Is Cloudflare really the only CDN provider that supports #IPv6 to the origin servers? (CloudFront and Fastly don't)

https://blog.cloudflare.com/amazon-2bn-ipv4-tax-how-avoid-paying/

#CunninghamsLaw

We've released #LibAFL 0.14 with an afl-fuzz rewrite in #LibAFL, better QEMU, FRIDA scripting, intel_pt tracing support and more!
Check it out:

https://github.com/AFLplusplus/LibAFL/releases/tag/0.14.0

[RSS] NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely

https://therecord.media/nist-vulnerability-backlog-cleared-cisa

[RSS] Arc Browser UXSS, Local File Read, Arbitrary File Creation and Path Traversal to RCE

https://medium.com/@renwa/arc-browser-uxss-local-file-read-arbitrary-file-creation-and-path-traversal-to-rce-b439f2a299d1?source=rss-3f8ae70e3957------2

Remove /dev/null from a host and a surprising number of programs crash and burn. Experienced sysadmins understand that most software requires an uninterruptible supply of nothing.

Full Rapid7 analysis and #exploit PoC (with root shell!) for #FortiManager #CVE202447575 via @stephenfewer 🐚 Not a simple project, as it turned out :) https://attackerkb.com/topics/OFBGprmpIE/cve-2024-47575/rapid7-analysis

The Pentium processor had a minor error in the division algorithm. This error cost Intel $475 million to replace the faulty chips. I've tracked down the FDIV error to this circuit on the die:

Me to Matomo:
Your installation instructions guarantee that Windows will be vulnerable to LPE. You should probably fix that.

Matomo:
"Unfortunately we do not consider this as a security issue, because it's actually fully unrelated to Matomo itself."

Great job, folks!

gell-man amnesia.
this is nuts.
these stories are one hour apart

Clownstrike @ 358...
Cyber incidents appear to have no long term impact ;-)

We have observed D-Link NAS CVE-2024-10914 /cgi-bin/account_mgr.cgi command injection exploitation attempts starting Nov 12th. This vuln affects EOL/EOS devices, which should be removed from the Internet: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10413

We see ~1100 exposed.

https://dashboard.shadowserver.org/statistics/iot-devices/tree/?day=2024-11-12&vendor=d-link&type=nas&geo=all&data_set=count&scale=log

We share IP data on exposed D-Link NAS instances for your network/constituency in our Device ID reports (vendor D-Link, type: nas): https://shadowserver.org/what-we-do/network-reporting/device-identification-report/

D-Link NAS exposure tracker https://dashboard.shadowserver.org/statistics/iot-devices/time-series/?date_range=7&vendor=d-link&type=nas&model=sharecenter&dataset=count&limit=1000&group_by=geo&style=stacked

NVD entry: https://nvd.nist.gov/vuln/detail/CVE-2024-10914

Happy #PatchTuesday on a Wednesday from Palo Alto Networks:

1. PAN-SA-2024-0016 Chromium: Monthly Vulnerability Updates
2. CVE-2024-5920 (CVSSv4: 4.6 medium) PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator
3. CVE-2024-2550 (CVSSv4: 8.7 high) PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
4. CVE-2024-2551 (CVSSv4: 8.7 high) PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
5. CVE-2024-2552 (CVSSv4: 6.8 medium) PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)
6. CVE-2024-5917 (CVSSv4: 6.3 medium) PAN-OS: Server-Side Request Forgery in WildFire
7. CVE-2024-5918 (CVSSv4: 5.3 medium) PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User
8. CVE-2024-5919 (CVSSv4: 5.1 medium) PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability
9. CVE-2024-9472 (CVSSv4: 8.7 high) PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic

"Palo Alto Networks is not aware of any malicious exploitation of this issue." RE:CVE-2024-9472: "However, customers have reported encountering this issue during normal operations."

#paloaltonetworks #pan #panos #vulnerability #CVE

@da_667 9 out of 10 dentists say yes!

#Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables

https://seclists.org/oss-sec/2024/q4/80

Another big step towards becoming a security boundary: today we’re expanding the VRP for the V8 Sandbox

* No longer limited to d8

* Rewards for controlled writes are increased to $20k

* Any memory corruption outside the sandbox is now in scope

See https://bughunters.google.com/about/rules/chrome-friends/5745167867576320/chrome-vulnerability-reward-program-rules#v8-sandbox-bypass-rewards for more details.

Happy hacking!

Thrilled to share my BlueHat keynote is now live! 🎤

"A Clash of Cultures Comes Together to Change Software" dives into how early hacker groups like the L0pht began collaborating with tech companies, reshaping software security.

Watch here: https://www.youtube.com/watch?v=w6SAqT4ZQik

#BlueHat #Cybersecurity #Infosec #Hackers

bsky.app/profile/b1ack0wl.bsky.social/post/3latq4vftsk2a

Heads up: that viral "backdoor attempt" against multiple GitHub repos is a smear campaign. The lame code that was submitted is also a part of it since it's there to paint a picture of someone with very little offensive skills. Don't fall for the bait

@algernon Great to hear that! I really don't want to be that security who says "no." to everything: sometimes a full-blown embedded programming language has its place, we just have to be aware of the risks we're taking.

Additional Fortinet security advisories:

1. FG-IR-23-396 CVE-2024-23666 (7.5 high) Readonly users could run some sensitive operations (FortiAnalyzer)
2. FG-IR-24-033 CVE-2024-33510 (4.3 medium) SSLVPN WEB UI Text injection (FortiOS/FortiProxy)
3. FG-IR-24-098 CVE-2024-31496 (6.7 medium) Stack buffer overflow in CLI command (FortiAnalyzer/FortiManager)
4. FG-IR-22-155 CVE-2024-40590 (4.8 medium) missing digital certificate validation (FortiPortal)

No mention of exploitation.

#Fortinet #PatchTuesday #CVE #vulnerability #infosec #cybersecurity

GitLab security advisory: GitLab Patch Release: 17.5.2, 17.4.4, 17.3.7

1. CVE-2024-9693 (8.5 high) Unauthorized access to Kubernetes cluster agent
2. CVE-2024-7404 (6.8 medium) Device OAuth flow allows for cross window forgery
3. requested CVE ID not yet available (6.5 medium) Denial of Service by importing malicious crafted FogBugz import payload
4. CVE-2024-8648 (6.1 medium) Stored XSS through javascript URL in Analytics dashboards
5. CVE-2024-8180 (5.4 medium) HTML injection in vulnerability Code flow could lead to XSS on self hosted instances
6. CVE-2024-10240 (5.3 medium) Information disclosure through an API endpoint

No mention of exploitation.

#GitLab #PatchTuesday #CVE #vulnerability #infosec #cybersecurity