Entertaining and inspiring #pwn2own #xdev writeup 👏 (also from a few months back)

#Lorex 2K Indoor Wi-Fi Security Camera: RCE #Exploit Chain

https://github.com/sfewer-r7/LorexExploit

https://www.rapid7.com/globalassets/_pdfs/research/pwn2own-iot-2024-lorex-2k-indoor-wi-fi-security-camera-research.pdf

[RSS] This Week in Security: DEF CON Nonsense, Vibepwned, and 0-days

https://hackaday.com/2025/08/29/this-week-in-security-def-con-nonsense-vibepwned-and-0-days/

by Hackaday

Don't forget: this Friday, September 5th, is a #BandcampFriday and a #FairTradeMusicFriday!

https://IsItBandcampFriday.com
https://IsItFairTradeMusicFri.day

#FediMusic #Bandcamp #FairTradeMusic #Music #Musodon

KernelSnitch - Side-Channel Attacks on Kernel Data Structures

https://lukasmaar.github.io/slides/ndss25-kernelsnitch.pdf

@lethalbit schematic or summoning diagram?

@itgrrl No, this is not the topic of my question, and I think you are needlessly working yourself up on comments on the Internet.

Unrelated to the particular context this came up, is there a name for this? I've seen this behavior a bunch of times, esp. in IT!

RE: https://mstdn.io/@wolf480pl/115113655884602210

@FritzAdalis @da_667 I also think this causing trouble: https://techcommunity.microsoft.com/blog/microsoft-security-blog/a-new-modern-and-secure-print-experience-from-windows/4002645

@tmr232 oh yeah hidden persistent config fuckups are the best...

I think people often forget (or maybe never knew) that the CVSS scores provided by the NIST NVD are base scores and can be modified by organizations to better reflect their own situation.

For example, take a vulnerability that with a network attack vector and high impact to availability. Base score could be 9.3 (critical). But in your environment, let's say that system is not open to the Internet and would require access from an adjacent system. That could drop it to an 8.5 (high).

It's not a perfect system, but I think a lot of people start and end at the base scores.

https://nvd.nist.gov/vuln-metrics/cvss/v4-calculator

@ez converting handwritten notes to digital is also a useful learning iteration IME, and in the end you get best of both worlds!

Do the “unfashionable” thing: use pen and paper. https://medium.com/@rehmanmomin/the-unfashionable-art-of-actually-learning-things-0cc7359dbb88

🆕 PrivescCheck important change!

I killed PrivescCheck.ps1, well..., sort of...

Starting from now, the file is no longer available in the repository. Instead, it is now provided as a release file (more information in the README).

As you may already know, the file "PrivescCheck.ps1" is generated using a custom build script. This allows me to separate the code into multiple files and then gather and compress everything into a single one.

For a while now, I've been manually executing this script every time I wanted to push new features. This was nonsensical. So, I finally took the time to implement an automated workflow on GitHub so that release files are created automatically. Hopefully, this will save me some time in the long run. Also, it will serve as the base for an important feature I plan to implement. 😉

https://github.com/itm4n/PrivescCheck/releases

@tmr232

Happy #Skynet Day!

Pentagon ends Microsoft's use of China-based support staff for DoD cloud

'It blows my mind,' says SecDef The Pentagon has formally kiboshed Microsoft's use of China-based employees to support Azure cloud services deployed by US government agencies, and it's demanding Microsoft do more of its own digging to determine whether any sensitive data was compromised. …
#theregister #IT
https://go.theregister.com/feed/www.theregister.com/2025/08/29/pentagon_ends_microsofts_use_of/

@sassdawe Ummm I mean sure I could even use assembly programming to solve this problem, but I'm looking for a tool designed for this particular purpose :) (see jdt-codegen liked above)

I really wish Elastic released the submission they got to clear up what's going on with this alleged 0day...

https://www.reddit.com/r/netsec/comments/1n394gs/elastic_edr_0day_part_2_technical_details_and_the/

@raccoonformality well, not for long...

r2frida-6.0.2 is out! Shipping small fixes for breakpoints and remote filesystem access and removing the build dependency with NodeJS https://github.com/nowsecure/r2frida/releases/tag/6.0.2