@neodyme Thanks for the mention! Do you have a list of affected vendors (and CVE's) that I could match with my records?

Following our #38c3 talk about exploiting security software for privilege escalation, we're excited to kick off a new blog series! 🎊
Check out our first blog post on our journey to 💥 exploit five reputable security products to gain privileges via COM hijacking: https://neodyme.io/blog/com_hijacking_1/

Project: golang/go https://github.com/golang/go
File: src/cmd/compile/internal/walk/assign.go:281 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/cmd/compile/internal/walk/assign.go#L281

func ascompatee(op ir.Op, nl, nr []ir.Node) []ir.Node

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcompile%2Finternal%2Fwalk%2Fassign.go%23L281&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcompile%2Finternal%2Fwalk%2Fassign.go%23L281&colors=light

@FuzzyAleks Yeah I was thinking about aggregating results somehow, but I think this way it's easier to post process

Results of the RP2350 Hacking Challenge are now public - I'm happy that my entry qualified as one of the winning breaks!

Also huge shout out to the other winners: @aedancullen, Kévin Courdesses, @ioactive & @hextreeio - awesome work!

Thanks for the challenge @raspberry_pi!

https://bird.makeup/@raspberry_pi/1879181804034498569

Harnessing Libraries for Effective Fuzzing by @2ourc3

https://github.com/20urc3/Publications/blob/main/Articles/LIB_HARNESS_GUIDE/README.md

Too Subtle to Notice: Investigating Executable Stack Issues in Linux Systems

https://huhong789.github.io/papers/ye:badass.pdf

Sharing an article with multiple non-trivial messages on Reddit didn't improve my trust in peoples ability to read.

I feel like gargron in 2022, so many new users with an underfunded budget 😅

I'm in talks with a few people who can help with our growth, but we could really use some more donations to help lessen the burden on my out of pocket expenses.

(It costs about 15k a year to manage pixelfed, and we're going on 7 years)

https://pixelfed.org/support-our-project

@freddy what can possibly go wrong...

From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 https://security.humanativaspa.it/from-arbitrary-pointer-dereference-to-arbitrary-read-write-in-latest-windows-11/

Anyway, here we go. Latest version of the 2025 (in)security appliance bingo adds CVE-2024-55591 / FG-IR-24-535 to the list. Thanks to watchTowr for reporting it, and thanks to @wiert @nadaka and @cisacyber for alerting me to it. https://cku.gt/appbingo25

Forensic question as a windows-noob. I am trying to look into an OLE2 "Compound File Binary Format" file. It seems to contain multiple streams that I can enumerate with e.g., https://github.com/microsoft/compoundfilereader but the actual data are so-called "steams" containing raw hex bytes. What exactly is a *stream*? Doesn't look like a file? Are there deeper decodings I should pursue? Is there a list of known serializations for e.g., arrays? I think the database contains sensor data.

[RSS] RCE in rsync, CVE-2024-12084 (and 5 more vulnerabilities)

https://www.openwall.com/lists/oss-security/2025/01/14/3

Just found a great definition in a 2002 paper: "A system is secure from a given user’s perspective if the set of actions that each actor can do are bounded by what the user believes it can do."

https://digitalassets.lib.berkeley.edu/techreports/ucb/text/CSD-02-1184.pdf

And thanks @sereeena and Marian Harbach for finding it.

Happy #PatchTuesday from Zyxel: Zyxel security advisory for improper privilege management vulnerability in APs and security router devices
CVE-2024-12398 (8.8 high) An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device.

There is no mention of exploitation.

#zyxel #cve #vulnerability #infosec #cybersecurity

Well dang CVE-2025-21298

This bug rates a CVSS 9.8 and allows a remote attacker to execute code on a target system by sending a specially crafted mail to an affected system with Outlook. The specific flaw exists within the parsing of RTF files.

https://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review

@sleepybisexual I generally hate to use Apple devices, but iPod Nano is an exception. To make them work you'll pbbly need a replacement battery and fight a bit with disassembly/soldering/reassembly, but that's also a kid-compatible activity. For a more hackable but pricy alternative check out Tangara!

Anyhow, if I'll have time I plan to write up why walkmans may be an even better option for kids!

@eniko Sluzzle Tag should be a more widely accepted tradition: https://theamazingworldofgumball.fandom.com/wiki/Sluzzle_Tag

who came up with january anyway? absolutely awful, useless month, 0/10