noevidenz

joined 1 year ago
[–] noevidenz@infosec.pub 7 points 4 months ago

Exactly. They've brought up nuclear because they're desperate to have some kind of energy policy, but one they know they'll never have to bring to fruition because that allows them to continue with coal and gas for as long as possible.

[–] noevidenz@infosec.pub 24 points 4 months ago (3 children)

The LNP doesn't have a legitimate interest in transitioning to nuclear power or they would've begun over the last decade or so that they were in power.

Instead they've proposed - now that they're in opposition - a technology which is banned at the Federal level and individually at the state level, because they know that gives them years of lead time before they ever have to begin the project.

On top of that, all of the proposed sites are owned by companies who've already begun transitioning to renewable generation or renewable storage, and most of them are in states in which the state Premiers have publicly stated that they will not consider overturning their bans on nuclear power.

[–] noevidenz@infosec.pub 60 points 8 months ago (10 children)

There is currently no evidence of an RCE exploit in EAC, and EAC themselves as well as their owner, Epic, have both denied the existence of an RCE in their software.

There's a video from about a month ago in which ImperialHal and Genburten (on separate occasions) are in a match against the person named in the messages sent by the exploit on Genburten's machine.

It's possible that they were in contact with the hacker after that point and that he tricked them into downloading something they shouldn't have.

Otherwise, it's also possible that there is an exploit in Apex/Source that the hacker used. He may have been able to get their IP during the public match a month ago and then use it to target them during the competition.

Beyond what was seen during the competition, the hacker was also able to gift thousands of Apex packs to several players (seemingly without paying for them) and was able to get 40+ "bot" players into a single match and to all target an individual player. He also claimed to be able to open crates on another player's account. These other exploits seem to indicate that he has elevated access to both the server and to multiple APIs, but none of them indicate elevated access to user machines in general.