i'm sorry, what??? https://www.justice.gov/usao-edny/pr/ticketmaster-pays-10-million-criminal-fine-intrusions-competitor-s-computer-systems-0

[RSS] Reasons for the unreasonable success of fuzzing (Halvar Flake, Google Slides)

https://docs.google.com/presentation/d/1vw9lywrMnNojiOIu-xU5KXZz7WzE0MYNQF6V7n6vyY8/edit#slide=id.g2768ca7ef44_0_65

Following Summoning Team's accusation that Horizon3 published a vulnerability details and proof of concept for the wrong CVE, Horizon3 updated their blog post: CVE-2023-28324 Deep Dive: Ivanti Endpoint Manager AgentPortal Improper Input Validation

We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The content of this blog has been updated accordingly.

h/t: @buherator cc: @cR0w

[RSS] Exploiting Microsoft Kernel Applocker Driver (CVE-2024-38041)

https://csa.limited/blog/20240916-Exploiting-Microsoft-Kernel-Applocker-Driver.html

[RSS] Mapping Mainframe Memory Made Easy

https://www.netspi.com/blog/technical-blog/mainframe-penetration-testing/mapping-mainframe-memory/

On some level I think people become stronger engineers by running their own databases for a time. Pulling back the cover and seeing the hidden complexity can breed an understanding that serves folks well.

Obviously not a requirement--but something to consider.

@joxean I only do that after the presentation is out the door, so "final" marks the doc I sent/presented/... instead of the one I _may_ present in the future.

CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/

The real slim shady || Ivanti Endpoint Manager (EPM) Pre-Auth RCE

CVE-2024-29847

https://summoning.team/blog/ivanti-epm-cve-2024-29847-deserialization-rce/

@inthehands Also related: https://fs.blog/writing-to-think/

Oh shit the vDSO implementation of getrandom() landed in Linux 6.11.

Might remove one of the last performance objections ot using the kernel CSPRNG for everything, the syscall overhead.

I have a large CL chain for crypto/rand, might as well add support for that...

"The productivity myth suggests that anything we spend time on is up for automation — that any time we spend can and should be freed up for the sake of having even more time for other activities or pursuits — which can also be automated. The importance and value of thinking about our work and why we do it is waved away as a distraction. The goal of writing, this myth suggests, is filling a page rather than the process of thought that a completed page represents."

1000x this.

https://www.techpolicy.press/challenging-the-myths-of-generative-ai/

"It is not the case that “AI gathers data from the Web and learns from it.” The reality is that AI companies gather data and then optimize models to reproduce representations of that data for profit."

"The productivity myth suggests that anything we spend time on is up for automation — that any time we spend can and should be freed up for the sake of having even more time for other activities or pursuits — which can also be automated."

https://www.techpolicy.press/challenging-the-myths-of-generative-ai/

Read the whole thing!

Ah shit, Flare-On in 11 days. Not sure I start it right away :-((((((

https://cloud.google.com/blog/topics/threat-intelligence/announcing-eleventh-annual-flare-on-challenge

[RSS] Non-Actionable Findings in 3rd-party Security Scanners...and How to Identify Them

https://bughunters.google.com/blog/6302522760626176/non-actionable-findings-in-3rd-party-security-scanners-and-how-to-identify-them

We are super grateful to the community members who are generously helping make Kagi accessible worldwide through translation support 🌍

Want to contribute? Join us at https://localazy.com/p/kagi-search

My exam season is finally over, and after some final touches, I have a few exciting announcements for you.

We’re launching the public beta phase of our CellGuard iOS app. It supports all iPhones running iOS 14 or newer. You can contribute to an optional study that helps us to improve detection algorithms. Read more & download CellGuard at https://cellguard.seemoo.de

[RSS] FreeBSD 11.0+ Kernel LPE: Userspace Mutexes (umtx) Use-After-Free Race Condition

https://accessvector.net/2024/freebsd-umtx-privesc

[RSS] Attacking PowerShell CLIXML Deserialization

https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization

The Children of the Magenta lecture: https://www.youtube.com/watch?v=WITLR_qSPXk . The quality of the AV isn't great due to age and restoration, but the contents is _well_ worth it.