do you think this is an appropriate amount of spite to put into a reverse engineering project?

Sorry to say, archive.org is under a ddos attack. The data is not affected, but most services are unavailable.

We are working on it & will post updates in comments.

Microsoft published a report last month acknowledging the existence of a long running honeypot operation running on code.microsoft[.]com.

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/examining-the-deception-infrastructure-in-place-behind-code/ba-p/4124464

#microsoft #infosec #threatintel

"Microsoft has always taken the stance with vulnerabilities and attacks that once a device is compromised, all bets are off, and security boundaries are thrown out the window."

This is all well and good, except with #Recall attacker will get access to data that occurred (even temporarily) on your machine *before* the compromise happened.

https://www.bleepingcomputer.com/news/microsoft/microsofts-new-windows-11-recall-is-a-privacy-nightmare/

Your developers upload 0-day exploit documentation to VirusTotal.

#opsec

https://securelist.com/cve-2024-30051/112618/

Modern attacks on Google Chrome

https://www.youtube.com/watch?v=WouAptHlyC4

A heartbreaking moment that was saved by an SS photographer at Auschwitz II-Birkenau during the deportations of Hungarian Jews. It was taken 80 years ago, most likely in late May 1944. A little child finds a dandelion in the grass and is handing it or showing it to an older boy.
1/2

Heads up to anyone using facebook or insta: you'll receive a notification about your data being used to train AIs. The opt out process is deliberately convoluted and you have to fill out a form to object. This is what I wrote in mine, and the objection was immediately registered as successful, so feel free to copy.

Masto reply bores, this is not a post on which to fart out your opinions about Meta or AI or whatever. So don't. I'm sharing helpful info for people who need it, not for you.

idk i feel like it probably says something about our education system that people frequently have nightmares about being in it 20 years after the fact

#LangSec Bugs of the Year Awards results are in (still from X :P)!

“The Most Impactful Parser Bug Of The Year Award is given to the WebP 0day” - awarded to @benhawkes

“The hardest to fix parser bug goes to the http://Binarly.io team for the LogoFAIL bugs.”

“The Best Parser Differential Awards goes to the inconsistent interpretation of YAML foods between Go and Rust.” - There is a link on the captured slide, and I’m pretty sure it’s @joern ‘s bug, but I can’t find a proper CVE anywhere…seriously people, references!

“The Weirdest Machine Award goes to Ian Beer @i41nbeer @benhawkes and @saelo “

Full thread with runner ups:

https://x.com/jvanegue/status/1793801911650676915

Glider plug?? o.O

[RSS] Fuzzing the FreeBSD Kernel with Syzkaller and Nested Virtualization on a Linux Host

#fuzzing

https://secfault-security.com/blog/fuzzing_freebsd.html

[RSS] Samsung WB850F Firmware Reverse-Engineering

#ReverseEngineering

https://op-co.de/blog/posts/samsung_wb850f_firmware/

With the impending doom of ICQ in June and the new crappy version of Teams coming in July, I would like to post this meme one final time

#ICQ #Teams #Microsoft #MicrosoftTeams

Sierra On-Line accidentally included the source code to their AGI adventure game engine on some copies of Space Quest II. Its presence is not obvious but with enough sector sleuthing it is possible to recover about 70% of it. The recovered source code is peppered with illuminating comments regarding its history and authors. It can be examined in a GitHub repo linked in the article.

"The Space Quest II Master Disk Blunder"
https://lanceewing.github.io/blog/sierra/agi/sq2/2024/05/22/do-you-own-this-space-quest-2-disk.html

[RSS] SSD Advisory – NVMS9000 Information Disclosure

https://ssd-disclosure.com/ssd-advisory-nvms9000-information-disclosure/

AlligatorConEU returns to Krakow - Sept 5-6 (conference), Sept7 (BBQ+workshops)

https://alligatorcon.eu

Bribes for invites are game, as shown here by Clarissa:

[RSS] Inside the iOS bug that made deleted photos reappear

https://www.synacktiv.com/en/publications/inside-the-ios-bug-that-made-deleted-photos-reappear

Now that eating glue is a hot topic, I have a serious question:

This phenomenon seems to be prevalent in the US and as a European I have no idea how it works. Do you have glue that tastes good? You get high? Is it safe with specific kinds of glue?

We recently watched a Powerpuff Girls episode about this too (see pic), and unfortunately I failed to fulfill my kid's curiosity in the topic, please help!