Anyone have security contacts at Google? One of their IP addresses is spamming my ssh server, apparently as part of a botnet. Seems someone got compromised.
34.71.138.230 is the guilty party.
I added disabling Recall to my HardeningKitty list:
https://github.com/0x6d69636b/windows_hardening
Disable Recall - User
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\WindowsAI]
"DisableAIDataAnalysis"=dword:00000001
Disable Recall - Machine (not yet official)
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsAI]
"DisableAIDataAnalysis"=dword:00000001
Introducing Honeykrisp: the world's first conformant Vulkan® 1.3 driver for Apple Silicon.
Happy Birthday Whitfield Diffie, 80 years today!
https://alecmuffett.com/article/109902
#WhitfieldDiffie #encryption
It happened again. We accidentally broke another #hotel check-in #terminal. This time Mr O'Yolo triggered a problem, crashed the #Ariane Allegro Scenario Player and escaped the #kiosk mode, which enabled access to the Windows Desktop: https://www.pentagrid.ch/en/blog/ariane-allegro-hotel-check-in-terminal-kios-escape/ #itsecurity #infosec
@recon is hosting BlackHoodie again this year, with a training on Reverse Engineering Ransomware brought to you by the incomparable Suweera DeSouza and Alex Delamotte. Registration is still open https://blackhoodie.re/Recon2024/ please share!
🎉 Go 1.22.4 and 1.21.11 are released!
🔒 Security: Includes security fixes for archive/zip and net/netip
🔈 Announcement: https://groups.google.com/g/golang-announce/c/XbxouI9gY7k
⬇️ Download: https://go.dev/dl/#go1.22.4
“MediSecure declares insolvency following massive data breach” https://www.cyberdaily.au/security/10665-breaking-medisecure-declares-insolvency-following-massive-data-breach
Ever wanted to feed the decompiled C code into source code analysis tools?
With rev.ng you can! 💪
We emits syntactically valid C code!
Here's a PoC did with Clang Static Analyzer. 😎
CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X https://www.horizon3.ai/attack-research/cve-2023-48788-revisiting-fortinet-forticlient-ems-to-exploit-7-2-x/
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/
How does F5's Secure Vault, its "super-secure SSL-encrypted storage system" work? Response in this article by team member @myst404
https://offsec.almond.consulting/deep-diving-f5-secure-vault.html
🚨 New advisory was just published! 🚨
A vulnerability in the Linux kernel allows local attackers to escalate privileges on affected installations of Linux Kernel:
https://ssd-disclosure.com/ssd-advisory-linux-kernel-nft_validate_register_store-integer-overflow-privilege-escalation/