Exploiting AMD atdcm64a.sys arbitrary pointer dereference - Part 3 https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-3/

This reads like RCE from the local broadcast domain to me but I am not in the MSRC hive mind so no idea why they call it "security feature bypass"
Perhaps UEFI is considered a security feature that can be bypassed?
🤔
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20659

Yesterday's Nobel Prize, in "physics," can be questioned as grotesque. Today's from Chemistry - fully justified. We are waiting for literature and "peace". Although we may have to wait a little longer for the latter, and there has never been a peace Nobel for nuclear weapons.

This year #Physics #NobelPrize was given to Hopfield and Hinton for their work on neural networks and machine learning.

Currently a lot of Physicists scratching their heads and wondering how machine learning is Physics, but:
* Physicists have taken Nobel prizes in Medicine and Chemistry a lot over the years, so I don't think it is fair for us to complain.
* Hopfield networks and Bolzmann machines are probably the two most "Physics adjacent" architectures for a neural network.

Overall, unexpected but well deserved.

https://www.nobelprize.org/prizes/physics/2024/press-release/

Current temperature of #physics mastodon, twitter et al. ;-)

#curl bug-bounty stats

(Including 84,260 USD payouts and 15.4% being valid reports.)

https://daniel.haxx.se/blog/2024/10/09/curl-bug-bounty-stats/

New sensitive breach: "AI girlfriend" site Muah[.]ai had 1.9M email addresses breached last month. Data included AI prompts describing desired images, many sexual in nature and many describing child exploitation. 24% were already in @haveibeenpwned. More: https://www.404media.co/hacked-ai-girlfriend-data-shows-prompts-describing-child-sexual-abuse-2/

Ivanti warns of three more CSA zero-days exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/

It's the spooky season, and #Microsoft and #Adobe have released their spookiest patches yet. Two bugs from Microsoft are under attack, and one looks strangely familiar. @TheDustinChilds breaks down the release and points out some deployment priorities. https://www.zerodayinitiative.com/blog/2024/10/8/the-october-2024-security-update-review

Happy #PatchTuesday from Microsoft: 5 ZERO-DAYS (2 exploited, all of them publicly disclosed)

• CVE-2024-43573 (6.5 medium) Microsoft Windows MSHTML Platform Spoofing Vulnerability (PUBLICLY DISCLOSED, EXPLOITED)
• CVE-2024-43572 (7.8 high) Microsoft Management Console Remote Code Execution Vulnerability (PUBLICLY DISCLOSED, EXPLOITED)
• CVE-2024-43583 (7.8 high) Winlogon Elevation of Privilege Vulnerability (PUBLICLY DISCLOSED)
• CVE-2024-20659 (7.1 high) Windows Hyper-V Security Feature Bypass Vulnerability (PUBLICLY DISCLOSED)
• CVE-2024-6197 (8.8 high) Open Source Curl Remote Code Execution Vulnerability (PUBLICLY DISCLOSED)

cc: @goatyell @mttaggart @hrbrmstr @ntkramer @iagox86 @zackwhittaker @dreadpir8robots @TheDustinChilds @neurovagrant @xorhex @campuscodi @briankrebs (remember to remove the mentions to avoid ReplyAll madness)

We can build the web that we want to see. Watch the recording of my talk from #XOXOFest!

https://www.youtube.com/watch?v=MTaeVVAvk-c

From HTTP request to ROP chain in Node.js! 🔥

Our latest blog post explains how to turn a file write vulnerability in a Node.js application into RCE – even though the target's file system is read-only:

https://www.sonarsource.com/blog/why-code-security-matters-even-in-hardened-environments/?utm_medium=mastodon&utm_source=twitter&utm_campaign=research&utm_content=social-why-code-security-matters-even-in-hardened-environments-241008-&utm_term=&s_category=Organic&s_source=Social%20Media&s_origin=mastodon

In response to my earlier post, some Twitter folks asked why I'm "so afraid of telemetry".

For one, it's because I've seen first-hand what ends up in it. Crash reporting is particularly bad: it's nearly impossible to reliably scrub of sensitive info - URLs, auth tokens, etc.

Worse, a lot of other "telemetry" is deliberately privacy-violating. "Don't worry, we only collect anonymized GPS routes". Except, you know, a buyer of this data can filter by tracks originating from my home.

But above all, I just don't want the mental burden of figuring this out for every piece of software I install, so I hate that it's the new norm.

If you want a peek at how I'm using your software, meaningfully ask, instead of sneaking it in on page 38 of the EULA.

TIL: AVX-512 supports an instruction implementing binary logic defined by a 3-input LUT. Sounds super handy.

https://arnaud-carre.github.io/2024-10-06-vpternlogd/