“MediSecure declares insolvency following massive data breach” https://www.cyberdaily.au/security/10665-breaking-medisecure-declares-insolvency-following-massive-data-breach

Adobe introduces the One Click Stalin tool.

Ever wanted to feed the decompiled C code into source code analysis tools?
With rev.ng you can! 💪

We emits syntactically valid C code!

Here's a PoC did with Clang Static Analyzer. 😎

CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X https://www.horizon3.ai/attack-research/cve-2023-48788-revisiting-fortinet-forticlient-ems-to-exploit-7-2-x/

Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/

How does F5's Secure Vault, its "super-secure SSL-encrypted storage system" work? Response in this article by team member @myst404

https://offsec.almond.consulting/deep-diving-f5-secure-vault.html

🚨 New advisory was just published! 🚨

A vulnerability in the Linux kernel allows local attackers to escalate privileges on affected installations of Linux Kernel:
https://ssd-disclosure.com/ssd-advisory-linux-kernel-nft_validate_register_store-integer-overflow-privilege-escalation/

https://scottarc.blog/2024/06/04/attacking-nist-sp-800-108/

#NIST #crypto #cryptography #kdf #prf #secuity #infosec

Boost Security Audit - Shielder https://www.shielder.com/blog/2024/05/boost-security-audit/

NEW: Fox Spy (3.3 GB)

Eight years of data from the Brazilian surveillance company Fox Spy, also known as Celular 007.

The spyware allows users to monitor phone calls along with SMS, WhatsApp and Facebook messages. The company's surveillance software also allows users to remotely activate the microphone and camera on a phone, as well as to monitor the device's screen

Due to widespread presence of PII, the data is only being made available to journalists and researchers

https://ddosecrets.com/wiki/Fox_Spy

Just because you get access denied accessing a folder, it doesn't mean you can't get access. A quick look at bypassing the security on the WindowsApps folder. https://www.tiraniddo.dev/2024/06/working-your-way-around-acl.html. This was inspired by a specific toot from @detective :)

Many, many years ago, a new specification called "XML" emerged. After a bit, people realized it was kinda useful for some stuff.

Then, something happened.

MANAGERS!

I imagine many conversations between managers / developers somewhat like this:

M: "So, what is the nice thing with #XML

D: "oh, it is a specification that simplifies stuff, since tools have a clean format to work with."

M: "So, what kinda specifications?"

D: "Oh, it can be more or less anything."

M: *starry eyed!* "an.. an... anything?"

I was teaching computer courses for companies at that point. Suddenly, my calendar was just packed with XML courses.

It is like very limited what you can teach, it is not really complex, so you talk surrounding technologies. But not...

"Our boss wants us to replace the SQL db with XML?"

"what?"

"We gonna use XML instead of MS SQL"

"... what?"

"He said XML can be used for anything..."

If you think companies with #AI plans have actual plans, with a strategy make sense, please think of this story.

Wheeeeeeeeeeeeeeee. Bye bye NTLM.

A Wireshark Lua Dissector for Fixed Field Length Protocols https://i5c.us/d30976

PSA: feel free to shitpost as much as you want on Mastodon, there’s a fair chance it will get scraped and used to train AIs.

I’m making a new religion that turns libraries into religious institutions and our most holy practice is going to the library and reading books. On the weekend we all get together and read silently together at the library. Our holy leaders are our librarians as they are guides to knowledge.

This way it makes it significantly harder to defund libraries. 😈

Introduction to XDP, eBPF and AF_XDP has been released on media.ccc.de https://media.ccc.de/v/osmodevcon2024-204-introduction-to-xdp-ebpf-and-afxdp

Issue #4 is out - enjoy!
https://pagedout.institute/?page=issues.php

Please share and tell your friends!