Taylorism is a management philosophy based on using scientific optimization to maximize labor productivity and economic efficiency.

Here's the result of making the false Taylorist assumption that the output of scientific research is scientific papers—the more, faster, and cheaper, the better.

Me to Microsoft: You can avoid a whole class of vulnerability if non-admin users can't create subdirectories off of the root directory. You should fix this.

MS: Nah.

Me: Well, you folks should probably at least run Crassus on your code.

MS: Nah.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38098

Reminder that my book—Rust Atomics and Locks—is freely available online: https://marabos.nl/atomics/ 😊

(If you read it, please leave a review on https://www.goodreads.com/book/show/63291820-rust-atomics-and-locks)

#rustlang

This is cool! https://quic.xargs.org/ [if you’re a security geek.]

Click on a few bubbles.

h/t @nelson

In our writeup https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation/ about CVE-2024-20693, we noted that Microsoft did not structurally address the trust of "$KERNEL.*" Extended Attributes on SMB shares. Today's Patch Tuesday addresses #CVE-2024-38133, doing the same thing again, but in this case even an USB disk would work!

I think this may be the first time we got an "Exploitation More Likely", so achievement unlocked I guess?

#Microsoft #vulnerability #Windows #PatchTuesday

Better late than never, patches from #Microsoft and #Adobe are finally out - and 6 bugs are under active attack. Check out all the details, including some wormable bugs, as @TheDustinChilds breaks down the release. https://www.zerodayinitiative.com/blog/2024/8/13/the-august-2024-security-update-review

Happy Patch Tuesday from Microsoft: 87 vulnerabilities, 7 zero-days (6 exploited)

• CVE-2024-38189 (8.8 high) Microsoft Project Remote Code Execution Vulnerability (exploited)
• CVE-2024-38107 (7.8 high) Windows Power Dependency Coordinator Elevation of Privilege Vulnerability (exploited)
• CVE-2024-38106 (7.0 high) Windows Kernel Elevation of Privilege Vulnerability (exploited)
• CVE-2024-38213 (6.5 medium) Windows Mark of the Web Security Feature Bypass Vulnerability (exploited)
• CVE-2024-38193 (7.8 high) Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability (exploited)
• CVE-2024-38178 (7.5 high) Scripting Engine Memory Corruption Vulnerability (exploited)
• CVE-2024-38199 (9.8 critical) Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability (publicly disclosed)

cc: @campuscodi @briankrebs @mttaggart @deepthoughts10 @cR0w @regnil @bschwifty @arinc629 @Cali @wvu @hrbrmstr @avoidthehack @bieberium @TheDustinChilds @dreadpir8robots (make sure to remove all the mentions to avoid ReplyAll madness)

#Microsoft #zeroday #vulnerability #eitw #proofofconcept #CVE #PatchTuesday

Fortinet security advisories for #PatchTuesday:

• FG-IR-22-445 CVE-2022-45862 (3.7 low) GUI Console WebSockets do not terminate on logout
• FG-IR-24-012 CVE-2024-36505 (5.1 medium) Real-time file system integrity checking write protection bypass
• FG-IR-22-047 CVE-2022-27486(6.7 medium) OS command injections in execute CLI commands
• FG-IR-24-255 RADIUS Protocol CVE-2024-3596 (Fortinet gives it a 6.5 medium) aka #BlastRADIUS
• FG-IR-23-467 CVE-2024-21757 (6.1 medium) Priviledged admin able to modify super-admins password
• FG-IR-23-088 CVE-2023-26211 (6.8 medium) XSS vulnerability in communications triggered in playbooks

No mention of exploitation. CVE-2024-3596 was publicly disclosed 09 July 2024.

#Fortinet #cve #vulnerability

Politico, the NYT, the WaPo, and others say they received hacked Trump campaign materials, but gave few details, a marked contrast to Clinton's emails in 2016 (David Bauder/Associated Press)

https://apnews.com/article/trump-vance-leak-media-wikileaks-e30bdccbdd4abc9506735408cdc9bf7b
http://www.techmeme.com/240813/p14#a240813p14

Why exploits prefer memory corruption

Thanks to @HalvarFlake and @chompie1337!

https://pacibsp.github.io/2024/why-exploits-prefer-memory-corruption.html

Zoho ManageEngine security advisories:

• Authenticated SQL Injection Vulnerability (CVE-2024-5527) fixed in ADAudit Plus build 8110 CVE-2024-5527 (vendor 8.3 high) authenticated SQL Injection in file auditing configuration
• Authenticated SQL Injection Vulnerability (CVE-2024-5487) fixed in ADAudit Plus build 8110 CVE-2024-5487 (vendor 8.3 high) authenticated SQL Injection in attack surface analyzer's export option
• Authenticated SQL Injection Vulnerability (CVE-2024-36518) fixed in ADAudit Plus build 8110 CVE-2024-36518 (vendor 8.3 high) authenticated SQL Injection in attack surface analyzer's dashboard

No mention of exploitation. Mitre and NVD only have publish dates from yesterday 12 August 2024, even though the Zoho advisories marked them fixed 14 June 2024. Zoho also doesn't indicate when the advisories were published. Happy #PatchTuesday

#Zoho #vulnerability #cve

‼️Big day! NIST publishes standards for next-generation cryptography (cipher, digital signature) understood as resistant to attacks with future quantum computers. Migration will not be a piece of cake, but there’s time. https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.203.pdf https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf

Seeking help from an IT security person - please share!

I run an open source, federated event sharing site, #Gathio (https://gath.io). A few days ago, it was victim to a ransomware attack that deleted the database. I need a few hours of someone's time (paid of course!) to sit with me and go through my security configuration ASAP.

Sometimes, running open source, free, community services _sucks_.