RULECOMPILE - Undocumented Ghidra decompiler rule language

https://msm.lt/re/ghidra/rulecompile/

#Ghidra #Decompiler

[RSS] CVE-2024-53141: an OOB Write Vulnerability in Netfiler Ipset

https://u1f383.github.io/linux/2025/01/07/cve-2024-53141-an-oob-write-vulnerability-in-netfilter-ipset.html

US adds web and gaming giant Tencent to list of Chinese military companies

This could be the start of a saga to rival TikTok’s troubles, and embroil Tesla and Microsoft The US Department of Defense has added Chinese messaging and gaming Tencent to its list of “Chinese military company”, a designation that won’t necessarily result in a ban but is nonetheless unpleasant.…
#theregister #IT
https://go.theregister.com/feed/www.theregister.com/2025/01/07/tencent_catl_chinese_military_company_list/

Today (at 9 PM CET - my usual time), I will walk through a simple PNG file.
I will also cover some PNG tricks if I have time ;)
See you there!!
https://www.youtube.com/live/Ck5_ADtePzE?si=OJe7FjFQM9TqZq7p

One of my favorite things is asking LLMs "what's wrong with <this>?" when nothing is wrong with <this>. Works with code, circuit schematics, and so on.

You usually get a wall of *really* convincing text, and I imagine myself in the shoes of some poor student trying to make sense of this.

Last year I asked a question about the state of tracing JITs, and it led to a wonderful exchange. @cfbolz has written a terrific summary that captures a lot of folk knowledge that would otherwise be lost. Thanks!
https://pypy.org/posts/2025/01/musings-tracing.html

Real-time bidding, which powers nearly every ad you see online, might be the most privacy-invasive surveillance system that you’ve never heard of. Learn how it works and how to protect yourself. https://www.eff.org/deeplinks/2025/01/online-behavioral-ads-fuel-surveillance-industry-heres-how

- You have to understand that back in my day, it was possible to make a career out of sending a lot of AAAAAAs to computer programs

- Sure grandpa, let's get you to bed

please don't let maths journals go this way...

Elsevier adds AI to the "proofreading" of publications. Editors resign.

https://retractionwatch.com/2024/12/27/evolution-journal-editors-resign-en-masse-to-protest-elsevier-changes/

https://pivot-to-ai.com/2025/01/05/elsevier-rewrites-academic-papers-with-ai-without-telling-editors-or-authors/

Now that it's actually 2025, you may want to give this a gander.

https://taggart-tech.com/20241212-2025-jobs-guide/

New version of Function-Graph-Overview is out for both VSCode and JetBrains IDEs.

This version is a bugfix release, solving some edge-cases that led to infinite loops in rendering, and improving performance in some cases too. Thanks @buherator for the fix!

JetBrains: https://plugins.jetbrains.com/plugin/25676-function-graph-overview
VSCode: https://marketplace.visualstudio.com/items?itemName=tamir-bahar.function-graph-overview

The future of IBM Power CPUs.
#IBMi #rpgpgm #IBMChampion
https://www.rpgpgm.com/2025/01/the-future-of-ibm-power-cpus.html

I will stream tonight (9PM CET) about the basics of PDF file format tricks - the road to funky PDF, polyglots and hash collisions! See you there!
https://www.youtube.com/live/8g6G96nn7Mo?si=0IByzWDDNDtrnPPk

Interesting links of the week:

Strategy:

* https://jericho.blog/2024/12/28/mitres-phoning-in-new-cnas/ - a critique of the training for new CNA from @attritionorg

Standards:

* https://www.misp-standard.org/blog/Naming-Threat-Actor/ - @misp proposes a standard for naming threat actors

Threats:

* https://www.vodafone.com/sustainable-business/maintaining-trust/law-enforcement-assistance - Vodafone's yearly account of law enforcement interactions
* https://www.propublica.org/article/ap3-oath-keepers-militia-mole - moles in right wing infrastructure
* https://community.emergingthreats.net/t/the-many-cves-of-d-link-hnap-command-injection/2314 - attacking HNAP for CLI injection
* https://www.flux.utah.edu/paper/singh-nsdi24 - analysing the prevalence and scope of ITW SSH brute force attacks

Detection:

* https://www.usenix.org/conference/usenixsecurity24/presentation/badva - paper on threat hunting, full disclosure: participant P18 is me :)

Bugs:

* https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49113/ - AD LDAP sadness
* https://social.circl.lu/@vulnerability_lookup/113761006476621066 - fediverse reporting on the same bugs by @vulnerability_lookup
* https://thesecmaster.com/blog/how-to-protect-your-four-faith-industrial-routers-from-cve-2024-12856-a-critical - hacking the factory
* https://seclists.org/fulldisclosure/2024/Dec/21 - when the CTF platform itself supplies the bugs...
* https://seclists.org/fulldisclosure/2024/Dec/19 - iSay, iSay, shell me a midtier, sir!

Exploitation:

* https://people.kernel.org/kees/colliding-with-the-sha-prefix-of-linuxs-initial-git-commit - @kees collides Linux
* https://www.hvs-consulting.de/en/nfs-security-identifying-and-exploiting-misconfigurations/ - holes in NFS, surely not?
* https://blog.slowerzs.net/posts/thievingfox/ - stealing passwords for red team glory

Hard hacks:

* https://aleksandr.rogozin.us/blog/2021/8/13/hacking-philips-wiz-lights-via-command-line - hacking Philips WiZ

Hardening:

* https://www.cisa.gov/sites/default/files/2024-01/SbD-Alert-Security-Design-Improvements-for-SOHO-Device-Manufacturers.pdf - CISA advice on SOHO networks.. not wildly blown away but I suppose they have to start somewhere...

Nerd:

* https://github.com/markqvist/Reticulum/discussions/231 - an interesting approach to non-TCP/IP federated networks as shared by @sqshr...
* https://www.jmeiners.com/lc3-vm/ - write your own VM... kinda remember doing this at uni
* https://tickets.why2025.org/ - have you ordered your tickets for @why2025camp

#security, #research

at #38c3 @rdjgr did a pretty good job at explaining the lore of how they scammed me before we ultimately joined forces. make sure to check out the full talk ("Dialing into the Past: RCE via the Fax Machine – Because Why Not?"), great stuff!

[RSS] Reliable system call interception [with seccomp user notify]

https://blog.mggross.com/intercepting-syscalls/

#genuary5 prompt: Isometric art.

It's game of life. History goes down. I've seen a visualization like this last year and wanted to recreate it.

Made with #PyScript:
https://ambv.pyscriptapps.com/genuary-prompt-5/latest/

#genuary2025 #genuary #GenerativeArt #CreativeCoding #WebGL #Python

I have this favorite story about "the first 3D shopping mall" on the Hungarian Internet: it was of course a massive failure, because the minds behind it didn't realize that people are not going to the mall to use escalators (which was precisely modeled in VRML along with corridors, benches, etc).

I think the recent enthusiasm about GenAI-driven voice/video recognition is similar in this aspect: in many cases people would prefer a system *not* involving human(-like) interaction (or using an escalator), it's just we currently don't have better solutions for many tasks. Assuming a speech/video interface is always better than e.g. a bar code reader results in faster horses, not cars.

#GrapheneOS appears to be standing up to UK forensics, in this painful and "unprecedented" case which could see a UK journalist go to jail for not relinquishing the passphrase to his devices. Not only is withholding his basic human right, but he does it to protect his sources, and as ratified in the European Court of Human Rights.

https://www.ilfattoquotidiano.it/in-edicola/articoli/2025/01/02/british-journalist-could-face-years-in-prison-for-refusing-to-hand-over-his-passwords-to-the-police/7822432/

#humanrights #infosec #privacy