Skip to main content

Posts

Showing posts from June, 2021

Microsoft's Windows 11 requires TPM chips in order to upgrade.

 Recently, Windows 11 was announced, and its features and requirements released. In a surprising move, Microsoft is requiring devices to have TPM chips in order to update to the newest version. A TPM is a Trusted Platform Medium chip. These are used to protect encryption keys and user credentials among other things. The goal behind requiring these chips is to help protect from ransomware and other modern attacks. Devices without a TPM can still upgrade, but they will either need workarounds or changes to the BIOS.  An article from The Verge covering this topic can be found  here . A list of compatible CPUs can be found here .

SSID Format String Bug

 This  article , covers a recent tweet that displayed a vulnerability where a specific SSID name could permanently disable an iPhone's wifi functions. Luckily for user, @vm_call, a user in the replies found a way to fix the wifi. The article covers the process by which the SSID is processed and what the actual issue that causes the crash is. It seems a bit weird to write a blog post about a blog post, but this topic was incredibly interesting and the original tweet and the conversation around it was fun to follow. As for the potential for exploitation for this vulnerability, it isn't something that could be used in it's current state. The target can see the name of the SSID they are connecting to, so they would know that they were connecting to a potentially dangerous network. 

REvil ransomware gang attacks US nuclear weapons contractor

Ransomware gang REvil breached Sol Oriens at some point last month. Sol Oriens is described consulting firm that works with government agencies to carry out 'complex programs'. As noted in the article, they appear to also work with nuclear weapons systems like the W80-4. If the information stolen by the ransomware gang includes schematics or sensitive information regarding these weapons or other military projects that Sol Oriens may have been working on, that information may now be in the hands of the highest bidder. REvil has said that may forward the information they have to military agencies of their choice. Without a doubt, the situation is precarious as U.S. nuclear weapons information may now be in the hands of seemingly profit-focused threat actors. If an enemy of the country gets ahold of this information the results could be catastrophic. REvil has released information featuring employee payroll records, including social security numbers. They have also released contra...

IP header formatting and finding and understanding the content of a packet

 My plan for this week was to go over and talk about IP headers and datagrams. However, while looking through some resources, I find a document that can explain it far better than I can. So instead of diving into the technical nitty-gritty of packets and headers, I'll let Burton Rosenberg of the University of Miami's Computer Science departmen t handy article explain it.  With my original plans for this article taken care of, I instead thought that it would be a good idea to cover how to actually examine a packet and apply this information. It is one thing to know the theory, and another entirely to apply it. With that in mind, I decided to play around with Wireshark and throw together a little demonstration depicting the process.  This is a Wireshark window that shows the HTTP traffic to and from my VM. To generate this information, I started Wireshark, confirmed in the capture options that it was using the correct adapter, and performed a google search. The packet that ...