More details:

Blog post https://ioactive.com/raspberry-pi-2350-hacking-challenge/

Full writeup: https://info.ioactive.com/acton/attachment/34793/f-e5160595-f1ec-4e2f-b650-ba856656db09/1/-/-/-/-/IOActive-RP2350HackingChallenge.pdf

I'm also going to be keynoting the HARRIS 2025 Hardware Reverse Engineering Workup at the Max Planck Institute for Security & Privacy in March

https://harris2025.mpi-sp.org/keynotes/

azonenberg@havequick:/tmp$ cat lulz.txt
2024-09-11 17:45 PDT
Successful extraction of RP2350 antifuse bits by FIB PVC

(Random text here to make hash bruteforcing harder)
fjoinzofkjpogkzpofzkpofkspofzpofkz
azonenberg@havequick:/tmp$ sha256sum lulz.txt
a76433af090ceb77b65b153285478bd615bdd51e26a3dd1d6a386b8e1f2ac362 lulz.txt

https://ioc.exchange/@azonenberg/113121829899435528

Story of a Pentester Recruitment 2025

https://blog.silentsignal.eu/2025/01/14/pentester-recruitment-2025-mushroom/

Happy #ZeroDay from your friends at Fortinet: Authentication bypass in Node.js websocket module
CVE-2024-55591 (CVSSv3.1: 9.8 critical) An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Please note that reports show this is being exploited in the wild.

Indicators of compromise include possible log entries, IP addresses used, and admin accounts created. cc: @GossiTheDog @wdormann @cR0w @briankrebs

#zeroday #patchtuesday #fortinet #vulnerability #CVE_2024_55591 #infosec #ioc #threatintel #infosec #cybersecurity #

Project: golang/go https://github.com/golang/go
File: src/cmd/compile/internal/reflectdata/reflect.go:1708 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/cmd/compile/internal/reflectdata/reflect.go#L1708

func NeedEmit(typ *types.Type) bool

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcompile%2Finternal%2Freflectdata%2Freflect.go%23L1708&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcompile%2Finternal%2Freflectdata%2Freflect.go%23L1708&colors=light

DOOM has now been ported to... a PDF!
(Works in browsers)
https://github.com/ading2210/doompdf

Micropatches Released for Windows "LDAPNightmare" Denial of Service Vulnerability (CVE-2024-49113)
https://blog.0patch.com/2025/01/micropatches-released-for-windows.html

Micropatches were issued for fully updated:
- Windows 11 v21H2
- Windows 10 v21H2, v21H1, v20H2, v2004, v1909, v1809, v1803
- Windows 7 - without ESU, or with ESU 1-3
- Windows Server 2012, Server 2012 R2 - without ESU
- Windows Server 2008 R2 - without ESU, or with ESU 1-4

We would like to thank Or Yair (@oryair1999) and Shahak Morag of @safebreach for sharing their analysis and proof-of-concept, which made it possible for us to create a micropatch for this issue. We'd also like to thank the original finder Yuki Chen (@guhe120).

Turns out snprintf() in old Windows C runtimes is documented to have the buffer overflow that no other implementations do. 🤔

https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/snprintf-snprintf-snprintf-l-snwprintf-snwprintf-l?view=msvc-170#remarks

Threat actors exploit a probable 0-day in exposed management consoles of Fortinet FortiGate firewalls https://www.orangecyberdefense.com/global/blog/cert-news/0-day-in-exposed-management-consoles-of-fortinet-fortigate-firewalls

TIL \ exists in ASCII literally so that ALGOL could write its Boolean operators in ASCII

https://en.m.wikipedia.org/wiki/ALGOL

Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/

Does anybody know how to prevent #clang from issuing calls to libc functions like `memset` in this case when compiling C programs? I have tried I don't know how many command line arguments to try to disable it but none worked at all.

Here you have an example program in #godbolt: https://godbolt.org/z/jheYoPWzj

These are the command line arguments I've tried to disable it:

-ffreestanding -disable-simplify-libcalls -fno-builtin -nostdinc -nostdlib -fno-builtin-memset -nostdlib++ -nostdinc++

Any idea?

Added the overlay-note-region-name-pending feature to the demo behind a feature-flag.

You can play with them at https://tmr232.github.io/function-graph-overview/?showRegions

Use `cfg-overlay-start: message` and `cfg-overlay-end` comments to denote the start and end of a region.