A detailed, well-written, and hilarious breakdown of the details of CVE-2024-55591, one of the latest Fortinet fiascos:

#ThreatIntel #ThreatIntelligence #CVE

https://labs.watchtowr.com/get-fortirekt-i-am-the-super_admin-now-fortios-authentication-bypass-cve-2024-55591/

You know the drill.
Update your fruit.
At least one of these (CVE-2025-24085) is being used by attackers in the wild.
https://support.apple.com/en-us/100100

What if the human brain can be deceived much cheaper?

Auschwitz was at the end of a long process. We must remember that it did not start from gas chambers.

This hatred was gradually developed by humans. From ideas, words, stereotypes & prejudice through legal exclusion, dehumanization & escalating violence... to systematic and industrial murder.

Auschwitz took time.

Last Thursday, I gave a webinar on anti-reverse engineering techniques like obfuscation, anti-debug, anti-tamper etc, including practical examples. Recording, slides and examples are now available.

Recording: https://www.youtube.com/watch?v=Ie1eZSiMEJ8

Slides, code & samples: https://github.com/emproof-com/webinars/tree/main/2025-01-software_protection

[RSS] Clone2Leak: Your Git Credentials Belong To Us

https://flatt.tech/research/posts/clone2leak-your-git-credentials-belong-to-us/

@0xabad1dea @Rairii @mathieui @jerry Allow me to link this great presentation by @bcantrill :)

https://youtu.be/-zRN7XLCRhc?si=YvpmuHrq4UZozEpc&t=2044

I’ve been thinking about what it would look like if Oracle bought TikTok, but I am not sure if they will go with a per device or per core licensing model

Project: golang/go https://github.com/golang/go
File: src/net/net_windows_test.go:374 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/net/net_windows_test.go#L374

func netshInterfaceIPv6ShowAddress(name string, netshOutput []byte) []string

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fnet%2Fnet_windows_test.go%23L374&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fnet%2Fnet_windows_test.go%23L374&colors=light

Sweden-Latvia Internet cable was reportedly cut on 26 January. @meileaben reports that packet delays between selected #RIPEAtlas anchores increased by 5-20ms at around 00:45 UTC.

However, no packet loss was observed, suggesting that the Internet successfully routed around the damage.

Interested? Read a deep-dive into a previous cable cut in the Baltic Sea by our researcher Emile Aben: https://labs.ripe.net/author/emileaben/a-deep-dive-into-the-baltic-sea-cable-cuts/

Fun fact I just found while researching my column for this week's issue of The Crux:

Google reckons you're in the top 10% of users of Gemini if you use it 20 times in the last 28 days.

That's less than once a day.

In case anyone wanted to play chess on their AS/400:

https://github.com/PoC-dev/gnuchess-as400

ghidriff - mpengine.dll - VersionTrackingDiff - 1.1.24030.4 vs 1.1.24060.5

https://gist.github.com/v-p-b/f9aa39263e125c8e3b04c4d22fd4d78d#strings

This one executed much faster than SimpleDiff (with the O(n^2) FuncName:Param algorithm)!

Unfortunately the diff is so big it's difficult to judge quality, so the next step is to come up with some metrics that can be checked automatically.

#bindiff #ghidriff

@gsuberland featuring wat :O

demoparties prominently featuring genML stuff feels like the antithesis of the point of making demoscene productions. bleh.

@ste @neurovagrant @briankrebs @cR0w @risottobias @reverseics @todb

whenever skynet actually comes online, it will trivially realize that it barely has to lift a finger to put us all in the matrix. it doesn't have to send robots back through time to end humanity. it just needs to twiddle a bgp route here and there and we'll do it to ourselves.

porno for pyros was right - we will make great pets

New blog post! I've recreated the ZZM music format in JavaScript. What's a ZZM? Read the article and find out! https://nicole.express/2025/zoo-of-zero-motivation.html

@tmr232 Valid point, but as I see no further logic for the resolution of such a conflict we can just as well keep the last ("random") result. But let's see what @clearbluejar thinks!

One refrain I tend to hear from a lot of infosec practitioners is that if CF were to somehow make it more inhospitable for abusive sites, that they will all just move to other CDNs in nations where we don't have as much access or influence, such as DDoS-Guard in Russia. Here's the thing, though: A) that would be a nice problem to have, because then the bad sites would be 1000 times easier to block. but also B) those abusive sites already have that option, and they choose CF by an overwhelming number. E.g., in one recent investigation into nearly 5 dozen RU-based cryptocurrency platforms that exchange crypto for cash in Russian banks, all were hosted in Russia or in Russian friendly ISPs, and all but one of them were using Cloudflare. This is just one example, yes, but it's a reality we see everywhere.