Interesting nugget in this story on the historic mass recall to replace 100,000 engines in Toyota trucks & Lexus SUVs: When Toyota first reported the problem to the government, the total # of vehicles hadn't been determined, but NHTSA's website required an "integer value" in the percentage of vehicles impacted field, but "1" also meant "unknown". [insert Do You Even UX Bro gif]
https://www.motortrend.com/news/toyota-engine-recall-tundra-pickup-lexus-lx-suv/
AWS in GovcCoud US-East _accidentally_ upgrading MySQL from 5.7.X to 8.X.
DevOpsBorat was right. Error is human, automatically upgrading a database fleet to a new major MySQL version is #devops .
No opportunity goes to waste ;-)
https://www.theverge.com/2024/7/26/24206719/microsoft-windows-changes-crowdstrike-kernel-driver
I just wrote some initial ramblings on my attempt to write a Rust based bootloader for Open Firmware/ppc64le
https://siliconislandblog.wordpress.com/2024/07/25/booting-with-rust-chapter-1/
I once had the pleasure of working with @mslaviero, and miss his smarts and wit. This blog post on how @ThinkstCanary architects for security is worth a read for many reasons - but the biting insight delivered with a chuckle is what Iām most enjoying.
https://blog.thinkst.com/2024/07/unfashionably-secure-why-we-use-isolated-vms.html
Gave a burst of new talks over the past week, including intros to (1) patents, (2) timing variations in crypto code, (3) modern tools to avoid bugs in rewriting snippets to run in constant time, and, on the more mathematical side, (4) cola cryptography: https://cr.yp.to/talks.html
Our UEFI support added in 3.5 continues to improve! 4.1 released last week adds TE support, platform types for SMM, PEI, and PPI and updates to EFI Resolver.
https://binary.ninja/2024/07/17/4.1-elysium.html#uefi-enhancements
And we're not done, keep an eye out for an in-progress blog post with more details.
New OpenSecurityTraining2 mini-class: "Debuggers 1102: Introductory Ghidra" https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg1102_IntroGhidra+2024_v2/about
Binarly's PKFail:
Yet another way that SecureBoot is broken. This time it's due to manufacturers like Acer, Dell, Gigabyte, Fujitsu, HP, Intel, Lenovo, and SuperMicro using test/public keys to secure the kingdom. (The Platform Key (PK))
https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem
Surely my no-name (Beelink) cheapo Chinese PC does the right thing, right?
Oh...
"DO NOT TRUST - AMI Test PK"
Nobody could possibly know what that could imply.
N O B O D Y
Cloud nerds will enjoy this. Cryptographer Tal Be'ery reverse engineered AWS session tokens and has a detailed write-up.
https://medium.com/@TalBeerySec/revealing-the-inner-structure-of-aws-session-tokens-a6c76469cba7
In June, we disclosed several vulnerabilities in the Deep Sea Electronics DSE855. Today, ZDI analyst @infosecdj provides his in-depth analysis of the bugs and their root causes. He includes the timeline for disclosure. https://www.zerodayinitiative.com/blog/2024/7/25/multiple-vulnerabilities-in-the-deep-sea-electronics-dse855
Running an ARM Linux machine but still want to do RE? Or maybe you're a sad apple silicon user who misses running native VMs you could use your regular tooling in. With Binary Ninja 4.1, our stable branch includes ARM Linux support!
https://binary.ninja/2024/07/17/4.1-elysium.html#linux-arm-builds
In the trenches, security and IT teams are the real heroes. The CrowdStrike incident crashed 8.5M Windows devices, and IT worked around the clock to restore systems. But did they get the recognition they deserved from leadership? Too often, their efforts go unnoticed while facing unrealistic expectations. As leaders, we must have their backs - publicly appreciate their work, ensure they have resources, and advocate for them to the C-suite. That's how we build resilient, high-performing teams.
Progress Telerik security advisories (edit: plural):
No mention of exploitation.
Why you should care about CVE-2024-6327: FIVE Telerik vulnerabilities are known exploited vulnerabilities, TWO specifically called Progress Telerik. One in particular, CVE-2019-18935, is a deserialization of untrusted data vulnerability. This is the same one exploited against the U.S. government last year as noted by CISA on 15 June 2023: Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers. Patch your Teleriks.
cc: @cR0w @tas50 @campuscodi