nation state hackers caught exploiting cisco firewalls
Переглядів 193,928
20 днів томуAn advanced backdoor has been found on several Cisco ASAs around the world. Reported by Cisco Talos, these backdoors are sophisticated, and hint towards a larger campaign targeting telecommunications providers and energy sector organizations around the world
Talos Report: blog.talosintelligence.com/ar...
🏫 COURSES 🏫 Learn to code in C at lowlevel.academy
📰 NEWSLETTER 📰 Sign up for our newsletter at mailchi.mp/lowlevel/the-low-down
🛒 GREAT BOOKS FOR THE LOWEST LEVEL🛒
Blue Fox: Arm Assembly Internals and Reverse Engineering: amzn.to/4394t87
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation : amzn.to/3C1z4sk
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software : amzn.to/3C1daFy
The Ghidra Book: The Definitive Guide: amzn.to/3WC2Vkg
🔥🔥🔥 SOCIALS 🔥🔥🔥
Low Level Merch!: lowlevel.store/
Follow me on Twitter: / lowleveltweets
Follow me on Twitch: / lowlevellearning
Join me on Discord!: / discord
@LowLevelLearning 18 днів тому
learn about computers and stuff at lowlevel.academy , ya dig? 😎😎
@DudeSoWin 18 днів тому
That first hook is worming the Host for greater parasitism. Ensuring all analytics terminate is the sign of a more evolved Host that stays based in its original objective. Performance comes first, not safety nor other promiscuity posing as nicety.
@Alfred-Neuman 18 днів тому
I still have an old Linksys router with a simple backdoor on port 32764, it was fun to play with this. I remember also playing with some D-Link routers, we could access their admin panel by changing your user-agent of your browser to "xmlset_roodkcableoj28840ybtide". ("backdoor/roodkcab lol")
@Alfred-Neuman 18 днів тому
Someone here remember "xmlset_roodkcableoj..." or the port 32764 ? Edit: I got confused by the title, I thought these routers were sold like this...
@csehszlovakze 18 днів тому
WEF cyber pandemic
@Kane0123 18 днів тому
Reminds me of SC1. I dig… I read ya, siiiir.
@robindebanque8736 18 днів тому
At this point, it’s probably easier to just list the systems that don’t have some glowie backdoor
@azimuth4850 18 днів тому
*psst, Hey Kid, want a list of uncompromised systems?*
@StylishHobo 18 днів тому
If you find one, let us know
@cameronmckay62 18 днів тому
The list: 🤔
@acters124 18 днів тому
TempleOS, probably has bugs but definitely not made with glowies influence in trying to compromise it.
@victorbjorklund 18 днів тому
TempleOS ftw 😂
@EccentricFae 18 днів тому
wake up babe, new 10/10 CVE just dropped!
@0MVR_0 17 днів тому
evidence that babe exists
@PostMeridianLyf 17 днів тому
Loool ❤❤😂
@UNcommonSenseAUS 16 днів тому
Oh faxk off with this nonsense
@ohokcool 14 днів тому
Actual babe: “that guy talks too much” 😂
@knghtbrd 18 днів тому
I dunno if I'd agree that this is nothing out of the ordinary. Vulnerabilities are found all the time, sure. But this month we're finding nation-state attackers actively compromising lots of things successfully with 0-day you're-already-infected crap. That does happen. It doesn't happen several times a month usually.
@quantumuninstall 18 днів тому
I've been in a cybersecurity-adjacent field for awhile now, and this feels more like the plot from the (2nd?) pacific rim movie where the kaiju end up coming with less and less time between events until they get more than one kaiju in a single 'breach'. I feel like we were bound to hit a cve-tipping point where instead of having one a big one every month or two in the past, we get several a month, several a week, etc. The source of the problem isn't shrinking, its growing. The increase in the rate of security vulnerabilities feels inevitable.
@TehCheese 18 днів тому
The wider geopolitical situation is driving this. Nation-states have been keeping their powder dry for higher priority engagement opportunities. We're into higher priority engagements than "ordinary" objectives. It's also a bit of a panic that other nation-states will use the exploit that they have before they can use it, so we have a situation where there are high priority operations AND "use it or lose it" fear.
@larkohiya 18 днів тому
@@quantumuninstall feels like the cyberpunk future where the Internet as it was got destroyed by a virus that was unstoppable and infected all systems... I think the solution in cyberpunk was the creation of completely physically isolated networks.
@rnts08 18 днів тому
The west is busy with Ukraine and Israel, Taiwan looks very juicy. Nation states are lining up their ducks to be sure to have ways of knowing and redirecting attention. Source: trust me bro
@trip_t2122 18 днів тому
@@lawrencemanning Is there such a thing as true digital privacy in this day and age?
@StephenMoreira 18 днів тому
One of my favorite sayings, "There are organizations that know they have been hacked, and those that don't."
@Turalcar 18 днів тому
Reminds me of an internal google meme: "That's my secret, Cap. I'm always under attack."
@TKing2724 17 днів тому
Especially in the energy sector. Everyone knows there is espionage.
@o0Donuts0o 16 днів тому
Yeah. I also like “There are people that know how to build a house, and those that don’t.” “There are things that exist, and things that don’t.” “There are that that they have been , and that don’t.” Such a meaningful quote.
@superneenjaa718 16 днів тому
@@o0Donuts0o r/whoosh. It means everyone has been hacked, but some know it and some don't.
@o0Donuts0o 16 днів тому
@@superneenjaa718 oooh got me with a Reddit reference. 🙄. That quote is as stupid as the person who wrote it and the people who quote it. That’s my feel of ITSec in general. Do nothing all day and suddenly enlightened when the pen testers come along. You know, the actual knowledgeable ones. This quote just embodies them in general. Say a lot of nothing.
@mickolesmana5899 18 днів тому
i love when the last 5-6 videos of LLL are security vulnerabilites
@hansisbrucker813 18 днів тому
Well he is a security researcher after all 🤔
@mollthecoder 17 днів тому
@@lawrencemanning I could keep watching vuluns forever. They're all different and unique.
@1____-____1 18 днів тому
Cisco is synonymous with backdoor at this point...
@DudeSoWin 18 днів тому
But is Israel involved?
@kveldulfpride 18 днів тому
Any company that relies on a vendor that outsources their own TAC is a back door .
@BillAnt 18 днів тому
Well, they are targeted more simply due to their sheer numbers out there in backbone routing. Same with OS's, Windows being targeted more due to it's market market share.
@schwingedeshaehers 18 днів тому
@@BillAntfor clients yes, for servers no
@whannabi 18 днів тому
They're living rent free in your head that's insane @@DudeSoWin
@kaneskeee 17 днів тому
No memes, no ads, no nonsense content. Keep it up! Thank you.
@xenostim 13 днів тому
Yeah well that's fine and good. he didn't remind me to watch till the end and I wandered off
@Maxjoker98 18 днів тому
I'd 50% agree on the reason why lately people are noticing way more security problems: I too think it is because more people are talking about this type of stuff in UKposts videos etc., but mostly triggered by the XZ almost-vulnerability(which was bad, but caught early, and probably got somewhat overhyped).
@universallyepicnarwhal9102 17 днів тому
Not an almost vulnerability. Whatever group put it in, they had around two weeks to abuse it. Assuming their target was running Debian or Fedora their target was probs compromised.
@rusi6219 16 днів тому
@@universallyepicnarwhal9102Linux cultists will always try their best to downplay their Ls
@ImNotActuallyChristian 16 днів тому
@@universallyepicnarwhal9102 it was never released in a release version of debian. No one would have been using that version in production.
@universallyepicnarwhal9102 16 днів тому
@@ImNotActuallyChristian True, but it hit unstable debian. I know of some people (unfortunately) who use that in production. And they did successfully hit fedora
@beepbop6697 15 днів тому
@@universallyepicnarwhal9102lol. Using unstable in production is idiotic.
@jonreznick5531 18 днів тому
I once worked for a vendor to the Cisco campus in San Jose. They had a particular technical glitch at the campus they could never resolve--I was offering to refer a Cisco Certified Network Engineer to them every single week.
@electron_ 18 днів тому
As you said, this were happening all the time, but the peaople are now sharing more info and realising the situation.
@dracula7779 18 днів тому
Its not only that, more people work on security every year, more programs and services being created and more people using them every year. Everything is ramping up, the reporting as well
@electron_ 18 днів тому
@@dracula7779 I am absolutely agree with you. Security vulnerabilities we can sort in two major groups: 1. Accidental 2. Intentional This one belongs to the second group, with a purpose of collecting some data for some reasons..
@cerulity32k 18 днів тому
waiter waiter! more cves please!
@prism6205 18 днів тому
twenty course meal
@Rudxain 17 днів тому
Ah yes, Chili Vinegar Eggs, my favorite meal
@willtheoct 18 днів тому
so long as you don't print your own chips, you can guarantee your chips are backdoored
@peterfischer2039 18 днів тому
Even if you print your own chips, can you ensure that no malicious actor along the way put a backdoor into the design that you yourself missed.
@dinhero21 18 днів тому
ken thompson hack reference
@todorkolev7565 18 днів тому
x-ray every chip you produce before adding to the motherboard which you x-rayed as well :D
@capn 18 днів тому
@@todorkolev7565 don't forget to xray the xray machine to make sure the xray machine isn't compromised
@themartdog 18 днів тому
AI will make it very hard to hide hardware backdoors in the future. It will be able to take an image of a circuit and point out suspicious things.
@totojejedinecnynick 18 днів тому
" have you tried yanking the power cord? "
@jfbeam 17 днів тому
This is a real thing. Sometimes a device needs to be powered off to completely reset. A "reboot" doesn't always clear everything.
@test40323 18 днів тому
It's so true about security patches..there have been hacking and patches since day one. but some people believe erroneously that less security patches means your system is more secured.
@BakelitTV 18 днів тому
The only tech channel remaining I watch that doesn't upload 50 minute video essays every 2 seconds about every fart in the universe
@marcuskissinger3842 18 днів тому
Nice
@liamobrien5657 17 днів тому
i watch your videos twice because you pack so much info into them, its so good
@zaca211 18 днів тому
Just had one of my ASR1001-x devices compromised and was being used as a Tor relay. This was a couple of weeks ago. I found it strange that i got a visit from someone with the department of homeland security that knew everything that was happening on my systems before i did.
@thewhitefalcon8539 18 днів тому
They don't compromise things to be Tor relays... There are enough Tor relays run by volunteers.
@Sam-cp6so 18 днів тому
A hack is not as traceable as running your own relay or proxy or vpn or whatever, a hacker could certainly do this to try and put their egress location at arms length
@mollthecoder 17 днів тому
@@thewhitefalcon8539 I could imagine the Tor relay was a malicious Tor relay attempting to expose its users. In that case, it would make sense they are compromising things sense the more Tor relays you have access to the more control you have over the Tor network. It's always possible this commenter is lying, but this is entirely a realistic and possible scenario.
@GalokVonGreshnak 17 днів тому
@@thewhitefalcon8539 exit nodes are uncommon for volunteers just because of the heat you get from it.
@kujo4723 10 днів тому
@@thewhitefalcon8539 not true. alot of the relays are run by the government and somewhat unsafe.
@xTerminatorAndy 18 днів тому
thank you Mr. Low
@PaulLoveless-Cincinnati 18 днів тому
Fascinating analysis.
@Brute_Fork 17 днів тому
great video. thank you for covering this.
@ShooberTimber 18 днів тому
Governments not back-dooring any & all tech devices challenge (Impossible)
@Sunrise-d819i2 18 днів тому
them:H-HOW are keep getting hacked by another nations and steal our secrets!! cyber security: they used your backdoor you placed into it. stop adding backdoors? them:nahhh, that ain't the problem at all.
@CatgirlExplise6039 18 днів тому
@@Sunrise-d819i2 But i mean, if they didnt backdoor all our devices, how would they rape the undesirables??????????
@Rudxain 17 днів тому
We need Edward Snowden more than ever
@youtubeenjoyer1743 17 днів тому
Just make your own silicone
@mycelia_ow 14 днів тому
@@Rudxain its not the us
@BostonVanseghi 18 днів тому
You have come! You have come to hear the word of Cisco-Talos!
@timvw01 18 днів тому
Woo backdoor mania, love the vids, interesting stuff
@king94596511 18 днів тому
loving it🎉
@size_t 18 днів тому
"$vuln in Cisco found!" Yeah, they call it monday
@ArtemYakovlev 18 днів тому
Thanks for sharing
@whamer100 17 днів тому
random idea for a video: do a "top 10 CVEs" for different ratings. like top ten 10/10 CVEs, or top ten 1/10's for the less exploitable, but still fascinating ones. I've seen a lot of really interesting CVEs listed, especially ones that are related to like jailbreaking a device or allowing modification of consumer devices
@matthias916 18 днів тому
very interesting, would love an even more in-depth video like this
@thirtysixnanoseconds1086 18 днів тому
Is this news? My dad worked in telecoms. Was an open secret the NSA had a backdoor for CISCO products. Prospective orders for networking equipment that could packet an entire undersea cable worth of stuff. It's been known
@mllarson 18 днів тому
Just because it's an open-secret doesn't mean it's not a very bad idea to have a backdoor any nation-state can get access to.
@Squiddy00 18 днів тому
The US intelligence community has done a great job painting anyone who's vaguely aware of their operations, even in ways that are openly known, as the exact same as cooky anti-government nutjobs. I will remind you that mass-scale digital surveillance featuring collaboration from essentially every multinational tech giant was completely real. We're a decade post Snowden and it feels like everything he leaked has been completely swept under the rug.
@thebonermaker 17 днів тому
Your dad.
@oculosprudentium8486 14 днів тому
so much for the TRUSTED FOUNDRY campaign
@Toleich 17 днів тому
I think there's been a breakdown of cooperation with two intelligence agencies. These vulnerabilities are being found way too easy.
@krishnaSagar69 12 днів тому
thanks, I just started working with PA.
@Nik-rx9rj 18 днів тому
what!? they don’t stop!!!!!
@sbv-zs7wz 17 днів тому
Everyone has no doubt noticed the acronym of 'Nation State Actor' is 'NSA' ? :)
@MrMatthijsr 18 днів тому
Crazy stuff
@CEOofGameDev 18 днів тому
And that's why I always said that, at the end of the day, Picard is really the GOAT. We already knew you couldn't quite trust cisco ever since "In the Pale Moonlight". This is just another nail on the coffin of his reputation, tbh.
@prophetzarquon1922 18 днів тому
"It's *_reeeeal!_* I can _see_ it... _in my mind."_ - Sisko, Deep Space Nine
@zsh 18 днів тому
Now for the age old question: Could Rust have prevented thi-
@schwingedeshaehers 18 днів тому
no, even if it would prevent this attack, you search for another way to implement a backdoor. and if you can control the code, you can do it
@SimonBuchanNz 17 днів тому
If (as is presumably the case) the initial vector was a memory safety issue, then yes, a memory safe language is extremely likely to have prevented it (extremely likely here meaning at least 90%+ chance, and only that low because you have to hit unsafe code eventually and people like to think they're clever) Could they find *other* issues? Sure, but the reason it's often memory safety is that they're the majority of security issues in the first place. Why make things easier for the bad guy?
@reverse_meta9264 17 днів тому
😂
@rusi6219 16 днів тому
@@SimonBuchanNzLLVM
@SimonBuchanNz 16 днів тому
@@rusi6219 what about it?
@not.securewifi 14 днів тому
well explained. thank you for this. keep up the good work this is needed! telecommunication providers are not much help.
@aquahood 17 днів тому
They're also have an idea of utilizing their system on a dpu for example for computer to computer Communications and even identifying devices which need firmware updates flagging them and semi isolating them making it really clear that this needs to get done etc etc using deep machine learning as well they really up their game on this new rollout and it's worth a look.
@UnCoolDad 18 днів тому
Nation states probably got access to Cisco source code - was analysed, hence easier to find weaknesses.
@mrpocock 16 днів тому
If you have the hardware then you have the software. You can trace and reverse engineer. And you can run tooling that hunts for exploits against the binary.
@UnCoolDad 15 днів тому
@@mrpocock sure, but much easier with the source. Just need one bent software engineer on the inside.
@mycelia_ow 14 днів тому
@@UnCoolDad and doing that is harder than just reverse engineering. it's a lot more expesnive and diffult going that route. you have the company and gov to worry about. you've nothing to worry about just using the hardware.
@jmd1743 13 днів тому
@@mycelia_ow Or cisco just gives the NSA the hardware on source code.
@SB-qm5wg 18 днів тому
Cisco reporting on itself.
@astral6749 17 днів тому
Okay. I feel like I've really jinxed it after saying "inb4 we learn of an expoit that can bypass our firewalls" on your xz video.
@SteveWray 12 днів тому
This reminds me a lot of how the xz backdoor worked... In the case of xz, the 'magic' token was signed with a ecc private key. But presenting that signed token to ssh would have activated the backdoor, much like this.
@idahofur 17 днів тому
Several years back I think some home routers could be cleared by just unplugging them. I do remember some print servers that once you re flashed the firmware. It would kill the bot.
@WeedMIC 17 днів тому
during the backdoor firmware year a few years ago i dumped all routers and smart switches and made my pwn using linux and iptables. Faster and fixable.
@bennetttomato 17 днів тому
Thanks for covering this! Everyone’s favorite 3 letter controlled hacker forum ;) was censoring this story so always nice to see someone cover it
@muxcmux 17 днів тому
Lua mentioned!
@ismbks 18 днів тому
so interesting
@mysticknight9711 15 днів тому
Assuming the accuracy of your report, the easiest way to detect that your device has been compromised would be to have a separate syslog server notice the absence of logging from registered devices.
@guineapig1016 16 днів тому
Wow!
@eno88 18 днів тому
Well that sure took long
@cj.wijtmans 18 днів тому
cisco is pretty well known for backdoors.
@Ostinat0 13 днів тому
THANK YOU for harping a bit on the fact that this shit is happening all the time and it's just that nobody knows about it. If they actually knew I'm sure they would care a lot more!
@aquahood 17 днів тому
I would like to point out that those devices are aging Francisco has just announced a completely radical rework of their security framework and it's worth a look if you imagine that they used to be the industry number one without question leader in this area, then you probably can imagine they had a lot of money stash for R&D and if they're putting out something like what I heard they're doing it could be quite interesting.
@ferencszabo3504 12 днів тому
You don't need a "nation - state" attacker when you have NSA😊😅😊
@Brian-L 15 днів тому
Nation State Actor, I see what you did there
@Kudeghraw 12 днів тому
Everyone saw what they did there, they just didn't feel the need to comment about it due to how basic it is.
@Ilix42 18 днів тому
Finally, my not bothering to troubleshoot beyond unplugging my crappy Cox router and plugging it back in pays off for security. XD
@sirius_s2028 18 днів тому
What a suprise 😂
@first-thoughtgiver-of-will2456 18 днів тому
Id love to write tooling like fine tuned llms for/with these blue teams
@kvf271 17 днів тому
have you tried unplugging it and plugging it back in?
@itsmenewbie03 18 днів тому
It's getting tough for NSA now
@jamescollier3 8 днів тому
it's probably nsa
@naranyala_dev 17 днів тому
I believe there is still more to discover
@Ben_EhHeyeh 17 днів тому
For internet appliances and their always on nature, in memory malware is fairly common, going back to 2008-10 Chuck Norris router malware.
@notmewooshme9916 18 днів тому
In software, security is an illusion.
@BrunoVinicius-ix8wt 18 днів тому
Not in software. Everywhere. You are not safe.
@prophetzarquon1922 18 днів тому
Security is a _practice._ Being secure, is the illusion.
@greggoog7559 16 днів тому
Exactly, and that's precisely why I've stopped caring about security completely. Much less paranoia, more relaxed and efficient life. And probably no difference in effective security outcome.
@omgnowairly 15 днів тому
Pretty secure when it’s turned off. The trick is keeping it that way when it’s running.
@prophetzarquon1922 4 дні тому
@@greggoog7559 It's not that security practices are pointless; they're more vital than ever, actually. The problem is that doing anything while maintaining best practices, has become so onerous that the best approach is often to just not do things. Security isn't just about privacy, it's also about safety... & we are not safe, when relying on these type of shoddy systems.
@LandonBrainard 17 днів тому
I’m astonished that this security org only blurred the secret rather than removing it entirely. Blurred text can be recovered by blurring letters and comparing to the blurred phrase. The font would be trivial to identify since there is a bunch of other text surrounding it.
@Venryx 13 днів тому
Next level plan: Use blurring, but replace that section of text (before blurring) to random nonsense, just to waste the time of potential attackers. (but yeah, speaking seriously, I had the same annoyance/complaint)
@filtercleaners1936 15 днів тому
please buy more cisco productrs
@whtiequillBj 17 днів тому
Do they not know the access vector or are they not ready to publicize what is it? Or would publicizing it be bad so they're only telling people who need to know?
@wlockuz4467 18 днів тому
Can someone explain how does this happen? How does someone commit a backdoor into proprietary code?
@LowLevelLearning 18 днів тому
in memory backdoor installed via an exploit, not in all the code
@wlockuz4467 18 днів тому
@@LowLevelLearning So the backdoor is planted using some existing vulnerable code on the device, which is why shutting down the device requires reinitialization of backdoor, that makes more sense, thanks!
@TexRobNC 10 днів тому
I left IT for health reasons years ago, but at the time I was trying to get attention for all the shady "delivery optimization" shit that gets installed on our systems. There is no way with all of those over the years, someone hasn't been using one for nefarious reasons. Everyone just accepts SO much good behavior in the tech space, it's a problem.
@TesserId 14 днів тому
Disable syslog? Hence, the importance to monitor for the absence of logs.
@guy_th18 18 днів тому
4:54 hey, no mention of Binja? :(
@odex64 18 днів тому
NSA strikes again
@jdkemsley7628 18 днів тому
How useful is it really to disable syslog? The Eye of Sauron is drawn to you every time you use the ring for invisibility! The sudden absence of syslog lines has got to be a huge red flag to many monitoring systems. Hard to imagine that the light anti-forensics gain outweighs the detection risk.
@mollthecoder 17 днів тому
There's legitimate reasons for a system to not be reporting logs. For example, many customers would want to avoid reporting them for privacy, security, or legal reasons. Correct me if I'm wrong, but I'm pretty sure Cisco provides official mechanisms to turn off syslogs, which is probably what the backdoor emulated.
@jfbeam 17 днів тому
Not so much "monitoring systems". I don't know of any such technology that has any logic to detect a system being abnormally silent. Yes, syslogd has had a "mark" target for eons, but (a) no one turns it on, and (b) even fewer setup systems to look for it. In my world, I ("The Human") am the only thing that would ever notice "I haven't seen anything from XXX for a while." Depending on the system, there may not be anything to be logged.
@jfbeam 17 днів тому
@@mollthecoder There is, and the default is local only. If an admin has configured logging, and there aren't any logs coming from it... it's something to be checked. I would expect this level of attack to have disabled syslog in the executable, not just removing the logging commands. (one can see the commands aren't there and put them back.)
@LucaLazzarin89 14 днів тому
it kinda looks like the xz backdoor, at least conceptually, doesn't it?
@mrpocock 16 днів тому
So ... why is security critical code not gated behind a digital signature so that it only executes if it is correctly signed?
@kevharv 17 днів тому
I would think a firewall suddenly not sending syslogs would be a huge red flag but okay…
@ntandotshabalala665 18 днів тому
Twenty twenty-four: the year of the backdoor - there have been so many exploits discovered this year alone (it's only April) I've completely lost count. It's beginning to seem like all the security promised by all these "trusted" OEMs has been nothing but an elaborate ruse.
@prophetzarquon1922 18 днів тому
Yup. Trust ≠ security
@mollthecoder 17 днів тому
It's technology, security is impossible. No OEMs are going to be invincible to vuluns.
@ytfeelslikenorthkorea 18 днів тому
lol... the same appliances that years back people reported to be delivered opened while travelling straight from the manufacturers? And traces or re-flashed firmware? :)
@incubo4u555 17 днів тому
Why they haven’t formatted the code snippet ??
@istvanbarta 18 днів тому
Why do I have deja vu?
@istvanbarta 18 днів тому
maybe because as you said @7:30 :)
@EobardUchihaThawne 18 днів тому
since last month somehow we get backdoors or 10/10 problems with biggest tech companies every week🤔
@mytechnotalent 18 днів тому
Absolutely insane hooking crash dump.
@jfbeam 17 днів тому
Nah. Covering your tracks is a standard practice. (not that many a would be hacker gets it wrong)
@conwaylai8562 12 днів тому
I need we need to build our own router and switches, so we know what backdoors we have within our codes. We can thank NSA for all the backdoors, imo.
@CFSworks 17 днів тому
I wonder if the rate of (known) "nation state threat actor" campaigns being launched correlates with the number of technologically advanced countries currently at war.
@c.n.crowther438 18 днів тому
Low Level Learning & Mental Outlaw are two of the most based UKpostsrs in the Tech Space.
@Acetyl53 16 днів тому
It's the eclipse. Death and rebirth symbolism everywhere.
@f_pie 18 днів тому
Omg this is scary
@aquahood 17 днів тому
It ramped up in 2008 + you have to check the cve but I'm pretty sure you'll see a jump.....
@VenomKen 15 днів тому
It works exactly as the NSA and Cisco designed it to work.
@wontcreep 18 днів тому
i need to sever my network cable
@antdah 17 днів тому
Isn't it possible that there are more cases because there are more devices? As humanity grows, we connect more things and people, and therefore need more network infrastructure devices. So I think it is reasonable that there would be more holes, but also more people and users to find said holes.
@octonoozle 18 днів тому
I remember when my Cisco firewall started playing the Thong Song. I guess the hacks have gotten more advanced.
@njpme 18 днів тому
Oooo that dress so scandalous...
@cassanateli 18 днів тому
But less worthwhile, clearly
@_mil0__ 13 днів тому
LE two steps behind the blackhat 😅
@hashdankhog8578 18 днів тому
the palo alto backdoor has took down our entire districts network
@tomkarnes69 13 днів тому
Nation State as in the NSA
@1337cookie 17 днів тому
You could probably reverse that gaussian blur on the magic token.
@plachenko 18 днів тому
4:56 why would they blur the token, blurring isn't destructive...
@XGD5layer 18 днів тому
If they want to uniquely identify each org with that token then they can't destroy it
@LaserFur 18 днів тому
given the light dark pattern they probably replaced it with words first.
@Marc16180 18 днів тому
I think there may be confusion between a 32-bit and 32-byte token. The number of unmasked characters is insufficient for 32 bytes.
@mollthecoder 17 днів тому
@@Marc16180 OP is saying that even with blurring text can still be identified
@jfbeam 17 днів тому
Then recover it and tell the world what it is.
@Requiem100500 17 днів тому
That's cool and all, but why is there "include" instead of "grep" at 6:00?
@blckwaterpark 18 днів тому
Fantastic.. eh
Eurovision Song Contest
Переглядів 14 млн
Алексей Навальный
Переглядів 6 млн
Scott Manley
Переглядів 965 тис.
Marlon Wireless
Переглядів 2,1 млн
AppleTheme
Переглядів 15 тис.
Как ДВА сервиса не заметили этого?😱ТОПОВЫЙ ноутбук Tianxuan 4(i9-13900H, RTX 4060) / нет изображения
notebook-31
Переглядів 65 тис.
MaxxPC
Переглядів 728 тис.