If it's stupid, but it works, it's not stupid.
It's technical debt.

Twitter account of note:

https://x.com/Fortibitch

[RSS] Defend against vampires with 10 gbps network encryption

https://www.synacktiv.com/en/publications/defend-against-vampires-with-10-gbps-network-encryption

SolarWinds: SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-28991)
CVE-2024-28991 (9.0 critical, disclosed 12 September 2024) SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.
Reported by Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative. No mention of exploitation.

EDIT: Piotr states that CVE-2024-28991 can be chained with CVE-2024-28990 (6.3 medium) SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability for pre-authenticated remote code execution.

#solarwinds #vulnerability #CVE_2024_28991 #cve

I talk to the press largely to *combat* AI hype. It's beyond frustrating to be misquoted in ways that contribute to it instead.

New newsletter post:

https://buttondown.com/maiht3k/archive/correcting-the-record/

It seems after burning God knows how much money and CO2, OpenAI decided that *maybe* if you want to have anything close to "intelligence" you'll need some reasoning. Can't wait to see how they scale against this problem!

This is cool. We ported parts of the Windows MDM stack (used by Intune) to Linux!! Now you can use it to EASILY control the configuration and security posture of Linux VMs in Azure.

https://learn.microsoft.com/en-us/azure/osconfig/quickstart-sec-baseline-mc?tabs=azure-cli

Microsoft is building new Windows security features to prevent another CrowdStrike https://trib.al/otEVx6r

Some exploits are just three curl commands in a trench coat.

@Viss brilliant!

I FOUND IT.
it took nearly four hours, but i found it.

thank you for coming along with me into the mines of my twitter archive to find this gif. dropbox deleted this, and many others when they 'just decided' to delete all locally stored files, making all the stuff you had exist only in the cloud.

i fired them for this, and replaced them with synology drive, that I sync over wireguard.

See also:

WHITE ELEPHANT 0DAY EXCHANGE - https://pastebin.com/uTiAK34P

A colleague just wanted to gift me an InkJet...

https://en.wikipedia.org/wiki/White_elephant

You asked, and we delivered! Check out the new Microsoft Incident Response Ninja Hub for a compilation of the research and guides that the Microsoft IR team has developed over the years on threat hunting, case studies, and more.

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/welcome-to-the-microsoft-incident-response-ninja-hub/ba-p/4243594

#MicrosoftIR #DART #ThreatHunting

For those of you who might like it: Here are the slides from my Alligatorcon talk:
https://gergelykalman.com/the-forgotten-art-of-filesystem-magic-alligatorcon-2024-slides.html

Mozilla, reading the room extremely well, seemingly just recently flipped the switch to enable-by-default sponsored weather results from AccuWeather in every new Firefox tab you open. Clicking "Learn more" takes you here, with zero information on if your location is sent to AccuWeather every time you open a new tab: https://support.mozilla.org/en-US/kb/customize-items-on-firefox-new-tab-page

Probably only noticed because I normally have a blank new tab page but this showed up after updating Firefox!

Windows Wi-Fi Driver RCE Vulnerability – CVE-2024-30078

https://www.crowdfense.com/windows-wi-fi-driver-rce-vulnerability-cve-2024-30078/

Taking steps that drive resiliency and security for Windows customers

https://blogs.windows.com/windowsexperience/2024/09/12/taking-steps-that-drive-resiliency-and-security-for-windows-customers/?s=09

CISA: Vulnerability Summary for the Week of September 2, 2024
Sometimes I check the summary for hidden gems. This time, five of the Mozilla Firefox CVEs are CVSSv3.1: 9.8 critical

• CVE-2024-8381 type confusion
• CVE-2024-8384 memory corruption
• CVE-2024-8385 type confusion
• CVE-2024-8387 memory corruption
• CVE-2024-8389 memory corruption

At a glance, they're obviously high severity. It's just that you won't have that sense of urgency at the time of announcement because you didn't see the CVSS score, or understand the impact.

Let's not forget to mention Hall of Shame Progress Software for having LoadMaster vulnerability CVE-2024-7591 with a perfect 10.0 🥳

[PATCH] Fix a bug in ebpf verifier

https://lore.kernel.org/bpf/67451140439fafa1bae3e3b010d2c6b9969696a1.camel@gmail.com/T/#m8adf66625ed09e89983cca14f7e982393cb7ac3d