My Shared Links — Week 41/2022

Xavier «X» Santolaria
4 min readOct 17, 2022

Collection of the resources and links I have found insightful and shared during week #41 of 2022.

Photo by Lewis Kang'ethe Ngugi on Unsplash

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems.

Written in GoLang, Alchimist is complemented by a beacon implant called Insekt, which comes with remote access features that can be instrumented by the C2 server.

Microsoft, an IBM Security Services strategic partner

IBM and Microsoft have formed a strategic alliance to help organizations achieve holistic enterprise-wide threat management. IBM’s aligned security solutions enable confidence to accelerate migration, modernization, and business transformation using #Azure cloud.

What You Should Know About the Honda Key Fob Vulnerability

The key fob attack impacting Honda vehicles is known as the Rolling-PWN. Rolling codes are used to avoid replay attacks, which are man-in-the-middle attacks that are intercepted and re-transmitted as if they are authentic codes.

The attack exploits a vulnerability in #authentication code transmitted wirelessly between the fob and the vehicle. Whenever the fob button is pressed, there is an increase in rolling codes that are synchronizing. Honda vehicles don’t need the exact codes — instead, the rolling codes fall into a window of codes.

My Shared Links — Week 46/2022

My Shared Links — Week 03/2023

My Shared Links — Week 02/2023

My Shared Links — Week 01/2023

My Shared Links — Week 52/2022

My Shared Links — Week 51/2022

My Shared Links — Week 50/2022

My Shared Links — Week 49/2022

My Shared Links — Week 48/2022

My Shared Links — Week 47/2022

Xavier «X» Santolaria

Cloud Security | IBM Inventor | IBM AoT Member | Open Source Advocate | ex-OpenBSD | https://infosec.exchange/@0x58 | https://0x58.substack.com