https://www.usenix.org/conference/usenixsecurity24/presentation/schilling this looks like if viable for real world use, something that could make binary-only target thread sanitization checks possible. I love how accessible sanitizers are; they’re the gateway drug of llvm instrumentation. I am also looking forward to reading this~

https://www.usenix.org/conference/usenixsecurity24/presentation/feng-siyue taint analysis across traces to see how well patches did at fixing vulns, but with a fancy Bloom filter to see if a particular code path has been hit before (I look forward to reading this)

https://www.usenix.org/conference/usenixsecurity24/presentation/bulekov this hypervisor emulation and fuzzing tool also looks really interesting and I’m looking forward to trying it out

https://www.usenix.org/conference/usenixsecurity24/presentation/qi System-level emulation and instrumentation is generally slow, but there’s a neat insight into when instrumentation *isn’t* necessary and what basic blocks to not instrument for QEMU-based system-level concolic execution in this work!

https://www.usenix.org/conference/usenixsecurity24/presentation/schl%C3%BCter the threat model (not the written out one in the paper, which is seemingly to me at least somewhat disjoint from what I understand from what I am hearing) that underlies this work is interesting; it points out that blindly trusting the hypervisor as part of trusting the cloud provider may not be in the best interest of operators of a VM (or a confidential VM using a TEE)

Tired of using your own tongue to test 9V batteries???
👅👅👅🔋🔋🔋 ouch!

Honored and humbled to announce my latest product:

MSI motherboards susceptible to code execution & firmware implant - analysis of CVE-2024-36877 https://jjensn.com/at-home-in-your-firmware

Enjoy the old sch00l lulz:
Fuck You Ilfak - A IDA Pro 9.0 Beta 2 macOS x86 Fix Loader

https://github.com/gdbinit/fuckyouilfak

Microsoft fixed CVE-2024-38213 last Tuesday. It was discovered in the wild by ZDI threat hunter @gothburz. Today, he makes the details of the vulnerability and how it's being used by threat actors. https://www.zerodayinitiative.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections

Two days ago, NIST finalized three post-quantum cryptography standards. Today, we are announcing an open-source Rust implementation of one of these standards, SLH-DSA, now available in RustCrypto! https://blog.trailofbits.com/2024/08/15/we-wrote-the-code-and-the-code-won/

CISA: CISA Adds One Known Exploited Vulnerability to Catalog
Hot off the press! CISA adds CVE-2024-28986 (9.8 critical, disclosed 13 August 2024 by SolarWinds) SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability to the Known Exploited Vulnerabilities Catalog.

Note: There was no indication that CVE-2024-28986 was being exploited in the wild in the security advisory.

cc: @campuscodi h/t: @hrbrmstr

#CVE_2024_28986 #SolarWinds #vulnerability #eitw #activeexploitation #cisa #kev #KnownExploitedVulnerabilitiesCatalog

NEW: Every Pixel phone released since 2017 has a hidden Verizon app, "Showcase.apk," with deep system access that has an unpatched flaw. Google's response to the vulnerability caused Palantir to ditch Android altogether. @lhn has the scoop: https://www.wired.com/story/google-android-pixel-showcase-vulnerability/

@briankrebs
From the days when we were all burning optical media: DVDisaster

The idea: When you burn a disc that isn't completely full, any unused sectors are truly wasted. This app uses them for extra ECC data. Here are screenshots from when I gouged a CD with a key, and then subsequently read the data from the scratched disc, without a single bit lost.

It's a nice example of a simple app that solves a real-world problem.

the most recent hackerone issue was filed because the user googled "[another project] bug bounty program", clicked the first link (to #curl's bug-bounty) and entered an issue about a completely different project...

Long thread ahead about training a classifier of "good/batch matches" for #Diaphora.

So, the whole idea that I have been working on for quite some time already to try to, somehow, improve matching in Diaphora is the following: Train a model to better determine if a pair of functions in two binaries (ie, a match between a function A in binary X, and function B in binary Y) is correct or not.

Did someone already create a tarpit that targets the AI scraping bots?

Just learned that in French cybersecurity threats are called "cybermenace" and I will only be using this term from now on

Mixing watering hole attacks with history leak via CSS https://adepts.of0x.cc/css-history-leaks/

I’m in shock

So the Department of Energy emailed me

https://daniel.haxx.se/blog/2024/08/14/so-the-department-of-energy-emailed-me/