Anyone have security contacts at Google? One of their IP addresses is spamming my ssh server, apparently as part of a botnet. Seems someone got compromised.

34.71.138.230 is the guilty party.

I added disabling Recall to my HardeningKitty list:
https://github.com/0x6d69636b/windows_hardening

Disable Recall - User
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\WindowsAI]
"DisableAIDataAnalysis"=dword:00000001

Disable Recall - Machine (not yet official)
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsAI]
"DisableAIDataAnalysis"=dword:00000001

Introducing Honeykrisp: the world's first conformant Vulkan® 1.3 driver for Apple Silicon.

https://rosenzweig.io/blog/vk13-on-the-m1-in-1-month.html

Happy Birthday Whitfield Diffie, 80 years today!
https://alecmuffett.com/article/109902
#WhitfieldDiffie #encryption

It happened again. We accidentally broke another #hotel check-in #terminal. This time Mr O'Yolo triggered a problem, crashed the #Ariane Allegro Scenario Player and escaped the #kiosk mode, which enabled access to the Windows Desktop: https://www.pentagrid.ch/en/blog/ariane-allegro-hotel-check-in-terminal-kios-escape/ #itsecurity #infosec

@recon is hosting BlackHoodie again this year, with a training on Reverse Engineering Ransomware brought to you by the incomparable Suweera DeSouza and Alex Delamotte. Registration is still open https://blackhoodie.re/Recon2024/ please share!

🎉 Go 1.22.4 and 1.21.11 are released!

🔒 Security: Includes security fixes for archive/zip and net/netip

🔈 Announcement: https://groups.google.com/g/golang-announce/c/XbxouI9gY7k

⬇️ Download: https://go.dev/dl/#go1.22.4

#golang

“MediSecure declares insolvency following massive data breach” https://www.cyberdaily.au/security/10665-breaking-medisecure-declares-insolvency-following-massive-data-breach

Adobe introduces the One Click Stalin tool.

Ever wanted to feed the decompiled C code into source code analysis tools?
With rev.ng you can! 💪

We emits syntactically valid C code!

Here's a PoC did with Clang Static Analyzer. 😎

CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X https://www.horizon3.ai/attack-research/cve-2023-48788-revisiting-fortinet-forticlient-ems-to-exploit-7-2-x/

Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/

How does F5's Secure Vault, its "super-secure SSL-encrypted storage system" work? Response in this article by team member @myst404

https://offsec.almond.consulting/deep-diving-f5-secure-vault.html

🚨 New advisory was just published! 🚨

A vulnerability in the Linux kernel allows local attackers to escalate privileges on affected installations of Linux Kernel:
https://ssd-disclosure.com/ssd-advisory-linux-kernel-nft_validate_register_store-integer-overflow-privilege-escalation/