schizoidman

cross-posted from: https://lemm.ee/post/65314520

cross-posted from: https://lemm.ee/post/65314164

cross-posted from: https://lemm.ee/post/65313582

https://archive.is/vt6mi

the US struck a secret agreement with Ishii. In a memo to General Douglas MacArthur (1880 – 1964), commander of Allied forces in Japan, Washington recognized that although war crimes had been committed, the experiments led by Ishii and his colleagues were "almost incalculable and incredibly valuable to the United States."

In exchange for the records of Unit 731's experiments, the US granted Ishii and his assistants immunity. Ishii died, and his collaborators went on to have careers in prestigious universities and private laboratories.

cross-posted from: https://rss.ponder.cat/post/193175

Thousands of home and small office routers manufactured by Asus are being infected with a stealthy backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said.

The unknown attackers gain access to the devices by exploiting now-patched vulnerabilities, some of which have never been tracked through the internationally recognized CVE system. After gaining unauthorized administrative control of the devices, the threat actor installs a public encryption key for access to the device through SSH. From then on, anyone with the private key can automatically log in to the device with administrative system rights.

Durable control

“‍The attacker’s access survives both reboots and firmware updates, giving them durable control over affected devices,” researchers from security firm GreyNoise reported Wednesday. “The attacker maintains long-term access without dropping malware or leaving obvious traces by chaining authentication bypasses, exploiting a known vulnerability, and abusing legitimate configuration features.”

Read full article

Comments

From Ars Technica - All content via this RSS feed

cross-posted from: https://rss.ponder.cat/post/193175

Thousands of home and small office routers manufactured by Asus are being infected with a stealthy backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said.

The unknown attackers gain access to the devices by exploiting now-patched vulnerabilities, some of which have never been tracked through the internationally recognized CVE system. After gaining unauthorized administrative control of the devices, the threat actor installs a public encryption key for access to the device through SSH. From then on, anyone with the private key can automatically log in to the device with administrative system rights.

Durable control

“‍The attacker’s access survives both reboots and firmware updates, giving them durable control over affected devices,” researchers from security firm GreyNoise reported Wednesday. “The attacker maintains long-term access without dropping malware or leaving obvious traces by chaining authentication bypasses, exploiting a known vulnerability, and abusing legitimate configuration features.”

Read full article

Comments

From Ars Technica - All content via this RSS feed

cross-posted from: https://programming.dev/post/31188988

cross-posted from: https://lemm.ee/post/65299000

Diesel engines fitted with illegal software to cheat pollution tests have caused 16,000 deaths in France since 2009, according to the first study to calculate the human cost of the "Dieselgate" scandal that exposed widespread fraud by car manufacturers.

Diesel engines fitted with illegal software to cheat pollution tests have caused 16,000 deaths in France since 2009, according to the first study to calculate the human cost of the "Dieselgate" scandal that exposed widespread fraud by car manufacturers.