@briankrebs

NYT: Lebanon's health minister, Firas al-Abyad, said in a press conference that eight people were killed by exploding paging devices and at least 2,780 were wounded, including 200 in serious condition.

https://www.nytimes.com/live/2024/09/17/world/israel-hamas-war-news/c1da8115-a99a-5962-9a47-87e3972a72bc

The web Hackvertor now has all of the tags to conduct email parser discrepancies attacks.

https://hackvertor.co.uk/

Ok, my article on porting the SBCL common #lisp implementation to the nintendo #switch is now live:

https://reader.tymoon.eu/article/437

Boosts would be much appreciated! It's been a lot of work to get this far.

#opensource #gamedev #indiedev

This is your monthly reminder that JetBrains still hasn't assigned any CVEs to their "3 security problems have been fixed" for TeamCity version 2024.07.2 released 29 August 2024. No new CVEs since 16 August 2024.

#jetbrains #teamcity #vulnerability

@joxean @raptor I never thought it was but I'm not an AI expert...

@raptor I still stand by my hypothesis that LLM's may be useful if their output is easy to verify. 1 LoC should be easy enough to verify.

I'd like to share some of my projects that are hosted on @github. Let's start with my public #exploits that span more than two decades of #pwning.

https://github.com/0xdea/exploits

"You can't argue with a root shell." -- Felix "FX" Lindner

Probably the most known is raptor_udf.c that targets #MySQL (those of you who solved the @offsec #OSCP training labs should recognize it).

My favorite is still raptor_rlogin.c, a glorious #Solaris #RCE from the early 2000s. Take your pick!

"What you think of Oracle _is even truer_ than you think it is!" - Bryan M. Cantrill[1]

Ellison Declares Oracle 'All In' On AI Mass Surveillance

https://developers.slashdot.org/story/24/09/16/213256/ellison-declares-oracle-all-in-on-ai-mass-surveillance

[1]https://youtu.be/-zRN7XLCRhc?si=FAsYQN2_Xoelkzlp&t=2048

i'm sorry, what??? https://www.justice.gov/usao-edny/pr/ticketmaster-pays-10-million-criminal-fine-intrusions-competitor-s-computer-systems-0

[RSS] Reasons for the unreasonable success of fuzzing (Halvar Flake, Google Slides)

https://docs.google.com/presentation/d/1vw9lywrMnNojiOIu-xU5KXZz7WzE0MYNQF6V7n6vyY8/edit#slide=id.g2768ca7ef44_0_65

Following Summoning Team's accusation that Horizon3 published a vulnerability details and proof of concept for the wrong CVE, Horizon3 updated their blog post: CVE-2023-28324 Deep Dive: Ivanti Endpoint Manager AgentPortal Improper Input Validation

We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The content of this blog has been updated accordingly.

h/t: @buherator cc: @cR0w

[RSS] Exploiting Microsoft Kernel Applocker Driver (CVE-2024-38041)

https://csa.limited/blog/20240916-Exploiting-Microsoft-Kernel-Applocker-Driver.html

[RSS] Mapping Mainframe Memory Made Easy

https://www.netspi.com/blog/technical-blog/mainframe-penetration-testing/mapping-mainframe-memory/

On some level I think people become stronger engineers by running their own databases for a time. Pulling back the cover and seeing the hidden complexity can breed an understanding that serves folks well.

Obviously not a requirement--but something to consider.

@joxean I only do that after the presentation is out the door, so "final" marks the doc I sent/presented/... instead of the one I _may_ present in the future.

CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability https://www.horizon3.ai/attack-research/cisa-kev-cve-2024-8190-ivanti-csa-command-injection/

The real slim shady || Ivanti Endpoint Manager (EPM) Pre-Auth RCE

CVE-2024-29847

https://summoning.team/blog/ivanti-epm-cve-2024-29847-deserialization-rce/

@inthehands Also related: https://fs.blog/writing-to-think/

Oh shit the vDSO implementation of getrandom() landed in Linux 6.11.

Might remove one of the last performance objections ot using the kernel CSPRNG for everything, the syscall overhead.

I have a large CL chain for crypto/rand, might as well add support for that...

"The productivity myth suggests that anything we spend time on is up for automation — that any time we spend can and should be freed up for the sake of having even more time for other activities or pursuits — which can also be automated. The importance and value of thinking about our work and why we do it is waved away as a distraction. The goal of writing, this myth suggests, is filling a page rather than the process of thought that a completed page represents."

1000x this.

https://www.techpolicy.press/challenging-the-myths-of-generative-ai/