chmodxx

05/17/2019

For everyone asking about WhatsApp.

⚠️⚠️ Should I be worried about the WhatsApp vulnerability!?⠀
⠀
No. But also yes.⠀
⠀
So, here's the thing: even if you haven't updated to the patched version...⠀
⠀
# # # Vulnerable WhatsApp Versions # # #⠀
Android < v2.19.134⠀
iOS < v2.19.51⠀
⠀
# # # Vulnerable WhatsApp Business Versions # # #⠀
Android < v2.19.44⠀
iOS < v2.19.51⠀
⠀
You're still safe. Facebook has you covered. Although they've pushed out a patch for the client, the actual vulnerability (which allowed attackers to run arbitrary code and was used to install surveillanceware on target device(s)) was fixed server-side -- so even if you haven't updated yet, you're good. ⠀
⠀
Should you bother with updating to the newest version? Well, yeah. Facebook recommends it for a reason - they found a bug, they fixed it. It's always best to use the most recent version of an app (well...I mean, there are times where new versions are way worse than the old...but typically with *security* updates, new versions > old versions). The thing that's important to remember, though, is that the *vulnerability cannot be exploited now anyways*. So, you can rest easy.⠀
⠀
Now, why the "yes”? I think for many this is a wake-up call to the possibility of serious mobile device exploits and the prevalence of malware in the wild. There are websites that will pay hackers literal MILLIONS of dollars for 0-day exploits. There are hackers and companies that bundle these exploits with malware that is sold to third-parties. This stuff really does happen. Example: Pegasus.⠀
⠀
So, be vigilant: keep your devices up-to-date. You can't guard against 0-days, but many malware authors still exploit known vulns to gain access to sensitive information (just like 'PC' malware authors do, or ANY hackers). If for some reason you need to root your device...remember that you're basically giving other applications unrestricted access to your data. ⠀
⠀
⠀
❓🔐 Have you updated your version of WhatsApp yet? Let me know in the comments. ⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

05/17/2019

⚠️⚠️ Should I be worried about the WhatsApp vulnerability!?⠀
⠀
No. But also yes.⠀
⠀
So, here's the thing: even if you haven't updated to the patched version...⠀
⠀
# # # Vulnerable WhatsApp Versions # # #⠀
Android < v2.19.134⠀
iOS < v2.19.51⠀
⠀
# # # Vulnerable WhatsApp Business Versions # # #⠀
Android < v2.19.44⠀
iOS < v2.19.51⠀
⠀
You're still safe. Facebook has you covered. Although they've pushed out a patch for the client, the actual vulnerability (which allowed attackers to run arbitrary code and was used to install surveillanceware on target device(s)) was fixed server-side -- so even if you haven't updated yet, you're good. ⠀
⠀
Should you bother with updating to the newest version? Well, yeah. Facebook recommends it for a reason - they found a bug, they fixed it. It's always best to use the most recent version of an app (well...I mean, there are times where new versions are way worse than the old...but typically with *security* updates, new versions > old versions). The thing that's important to remember, though, is that the *vulnerability cannot be exploited now anyways*. So, you can rest easy.⠀
⠀
Now, why the "yes”? I think for many this is a wake-up call to the possibility of serious mobile device exploits and the prevalence of malware in the wild. There are websites that will pay hackers literal MILLIONS of dollars for 0-day exploits. There are hackers and companies that bundle these exploits with malware that is sold to third-parties. This stuff really does happen. Example: Pegasus.⠀
⠀
So, be vigilant: keep your devices up-to-date. You can't guard against 0-days, but many malware authors still exploit known vulns to gain access to sensitive information (just like 'PC' malware authors do, or ANY hackers). If for some reason you need to root your device...remember that you're basically giving other applications unrestricted access to your data. ⠀
⠀
⠀
❓🔐 Have you updated your version of WhatsApp yet? Let me know in the comments. ⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

03/14/2019

Spending the weekend battling sketchy adware with a debugger is much more enjoyable when you love the space you’re in. ⠀
⠀
I’ve changed my office set-up to have my desk closer to the window and sunlights so that I have more natural light while I’m working. I can’t believe what a difference that has made to my energy level! ⠀
⠀
What do you do to boost your productivity? ⠀
Ps. Yes, that is a streaming we**am. Stay tuned 😉
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

02/22/2019

Only 1 week(ish) until and my workshop on reversing surveillanceware 😱 Can’t wait to walk through some cool malware techniques and share my favourite tools and resources!⠀
⠀
90% of the security books I buy are from . You’ve heard me talk about them before— many times! They’re not only a phenomenal independent publisher, but they also work closely with the community and make the materials they publish accessible through frequent sales, discounted pre-release items and their HumbleBundles on tech books. 🖤⠀
⠀
They’re currently hosting a giveaway on Reddit at r/NoStarchPress where you can win some pretty awesome swag. ⠀
⠀
My favourite titles published are:⠀
- Android Security Internals⠀
- Practical Packet Analysis⠀
- IDA Pro Book⠀
- Malware Data Science⠀
- Grey Hat Python⠀
- Linux Basics for Hackers⠀
- Automate the Boring Stuff⠀
- Real-World Bug Hunting⠀
- Cracking Codes with Python⠀
- Practical Malware Analysis⠀
⠀
I highly recommend any and all of these! ⠀
⠀
Plus, you get a free eBook with your print copy, which I take with me on my iPad when I travel 🤓⠀
⠀
Do you have any NoStarch books you rely on? Or from another publisher? LMK 📚 ⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

02/05/2019

Working on a script to “decrypt” Chinese characters to reveal a C2 server & catching up on episodes of ’s podcast (hosted by .makuch). ⠀
⠀
⠀
On days when I don’t have meetings and am able to work from home, I find my productivity increases 10-fold. Putting my commuting time toward additional work time is incredibly valuable, and — especially in the middle of winter — has me feeling MUCH less tired than when I have to spend time standing in -15degC weather waiting for a streetcar that packs its passengers like sardines 💁🏻‍♀️⠀
⠀
⠀
Do you ever work from home? Do you find you are more or less productive?⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

02/04/2019

Late night threat hunting.⠀
⠀
Threat hunting is such an important part of research, but it's not always easy to make time for it. Especially when there are SO. MANY. RESOURCES. and you can often chase a lead to absolutely nowhere.⠀
⠀
But, if you just want to make sure that you keep up with "malware current events", and see what threats other people are talking about, using keyword alerts in Google & in is incredibly helpful. I have multiple keyword alerts set for the categories I'm most interested in (eg. android+malware) and I set these keyword alerts in multiple languages (since people don't just blog about malware in English).Most often, the results you get are for blogs describing malware found and covered. But sometimes you can see some interesting discussions about applications that are behaving strangely, and that can lead to a fun rabbit hole of figuring out whether the noted application is actually malicious.⠀
⠀
⠀
⠀
⠀
⠀
⠀

01/31/2019

Mental illness has been stigmatized for so many years, for reasons I do not understand. We treat physical illnesses as worthy of federal funding (in some countries) and sympathy, and yet treat *mental* illness as weakness and somehow shameful. ⠀
⠀
⠀
Why?⠀
⠀
⠀
The number of individuals that experience mental illness — or are affected by it — in their lifetime is staggeringly high. Often, the way it is portrayed in the media is sensationalized and inaccurate. Borderline Personality Disorder is not best portrayed by Glenn Close in Fatal Attraction 🙄 Depression doesn’t always present in the ways we’ve seen on teen soap operas. Those you’d not expect to be affected by mental health challenges often are. ⠀
⠀
⠀
⠀
Most people who learn about my anxiety disorder laugh and assume I’m kidding. I have no problem speaking to a crowded conference hall, but my partner has witnessed (many) panic attacks while en route to a party where I don’t know anyone. I have spent the first week of a new job crying in the bathroom stall at lunch, convinced I was a complete fraud and that everyone had already seen how incompetent I was. I’ve struggled with depression and my anxiety manifests in multiple ways; sometimes it teams up with obsessive compulsive disorder. I used to struggle to accept my diagnoses, but I’ve learned (with the help of some phenomenal therapists) to see the beauty in the ways my brain is a little different. And I’ve learned that getting help for your mind is no different than getting help for any other part of your body. ⠀
⠀
⠀
⠀
Therapy is no more shameful than a trip to a family doctor to treat the flu. Medication for your anxiety disorder or personality disorder, depression, or any other mental health challenge is no different from medication prescribed to treat a physical illness. ⠀
⠀
⠀
⠀
As says, “mental health IS health.”⠀
⠀
⠀
⠀
If you’re struggling, please don’t be afraid to talk to someone. You are not alone, you are strong & you are worth it. ♥️ ⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

01/30/2019

What are your favourite resources for continued learning?⠀
⠀
Lately I've been spending a decent amount of time reading research papers from graduate students and analysts. Sites like ResearchGate or the SANS Reading Room are full of whitepapers on a wide range of topics. ⠀
⠀
Twitter, surprisingly enough, is also a fantastic resource for finding great learning resources: researchers, for example, regularly share blog posts & industry news.Unfortunately, so many malware books are out of date. Still useful, but...dated. So, it's important to look at less "static" sources for professional development and growth.I also have a Feedly keyword search set up to trigger notifications for certain posts that may be relevant to my work. Google keyword alerts are great for this, too. ⠀
⠀
⠀
⠀
⠀
⠀
⠀

01/29/2019

Malware x Manicures⠀
⠀
⠀
I get asked about my nails surprisingly often for someone who primarily blogs about and 💁🏻‍♀️Quite literally every nail polish you see in my photos & stories is from Live Love Polish. They're by far my favourite brand: , gorgeous colours & affordable. They also debuted a collection in 2018 to support homeless cats in NYC, which is a cause very near and dear to my heart (so I obviously bought that collection). They were kind enough to send me their latest collection: the Japanese Art collection. I'm wearing the temperature reactive polish, UMI, from that collection in this photo. (Swipe to see the rest of the colours in this collection) Please note, however, that I have purchased 22 (!!) products from them in the last 6 months, so this isn't a phoney promo post. They're amazing. And they're also having a ridiculous sale on right now for up to 50% off. 💅🏻 ⠀
⠀
⠀
NOW, on to ! This is a fantastic tool for analyzing any requests mobile applications are attempting to make. I use it daily for determining what (potentially) sketchy requests a malicious app may be sending to its C2 server, and analyzing and requests it receives. It's easy to set up, and far less troublesome than setting up a proxy listener for your mobile device (although that's a handy tool, too). You just install it on your red phone (aka. the device you fill with malware) from Google Play. Your device doesn’t even need to be rooted!
⠀
You can also easily grab the pcap files from your device using adb, transfer them to your computer, and analyze them with 🦈⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
@ Toronto, Ontario

01/23/2019

📚 Reading List! 📚 ⠀
⠀
I get asked at least once a day which books I’d recommend for those interested in different areas of . These are some of my favourites separated by category 🖤⠀
⠀
Check out the list by visiting my blog: https://chmodxx.net/reading-list ⠀
⠀
Let me know which ones you think I’m missing! I’m sure there are at least a few 🤓⠀
⠀
Happy Reading! 🎉🌈⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

01/21/2019

Getting started with ’s module on Incident Handling. ⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀
⠀

01/21/2019

Excited to be speaking at BSidesSF this year!

View more about this event at BSidesSF 2019