Remember kids, if a product says it using "FIPS 197 certified encryption", all it means is that they are using a library which was certified to correctly implement the algorithm.
The product vendor might be using a hardcoded key in ECB mode but they are still technically using "certified" encryption.
When reversing c++, my eyes quickly glaze over when it comes to exceptions and i tend to just ignore them. Itโs just house keeping code, for the most part. Right?
This hexrays feature to display wind/unwind blocks in a sane way looks immensely useful. Not only for getting hints about structure members and types , but because understanding object life times can be crucial for certain types of bug classes.
https://infosec.place/objects/44ae2d73-a400-417b-84f9-b03e99236d72
So cool to see my vulnerability research automation work integrated into such a powerful tool! Keep it up โ
https://infosec.exchange/@securefirmware/112937856513629704
Hacker dad who faked death to avoid child support sentenced to prison
Now he owes child support, plus about $80,000 to repair state death registries.
"No way to prevent this" say users of only language where this regularly happens
https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2024-5535/
During #Pwn2Own Automotive, the team from @Synacktiv used 2 bugs to take over the #Autel Maxicharger. Our latest blog takes a brief look at how they did it, and how Autel patched it.
https://www.zerodayinitiative.com/blog/2024/8/22/from-pwn2own-automotive-taking-over-the-autel-maxicharger
So Gartner is full of shit?
Color me not surprised.
Gartner does not do rigorous research. It is an MBA gospel cargo cult consultancy. They shouldn't be taken seriously.
https://www.economist.com/finance-and-economics/2024/08/19/artificial-intelligence-is-losing-hype
SolarWinds security advisory: Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)
Here we go again, another SolarWinds Web Help Desk vulnerability. I promise you this one is different:
CVE-2024-28987 (9.1 critical) The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
No mention of exploitation. Discovered by Zach Hanley, while not listed, is part of Horizon3. He indicated at the Bad Place that he will post a technical writeup next month. Stay tuned.
#SolarWinds #vulnerability #CVE_2024_28987 #cve #webhelpdesk
I'd really like to read a well researched article that sums up how Linux distros reacted to the massive influx of #Linux #kernel CVE that started ~half a year โ both for their #LinuxKernel packages and their live-patching offerings.
But I guess that is an enormous amount of work that no media outlet in this world is willing to pay anyone for writing. ๐
Slide taken from @gregkh's "Why are there so many kernel CVEs?" talk he gave at OSS China yesterday (https://social.kernel.org/objects/c9979d9f-399f-428b-ac56-c41598076dfa ) #LinuxKernel
I wrote a blog post on my adventures in writing a PE loader for the Xbox One exploit chain by @carrot_c4k3
There's not really anything new and this post was mostly an excuse to document how I fixed thread-local storage, but you might learn something!
I just released the blog explaining how I leveraged CVE-2022-22265 in the Samsung npu driver. Double free to achieve UAF over signalfd + cross cache + Dirty Page Table + code inject into http://libbase.so for execution by init. Hope you can enjoy it https://soez.github.io/posts/CVE-2022-22265-Samsung-npu-driver/