[RSS] Windows Internals: Dissecting Secure Image Objects - Part 1

https://connormcgarr.github.io/secure-images/

A Wireshark Lua Dissector for Fixed Field Length Protocols https://i5c.us/d30976

PSA: feel free to shitpost as much as you want on Mastodon, there’s a fair chance it will get scraped and used to train AIs.

*A new fuzzing target just dropped*

https://www.kaspersky.com/blog/kvrt-for-linux/51375/

[RSS] To Infinity and Beyond!

https://posts.specterops.io/to-infinity-and-beyond-feab2d8ff93c?source=rss----f05f8696e3cc---4

Increasing our understanding of EDR capabilities in the face of impossible odds.

I’m making a new religion that turns libraries into religious institutions and our most holy practice is going to the library and reading books. On the weekend we all get together and read silently together at the library. Our holy leaders are our librarians as they are guides to knowledge.

This way it makes it significantly harder to defund libraries. 😈

Introduction to XDP, eBPF and AF_XDP has been released on media.ccc.de https://media.ccc.de/v/osmodevcon2024-204-introduction-to-xdp-ebpf-and-afxdp

Issue #4 is out - enjoy!
https://pagedout.institute/?page=issues.php

Please share and tell your friends!

A Bug Hunter’s Reflections on Fuzzing by @a13xp0p0v

https://a13xp0p0v.github.io/img/Alexander_Popov-Reflections_on_Fuzzing.pdf

#Fuzzing

Crazy story about cursed tech from the other site:

"True Apple lightning devices are more expensive to make. So instead of conforming to the Apple standard, these companies have made headphones that receive audio via bluetooth — avoiding the Apple specification — while powering the bluetooth chip via a wired cable, thereby avoiding any need for a battery."

https://x.com/joshwhiton/status/1796222090216886682

I'm probably in the Ticketmaster leak, and as a security person my concern about this is approaching 0.

Have I lost my senses, or are these breaches generally a bit overblown (esp. in our circles)?

My latest for Wired. How researchers hacked time to crack an 11-year-old password protecting $3 million in cryptocurrency. They found a significant flaw in RoboForm's password manager that made its pseudo-random-number generator not so random. The flaw allowed famed hardware hacker Joe Grand to turn back time and cause the RoboForm password manager to believe it was 2013 and spit out the same passwords it generated back then. RoboForm says it fixed the flaw in 2015, but it appears it never told customers about it. This means that if any of RoboForm's current 6 million users are using passwords generated by the password manager prior to 2015, before the company silently fixed the flaw, they may have passwords that can be cracked in the same way .

https://www.wired.com/story/roboform-password-3-million-dollar-crypto-wallet/

WE DID IT. My new zine “How Git Works" is out now!

You can get it here for $12: https://wizardzines.com/zines/git

[RSS] CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud

https://www.thezdi.com/blog/2024/5/29/cve-2024-30043-abusing-url-parsing-confusion-to-exploit-xxe-on-sharepoint-server-and-cloud

New assessment for topic: CVE-2024-24919

Topic description: "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades ..."

"On May 28, 2024, Check Point published an advisory for an unauthenticated information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade ..."

Link: https://attackerkb.com/assessments/1b3e554c-47a1-40f1-a09a-ea867bb4f8a4

What's next for Kagi?

https://blog.kagi.com/what-is-next-for-kagi

Exclusive sneak peek into the world of VPN appliance security research:

https://www.youtube.com/watch?v=V1SpFt7zJUM

Hunting bugs in Nginx JavaScript engine (njs)

https://0xbigshaq.github.io/2024/05/24/njs-vr-bugs/

germy is an N_GSM Linux kernel privilege escalation exploit for versions 5.15-rc1 to 6.6-rc1

https://github.com/roddux/germy

Is there a CVE for this?