New Parallels "victim"-assisted LPE 0day dropped due to ZDI not playing well with the reporter:
https://jhftss.github.io/Parallels-0-day/

I've confirmed that it works fine on Intel. Though ARM may require some retooling (if it's vulnerable)

[RSS] LSA Secrets: revisiting secretsdump

https://www.synacktiv.com/en/publications/lsa-secrets-revisiting-secretsdump

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 005b45b0

aes_gcm_ctrl

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F005b45b0.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F005b45b0.json&colors=light

ICYMI: I am now selling print books directly from my store. Buy print, get the ebook free.

Only Run Your Own Mail Server and Dear Abyss right now, but it's a start!

https://mwl.io/archives/23992

@dey OK it says "network debugging is supported" then lists no compatible NIC's :D

For educational purposes we disclose this recent hackerone report on #curl claiming its sprintf() implementation is bad because it can be made to deref a bad pointer when you use it incorrectly. You know, exactly how all sprintf() implementation work - by design.

This is not the first time we had this "flaw" reported. (I did not check the "AI slop" checkbox on this one)

https://hackerone.com/reports/2990139

It's so cold outside my balls are freezing off, yet the sun is shining so bright I can't read my screen because the wall behind it is white.

I could really use some climate change rn...

@dey problem is COM ports don't show up at all, independently from the debugger setup. kdnet NIC diagnostics seem useful though!

@dey no it's not me.

@dey umm, what do you think I should look at here?

Modern (11/2022) Windows Kernel Debug on Proxmox:

- I couldn't get NET to work so far, neither with virtio nor e1000 vNIC's

- Windows 11 refuses to recognize serial ports too, even with virtio drivers. It'd have been royal to use WinDbg from Store but :(

- Windows Server 2022 does recognize COM ports (maybe drivers can be transplanted to 11?)

- COM ports can be connected from the Proxmox host using socat as described here:

https://forum.proxmox.com/threads/two-windows-guests-communicating-via-serial-console-comn.67588/

- You should of course disable Secure Boot - you can do that in the VM's BIOS under Device Manager / Secure Boot Config / Attempt Secure Boot

TBC

Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russian intelligence services. https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger

I just pushed an update to logparse to detect the near-collision blocks (w/ no difference) of TextColl.
Thanks Marc!
https://github.com/corkami/collisions

The livestream on multi-hashcolls is up.
Covering the hashcoll tag in VT, specific file format structures, defanging files, Stevens' DetectColl, safe hashes...
https://www.youtube.com/live/1D6C6z_25cE?si=GmDi17uII1xj7rUi&t=33

Do I have anyone here who reads #Chinese and can help me with a story?...

[RSS] RSync: Heap Buffer Overflow, Info Leak, Server Leaks, Path Traversal and Safe links Bypass

https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj

CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087 CVE-2024-12088

[RSS] PaloAlto OpenConfig Plugin: Command Injection Vulnerability

https://github.com/google/security-research/security/advisories/GHSA-73px-m3vw-mr35

CVE-2025-0110

Valve releases full Team Fortress 2 game code to encourage new, free versions
Other Source games also get the Half-Life 2 anniversary update treatment.
https://arstechnica.com/gaming/2025/02/valve-releases-full-team-fortress-2-game-code-to-encourage-new-free-versions/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

TIL there is a non-stop Mythbusters channel on YT :O

https://www.youtube.com/watch?v=brUPUA0WNQ8

#Ghidra 11.3.1 is out, change log:

https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.3.1_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.md