Hang on to your seats, because this one's a wild ride. Literally.

Lamborghini Carjackers Lured by $243M Cyberheist

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom.

https://krebsonsecurity.com/2024/10/lamborghini-carjackers-lured-by-243m-cyberheist/

More than 2 months after Elastic Security Labs has described LNK Stomping (and many years after the exploits have been seen in the wild), the LNK that pops calc.exe still has zero detections on VirusTotal.
https://www.virustotal.com/gui/file/a688c1f260fefd4cb071d268dde451fd36a7b43a92d8ee1bc5c415174f61c2d5

Maybe because it's "just" calc.exe, AV is ignoring it? How about a CVE-2024-38217 exploit LNK with a payload that runs code from a remote server?
That gets 2 whole hits out of 64 on VT.
https://www.virustotal.com/gui/file/0f3fe93c037a07d9301abfa581ad42da8c96dfd6e189c02af75533a3e320c468?nocache=1

Either way you look at it, none of the engines on VT are detecting this technique of exploiting CVE-2024-38217. While plenty of AV-related security products claim to detect exploits for vulnerabilities, it'd be good to have a healthy amount of skepticism for what the products actually do.

@mwl They obviously never heard of a proper RFC like https://github.com/joho/7XX-rfc

Horizon3: Palo Alto Expedition: From N-Day to Full Compromise
References:

• CVE-2024-5910 (CVSSv4: 9.3 critical, disclosed 10 July 2024 by Palo Alto Networks) Expedition: Missing Authentication Leads to Admin Account Takeover
• CVE-2024-9464 Expedition: Authenticated Command Injection
• CVE-2024-9465 Expedition: Unauthenticated SQL Injection
• CVE-2024-9466 Expedition: Cleartext Credentials in Logs

Daaaaaaaamn @hacks_zach, Zach Hanley at it again with the Palo Alto Networks vulnerabilities. In trying to find CVE2-2024-5910 in Expedition (a configuration migration tool from a supported vendor to Palo Alto Networks PAN-OS), he found CVE-2024-9464, CVE-2024-9465 and CVE-2024-9466. It appears that CVE-2024-9465 (unauth SQL injection) leads to leaking credentials via "users" and "devices" tables which contain password hashes and device API keys. This is the CVE-2024-9466.

#paloaltonetworks #expedition #vulnerability #CVE #vulnerabilityanalysis

Palo Alto Networks security advisory: PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover
See parent toot above for Horizon3 vulnerability details.

• CVE-2024-9463 (9.9 critical) Palo Alto Networks Expedition OS command injection vulnerability
• CVE-2024-9464 (9.3 critical) Palo Alto Networks Expedition OS command injection vulnerability
• CVE-2024-9465 (9.2 critical) Palo Alto Networks Expedition SQL injection vulnerability
• CVE-2024-9466 (8.2 high) Palo Alto Networks Expedition cleartext storage of sensitive information vulnerability
• CVE-2024-9467 (7.0 high) Palo Alto Networks Expedition reflected XSS vulnerability

Palo Alto Networks is not aware of any malicious exploitation of these issues.

#paloaltonetworks #expedition #vulnerability #CVE

New Project Zero issue:

dav1d integer overflow leading to out-of-bounds write

https://project-zero.issues.chromium.org/issues/42451651

CVE-2024-1580

I want the same drugs Mozilla leadership is taking. They sound too good to be left out!!!! AAHAHHAHAHAHAHHAHAHA My head is spinning from so much bullshit newspeak ahahahhahahahahahahahaha

"How do we ensure that privacy is not a privilege of the few but a fundamental right available to everyone? These are significant and enduring questions that have no single answer. But, for right now on the internet of today, a big part of the answer is online advertising."

Exploiting AMD atdcm64a.sys arbitrary pointer dereference - Part 3 https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-3/

@foone "Electro-mechanical doom" sounds like regular warfare

Yesterday's Nobel Prize, in "physics," can be questioned as grotesque. Today's from Chemistry - fully justified. We are waiting for literature and "peace". Although we may have to wait a little longer for the latter, and there has never been a peace Nobel for nuclear weapons.

@j_bertolotti I haven't seen the particular complaints you're referring to, but I do feel that an objectively harmful hype cycle seems to have influenced this decision while also feeding the same hype. I think this is a reason for head scratching for many, rather than questioning the significance of the discoveries.

This year #Physics #NobelPrize was given to Hopfield and Hinton for their work on neural networks and machine learning.

Currently a lot of Physicists scratching their heads and wondering how machine learning is Physics, but:
* Physicists have taken Nobel prizes in Medicine and Chemistry a lot over the years, so I don't think it is fair for us to complain.
* Hopfield networks and Bolzmann machines are probably the two most "Physics adjacent" architectures for a neural network.

Overall, unexpected but well deserved.

https://www.nobelprize.org/prizes/physics/2024/press-release/

Current temperature of #physics mastodon, twitter et al. ;-)

#curl bug-bounty stats

(Including 84,260 USD payouts and 15.4% being valid reports.)

https://daniel.haxx.se/blog/2024/10/09/curl-bug-bounty-stats/

[RSS] Letters reveal the quiet genius of Ada Lovelace #ALD24

https://blog.adafruit.com/2024/10/08/letters-reveal-the-quiet-genius-of-ada-lovelace-ald24-findingada/

[RSS] Barbie's Video Has Never Looked So Good

https://hackaday.com/2024/10/08/barbies-video-has-never-looked-so-good/

[RSS] Ivanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection (CVE-2024-37404)

https://blog.amberwolf.com/blog/2024/october/cve-2024-37404-ivanti-connect-secure-authenticated-rce-via-openssl-crlf-injection/

New sensitive breach: "AI girlfriend" site Muah[.]ai had 1.9M email addresses breached last month. Data included AI prompts describing desired images, many sexual in nature and many describing child exploitation. 24% were already in @haveibeenpwned. More: https://www.404media.co/hacked-ai-girlfriend-data-shows-prompts-describing-child-sexual-abuse-2/

Ivanti warns of three more CSA zero-days exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/