Happy #PatchTuesday from Citrix:

• NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-8534 and CVE-2024-8535
  • CVE-2024-8534 (CVSSv4: 8.4 high) Memory safety vulnerability leading to memory corruption and Denial of Service
  • CVE-2024-8535 (CVSSv4: 5.8 medium) Authenticated user can access unintended user capabilities
• Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069
  • CVE-2024-8068 (CVSSv4: 5.1 medium) Privilege escalation to NetworkService Account access
  • CVE-2024-8069 (CVSSv4: 5.1 medium) Limited remote code execution with privilege of a NetworkService Account access

Please see the advisories for the prerequisites for each vulnerability.

#Citrix #NetScaler #CVE #vulnerability #infosec #cyberesecurity

Microsoft:
The BinaryFormatter type is dangerous and is not recommended for data processing... BinaryFormatter is insecure and can't be made secure.

Citrix:
We have the facts and we're voting Yes for using BinaryFormatter for processing data in our product.

CVE(s) TBD...

https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/

"Tomorrow, 10am, BinaryFormatter dies."
\o/

https://bsky.app/profile/blowdart.me/post/3lapy5gaou22h

Micropatches Released for Remote Registry Service Elevation of Privilege Vulnerability (CVE-2024-43532)
https://blog.0patch.com/2024/11/micropatches-released-for-remote.html

Check out the Snapshot Manager (https://github.com/d0mnik/binja_snapshot_manager), the latest community-plugin (https://github.com/Vector35/community-plugins ). That brings the total plugins in the plugin manager up to 166. How long before we break 200?!

Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1 https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-when-to-create-custom-gdts-part-1-143fe45777eb

New assessment for topic: CVE-2024-9464

Topic description: "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. ..."

"Note: While this is an authenticated exploit, CVE-2024-5910 affects the same versions and allows an attacker to reset the admin password to allow authentication. ..."

Link: https://attackerkb.com/assessments/911948de-467d-4804-b97d-d943203fae60

Happy Patch Tuesday to those who celebrate.

vArmor

vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.

https://github.com/bytedance/vArmor

[RSS] Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight

https://workos.com/blog/ruby-saml-cve-2024-45409

I will present about file formats at the CCC (ten years after 31c3's "Funky file formats").
https://speakerdeck.com/ange/funky-file-formats-31c3

#China has officially unveiled its new 5th-generation stealth fighter, the J-35A, at the Zhuhai Air Show

Images show a comparison with the US F-35.

The J-35A is a customized copy of the F-35. China hacked a British defence company and stole the F-35 blueprints a number of years ago. This is the result of that.

We've just released our 2024-Q3 edition of ThinkstScapes: https://thinkst.com/ts

For this issue, we went through ~5000 info-sec research talks, papers, presentations & blogs.

The website includes PDF & ePub links (and a brief audio summary).

As always: completely free...

Amazon has confirmed a data breach impacting employee data.

The confirmation comes after a hacker claimed to leak data from a bunch of major organizations, including Amazon, which they say is linked to last year's MOVEit mass-hacks

https://techcrunch.com/2024/11/11/amazon-confirms-employee-data-stolen-after-hacker-claims-moveit-breach/

Exploiting KsecDD through Server Silos – SCRT Team Blog
https://blog.scrt.ch/2024/11/11/exploiting-ksecdd-through-server-silos/

SBFT'25 Fuzzing Competition

https://sbft25.github.io/tools/fuzzing

"Unlike previous years, we will favour fuzzers which are better at discovering novel edges and will accept existing fuzzers as submissions"

/by @addison

Happy to announce the SBFT'25 fuzzing competition! Unlike previous years, we will favour fuzzers which are better at discovering novel edges and will accept existing fuzzers as submissions, so there is no excuse to not join in :^)

Register and find details here: https://sbft25.github.io/tools/fuzzing

Just Windows things: https://devblogs.microsoft.com/oldnewthing/20050715-14/?p=34923

Here’s the recording of my Bluehat talk Pointer Problems - Why we’re refactoring the windows kernel https://youtu.be/-3jxVIFGuQw?si=3Q30ziJBBVv4ZbAU

[RSS] The case of a program that crashed on its first instruction

https://devblogs.microsoft.com/oldnewthing/20241108-00/?p=110490