We found our first #Y2K38 bug today, in #Keycloak‘s Client credential rotation feature. https://github.com/keycloak/keycloak/issues/35104

Will probably not be the last one - the runup to 2038 will be interesting.

HOPE XV videos just dropped on YouTube! https://www.youtube.com/channel2600

#CISA has been doing a really good job promoting sensical #infosec practices over the last few years.

I'm not looking forward to the change in direction that Jen Easterly's departure and whatever ghastly appointees the new administration comes up with will mean.

https://www.nextgov.com/people/2024/11/cisa-director-jen-easterly-depart-inauguration-day/401036/

Update on Recall security and privacy architecture | Windows Experience Blog
https://blogs.windows.com/windowsexperience/2024/09/27/update-on-recall-security-and-privacy-architecture/

Previewing Recall with Click to Do on Copilot+ PCs with Windows Insiders in the Dev Channel
https://blogs.windows.com/windows-insider/2024/11/22/previewing-recall-with-click-to-do-on-copilot-pcs-with-windows-insiders-in-the-dev-channel/

Here we go again...

Trellix: When Guardians Become Predators: How Malware Corrupts the Protectors
A malware campaign drops a legitimate Avast Anti-Rootkit driver (BYOVD) to terminate security processes, disable protective software, and seize control of the infected system. Indicators of compromise provided.

#byovd #avast #ioc #threatintel #infosec #cybersecurity #cyberthreatintelligence #cti

Oh hooooo: Advent of Radare2

https://www.radare.org/advent/

#me-all-ears #radare2 cc: @radareorg

In an ideal world for reverse engineering, every function would have a name, and every variable would be correctly typed. Take a step towards that world, learn to build your own custom Ghidra Data Types in my latest post: https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-creating-custom-gdts-from-windows-headers-part-2-39b8121e1d82

Kudos to the person who registered exmaple.com.

here at macrosoft we offer only the most bloated software for your SSD to fight for its life over. Because it’s not as funny when your PC isn’t on the verge of bursting into flames when it boots

OZZ: Identifying Kernel Out-of-Order Concurrency Bugs
with In-Vivo Memory Access Reordering

https://dl.acm.org/doi/pdf/10.1145/3694715.3695944

/via exploits.club

[RSS] Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x

https://www.assetnote.io/resources/research/leveraging-an-order-of-operations-bug-to-achieve-rce-in-sitecore-8-x---10-x

the c2.com wiki (the very first wiki) now requires javascript to render. the web i knew is dead

What's your favorite file format challenge / trick / bug / surprise / work / art ?
Bonus point if it's underrated or obscure!

Extremely vulnerable blinky boxes are viable business because shit like this:

If you want debug logs from Squid you are expected to supply *pairs of numbers* in the config for debug section and level. The manual says:

"We take great pains to keep debug sections consistent across releases." -> meaning they aren't...

https://wiki.squid-cache.org/KnowledgeBase/DebugSections

#FOSS

Happy 37th anniversary of the Max Headroom Incident, to those who celebrate.

#Adobe released a surprise update for InDesign that addresses a single OOB Read reported by ZDI security researcher Mat Powell. It's not under active attack, so it's odd to see it released outside of Patch Tuesday. https://helpx.adobe.com/security/products/indesign/apsb24-91.html

  

New Project Zero issue:

Linux >=6.6: race between mremap (move_normal_pmd) and MADVISE_COLLAPSE (retract_page_tables)

https://project-zero.issues.chromium.org/issues/371047675

CVE-2024-50066

Yeah this should be totally obvious... /s

https://discuss.kotlinlang.org/t/kotlin-sublass-constructors-do-not-inherit-default-parameter-values/27936

#kotlin