deciduous - Security Decision Tree Generator

Engineering

News

• The author points out the problems with webhooks and makes the case for an endpoint which publishes events. More
• A brief explanation of how WhatsApp achieved multi-device support. More
• Google has announced the rollout of authenticated brand logos based on the BIMI standards for GMail in the coming weeks. More

Tools

• Rustpad: Collaborative Code Editor

Technology

News

• Researchers have surpassed the DeepMind’s AlphaFold2, used to solve the protein folding problem, considered to be one of the toughest problems in biology, using an openly available model, RoseTTAFold, which is much less resource intensive than AlphaFold2. DeepMind has now open sourced AlphaFold2. More
• Vice reports about a company, FullContact, which link the “anonymous” advertising ID generated by the likes of Apple and Google to Personally Identifiable Information(PII). More
• Apple has removed Fakespot, a service which identifies fake reviews in Amazon from the iOS App Store due to a request from Amazon. More
• An anonymous user has leaked classified documents regarding the Challenger tank, in an effort to make the game “War Thunder’s” design more accurate. More

Life

Futurology

• A new study which compares the current data with an MIT study in the 70s which predicted the collapse of civilisation has found that we might be on the path to societal collapse in the 2040s. We were the farthest from the sustainable growth scenario described in the MIT study. More