Category Archives: General

Apple Delays CSAM Detection Plans

Before, we posted about Apple’s CSAM detection plans and worries about this process of customers that it could be weaponized against users’ privacy. Apple now temporarily pausing the process because of these worries of the customers.

Apple announced this delay on its Child Safety website as; “Update as of September 3, 2021: Previously we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them and to help limit the spread of Child Sexual Abuse Material. Based on feedback from customers, advocacy groups, researchers, and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features.

CSAM detection was one of new features that Apple announced in August. Normally, the changes were planned to go live with iOS 15 and macOS Monterey later this year in US. Despite the delay, it seems like the company has not given up on its plan. The date of going live of CSAM detection is not yet known.

How to Download Windows 11 ISO

Windows 11 was made available for users with Insider. Microsoft released the Windows 11 ISO file for test users today.

To test Windows 11 with the Insider program, users had to update from Windows 10 build 21354. Windows 11, which is still in beta, has finally been released. It is expected that the new version will be available to all users by the end of this year.

How to download ISO

  • Click here and login with the insider account.
  • Choose “Windows 11 Insider Preview (Beta Channel) 22000.132
  • You can use this downloaded ISO file on your virtual environment or to create a bootable USB

*Please do not trust to any third party download sites and download the file from Microsoft’s site.

Requirements

This new operating system may not work on all systems, so it is important to check the requirements for Windows 11.

  • Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC).
  • RAM: 4 gigabytes (GB) or greater.
  • Storage: 64 GB* or greater available storage is required to install Windows 11.
    • Additional storage space might be required to download updates and enable specific features.
  • Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver.
  • System firmware: UEFI, Secure Boot capable.
  • TPM: Trusted Platform Module (TPM) version 2.0.
  • Display: High definition (720p) display, 9″ or greater monitor, 8 bits per color channel.
  • Internet connection: Internet connectivity is necessary to perform updates, and to download and use some features.
    • Windows 11 Home edition requires an Internet connection and a Microsoft Account to complete device setup on first use.

Please visit here for more information about the requirements.

AT&T Data Breach?

ShinyHunters claiming that they have the database of AT&T including sensitive information of more than 70 million customers. With a post they shared, threat actors demand 200k$ for this database. They shared this post a few days after a threat actor sold information about T-Mobile customers. T-Mobile has confirmed the data breach, however a relationship between these two events has not yet been determined.

According to the example records that ShinyHunters shared, database is including these information of the customers;

  • Name and surname
  • Addresses
  • Postal code
  • Birthday
  • e-mail addresses
  • Social security numbers

AT&T claimed that the aforementioned information is not related with their systems and refused the breach.

Both AT&T and T-Mobile, have been marred by several security incidents in the recent past.

CSAM Detection on Apple Devices and Privacy

Apple announced new features for limiting the spread of Child Sexual Abuse Material (CSAM) in the U.S. “The Messages app will use on-device machine learning to warn about sensitive content, while keeping private communications unreadable by Apple” says Apple.

Source: https://www.apple.com/child-safety/

New Features Against CSAM

Apple is introducing new child safety features in three areas. First, as we told upper, is an on-device machine learning used in Messages app. The Messages app will inform parents and also children when receiving or sending sexual explicitly photos.

The other feature is against spreading CSAM online. “To help address this, new technology in iOS and iPadOS will allow Apple to detect known CSAM images stored in iCloud Photos. This will enable Apple to report these instances to the National Center for Missing and Exploited Children (NCMEC)” says Apple. Apple claims that this feature is designed with user privacy in mind. With this feature, system performs an on-device scan with a hash database of known CSAM materials provided by NCMEC and other child safety organizations.

With another technology called threshold secret sharing, if a user’s account crosses a threshold of known child abuse imagery, the cryptographic technology allow Apple to interpret the contents and disables the user’s account.

What About Privacy?

After the announcement, Edward Snowden tweeted “if they can scan for kiddie porn today, they can scan for anything tomorrow.” Also researchers claim that Apple create a backdoor on its devices and Messages app will no longer provide end-to-end encryption.

The changes apple announced are extremely disappointing. As Edward Snowden said, if they can scan photos today, it means they can scan anything one day and this situation showing us privacy for users will be much more difficult day by day.

The Newest Ransomware: Epsilon Red

Sophos announced that analysts uncovered a new ransomware – called Epsilon Red – that developed in Go programming language. The code is placed in PowerShell script.

This malicious file is written in Go programming language and a 64-bit executable file. It is said that spreading in systems by exploiting security vulnerabilities in Microsoft Exchange servers. It is using vulnerabilities like CVE-2020-1472, CVE-2021-26855 and CVE-2021-27065 that recently discovered Microsoft Exchange servers vulnerabilities. Epsilon Red ransomware scans files and encrypts for ransom when it reach to the target systems. It seems like still there are more than three thousand exchange servers that including these vulnerabilities and this shows us Epsilon Red attacks would be more painful.

According to Sophos, Epsilon Red has been seen in hospitality industry in USA mostly, and it seems like one of their victims paid 4.29 BTC after being affected.

For not being affected, organizations should keep the applications up to date and detect these IoCs below to prevent this attack. Also you can read our short post about prevention agains ransomwares.

Domain:

epsilons.red

Hash:

57ee78299598170c766ff73cefca9e78b9b81ac6999e8adb61903bc89be313ba

ce5ba1e5d70d95d52b89a1b8278ff8dd4d1e25c38c90ca202b43bdc014795d78

699ffb898864bf804cf726f39b5e8168d55e44fc1584b71ba25e31b43ae543e8

35ffc1263005fd0a954deed20a7fb0cd53dbab6bb17ff8bd34559a5a124686c7

7259975d7e3b3d9d059a38f4393ab920764b46ca243e192e08f7699999382e07

172bbf46e5f46dd7a9ea0c22054b644f60efc3a9ad26a6f0e95ca57e38af60a7

9845619cb9c3612055a934c4270568391832eab40a66dbb22b1b37fa05559c92

5120998fa1482d4d0d0099d91aab2af647c0272819d7dcf792eec01c77ab9391

4d6272aeadf7fc131ac126dc07d7bfd2e878d359e5e7bb5376a67295ce05fc15

0794c8630f40f04c0e7cea40f11dc3f1a829a3be69852fe9e184aa8b7ed20797

7a8128f8788524e54a69619b69870dfd4c50db46e3eb786899f7275dab73d2d9

4eaf5e93953756bc2196bfcfb030b6eaad687fa1e8db9f47b09819f3b4315230

a9a6d35469e471666758ed5d1174edc5b650c0acb2c351213eadfb408f74bdcb

039da6b099303fdfd087bb7df94012780dfe375c67234ce495c78cf2dcf7fd9d

ee10f3a798aaa03f4ced2ddb28d2b36fe415ea2cbbd9c3b97b2a230a72d77f5c

5aa7de7eab570522c93d337d395396057033ad6596db4a0bda15d77a6d4c6c3a

84755b2177b72364918f18c62a23854e7a8a66c4f5005cc040357850adf9d811

c1f963aba616680e611601e446955e9552c69db23dabab8444718d82ad830029

8c294f1ef05df823460bd11ce34ea7860178de6bc3d9b0127a3b9c08cf62437f

Cannot See Tkinter Image in Window

While using PhotoImage object in Tkinter, the reference must be held. Tkinter does not handle references to the objects truly. If you do not use your own reference, Tkinter just makes the image transparent, just a blank screen.

As an example;

When we write the code without the reference like;

My “caution.gif” seems like;

But only with a line that keeping a reference to the Tkinter object;

Now I can see my “caution.gif” 😊✌

Face-swap During Remote Meetings with Zoom and Skype

Especially with the very different situations we live than usual in recent months – quarantine since corona and widespread of remote works, most of the working days are passing with remote meetings. Zoom, Skype or others are now an indispensable part of our life now. When this happens, there is also an increase in news about the vulnerabilities in these applications. This is something different about usage of these applications I am writing about.

Avatarify is a program that superimposes someone else’s face onto yours, during video conference meetings, in real-time. This program is accessible for free now on Github. This program can swap faces without the need of several photos, while compared to other applications. It also provides different avatars with only one click.