[RSS] Finding Vulnerabilities in Firmware with Static Analysis Platform QueryX

https://blog.theori.io/finding-vulnerabilities-in-firmware-with-static-analysis-platform-queryx-ff9d02a3c349?source=rss-4b564abdafa3------2

New assessment for topic: CVE-2024-34102

Topic description: "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution ..."

"Note: This write up will focus on the impact that CVE-2024-34102 can have when combined with CVE-2024-2961 and how the two bugs can be used to achieve RCE ..."

Link: https://attackerkb.com/assessments/fd4b6425-8316-441d-bd58-b14f022873c9

Microsoft could have kept WordPad and extended its functionality, instead of increasing the complexity (and attack surface) of Notepad.

Notepad being braindead -- including having no recovery / history -- was a feature.

https://www.bleepingcomputer.com/news/microsoft/microsoft-notepad-to-get-ai-powered-rewriting-tool-on-windows-11/

Remember America!

https://youtu.be/32iCWzpDpKs

So Cisco really did drop a CVSS 10 on the day after the US election? I WAS FUCKING JOKING, CISCO!

it is always a pleasure talking with sharp people who know what they're doing

Possible Bird Strike? USN E-2C flies into a flock of seagulls while working the pattern at Pt. Mugu. Note the blowup it appears part of the wing starting to wrap around the prop #USN #mugu #ptmugu #e2c #avgeek #propeller #AWACS #aviation #nikon #photography #birdstrike #aviation #seagulls #flockofseagulls

Did you vote in America yesterday? If so, you just got doxed

This site takes voter records that can be hard to source and puts them all into one place. Name, address, voter history, for free. It turns voting into a privacy and security risk https://www.404media.co/voted-in-america-this-site-doxed-you/

We just released our Q2 & Q3 updates to the Mozilla Firefox Bug Bounty Hall of Fame. You can now find all the brilliant security researchers that helped secure Firefox in the last couple of quarters. https://www.mozilla.org/en-US/security/bug-bounty/hall-of-fame/. Thank you!

(The Mozilla web sites & services hacker hall of fame is continuously updated and available at https://hackerone.com/mozilla/hacktivity)

Generated docs for the latest #Ghidra 11.2.1 are now available at:

https://scrapco.de/ghidra_docs/

Differences from previous version:

https://gist.github.com/v-p-b/fb76fae8cbcb490a33039892c3feea9b

#Ghidra 11.2.1 released

What's New:
https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.2.1_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html

Change History:
https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.2.1_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html

Upcoming hardening in PHP https://dustri.org/b/upcoming-hardening-in-php.html

and here's how we worked on the recent #curl CVE from it first being reported until published earlier today: https://hackerone.com/reports/2764830

Dear Developers,

if you write #documentation, include the *context* where a piece of code/config/prayer/... should go, pretty please!

Thank you,

Your Fellow IT People

[oss-security] shell wildcard expansion (un)safety

https://seclists.org/oss-sec/2024/q4/56

[RSS] On the limits of time travel in the face of undefined behavior in C

https://devblogs.microsoft.com/oldnewthing/20241104-00/?p=110466

New assessment for topic: CVE-2024-35250

Topic description: "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ..."

"The ks.sys driver on Windows is one of the core components of Kernel Streaming and is installed by default ..."

Link: https://attackerkb.com/assessments/b966571c-c90a-4055-af54-ee6af8389f53

Exciting news! I’m starting X-Force’s new offensive research team (XOR) and hiring a security researcher. Want to work with researchers (like @fuzzysec and I) to find bugs, exploit popular targets, and share your work? Apply for this unique (remote) role 😊https://careers.ibm.com/job/21219320/security-researcher-san-jose-ca/

Don't threaten us with a good time

#ElonMusk #Twitter #Meme

Interested in accessing a binary as a CFG? @ArastehCma has a solid video showing how to access Ghidra's analysis as a CFG (with an awesome intro!):
https://www.youtube.com/watch?v=eTRo3xw1Gbs

Want to do the same thing in Binary Ninja? See below. (Spoiler: it's already exposed as one!)