SEC Consult SA-20241009-0 :: Local Privilege Escalation via MSI installer in Palo Alto Networks GlobalProtect (CVE-2024-9473)

https://seclists.org/fulldisclosure/2024/Oct/2

Palo Alto in 2018:
CVE-2018-10143 - Oops. We'd better fix the "path" parameter for convertCSVtoParquet.php

Palo Alto in 2024:
CVE-2024-9463 - Oops. We'd better fix the "ram" parameter for convertCSVtoParquet.php

Can someone get this thing to work? Is there any other option to spot gaps in padded fields on structs in C programs? https://github.com/arvidn/struct_layout

Mozilla is looking for a Staff Software Engineer (remote US/EU/CA ✨) working on sandboxing, hardening, crash-reporting, performance and integration with native widgets **on Linux**. As a staff-level position this will require strong technical and people skills, experience in C++ on Linux or Android. The team is distributed and amazing. Ask me in DM if you have any questions about Mozilla (I am *not* the hiring manager). Please apply at https://grnh.se/2c3dc0111us

a fedi instance just for people's pets

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. Update your Firefox ASAP https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ #infosec #security

"You're one of 31,081,179 people pwned in the Internet Archive data breach"

Somehow I didn't feel the same sense of pride with LinkedIn :)

The Reverse Engineering community has spoken. #Diaphora will be ported to #Ghidra in the next months. I would love to have it working properly by the end of the year, but I cannot be sure. So, no ETA for now.

Wow, Specter bypassed XOM and broke the PS5 hypervisor. Awesome work.

"Byepervisor: How We Broke the PS5 Hypervisor".

#ps5 #xom #hypervisor #byepervisor

https://hardwear.io/netherlands-2024/speakers/specter.php

I remember hackers breaking in to CALEA lawful intercept boxes to spy on each other over 20+ years ago..

IIRC They were default SunOS servers connected direct to internet, no patches or updates applied over the years. Once you mapped them you could wait for a known vulnerability and visit them again.

It’s always been terrible, and always been known. I want it to be taken seriously.

Edit: It may be closer to 30 years than 20, but “a long time ago”

Internet Archive hacked, data breach impacts 31 million users

https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/

As an IA user and donor I'm kind of glad this happened: passwords are properly hashed (bcrypt), there is a chance to improve security.

But anyone who decided they should hack IA of all things can (as we say around here) go and shit out a hedgehog.

Republicans,
Democrats,
Third party voters

People driven by totally incompatible political and religious ideologies,

Pineapple on pizza people,

People who hate pineapple on pizza and are incorrect,

🤜🏻🤛🏾 hating whomever hacked the Internet Archive

If people loosing access to their books when the vendor goes out of business was already bad, now the same thing is happening to cars: https://arstechnica.com/cars/2024/10/connected-car-failure-puts-kibosh-on-sale-of-3300-fisker-oceans/

I know, it is happening all over the place, merely with pieces of technology not quite as expensive. Maybe, just maybe, having basic functionality depend on external components isn’t such a great idea?

And since I don’t see “the market” ever discovering this, maybe some regulation is in order? Just so the next tech startup going out of business (or merely unwilling to support “outdated” hardware) isn’t an occasion to throw away tons of products in perfect working order.

How is this not illegal??? Cards Against Humanity is PAYING people who didn't vote in 2020 to apologize, make a voting plan

https://www.apologize.lol/

Also: "We formed a Super PAC and bought the personal voting records of every American citizen from a data broker we found on the internet. It’s pretty fucked up." WAT?!

Mozilla Firefox exploited zero-day: Security Advisory 2024-51 Security Vulnerability fixed in Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1
CVE-2024-9680 (critical severity) Use-after-free in Animation timeline

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.

See related @BleepingComputer reporting: Mozilla fixes Firefox zero-day actively exploited in attacks

#zeroday #vulnerability #firefox #mozilla #cve #CVE_2024_9680

Hang on to your seats, because this one's a wild ride. Literally.

Lamborghini Carjackers Lured by $243M Cyberheist

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom.

https://krebsonsecurity.com/2024/10/lamborghini-carjackers-lured-by-243m-cyberheist/

Horizon3: Palo Alto Expedition: From N-Day to Full Compromise
References:

• CVE-2024-5910 (CVSSv4: 9.3 critical, disclosed 10 July 2024 by Palo Alto Networks) Expedition: Missing Authentication Leads to Admin Account Takeover
• CVE-2024-9464 Expedition: Authenticated Command Injection
• CVE-2024-9465 Expedition: Unauthenticated SQL Injection
• CVE-2024-9466 Expedition: Cleartext Credentials in Logs

Daaaaaaaamn @hacks_zach, Zach Hanley at it again with the Palo Alto Networks vulnerabilities. In trying to find CVE2-2024-5910 in Expedition (a configuration migration tool from a supported vendor to Palo Alto Networks PAN-OS), he found CVE-2024-9464, CVE-2024-9465 and CVE-2024-9466. It appears that CVE-2024-9465 (unauth SQL injection) leads to leaking credentials via "users" and "devices" tables which contain password hashes and device API keys. This is the CVE-2024-9466.

#paloaltonetworks #expedition #vulnerability #CVE #vulnerabilityanalysis

New Project Zero issue:

dav1d integer overflow leading to out-of-bounds write

https://project-zero.issues.chromium.org/issues/42451651

CVE-2024-1580

I want the same drugs Mozilla leadership is taking. They sound too good to be left out!!!! AAHAHHAHAHAHAHHAHAHA My head is spinning from so much bullshit newspeak ahahahhahahahahahahahaha

"How do we ensure that privacy is not a privilege of the few but a fundamental right available to everyone? These are significant and enduring questions that have no single answer. But, for right now on the internet of today, a big part of the answer is online advertising."