Cybersecurity Shenanigans 😎

#003

👋 Hey there,

It’s been a PACKED month for me, which is kind of reflected in the length of this newsletter. 😅

So without further ado, let’s jump right into this month’s content. And thanks again for being here!

— JH

News & Commentary

Patch Tuesday breaks Linux 🫠

Linux systems with Secure Boot enabled had a bad time this Patch Tuesday.

This month’s Windows security updates included Secure Boot Advanced Targeting (SBAT) that was pushed to secure Windows devices against unpatched Linux boot loaders. Instead of booting as expected, impacted Linux OSes display an error: "Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation." It’s still unclear exactly which Linux distributions are impacted, but Ubuntu, Linux Mint, Zorin OS, and Puppy Linux are confirmed to be among those affected.

There is a workaround now, and you’ll never guess what it is: Delete the SBAT update. 🤔

Kinda shocking because Patch Tuesdays are usually so uneventful…</s>

Google Chrome’s zero-day tally is up to 9 in 2024 😅

It’s been a bad year for Chrome.

The ninth zero day for the popular web browser was just announced as CVE-2024-7971 after being exploited in the wild and reported by Microsoft’s security teams. The vulnerability is a type confusion, which opens the door for attackers to run malicious code on a user's system.

Chrome ended 2023 with 8 zero-day exploits, and we’ve got four months to go in 2024. Stay vigilant and stay patched, my friends. 🫡

A critical flaw in a WordPress plugin allows admin access 👀

TL;DR: Use LiteSpeed Cache on your WordPress site? Get to patchin’.

A critical flaw in WordPress’ LiteSpeed Cache plugin has been discovered and marked as CVE-2024-28000 with a CVSS score of 9.8. It involves a weak security hash, which makes it possible for bad actors to spoof user IDs and gain admin access. This is bad enough on its own, but what’s worse is this is a really popular plugin with more than 5 million active installations.

And, uh, Wordfence Intelligence has blocked more than 80,000 attacks targeting this vulnerability within the past day. 😅

Luckily, a patch is available. Be sure to update to version 6.4 if you use this plugin.

Guy hacks a state registry to fake his own death and avoid paying child support ☠️

Have you ever wanted to get out of a financial obligation so badly that you decided it was time to pretend die?

A guy from Kentucky did just that, stealing and using credentials to hack into the Hawaii Death Registry System to report he was no longer among the living. Why? Because he was over the thought of paying child support. 😅

While he was at it, he also hacked into a few other private corporate networks and government systems to grab data to sell on the dark web.

Ultimately, he was found, charged, and sentenced to 81 months in federal prison. It’s estimated that he caused nearly $200,000 in damages through his actions…including unpaid child support.

Sponsor

Built for Developers, Ready for Enterprise

Guardsquare is the leader in mobile application security, providing code hardening, RASP, and real-time threat monitoring to better protect mobile apps and SDKs against attacks.

Have you used our free mobile app security testing tool, AppSweep?

Latest Content

YouTube Videos

August 28 // I showcase a neat (and free!) training opportunity featuring interactive SQL injections.

August 23 // I walk through the first few challenges and levels from the inaugural game hacking village at DEFCON 32.

August 21 // “Mark of the web” sounds a bit, uh, scary, but it’s actually a neat forensic artifact on Windows. Here’s how to find it.

August 16 // Ever find yourself in a situation where you have quarantined malware when you really just want the infected stuff (for research, of course)? Let’s reverse engineer it.

August 14 // A deep dive into the phishing website that was used to hack LinusTechTips’ Twitter account.

August 12 // The official LinusTechTips Twitter account was recently hacked. I share a few tips on how you can secure your own Twitter.

Social

Sponsor

Secure email from every angle

Material takes a holistic approach to addressing risk across your productivity suite — blocking malicious messages from the outside in and protecting accounts and data from the inside out.

See why security teams love Material.

Upcoming Content

Here’s a snippet of my to-do list for content you might see soon! 👀

  • More Game Hacking with the DEFCON 32 challenges! Will finally get into dnSpy

  • Deep-dive on the National Public Data breach

  • My first scambait video 😜

Events

Hacker Summer Camp recap

Hacker Summer Camp was amazing. Hectic for me, but super fun! On Friday, I had the honor of serving as a judge for the Social Engineering Village. Friday night was the Red Team Village Party, where I got to see a lot of great folks and just generally have a great time.

Photo dump:

Psst! This fall, exciting stuff is coming. All I can say right now is my team and I have been working on a ~ stealth project ~ for quite some time now, and we’re almost ready to announce it to the masses.

Stay tuned! 👀

Give Me Your Feedback (Pretty Please 🙏)

Cybersecurity Shenanigans Feedback

Any advice on how to make this thing better? Let me know! Select an option below, and then write in your comments on the next screen. :)

Login or Subscribe to participate in polls.