Olivia
Online
JSOF Cyber Security
@JSOF18
JSOF is a boutique cyber consultancy and project firm. We are cyber security experts
Joined January 2020
534 Following
806 Followers
250 Posts
Pinned Tweet
We are releasing Dnspooq - 7 vulnerabilities in dnsmasq, and open source DNS forwarder used in major Linux distributions and by dozens of vendors
https://t.co/IGUcbozn3A
I found some design and implementation flaws in Wi-Fi again. All Wi-Fi devices are affected. It was a long ~9 months embargo, over this time a lot of info has been collected and that info now available at https://t.co/nAQtK9XY0R
Forescout & @JSOF18 research disclose NAME:WRECK - 9 new DNS #vulnerabilities affecting popular TCP/IP stacks used in millions of #IoT #OT & IT devices. https://t.co/gHdtXLA5qj
#NAMEWRECK
@campuscodi Attackers can't use vulnerabilities if your systems simply don't work. Good security engineering by the government!
Who to follow
Moshe Kol
@0xkol
Security Researcher. Android Vulnerability Research Architect at Paragon.
Anurag Sen
@hak1mlukha
| Security Researcher | | Privacy is a Myth |
| Secured 205+ Companies & Data Leaks |
pfiatde
@pfiatde
"Every machine is a smoke Machine if you operate it wrong enough"
RedTeamer by day, sleeping at night!
https://t.co/ZcTfWHeGZO
As part of Project Memoria we're releasing a report together with @JSOF18 on several DNS vulnerabilities in popular TCP/IP stacks (FreeBSD, NetX, Nucleus NET, ...), including a breakdown of underlying anti-patterns (hint: check your message compression).
https://t.co/6rn5M9N8sl
Announcing the latest research by @JSOF18 and @Forescout
Great coverage by @campuscodi as always.
#NameWreck #IoT #Cyber
Forescout and JSOF Disclose New DNS Vulnerabilities, Impacting Millions of Enterprise and Consumer Devices - Forescout https://t.co/G6c1DBJv1O
@brakesec Thanks for sharing!
Were there just 3 RCEs in ipv4 ipv6 and DNS on windows?
The Qualys Research Team has discovered a critical vulnerability in #Sudo, which allows an unprivileged user to gain root privileges in its default configuration. #linux #unix #vulnerability https://t.co/JUAo8ULMu7
@knqyf263 We Love your writeup and poc. We are an independent consulting and research company based in Israel, and are not related to the NXNS attack.
@blackorbird Nice PoC! We’re glad our whitepaper is detailed enough to help in get out an independent PoC so fast.
The #Dnspooq graphic design award goes to @BleepinComputer !
P.S. upgrade your dnsmasq to version 2.83 or above
@eqhmcow @vijaycert @ICSCERT @certcc It was part of a different research project actually, not a specific target selection. The results of the original project will be published sometime soon. As separate a rule of thumb - clients tend to be less audited than servers, not always justified.
Shout out to multiple vendors @cisco @google @The_Pi_Hole @RedHat to resolve @dnsmasq vulnerabilities. Thanks to @GitHubSecurity for GHSA platform and to @JSOF18 for responsible vulnerability disclosure!
Supply chain issues affect Open Source Software too. Dnsmasq is extremely popular (and for a good reason!) and so the vulnerabilities affect dozens of vendors and many major Linux distributions.
Researchers have found set of flaws allowing for DNS cache-poisoning attacks (also known as DNS spoofing)
DNSpooq is a series of vulnerabilities found in the ubiquitous open-source software dnsmasq, demonstrating that DNS is still insecure
➡️https://t.co/0WXVPhKk9M
#DNSpooq
Some recommended workarounds for #dnspooq if you can't upgrade your device. Configuring your devices to directly query a trusted DNS server would also be helpful.
@serghei JSOF advises updating the Dnsmasq software to the latest version (2.83 or later) to fully mitigate DNSpooq attacks.
A list of (partial) workarounds is also available:
@maddiestone So, In context of found in-the-wild exploitation the term probably applies to any actor as you defined. It is also used otherwise for how attackers might use N-days and be no less sophisticated.
@maddiestone That is very impressive and interesting. There are also thousands of vulns reported yearly(many low-value ofc). Clearly those 24 are attributed to “sophisticated attackers”, at the same time, they can also do more than others with all the other vulns if/when not patched.
@maddiestone As in “a sophisticated attacker could use this vulnerability like that” is probably a more common phrase than “a sophisticated attacker can find &exploit a chain of vulnerabilities in this product”
@maddiestone Is the term “sophisticated attacker” widely used when discussing 0-days? It’s often used when discussing recently disclosed 1-days. If an attacker uses a true 0-day then nobody knows or can talk about that specific vuln (except for google TAG:)
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers