Archive

Fixing Things A Bit At A Time

jacek-dylag--DvXRvsxagg-unsplash
22 April 2024
Justin Warren
Subscriber Only
ASML
Change Healthcare
Palo Alto Networks
Chirp Systems
Discord
Redis Labs
Open Home Foundation
Star Casino
Percona
AWS
Redis
VMware
Broadcom
Micron
Microsoft
Azure
DevOps
open source
chipwars
CHIPS Act
ssh
matrix
Valkey
Home Assistant
GlobalProtect
Humane AI
Neltris
wtf
Things to note

A bunch of Chirp Systems ‘smart’ locks have hard-coded credentials which lets an attacker open all of them. Apparently the company is basically ignoring the problem, and everyone who is trying to get them to do anything about it. If only someone had warned everyone smart locks were a bad idea.

The Change Healthcare data breach got worse, with an extortion group posting a sample of what looks like authentic data from the breach. Patient data, insurance records, contracts with Change Healthcare and partners, all sorts of stuff. Weird how this keeps happening. I wonder if there’s some kind of systemic problem that needs to be addressed?

A quite interesting write-up of a Windows security flaw dubbed BatBadBut. It’s essentially a combination of input sanitisation and shell command execution but with some interesting wrinkles because of how Windows does things.

Subscriber Only Content

This content is only available to PivotNine subscribers.

Contact sales today to learn more about our subscription services.

Apply Now

Already a subscriber? Log in to view the rest of this content.