I’m making a new religion that turns libraries into religious institutions and our most holy practice is going to the library and reading books. On the weekend we all get together and read silently together at the library. Our holy leaders are our librarians as they are guides to knowledge.

This way it makes it significantly harder to defund libraries. 😈

Introduction to XDP, eBPF and AF_XDP has been released on media.ccc.de https://media.ccc.de/v/osmodevcon2024-204-introduction-to-xdp-ebpf-and-afxdp

Issue #4 is out - enjoy!
https://pagedout.institute/?page=issues.php

Please share and tell your friends!

My latest for Wired. How researchers hacked time to crack an 11-year-old password protecting $3 million in cryptocurrency. They found a significant flaw in RoboForm's password manager that made its pseudo-random-number generator not so random. The flaw allowed famed hardware hacker Joe Grand to turn back time and cause the RoboForm password manager to believe it was 2013 and spit out the same passwords it generated back then. RoboForm says it fixed the flaw in 2015, but it appears it never told customers about it. This means that if any of RoboForm's current 6 million users are using passwords generated by the password manager prior to 2015, before the company silently fixed the flaw, they may have passwords that can be cracked in the same way .

https://www.wired.com/story/roboform-password-3-million-dollar-crypto-wallet/

WE DID IT. My new zine “How Git Works" is out now!

You can get it here for $12: https://wizardzines.com/zines/git

One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them.

“The routers now just sit there with a steady red light on the front,” one user wrote, referring to the ActionTec T3200 router models Windstream provided to both them and a next door neighbor. “They won't even respond to a RESET.”

Windstream’s Kinetic broadband service has about 1.6 million subscribers in 18 states, including Iowa, Alabama, Arkansas, Georgia, and Kentucky. For many customers, Kinetic provides an essential link to the outside world. After eventually determining that the routers were permanently unusable, Windstream sent new routers to affected customers.

A report published Thursday by security firm Lumen Technologies’ Black Lotus Labs may shed new light on the incident, which Windstream has yet to explain. Black Lotus Labs researchers said that over a 72-hour period beginning on October 25, malware took out more than 600,000 routers connected to a single autonomous system number belonging to an unnamed ISP.

https://arstechnica.com/security/2024/05/mystery-malware-destroys-600000-routers-from-a-single-isp-during-72-hour-span/

Why is it that security products that have the very important job of securing companies' network borders (SSL VPNs) have webgoat-like levels of security diligence?

CVE-2024-24919 is a Directory traversal.

One of the suggested mitigations was to buy another Check Point security product to protect this Check Point security product.

There is truly no bottom when it comes to these "security" products.
https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/

A shout out to librarians, libraries and library science -- and the practices of care, community and service which make up their democratizing force.

https://buttondown.email/maiht3k/archive/information-access-as-a-public-good/

Check Point: Attempted Zero-Day Exploitation: Important Security Update – Stay Protected Against VPN Information Disclosure (CVE-2024-24919)
Check Point warned on Monday 27 May 2024 of attacker attempts to gain unauthorized access to VPN products. They identified login attempts using old VPN local-accounts relying on unrecommended password-only authentication method. Check Point officially disclosed a sensitive information disclosure vulnerability tracked as CVE-2024-24919 (7.5 high):

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

This affects CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Spark Appliances versions: R80.20.x, R80.20SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, R81.20

View the following fix: Preventative Hotfix for CVE-2024-24919 - Quantum Gateway Information Disclosure

h/t to @serghei and @BleepingComputer for their initial news article. cc: @briankrebs @campuscodi @mttaggart @deepthoughts10 @dangoodin

#zeroday #CVE_2024_24919 #eitw #activeexploitation #VPN #CheckPoint #vulnerability #cve

Got root, what now? Practical post-exploitation steps on an F5 Big-IP appliance, by team members @drm and @myst404

https://offsec.almond.consulting/post-exploiting-f5-BIG-IP.html

We've all been laughing at the obvious fails from Google's AI Overviews feature, but there's a serious lesson in there too about how it disrupts the relational nature of information. More in the latest Mystery AI Hype Theater 3000 newsletter:

https://buttondown.email/maiht3k/archive/information-is-relational/

Hacked? Ticketmaster's terrible, horrible, no good, very bad week just got worse:

https://databreaches.net/2024/05/28/hacked-ticketmasters-terrible-horrible-no-good-very-bad-week-just-got-worse/

#databreach #infosec #Ticketmaster

@campuscodi

idk why people say funding OSS is difficult

do you think this is an appropriate amount of spite to put into a reverse engineering project?

Sorry to say, archive.org is under a ddos attack. The data is not affected, but most services are unavailable.

We are working on it & will post updates in comments.

Microsoft published a report last month acknowledging the existence of a long running honeypot operation running on code.microsoft[.]com.

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/examining-the-deception-infrastructure-in-place-behind-code/ba-p/4124464

#microsoft #infosec #threatintel

Your developers upload 0-day exploit documentation to VirusTotal.

#opsec

https://securelist.com/cve-2024-30051/112618/

A heartbreaking moment that was saved by an SS photographer at Auschwitz II-Birkenau during the deportations of Hungarian Jews. It was taken 80 years ago, most likely in late May 1944. A little child finds a dandelion in the grass and is handing it or showing it to an older boy.
1/2

Heads up to anyone using facebook or insta: you'll receive a notification about your data being used to train AIs. The opt out process is deliberately convoluted and you have to fill out a form to object. This is what I wrote in mine, and the objection was immediately registered as successful, so feel free to copy.

Masto reply bores, this is not a post on which to fart out your opinions about Meta or AI or whatever. So don't. I'm sharing helpful info for people who need it, not for you.