"Listing all processes keeping particular file open is not a trivial task but since Vista we have a special syscall parameter for such purpose. Microsoft says "reserved for system use" but I was brave enough to wrap it into PowerShell function. Enjoy!" @0gtweet

https://github.com/gtworek/PSBits/blob/master/Misc2/Get-PidsForOpenFile.ps1

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways

https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html?s=09

Next-Level Reversing: Binary Ninja+TTD

https://seeinglogic.com/posts/binary-ninja-ttd-intro/?s=09

Years ago, I created a bot that posted Sun Tzu quotes, if Sun Tzu had written about cyber war. When X closed up API access that bot broke, and it never was high on my list of priorities to bring here. Well, I just fixed that. May I introduce you to @SunTzuCyber, which posts every 6 hours. The posts are set up as unlisted/quiet public, so they won't show up in timelines unless you follow it.

There's a large number of #FreeBSD, #OpenBSD, and #illumos users out there.

We don't talk much because it "Just Works™"

I was not able to prove this for a very long time, so I used the most powerful weapon available out there: asking!

https://www.reddit.com/r/selfhosted/comments/1f1hr4m/unix_but_notlinux_club/

Did you ever found firmwares for Tricore or v850 architectures accessing addresses starting with 0xa.. instead of the 0x80.. one? after so much research I end up learning that this is handled by the mmu which applies a cache layer on top of the same memory range. In other words: IDA lies by fake the references by dropping the 3rd bit, ghidra can't handle this, and r2 is again the only tool able to properly define this memory layout.

https://community.infineon.com/t5/AURIX/About-the-issue-with-lsl-files/td-p/676113#.

I may be late to the party but today I’ve learned that ASML has installed a kill switch into an extreme ultraviolet lithography machine it has sold to TSMC, allowing it to be shut down if China invades Taiwan.

https://www.datacenterdynamics.com/en/news/asml-adds-remote-kill-switch-to-tsmcs-euv-machines-in-case-china-invades-taiwan-report/

What is AT&T doing at 1111340002?

https://scribe.rip/telecom-expert/what-is-at-t-doing-at-1111340002-c418876c212c?s=09

Implementing Kernel Object Type (Part 2)

https://scorpiosoftware.net/2024/08/31/implementing-kernel-object-type-part-2/?s=09

#windows

North Korean threat actor Citrine Sleet exploiting Chromium zero-day

https://www.microsoft.com/en-us/security/blog/2024/08/30/north-korean-threat-actor-citrine-sleet-exploiting-chromium-zero-day/?s=09

🚨 The Hungarian government introduced a National Card, allows Russian & Belarusian “guest workers” to enter country without security screenings. This policy follows closure of the controversial Russian-controlled International Investment Bank (IIB) or “spy bank,” has raised significant national security concerns.

Key points:
• The National Card system allows workers from Russia and Belarus, to enter Hungary WITHOUT a cap on numbers and without specific job restrictions.
• The card does not require proof of job demand & allows family reunification.
• projects like the Paks II nuclear plant, need for large numbers of Russian workers for project is questionable
• Security expert Rácz András warns policy opens a loophole similar to the IIB, potentially allowing large numbers of Russians to enter Hungary with NO oversight, posing a significant national security risk.
• Facilitate the movement of Russians within the Schengen zone, bypassing the restrictions faced by typical work permits.

https://t.co/S3KKZUf0V6

GitHub copilot seems to be high.

I typed "A simple hash function.", then autocomplete kicked in.

This is absolutely nuts. SQL Injection 101 attack on a site authorized by DHS for TSA vetting of known crew members. I’d bet there aren’t even audit logs that would be able to show if the system was tampered with.

How many other auxiliary sites with deep ties into critical infrastructure are this poorly secured?

https://ian.sh/tsa

/cc @briankrebs @dangoodin

"Just don't give a damn about what anybody else thinks of you!"

Well that is all nice and dandy, unless the 'anybody else' has the power and means to actively make your life harder.

Because at that point, you realize that not caring what anyone thinks is a privilege.

#ISaidWhatISaid

At the height of One Million Checkboxes's popularity I thought I'd been hacked. A few hours later I was tearing up, extraordinarily proud of some brilliant teens.

Here's my favorite story from running OMCB :)

https://eieio.games/essays/the-secret-in-one-million-checkboxes/

In light of the issue page for CVE-2024-5274 being made public. Me and @buptsb
have decided to make our exploit public. It's a bit different than the issue page POC.
https://github.com/mistymntncop/CVE-2024-5274/blob/main/exploit.js

I was happy to be quoted alongside security research leaders like @dustin_childs and @haifeili on the challenges with (good-faith) coordinated vulnerability disclosure. https://www.csoonline.com/article/3491353/is-the-vulnerability-disclosure-process-a-glitch-in-itself-how-cisos-are-being-left-in-the-dark.html

The Project Zero issue tracker moved to another platform *checks notes* one week after the bot started, so there will be some downtime until we adjust.

Stay tuned!

https://project-zero.issues.chromium.org/issues

You can now use the ANGR decompiler with radare2. The old angr integration was renamed to r2angr-io.
Install it like this: r2pm -ci r2angr