Dear Developers,

if you write #documentation, include the *context* where a piece of code/config/prayer/... should go, pretty please!

Thank you,

Your Fellow IT People

[oss-security] shell wildcard expansion (un)safety

https://seclists.org/oss-sec/2024/q4/56

CVE-2024-9681 HSTS subdomain overwrites parent cache entry

https://curl.se/docs/CVE-2024-9681.html

[RSS] On the limits of time travel in the face of undefined behavior in C

https://devblogs.microsoft.com/oldnewthing/20241104-00/?p=110466

New assessment for topic: CVE-2024-35250

Topic description: "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ..."

"The ks.sys driver on Windows is one of the core components of Kernel Streaming and is installed by default ..."

Link: https://attackerkb.com/assessments/b966571c-c90a-4055-af54-ee6af8389f53

Exciting news! I’m starting X-Force’s new offensive research team (XOR) and hiring a security researcher. Want to work with researchers (like @fuzzysec and I) to find bugs, exploit popular targets, and share your work? Apply for this unique (remote) role 😊https://careers.ibm.com/job/21219320/security-researcher-san-jose-ca/

Don't threaten us with a good time

#ElonMusk #Twitter #Meme

Interested in accessing a binary as a CFG? @ArastehCma has a solid video showing how to access Ghidra's analysis as a CFG (with an awesome intro!):
https://www.youtube.com/watch?v=eTRo3xw1Gbs

Want to do the same thing in Binary Ninja? See below. (Spoiler: it's already exposed as one!)

Dutch researchers @midnightbluelab
found a critical zero-click vuln in a photo app enabled by default on Synology storage devices, putting millions of systems at risk of being hacked. They found Synology systems owned by police/law firms/critical infrastructure contractors online and all vulnerable to attack. Synology has called the vuln "critical" and issued a patch last week but apparently didn't notify customers. Synology devices don't have automated update capabilities. Here's my story: https://www.wired.com/story/synology-zero-click-vulnerability/

@kimzetter Kim, did you see https://infosec.exchange/@adamshostack/113414081797045521 ?

@wdormann @kimzetter Maybe @thezdi can shed some light on that candidate ID?

Early 2020 I wrote this blog post about how #Microsoft #OneDrive exports malformed #ZIP files that cannot be unzipped by widely-used tools (this only happens for large, > 4GB ZIP files):

https://www.bitsgalore.org/2020/03/11/does-microsoft-onedrive-export-large-ZIP-files-that-are-corrupt

Fast-forward 4.5 years, and Microsoft *still* hasn't fixed this!

Just ran into this again with a 6.5 GB file! Luckily the Fix-OneDrive-Zip tool by Paul Marquess helped me out again:

https://github.com/pmqs/Fix-OneDrive-Zip

#wtfZIP #wtfMicrosoft

@cR0w There's room for actors in different timezones

Quick, release your #0day, US is preoccupied with the election! ;)

[RSS] iPod Clickwheel Games Preservation Project

https://hackaday.com/2024/11/04/ipod-clickwheel-games-preservation-project/

Was it a mistake to teach fonts how to think? https://github.com/nevesnunes/z80-sans

@0xabad1dea so many times.

also:

client: can you test this web service?

me: sure!

client: ok it's at this URL

me: can you provide some docs, tests, sample requests / code, an app that exercises that service endpoint, and/or the source for the web service itself? web services are pretty much opaque without additional info

client: ........... we have a WSDL?

[RSS] Introducing lightyear: a new way to dump files in PHP

https://www.ambionics.io/blog/lightyear-file-dump

✍️ Debugging the Windows Hypervisor: Inspecting SK Calls by @dor00tkit

https://dor00tkit.github.io/Dor00tkit/posts/debugging-the-windows-hypervisor-inspecting-sk-calls/

Performance isn't the enemy of security: we care about both. Today's patches finish off a set of security/performance improvements to eBPF. Below we show a ~30x speedup vs vanilla in running the eBPF selftests with every single #grsecurity option enabled!