We just released our Q2 & Q3 updates to the Mozilla Firefox Bug Bounty Hall of Fame. You can now find all the brilliant security researchers that helped secure Firefox in the last couple of quarters. https://www.mozilla.org/en-US/security/bug-bounty/hall-of-fame/. Thank you!

(The Mozilla web sites & services hacker hall of fame is continuously updated and available at https://hackerone.com/mozilla/hacktivity)

Generated docs for the latest #Ghidra 11.2.1 are now available at:

https://scrapco.de/ghidra_docs/

Differences from previous version:

https://gist.github.com/v-p-b/fb76fae8cbcb490a33039892c3feea9b

#Ghidra 11.2.1 released

What's New:
https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.2.1_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html

Change History:
https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.2.1_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html

Upcoming hardening in PHP https://dustri.org/b/upcoming-hardening-in-php.html

and here's how we worked on the recent #curl CVE from it first being reported until published earlier today: https://hackerone.com/reports/2764830

Dear Developers,

if you write #documentation, include the *context* where a piece of code/config/prayer/... should go, pretty please!

Thank you,

Your Fellow IT People

[oss-security] shell wildcard expansion (un)safety

https://seclists.org/oss-sec/2024/q4/56

[RSS] On the limits of time travel in the face of undefined behavior in C

https://devblogs.microsoft.com/oldnewthing/20241104-00/?p=110466

New assessment for topic: CVE-2024-35250

Topic description: "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ..."

"The ks.sys driver on Windows is one of the core components of Kernel Streaming and is installed by default ..."

Link: https://attackerkb.com/assessments/b966571c-c90a-4055-af54-ee6af8389f53

Exciting news! I’m starting X-Force’s new offensive research team (XOR) and hiring a security researcher. Want to work with researchers (like @fuzzysec and I) to find bugs, exploit popular targets, and share your work? Apply for this unique (remote) role 😊https://careers.ibm.com/job/21219320/security-researcher-san-jose-ca/

Don't threaten us with a good time

#ElonMusk #Twitter #Meme

Interested in accessing a binary as a CFG? @ArastehCma has a solid video showing how to access Ghidra's analysis as a CFG (with an awesome intro!):
https://www.youtube.com/watch?v=eTRo3xw1Gbs

Want to do the same thing in Binary Ninja? See below. (Spoiler: it's already exposed as one!)

Dutch researchers @midnightbluelab
found a critical zero-click vuln in a photo app enabled by default on Synology storage devices, putting millions of systems at risk of being hacked. They found Synology systems owned by police/law firms/critical infrastructure contractors online and all vulnerable to attack. Synology has called the vuln "critical" and issued a patch last week but apparently didn't notify customers. Synology devices don't have automated update capabilities. Here's my story: https://www.wired.com/story/synology-zero-click-vulnerability/

Early 2020 I wrote this blog post about how #Microsoft #OneDrive exports malformed #ZIP files that cannot be unzipped by widely-used tools (this only happens for large, > 4GB ZIP files):

https://www.bitsgalore.org/2020/03/11/does-microsoft-onedrive-export-large-ZIP-files-that-are-corrupt

Fast-forward 4.5 years, and Microsoft *still* hasn't fixed this!

Just ran into this again with a 6.5 GB file! Luckily the Fix-OneDrive-Zip tool by Paul Marquess helped me out again:

https://github.com/pmqs/Fix-OneDrive-Zip

#wtfZIP #wtfMicrosoft

Quick, release your #0day, US is preoccupied with the election! ;)

[RSS] iPod Clickwheel Games Preservation Project

https://hackaday.com/2024/11/04/ipod-clickwheel-games-preservation-project/

Was it a mistake to teach fonts how to think? https://github.com/nevesnunes/z80-sans

[RSS] Introducing lightyear: a new way to dump files in PHP

https://www.ambionics.io/blog/lightyear-file-dump

✍️ Debugging the Windows Hypervisor: Inspecting SK Calls by @dor00tkit

https://dor00tkit.github.io/Dor00tkit/posts/debugging-the-windows-hypervisor-inspecting-sk-calls/

Performance isn't the enemy of security: we care about both. Today's patches finish off a set of security/performance improvements to eBPF. Below we show a ~30x speedup vs vanilla in running the eBPF selftests with every single #grsecurity option enabled!