watchTowr: Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024
Reference: CVE-2024-23113 (9.8 critical, disclosed 08 February 2024 by Fortinet, added to CISA KEV Catalog 09 October 2024) Fortinet Multiple Products Format String Vulnerability

I personally love the snark that watchTowr brings to the infosec community. If you didn't already grasp it from all the memes, you'll understand once you start reading this blog post. watchTowr covers locating the vulnerability CVE-2024-23113 and finding the root cause. I know the term rabbit hole is used often, but in this case, each vulnerable/patched version of their firmware provides different behavior to exploitation attempts and these are explained. No one's safe from watchTowr: they even include a dis for Check Point:

I mean, it's one up from Checkpoint's 'buy another Checkpoint device to put infront of your vulnerable Checkpoint device'

#CVE_2024_23113 #fortinet #vulnerability #eitw #vulnerabilityanalysis #cybersecurity #infosec #cve #activeexploitation #kev

Kagi's Snaps allows you to easily limit search results to a specific website by using the @ symbol followed by a short code for the site and then your search query🪄

More on how to use and contribute to Snaps: https://help.kagi.com/kagi/features/snaps.html

#Kagi #Search #AdFree

[RSS] Using the 555 for Everything

https://hackaday.com/2024/10/14/using-the-555-for-everything/

Huh.... Turns out electricity is a little bit spicier in Ireland. Lesson learned. Setup for #Pwn2Own Ireland continues...

[RSS] RGFuzz: Rule-Guided Fuzzer for WebAssembly Runtimes

https://kaist-hacking.github.io/publication/park-rgfuzz/

There's something specifically and deeply evil about making kids watch ads for extra stuff in games.

As a planned follow-up to the splitting of sshd-session out of the sshd(8) binary, sshd-session has be further split into a new sshd-auth binary to handle user authentication.

djm@ modified src/usr.bin/ssh/*: Split per-connection sshd-session binary

This splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. This will be executed by sshd-session to complete the user authentication phase of the protocol only.

Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after the authentication phase completes.

Joint work with markus@ feedback deraadt@

Tested in snaps since last week

Also only on #OpenBSD, this new sshd-authd binary gets relinked on boot, as with sshd-session and sshd.

deraadt@ modified src/etc/rc: sshd-auth also has a relink kit

#OpenSSH

The @internetarchive’s Wayback Machine resumed in a provisional, read-only manner.

Sorry, no Save Page Now yet.

Safe to resume but might need further maintenance, in which case it will be suspended again.

Please be gentle https://web.archive.org

More as it happens.

[RSS] Casio says ransomware attack exposed info of employees, customers and business partners

https://therecord.media/casio-ransomware-attack-exposed-emplyee-customer-data

First the IA, now Casio - nothing is sacred for these punks!

What is the longest sentence you can form from names of programming languages?

(Bonus points for not using the Esolang wiki)

Painted by a homeless man: https://streetartutopia.com/2024/10/13/painted-by-a-homeless-man/

@drahardja @SteveBellovin What is this *not* good for?

Doing my weekly update of TeXLive, I spotted this as a new feature. Just what I want—SQL injection in document source…

@muneef This PNG could've been a HTML table...

Writing things down isn't just good science; it's the ultimate kink. 😝

the zendesk hack, for anyone interested

https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52

@asicc I have no clue how this should/could be resolved unfortunately.

People getting more familiar with the infrastructure around them would probably help, but technology goes in a direction that hides these details, hence its popularity.

@asicc My point is exactly that the contents of an URL doesn't seem to matter _at all_ because many people have no idea what trustworthy domains are (or how they would like like as part of an URL).

In other words you don't have to register n<very weird e-like character>tflix[.]com for your scam because people will just trust PayForYourTV[.]so.

@tara @bitzero TIL about elinks, it looks awesome!

The current chaos in WordPress caused by Matt seems like a good time to remind folks that the Mastodon “community” websites and trademarks are 100% owned by one man, despite pleas from current and former project members to make Mastodon a foundation with a board.