We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day) https://blog.0patch.com/2024/10/we-patched-cve-2024-38030-found-another.html

@pspaul just released a great writeup of the pacparser bug we found a few years back. The Zscaler VPN client, running as root, would inject the destination hostname in a JavaScript snippet and execute it with a very old version of SpiderMonkey. Paul transformed it in a CTF challenge for hack.lu and found the perfect vm bug to get RCE

https://blog.pspaul.de/posts/ancient-monkey-pwning-a-17-year-old-version-of-spidermonkey/

The removal of Russian linux maintainers working for sanctioned companies is a prime example of how one creates collective trauma by not being careful on how to convey the message proper.

The messaging were terrible, yes, a lot of people understood immediately why it happened, no, you can't look at it rationally and say "people will know". Your own collective trauma stood in the way.

Some people lost trust, others feel deeply betrayed, not due to the step itself, but by the way it was done.

[RSS] What Are My OPTIONS? CyberPanel v2.3.6 pre-auth RCE

https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce

[RSS] We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day)

https://blog.0patch.com/2024/10/we-patched-cve-2024-38030-found-another.html

Microsoft On the Issues: Google’s Shadow Campaigns
In a pot calling the kettle black moment, Microsoft is accusing Google of antitrust practices such as creating an astroturf lobbying organization. Since the author is a Corporate Vice President (CVP), Deputy General Counsel at Microsoft, there's some weight behind such an accusation on Microsoft's public blog. As a consumer with no skin in the game, this is a grab-the-popcorn moment. Let them fight.

#microsoft #google #monopoly #antitrust #lobbying

@http https://infosec.place/notice/AnT3F4ZJnv3E2JfKng

@infosecdj @RGB_Lights @dcoderlt Nobody says it's OK to abuse. I'm saying it's best to prevent abuse and that it's not OK to let the abuse to continue for years.

@schrotthaufen @RGB_Lights That's not a reason for us to make (and reinforce) the same confusion.

@schrotthaufen @RGB_Lights Cookie banners are not paywalls, let's not confuse the two issues...

@dcoderlt @RGB_Lights This has been going on for years even before the UA war (a bit higher prio in all areas), and this is part of the reason why I can't accept the abuse argument: if this is abuse, why has nobody done anything about it?

@RGB_Lights Proponents say that cookie banners are deliberate abuse of the regulation (to condition users to accept whatever, I think?). IMO if the regulation allows abuse of this extent it is not a good regulation.

Serious question. Can anyone tell me how we are safer / better for the cookie warning clicking I have to do on the internet? Advertisers still own your browsing habits and the world expends a collective bazillion hours a week on a needless friction.

[RSS] Privilege escalation through TPM Sniffing when BitLocker PIN is enabled

https://blog.scrt.ch/2024/10/28/privilege-escalation-through-tpm-sniffing-when-bitlocker-pin-is-enabled/

[RSS] Certificate Error Mishandling: Misuse and Abuse of the SslErrorHandler Class

https://bughunters.google.com/blog/4934724060839936/certificate-error-mishandling-misuse-and-abuse-of-the-sslerrorhandler-class

Give Me the Green Light Part 1: Hacking Traffic Control Systems https://www.redthreatsec.com/blog/greenlightspart1

VMWare vCenter Server CVE-2024-38812 DCERPC Vulnerability

https://blog.sonicwall.com/en-us/2024/10/vmware-vcenter-server-cve-2024-38812-dcerpc-vulnerability/

Retrofitting encrypted firmware is a Bad Idea™

https://haxx.in/posts/wtm-wtf/

Thirteen years ago I found "a bad babe" in Windows

https://daniel.haxx.se/blog/2011/10/28/whos-0xabadbabe-and-why/

In our new blogpost we guide you through the process of improving the tools available for #pentesting WCF services over the net.tcp binding:

https://blog.silentsignal.eu/2024/10/28/wcf-net.tcp-pentest/

We created a brand new #kaitaistruct based parser and implemented transformations so messages can be manipulated and replayed with #BurpSuite.