Is there a recommended #AirDrop equivalent for #Windows PCs? I'm sick of having to mess about with opaque network file share settings and permissions and folder settings and UAC prompts and rebooting because account credentials were cached and unspecified error 80004005 every time I just want to move a couple of files from one to another once in a blue moon. Copying files to and from a USB flash drive shouldn't be the quicker option for two networked computers owned by me in the same house.
In 2019, security researchers reported that an #Airdrop bug allowed attackers to reveal sender information. However, #Apple left the vulnerability in place.
Instead, use an encrypted messenger service like Signal.
I found a free and open source alternative to AirDrop called LocalSend! It works with Windows, macOS, Android, and even Linux! Join me as I test it on every platform and see if I can transfer a file to every platform using this app!
The airdrops contribute “to ongoing #US govt efforts to provide life-saving #humanitarian assistance to the people in #Gaza,” the stmnt said. “We are conducting planning for potential follow-on airborne #aid delivery missions.”
3 #USAF cargo planes airdropped 66 pallets over SW Gaza, acc/to a US ofcl. The pallets contained 38k MREs.
“Innocent people got caught in a terrible #war unable to feed their families, & you saw the response when they tried to get aid in. & we need to do more, & the #UnitedStates will do more,” #Biden said before meeting w/PM #GiorgiaMeloni of #Italy.
Biden said that the US would work w/ #Jordan, which has been at the forefront of #airdrop efforts to #Gaza, as well as other #allies to deliver #aid by air & that supplies could, eventually, also be delivered by sea.
There should be an open, universal standard/specification like USB, WiFi or Bluetooth, but for wireless data transfer (basically AirDrop, but for everyone).
If this gets released, it should work on #iOS too otherwise it's pointless. I'm tired of hearing #Apple users complaining about their struggles to share files (mostly images) to #Android users - which often requires #Telegram cos I guess you could send pics uncompressed there (easily).
I respect the EU tryna open up #iMessage or whatever but can they tackle #AirDrop first since #Google's efforts to implement this has either been non-existent or shitty af. All I know is there should be an easy way for devices regardless of platforms to share files wirelessly, reliably.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #02/2024 is out! It includes the following and much more:
➝ 🔓 🎽 Halara probes breach after hacker leaks data for 950,000 people
➝ 🔓 💥 #Mandiant's X Account Was Hacked Using Brute-Force Attack
➝ 🔓 🇵🇾 #Paraguay warns of Black Hunt #ransomware attacks after Tigo Business #breach
➝ 🇺🇸 💸 US SEC’s X account hacked to announce fake #Bitcoin ETF approval
➝ 🔓 🇨🇦 Toronto Zoo: Ransomware attack had no impact on animal #wellbeing
➝ 🔓 Mortgage firm loanDepot #cyberattack impacts IT systems, payment portal
➝ 🇫🇮 💸 #Finland warns of Akira ransomware wiping NAS and tape #backup devices
➝ 🇩🇰 🇷🇺 #Sandworm probably wasn’t behind Danish critical infrastructure cyberattack, report says
➝ 🇺🇦 🇷🇺 Pro-Ukraine hackers breach Russian ISP in revenge for #KyivStar attack
➝ 🇫🇷 🇺🇸 French Computer Hacker Jailed in US
➝ 🇳🇬 ⚖️ Nigerian gets 10 years for laundering millions stolen from elderly
➝ 🇹🇷 Turkish Hackers Exploiting Poorly Secured #MSSQL Servers Across the Globe
➝ 🇹🇷 🇳🇱 Turkish #Cyberspies Targeting Netherlands
➝ ☁️ 🇪🇺 #Microsoft Lets Cloud Users Keep Personal Data Within #Europe to Ease #Privacy Fears
➝ 🇺🇸 🇨🇳 #AI is helping US spies catch stealthy Chinese hacking ops, #NSA official says
➝ 🇱🇧 ✈️ Beirut Airport Screens Hacked with Anti-Hezbollah Message
➝ 🇸🇦 Saudi Ministry exposed sensitive data for 15 months
➝ 🇬🇷 #Greece to Establish New Authority to Counter Cyber-Attacks
➝ 🩹 #Siemens, #SchneiderElectric Release First #ICS Patch Tuesday Advisories of 2024
➝ 🐍 ☁️ New #Python-based FBot Hacking Toolkit Aims at #Cloud and #SaaS Platforms
➝ 🦠 📺 #YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
➝ 🦠 🐧 #Linux devices are under attack by a never-before-seen worm
➝ 🦠 🇳🇱 Dutch Engineer Used Water Pump to Get Billion-Dollar #Stuxnet#Malware Into Iranian Nuclear Facility
➝ 🐡 🔐 DSA removal from #OpenSSH
➝ 🩹 #PatchTuesday
➝ 🐛 🔓 Actively exploited 0-days in #Ivanti VPN are letting hackers #backdoor networks
➝ 🔓 🔧 Hackers can infect network-connected wrenches to install ransomware
➝ 🇨🇳 🔓 #AirDrop cracked by #China, revealing phone number and email address of sender
➝ 🩹 #QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
➝ 🐛 🔓 KyberSlash attacks put #quantum#encryption projects at risk
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
I know it sounds outlandish, but I stumbled across the currently-exploited AirDrop vulnerability in 2016 or so, and tried to contact Apple about it, but couldn't get any traction. I couldn't claim bug bounty without an incredible amount of BTLE hardware work I wasn't familiar with to make a proof of concept. I feel less bad since other dedicated security researchers had the same experience in 2019.
Here's the only public post I made about it in a now-deleted tweet from 2018:
tl;dr: You should consider any time you’ve had AirDrop enabled to be blasting your phone number and email address to everyone around you, and any time you’ve had it in “contacts only” mode as being susceptible to a dedicated attacker who wants to retrieve your contacts list.
This was also the case before state actors started bragging about their ability to do it.
The only effective mitigation for these attacks until Apple redesigns the #AirDrop protocol is disabling AirDrop.
#Apple#Cybersecurity#China#AirDrop#Surveillance: "Security researchers warned Apple as early as 2019 about vulnerabilities in its AirDrop wireless sharing function that Chinese authorities claim they recently used to track down users of the feature, the researchers told CNN, in a case that experts say has sweeping implications for global privacy.
The Chinese government’s actions targeting a tool that Apple customers around the world use to share photos and documents — and Apple’s apparent inaction to address the flaws — revive longstanding concerns by US lawmakers and privacy advocates about Apple’s relationship with China and about authoritarian regimes’ ability to twist US tech products to their own ends.
AirDrop lets Apple users who are near each other share files using a proprietary mix of Bluetooth and other wireless connectivity without having to connect to the internet. The sharing feature has been used by pro-democracy activists in Hong Kong and the Chinese government has cracked down on the feature in response."
Excellent blog post by cryptographer Matthew Green, explaining the long-known issues with Apple’s AirDrop, how China can exploit them, the proper solution, and the unfortunate political reasons that might hinder Apple from implementing the proper solution.
B) Chinese officials are exploiting the unfixed #vulnerability in the Apple AirDrop reported by #tudarmstadt researches in 2021 (disclosed to Apple in 2019) (*)
If all #AppleID data is stored in government owned servers with state controlled encryption (1), and this data includes email address and phone number of the specific account, wouldn't this allow the state to calculate the #AirDrop contact identifiers (2) directly?
Talk about making it easy. No need to do bruteforcing or use rainbow tables.
Get a $GRASS AIRDROP
What is grass?...