Picard management tip: Take your leisure time seriously. A relaxed captain is a sane captain.

Here's a no-cost, non-denominational, last-minute gift idea.

Reach out to people who made a positive difference in your life but with whom you have not been in touch for a while. Tell them that they were a force for good in your life. Thank them.

Be generous -- pass on this idea. Spread some joy.

@da_667 I'm a fan of static site generators. Jekyll is an obvious option but Ruby is guaranteed Dependency Hell in the long run (I remember some fuckery even with Docker...). Hugo seems similar without the mess but I don't have experience with that one.

One the twelfth day of Christmas, the true goat gave to thee: https://infosec.press/screaminggoat/patch-tuesday , which is a list of vendors' security advisory landing pages and their #PatchTuesday schedule.

Disclaimer: Not every vendor is listed, and their patching cycle may be different than what I categorized them as, but it's a good starting point. Ideally, you'd be tracking the ones you care about using RSS anyway.

Merry Christmas Infosec Mastodon

#iinfosec #cybersecurity #vulnerability #cve #christmas

@teotwaki @DerFetzer thanks, I'm quite picky about such things anyway :) I'm more puzzled about the knobs&dials one has to be familiar with to do things properly.

[RSS] A design flaw in the Windows 3D Pipes screen saver pointed out by a customer

https://devblogs.microsoft.com/oldnewthing/20241224-00/?p=110675

[RSS] Everyday #Ghidra: Symbols -- Automatic Symbol Acquisition with Ghidra -- Part 2

https://clearbluejar.github.io/posts/everyday-ghidra-symbols-automatic-symbol-acquisition-with-ghidra-part-2/

@DerFetzer Thank you, thiserror is actually part of the material I'm working on, but comparing alternatives has been on my TODO list!

[RSS] An Initial Analysis of Adobe ColdFusion CVE-2024-53961

https://www.hoyahaxa.com/2024/12/an-initial-analysis-of-cve-2024-53961.html

[RSS] ghidralib - A Pythonic Ghidra standard library

https://github.com/msm-code/ghidralib

#Ghidra

[RSS] Exploiting Second Order SQL Injection with Stored Procedures

https://www.netspi.com/blog/technical-blog/web-application-pentesting/second-order-sql-injection-with-stored-procedures-dns-based-egress/

[RSS] A functionally complete decompilation of LEGO Island (1997)

https://github.com/isledecomp/isle

[RSS] Starship, Star Fox 64 recompilation project

https://github.com/HarbourMasters/Starship

OK, this is my summary for today

#Rust

Hewlett Packard report that they are spotting AI-generated malware in the wild, not through complex analysis or watermarking, but because… it is weirdly well-commented. https://threatresearch.ext.hp.com/wp-content/uploads/2024/09/HP_Wolf_Security_Threat_Insights_Report_September_2024.pdf

I'm at about third of the 100 #Rust exercises and I think we just got to the "Draw the rest of the fucking owl" part 🖊

I find CVE-2024-40896 (Raptor/libxml2 XXE) very educational:

Based on the analysis[1] it's a nice example of Chesterton’s Fence[2], while its discovery[3] underlines the importance of automated testing for regressions and known dangerous behavior.

[1] https://www.openwall.com/lists/oss-security/2024/12/25/2 (thx @alexandreborges for sharing!)
[2] https://fs.blog/chestertons-fence/
[3] https://gitlab.gnome.org/GNOME/libxml2/-/issues/761

CVE-2024-40896 Analysis: libxml2 XXE due to type confusion

https://www.openwall.com/lists/oss-security/2024/12/25/2

#cve #linux #libxml2 #xxe #vulnerability #exploitation #bug #typeconfusion

@malwarejake duh?

7/ Finland has visually confirmed that the ship Eagle S had it's anchor down and is now missing it's anchor.