High level diff of iOS 18.3 beta 1 vs. iOS 18.3 beta 2 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/18_3_22D5034e__vs_18_3_22D5040d/README.md

Google Chrome security advisory: Stable Channel Update for Desktop
New Google Chrome version 131.0.6778.264/.265 for Windows, Mac and 131.0.6778.264 for Linux includes 4 security fixes, including 1 externally reported: CVE-2025-0291 (high severity) Type Confusion in V8. No mention of exploitation

#google #chrome #vulnerability #cve #infosec #cybersecurity #CVE_2025_0291

Project: golang/go https://github.com/golang/go
File: src/cmd/cgo/ast.go:358 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/cmd/cgo/ast.go#L358

func (f *File) walk(x interface{}, context astContext, visit func(*File, interface{}, astContext))

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcgo%2Fast.go%23L358&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcgo%2Fast.go%23L358&colors=light

Project: golang/go https://github.com/golang/go
File: src/runtime/pprof/pprof_test.go:1553 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/runtime/pprof/pprof_test.go#L1553

func containsCountsLabels(prof *profile.Profile, countLabels map[int64]map[string]string) bool

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fruntime%2Fpprof%2Fpprof_test.go%23L1553&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fruntime%2Fpprof%2Fpprof_test.go%23L1553&colors=light

In the latest Doyensec research, our Nobert Szetei (@sine) takes a closer look at the SMB3 Kernel Server (ksmbd) component of the Linux kernel. Check it out today to learn what he found, which led to multiple CVEs!

#Doyensec #Appsec #Security #Linux

https://blog.doyensec.com/2025/01/07/ksmbd-1.html

RULECOMPILE - Undocumented Ghidra decompiler rule language

https://msm.lt/re/ghidra/rulecompile/

#Ghidra #Decompiler

US adds web and gaming giant Tencent to list of Chinese military companies

This could be the start of a saga to rival TikTok’s troubles, and embroil Tesla and Microsoft The US Department of Defense has added Chinese messaging and gaming Tencent to its list of “Chinese military company”, a designation that won’t necessarily result in a ban but is nonetheless unpleasant.…
#theregister #IT
https://go.theregister.com/feed/www.theregister.com/2025/01/07/tencent_catl_chinese_military_company_list/

Today (at 9 PM CET - my usual time), I will walk through a simple PNG file.
I will also cover some PNG tricks if I have time ;)
See you there!!
https://www.youtube.com/live/Ck5_ADtePzE?si=OJe7FjFQM9TqZq7p

One of my favorite things is asking LLMs "what's wrong with <this>?" when nothing is wrong with <this>. Works with code, circuit schematics, and so on.

You usually get a wall of *really* convincing text, and I imagine myself in the shoes of some poor student trying to make sense of this.

Last year I asked a question about the state of tracing JITs, and it led to a wonderful exchange. @cfbolz has written a terrific summary that captures a lot of folk knowledge that would otherwise be lost. Thanks!
https://pypy.org/posts/2025/01/musings-tracing.html

Real-time bidding, which powers nearly every ad you see online, might be the most privacy-invasive surveillance system that you’ve never heard of. Learn how it works and how to protect yourself. https://www.eff.org/deeplinks/2025/01/online-behavioral-ads-fuel-surveillance-industry-heres-how

- You have to understand that back in my day, it was possible to make a career out of sending a lot of AAAAAAs to computer programs

- Sure grandpa, let's get you to bed

please don't let maths journals go this way...

Elsevier adds AI to the "proofreading" of publications. Editors resign.

https://retractionwatch.com/2024/12/27/evolution-journal-editors-resign-en-masse-to-protest-elsevier-changes/

https://pivot-to-ai.com/2025/01/05/elsevier-rewrites-academic-papers-with-ai-without-telling-editors-or-authors/

Now that it's actually 2025, you may want to give this a gander.

https://taggart-tech.com/20241212-2025-jobs-guide/

New version of Function-Graph-Overview is out for both VSCode and JetBrains IDEs.

This version is a bugfix release, solving some edge-cases that led to infinite loops in rendering, and improving performance in some cases too. Thanks @buherator for the fix!

JetBrains: https://plugins.jetbrains.com/plugin/25676-function-graph-overview
VSCode: https://marketplace.visualstudio.com/items?itemName=tamir-bahar.function-graph-overview

The future of IBM Power CPUs.
#IBMi #rpgpgm #IBMChampion
https://www.rpgpgm.com/2025/01/the-future-of-ibm-power-cpus.html

I will stream tonight (9PM CET) about the basics of PDF file format tricks - the road to funky PDF, polyglots and hash collisions! See you there!
https://www.youtube.com/live/8g6G96nn7Mo?si=0IByzWDDNDtrnPPk

Interesting links of the week:

Strategy:

* https://jericho.blog/2024/12/28/mitres-phoning-in-new-cnas/ - a critique of the training for new CNA from @attritionorg

Standards:

* https://www.misp-standard.org/blog/Naming-Threat-Actor/ - @misp proposes a standard for naming threat actors

Threats:

* https://www.propublica.org/article/ap3-oath-keepers-militia-mole - moles in right wing infrastructure
* https://community.emergingthreats.net/t/the-many-cves-of-d-link-hnap-command-injection/2314 - attacking HNAP for CLI injection
* https://www.flux.utah.edu/paper/singh-nsdi24 - analysing the prevalence and scope of ITW SSH brute force attacks

Detection:

* https://www.usenix.org/conference/usenixsecurity24/presentation/badva - paper on threat hunting, full disclosure: participant P18 is me :)

Bugs:

* https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49113/ - AD LDAP sadness
* https://social.circl.lu/@vulnerability_lookup/113761006476621066 - fediverse reporting on the same bugs by @vulnerability_lookup
* https://thesecmaster.com/blog/how-to-protect-your-four-faith-industrial-routers-from-cve-2024-12856-a-critical - hacking the factory
* https://seclists.org/fulldisclosure/2024/Dec/21 - when the CTF platform itself supplies the bugs...
* https://seclists.org/fulldisclosure/2024/Dec/19 - iSay, iSay, shell me a midtier, sir!

Exploitation:

* https://people.kernel.org/kees/colliding-with-the-sha-prefix-of-linuxs-initial-git-commit - @kees collides Linux
* https://www.hvs-consulting.de/en/nfs-security-identifying-and-exploiting-misconfigurations/ - holes in NFS, surely not?
* https://blog.slowerzs.net/posts/thievingfox/ - stealing passwords for red team glory

Hardening:

* https://www.cisa.gov/sites/default/files/2024-01/SbD-Alert-Security-Design-Improvements-for-SOHO-Device-Manufacturers.pdf - CISA advice on SOHO networks.. not wildly blown away but I suppose they have to start somewhere...

Nerd:

* https://github.com/markqvist/Reticulum/discussions/231 - an interesting approach to non-TCP/IP federated networks as shared by @sqshr...
* https://www.jmeiners.com/lc3-vm/ - write your own VM... kinda remember doing this at uni
* https://tickets.why2025.org/ - have you ordered your tickets for @why2025camp

#security, #research