Going Minimal: 64×4, The Fun in Functional Computing

https://hackaday.com/2025/01/22/going-minimal-64x4-the-fun-in-functional-computing/

American History Twitter

@agreenberg "misspelling Ulbricht's last name" 😂

Trump pardons Ross Ulbricht after eleven years in prison. An incredible twist in the never-ending Silk Road saga.

https://www.wired.com/story/trump-frees-silk-road-creator-ross-ulbricht-after-11-years-in-prison/

There's a "Signal deanonymized" thing going around:
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117

Stay calm. Deep breaths.

👉 while this is a real consideration, the only thing the attacker gets from this is a very rough (kilometers or tens of kilometers radius) location

👉 other communication platforms that use any kind of caching CDN to deliver attachments are just as vulnerable

👉 you almost certainly should continue to use Signal, unless you specifically know that this is a big problem for you.

#Signal #InfoSec

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 00714db0

aesni_set_encrypt_key

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00714db0.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00714db0.json&colors=light

[oss-sec] AMD Microcode Signature Verification Vulnerability

https://seclists.org/oss-sec/2025/q1/45

"It looks like an OEM leaked the patch for a major upcoming CPU vulnerability"

[RSS] Why doesn't the Windows blue screen of death prominently identify the company that created the driver that crashed?

https://devblogs.microsoft.com/oldnewthing/20250121-00/?p=110788

Well that's a first. @ScepticCtf, @diff_fusion), & @SeTcbPrivilege of fuzzware.io used a power drill to gain access to a port and exploit the Autel MaxiCharger. They head off to explain their work - except for the drill - we understand that part. #P2OAuto

@SecurityWriter https://kiwix.org

Just upped my donation to my server (if you're on infosec.exchange, here's where to donate, straight from the llama's mouth: https://infosec.exchange/@jerry/109581969726975197 ).

If you're on some other server, find out who runs it, find out if they need financial support to help run it, and donate some money if you can. Servers don't grow on trees. Etc.

High level diff of iOS 18.3 beta 3 vs. iOS 18.3 RC 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/18_3_22D5055b__vs_18_3_22D60/README.md

Struggling to reverse Rust binaries? Cindy Xiao @cdxiao breaks down the Rust type system and shares practical techniques to reconstruct Rust structures. Learn how to tackle Rust malware & analyze binaries like a pro. #REverse2025 #ReverseEngineering #Rust #Malware

PSA FOR AUTHORS: some dipshit put a pirate edition of my latest book on Apple Books with a "50% OFF" medallion on the cover illo. They used an obscure unicode glyph in the author name so that searches for "Charles Stross" find it but the bookstore won't merge it.

Where there's one there'll be others!

My publisher's piracy team is handling it.

If you have a book that came out this year, beware! It's a relative of the IDN homograph attack only targeting ebook stores:

https://en.wikipedia.org/wiki/IDN_homograph_attack

CALLING ALL #demoscene MUSICIANS!

Our jury for Best Soundtrack could urgently use one or two more jurors - are you able to help out?
We reactivated our application form just for you! Thank you humbly, everyone!

https://2025.meteoriks.org/taking_part/juror/

It looks like oil paintings on wikipedia are being infected by phone camera software that automatically "fixes" skin textures.

HPE has confirmed it's investigating a data breach after a well-known hacker claimed to have stolen sensitive information from the company https://techcrunch.com/2025/01/21/hpe-investigating-security-breach-after-hacker-claims-theft-of-sensitive-data/

Why on Earth would you choose Ctrl-Break as a hotkey for anything in 2025?!

@wdormann @brucelawson

"And the people bowed and prayed
To the neon god they made
And the sign flashed out its warning
In the words that it was forming
And the sign said “The words of the prophets
Are written on subway walls
And tenement halls
And whispered in the sounds of silence”"

JetBrains security advisory: TeamCity 2024.12.1 Bug Fix Is Now Available
It's time for security theater as JetBrains announces a TeamCity update but refuses to tell us what vulnerabilities actually got fixed. 🤡 There are no release notes for 2024.12.1 at the time of this toot.
There is no dropdown option for TeamCity 2024.12.1 in Fixed security issues page. A CVE of "TeamCity" doesn't show any new CVEs since December 2024. On average, they update their security bulletin with CVEs 4-30 days after announcing security updates.

#jetbrains #teamcity #cve #vulnerability #infosec #cybersecurity