CompSec Blog

While researching for my individual video project I came across this tool which allows for the sniffing and interception of bluetooth packets. This article covers some of the basic functionality of an Ubertooth One.  It's really quite interesting to see all the possibilities with devices like these. The tech behind them is very interesting as well. Hopefully, I'll be able to integrate some of this technology into my project video and include a demo of some of the interesting things it can do.

 This week I've been slowly working at going through the course material at  Free Code Camp . Currently, I've been taking some time every day to watch a little of the  CISSP course video  they have published on Youtube. The CISSP (Certified Information Systems Security Professional) is a certificate that is a highly regarded infosec certificate that covers topics ranging from asset security to security software deployment. The free resources provided by Free Code Camp have been excellent so far, and I highly recommend them to any wishing to study for the CISSP. 

 Recently on a specific forum, a new database was released containing Linkedin account information. This database supposedly contains at least 700 million account details, though there have been postings claiming that there are more details in addition to those 700 million. The information that was released seems to be accurate, but it is impossible to tell if the entire database is real, as the database is locked behind a paywall. The information also seems to primarily be gathered through a python scraper or similar method and does not contain account passwords. However, it does contain physical location information and a number of other personal details. I won't link the sale thread, but here are a few articles describing the situation. Privacy sharks , Restore privacy , Business Today .

 Recently, Windows 11 was announced, and its features and requirements released. In a surprising move, Microsoft is requiring devices to have TPM chips in order to update to the newest version. A TPM is a Trusted Platform Medium chip. These are used to protect encryption keys and user credentials among other things. The goal behind requiring these chips is to help protect from ransomware and other modern attacks. Devices without a TPM can still upgrade, but they will either need workarounds or changes to the BIOS.  An article from The Verge covering this topic can be found  here . A list of compatible CPUs can be found here .

 This  article , covers a recent tweet that displayed a vulnerability where a specific SSID name could permanently disable an iPhone's wifi functions. Luckily for user, @vm_call, a user in the replies found a way to fix the wifi. The article covers the process by which the SSID is processed and what the actual issue that causes the crash is. It seems a bit weird to write a blog post about a blog post, but this topic was incredibly interesting and the original tweet and the conversation around it was fun to follow. As for the potential for exploitation for this vulnerability, it isn't something that could be used in it's current state. The target can see the name of the SSID they are connecting to, so they would know that they were connecting to a potentially dangerous network. 

Ransomware gang REvil breached Sol Oriens at some point last month. Sol Oriens is described consulting firm that works with government agencies to carry out 'complex programs'. As noted in the article, they appear to also work with nuclear weapons systems like the W80-4. If the information stolen by the ransomware gang includes schematics or sensitive information regarding these weapons or other military projects that Sol Oriens may have been working on, that information may now be in the hands of the highest bidder. REvil has said that may forward the information they have to military agencies of their choice. Without a doubt, the situation is precarious as U.S. nuclear weapons information may now be in the hands of seemingly profit-focused threat actors. If an enemy of the country gets ahold of this information the results could be catastrophic. REvil has released information featuring employee payroll records, including social security numbers. They have also released contra