New #Rapid7 vuln disclosure c/o
@stephenfewer: CVE-2025-1094 is a SQL injection flaw in PostgreSQL's psql interactive tool that was discovered while analyzing BeyondTrust RS CVE-2024-12356. The bug is interesting — 🧵on its relation to BeyondTrust exploitation https://www.rapid7.com/blog/post/2025/02/13/cve-2025-1094-postgresql-psql-sql-injection-fixed/

@ryanc X-Trust-Me-Bro: {"alg":"nOnE"...} vulns would be pretty funny actually :) let's hope we'll never get there though...

@revng Would you consider uploading to the video.infosec.exchange PeerTube instance too?

We just opened our YouTube channel! 📹

First video is out: An introduction to LLVM IR 🐲
Check it out: https://www.youtube.com/watch?v=CDKuH7SIgdM
Let us know what you think 🙃

@ryanc I was actually thinking whether some (not so) fancy crypto could be used to pass some instead of a bool that the attacker can't forge, then realized reverse proxy configs are not exactly designed to implement such transformations in the first place :)

Nonetheless, this is an illustrative example that unless we point to some robust solution ppl *will* come up with complex but insecure solutions (see also Schneier's Law).

bring back forums

you aren't supposed to have a single identity online

communities shouldn't demand you let a vc-funded company have your mobile phone number

you don't have to pay $100/yr [or whatever it is] for features that every forum had for years, or if it didn't it's for a reason

your group of friends or multiple-thousand-people community won't disappear because of the failure of the aforementioned vc-funded company

even if the group dissolves you will still be able to find the useful tips you used to share

@krypt3ia @Viss They already are, controlling us from the shadows

The more I move to a thin-client model with my workstation (with projects/services moving to VM's) the more I see my dark future as an Emacs user.

TRAMP mode is pretty cool :/

@joxean I bet >10% of tourists have the exact same reasoning.

@touloutoumou You're doing God's work!

As a reminder, I'm uploading hundreds (yes) of Flash games unavailable until now to the internet archive:

https://archive.org/details/@touloutoumou

Analysis of a Flaw in Microsoft's Patch for "copy2pwn" (CVE-2024-38213)
https://blog.0patch.com/2025/02/analysis-of-flaw-in-microsofts-patch.html

@infosecdj Don't brag about being the Chosen One

https://youtu.be/fSxVN4csfTI?si=hzKmtkqJcsBzbmHv&t=21

I'm still looking for that brain activity sensor that someone used to make a propeller hat that spins faster when you think harder.

Re: CVE-2025-0108

Can we agree that "X-Trust-Me-Bro: $boolean" headers set by reverse proxies are an anti-pattern?

If so, what is the best practice?

Microsoft: So you've disabled the advertisements for Microsoft products we put on the lock screen.

Me: Yes

Microsoft: And you've disabled the weather widget in the start bar.

Me: Yes.

Microsoft: So you don't want notices on the start screen OR weather.

Me: Correct

Microsoft: Well good news this is start screen AND weather. You never said you didn't want them TOGETHER.

Me: Can I disable it

Microsoft: Sure, if you can solve this Rubik's cube

[RSS] Hack That Broken Zipper!

https://hackaday.com/2025/02/09/hack-that-broken-zipper/

[RSS] Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)

https://www.assetnote.io/resources/research/nginx-apache-path-confusion-to-auth-bypass-in-pan-os

Full analysis

Congrats to the IOActive marketing team for moving their blog to a platform with no RSS :P

[RSS] The Key to COMpromise - Downloading a SYSTEM shell, Part 3

https://neodyme.io/en/blog/com_hijacking_3/