[RSS] [Microsoft] Toward greater transparency: Publishing machine-readable CSAF files

https://msrc.microsoft.com/blog/2024/11/toward-greater-transparency-publishing-machine-readable-csaf-files/

Down since the archive had to retool, emulation in the browser at @internetarchive is BACK.

A quarter million programs and growing can run free again.

But all anyone cares about is our #1 title:

https://archive.org/details/msdos_Oregon_Trail_The_1990

NIST standardisation organisation says that systems must phase out non-quantum-resistant cryptography by 2035. RSA, ECDSA, ECDH disallowed as insecure. https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8547.ipd.pdf

Improving Steam Client stability on Linux: setenv and multithreaded environments

https://ttimo.typepad.com/blog/2024/11/the-steam-client-update-earlier-this-week-mentions-fixed-some-miscellaneous-common-crashes-in-the-linux-notes-which-i-wante.html

"Ross Anderson had agreed with his publisher, Wiley, that he would be able to make all chapters of the 3rd edition of his book Security Engineering available freely for download from his website. These PDFs are now available there." 🎉 💔

https://www.cl.cam.ac.uk/archive/rja14/book.html

(As noted at: https://www.lightbluetouchpaper.org/2024/11/12/sev3-download/ )

Why chatbots are terrible for search, and why retrieval augmented generation doesn't fix that: https://buttondown.com/maiht3k/archive/information-literacy-and-chatbots-as-search/ by @emilymbender
#generativeAI

Happy #PatchTuesday from Citrix:

• NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-8534 and CVE-2024-8535
  • CVE-2024-8534 (CVSSv4: 8.4 high) Memory safety vulnerability leading to memory corruption and Denial of Service
  • CVE-2024-8535 (CVSSv4: 5.8 medium) Authenticated user can access unintended user capabilities
• Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069
  • CVE-2024-8068 (CVSSv4: 5.1 medium) Privilege escalation to NetworkService Account access
  • CVE-2024-8069 (CVSSv4: 5.1 medium) Limited remote code execution with privilege of a NetworkService Account access

Please see the advisories for the prerequisites for each vulnerability.

#Citrix #NetScaler #CVE #vulnerability #infosec #cyberesecurity

Microsoft:
The BinaryFormatter type is dangerous and is not recommended for data processing... BinaryFormatter is insecure and can't be made secure.

Citrix:
We have the facts and we're voting Yes for using BinaryFormatter for processing data in our product.

CVE(s) TBD...

https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/

"Tomorrow, 10am, BinaryFormatter dies."
\o/

https://bsky.app/profile/blowdart.me/post/3lapy5gaou22h

Micropatches Released for Remote Registry Service Elevation of Privilege Vulnerability (CVE-2024-43532)
https://blog.0patch.com/2024/11/micropatches-released-for-remote.html

Check out the Snapshot Manager (https://github.com/d0mnik/binja_snapshot_manager), the latest community-plugin (https://github.com/Vector35/community-plugins ). That brings the total plugins in the plugin manager up to 166. How long before we break 200?!

Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1 https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-when-to-create-custom-gdts-part-1-143fe45777eb

New assessment for topic: CVE-2024-9464

Topic description: "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. ..."

"Note: While this is an authenticated exploit, CVE-2024-5910 affects the same versions and allows an attacker to reset the admin password to allow authentication. ..."

Link: https://attackerkb.com/assessments/911948de-467d-4804-b97d-d943203fae60

Happy Patch Tuesday to those who celebrate.

vArmor

vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.

https://github.com/bytedance/vArmor

[RSS] Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight

https://workos.com/blog/ruby-saml-cve-2024-45409

I will present about file formats at the CCC (ten years after 31c3's "Funky file formats").
https://speakerdeck.com/ange/funky-file-formats-31c3

#China has officially unveiled its new 5th-generation stealth fighter, the J-35A, at the Zhuhai Air Show

Images show a comparison with the US F-35.

The J-35A is a customized copy of the F-35. China hacked a British defence company and stole the F-35 blueprints a number of years ago. This is the result of that.

We've just released our 2024-Q3 edition of ThinkstScapes: https://thinkst.com/ts

For this issue, we went through ~5000 info-sec research talks, papers, presentations & blogs.

The website includes PDF & ePub links (and a brief audio summary).

As always: completely free...

Amazon has confirmed a data breach impacting employee data.

The confirmation comes after a hacker claimed to leak data from a bunch of major organizations, including Amazon, which they say is linked to last year's MOVEit mass-hacks

https://techcrunch.com/2024/11/11/amazon-confirms-employee-data-stolen-after-hacker-claims-moveit-breach/