We are planning a new issue (and hard copy) to celebrate Phrack's 40th anniversary next year, please check out http://phrack.org for more info on contributing!

Google Chrome Zero Day: Stable Channel Update for Desktop
This update includes 38 security fixes. (20 externally reported). CVE-2024-7971 (high severity) Type confusion in V8
Reported by Microsoft Threat Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC) on 2024-08-19

Google is aware that an exploit for CVE-2024-7971 exists in the wild.

cc: @campuscodi @briankrebs @mttaggart @deepthoughts10 @cR0w @regnil @bschwifty @arinc629 @Cali @wvu @hrbrmstr @avoidthehack @bieberium @AAKL (make sure to remove all the mentions to avoid ReplyAll madness)

#Google #Chrome #zeroday #vulnerability #eitw #activeexploitation #CVE #CVE_2024_7971

Physarum wires: Self-growing self-repairing smart wires made from slime mould: https://arxiv.org/abs/1309.3583 a.k.a. super super gross wires. This is for sure how you end up with the backstory for the Borg.

@binaryninja Unfortunately it's not straightforward, since it's not trivial to find these resources in the first place when one just wants to launch the software.

Also note, that while the linked Qt repos seem to document necessary dependencies, these are for building the sw (-dev packages), while for simply running these are unnecessary. The Open Source page includeslibraries that are statically linked with the code along with dynamic dependencies, and it doesn't mention at least the necessary extensions for libxcb.

Aside from those unfortunate souls who have a dual-boot system that both wasn't detected by Microsoft and also is out of date enough so that its boot bits are noncompliant, who else might be affected by this?

Ventoy will fail to work on a SecureBoot-enabled Windows system with August's updates. The current Ventoy doesn't have a "shim,4" compliant EFI bootloader.

You can fix this if you don't care to wait for Ventoy to fix this.
Or do what probably a lot of people do, which is disable SecureBoot and forget to ever turn it back on again.
https://github.com/ventoy/Ventoy/issues/2692#issuecomment-2031412234

This won't likely surprise anyone, but "a prompt injection vulnerability in Slack AI makes it possible to fetch data from private Slack channels".

https://www.theregister.com/2024/08/21/slack_ai_prompt_injection/

#slack #ai #SlackAI #news #TechNews #technology

@tychotithonus IMO if you feel like the enthusiasm for a new Phrack release is too much there is hope.

Pretty much. From the brand new issue of Phrack.

The missing guide to the security of filesystems and file APIs (v1) by @gergelykalman

https://gergelykalman.com/the-missing-guide-to-the-security-of-filesystems-and-file-apis.html

@tychotithonus isn't that part of the fun? Not that new issues/papers come out that often...

@azonenberg terminator -T?

Binji's teaching in Europe! By popular demand and for the first time ever, Novice to Ninja is online in GMT! Uncover the truth behind today's most pressing cybersecurity issues, and what might be done to mitigate them. No reversing experience required! https://binary.ninja/training/n2n-syllabus.html

Apollo Comms Part 32: Breaking the Updata Link Code

https://www.youtube.com/watch?v=tBy1j9cTYKc

#Debugging #ReverseEngineering

The SAILR paper is being presented at @USENIXSecurity
.

It's a nice piece of work. If you're interested in what we think, take a look at the in-depth review we did on Feb!

https://pad.rev.ng/s/T3RdsvKNx#

It's here! #Phrack officially released online, and with it my article! http://phrack.org/issues/71/9.html#article It's about writing a good virus, using oldschool techniques to show you how effective old stuff can still be! #infosec #malware

@swapgs TIL, thanks!

ugh. I picked up a shitty NUC from ewaste and it had a label on it for an AI company.
ahh, another startup that burnt out trying to build some silly AI project on crap hardware. I wonder what they did? I check their URL:
ahh. healthcare. great, great.

@swapgs My problem is that Monorail appends a prefix (6 ASCII chars IIRC) to the JSON response that kills httpx unless I hack around it manually:

https://github.com/v-p-b/p0-bot-akkoma/blob/aa9dacb01711a5b00a607a64217aa8d29055e6d9/p0bot.py#L45

You can also see it when you check the raw response in browser devtools.

Any ideas?

@swapgs There is one thing though that I don't understand, so I'll probably upload to GH shortly...

@swapgs I can if you are interested, but it's really not anything fancy.