Debian Users - Be aware the maintainer of the KeePassXC package for Debian has unilaterally decided to remove ALL features from it. You will need to switch to `keepassxc-full` to maintain capabilities once this lands outside of testing/sid.

You are Offline
Dont panic
Look around
Interact with reality

artist unknown

#streetart #graffiti #mural #WallArt #online #internet

LangSec Bug of the Year Discovery awards
https://langsec.org/spw24/bug-of-the-year.html?s=09

Printer Hacking talk from nullcon by @bl4sty

https://m.youtube.com/watch?v=2Lg2JgJUKmA&s=09

[RSS] Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 1

https://medium.com/@clearbluejar/everyday-ghidra-symbols-prescription-lenses-for-reverse-engineers-part-1-d3efe9279a0b

[RSS] Digging for SSRF in NextJS apps

https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps

[RSS] Advisory: Next.js SSRF (CVE-2024-34351)

https://www.assetnote.io/resources/research/advisory-next-js-ssrf-cve-2024-34351

We are glad to announce that our #IBMi research will be presented at multiple prestigious conferences this June:

At @WEareTROOPERS we will show how pentesters can adopt their Windows/*nix experiences to the platform, and discover new vulnerabilities in native IBM i programs:

https://troopers.de/troopers24/talks/7sfsbf/

At @recon will dive deep into the architecture to understand its security features and present foundational tools for low-level research:

https://cfp.recon.cx/recon2024/talk/AT399C/

National Health Service England (NHS): Possible Exploitation of Arcserve Unified Data Protection (UDP) Vulnerabilities
NHS England reports possible N-day exploitation attempts of Arcserve UDP following the release of proofs of concepts for 3 vulnerabilities:

• CVE-2024-0799 (9.8 critical) authentication bypass
• CVE-2024-0800 (8.8 high) path traversal vulnerability leads to arbitrary file upload
• CVE-2024-0801 (CVSS score pending) Denial-of-Service (DoS)

Tenable released proofs of concept: Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities

Based on the timeline, active exploitation occurred during an unpatched window of 8 days (13-20 March 2024)

cc: @campuscodi

#CVE_2024_0799 #CVE_2024_0800 #CVE_2024_0801 #Arcserve #eitw #activeexploitation

"Writing has been called the process by which you find out you don't know what you are talking about. Actually doing stuff meanwhile is the process by which you find out you also did not know what you were writing about." - from https://berthub.eu/articles/posts/a-2024-plea-for-lean-software/#trifecta

Fuck.

Hi friends,

The http://alt-text.org alt text library project needs a new leader, because I have brain cancer.

I would like to connect with the #accessibility dev community, something I have never figured out, probably in part for neurodivergence reasons. I want to hand the project off to a team or a leader if anyone is willing to take it over.

Github: https://github.com/alt-text-org
WIP MVP: a site designed for writing alt text with a private library: https://my.alt-text.org

Boosts appreciated

Microsoft PlayReady research by Security Explorations:

https://security-explorations.com/microsoft-playready.html

"We have come up with two attack scenarios that make it possible to
extract private ECC keys used by a PlayReady client (Windows SW DRM
scenario) for the communication with a license server and identity
purposes."

https://security-explorations.com/samples/wbpmp_id_compromise_proof.txt

I just got an AV alert from Defender, because gpupdate wanted to disable it (as I configured on my DC).

This wouldn't be as frustrating if Defender didn't kill all my performance by constantly scraping disks...

[RSS] Debugging WinDbg with Binary Ninja For Fun and Profit

https://binary.ninja/2024/05/02/debugging-windbg.html

[RSS] Pinball Fantasies DOS version reverse-engineering/porting project

https://donotsta.re/notice/AhTxZcoU2xkL7eQaky

New assessment for topic: CVE-2024-4215

Topic description: "pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability ..."

"pgAdmin is vulnerable to a multi-factor authentication bypass ([CWE-287](https://cwe.mitre.org/data/definitions/287.html)) whereby an attacker with knowledge of an account’s credentials can manage files and make SQL queries regardless of whether or not the account has been configured with MFA ..."

Link: https://attackerkb.com/assessments/40f2eb9e-ea23-4efe-8af8-87efff9250d7

New assessment for topic: CVE-2024-2044

Topic description: "pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code ..."

"pgAdmin versions <=8.3 are vulnerable to a path traversal vulnerability in the session handling logic ..."

Link: https://attackerkb.com/assessments/010cd2a6-6916-4678-a313-7fe079646dfc

went down to the hotel lobby to retrieve my dinner delivery in a yoga outfit + snuggly cardigan + face mask.

some men with #RSAC2024 lanyards exited the elevator as I re-entered; they turned back to look at me and one said (very loudly, very pointedly staring at me) to the other, “I was like, did you hire me a hooker?”

if you are a man attending #rsac, please shut that kind of shit down when your peers do it. let’s not let insecurity rule our #security industry.

This latest writeup by @joern mentions the #documentation of Go’s filepath.Clean is “not really obvious” when dealing with relative paths.

I think this is something all #golang devs should be aware of to avoid similar vulnerabilities.

The language is kind of amazing:

• Step 3. only applies if there is a parent path to be eliminated together with the subsequent “..” (“/foo/..” -> “/“)
• Step 4. only applies to “rooted” (absolute) paths, so “/../foo” would become “/foo”, but “../“ is left untouched (as there is no relative parent path to eliminate either).

This makes the docs technically correct (“the best kind of correct!”), but even with the solution at hand it took some head scratching to figure out the true meaning.