[RSS] Reverse Engineering iOS 18 Inactivity Reboot

https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html

[RSS] Redis CVE-2024-31449: How to Reproduce and Mitigate the Vulnerability

https://redrays.io/blog/redis-cve-2024-31449-how-to-reproduce-and-mitigate-the-vulnerability/

[RSS] Hungary confirms hack of defense procurement agency

https://therecord.media/hungary-defense-procurement-agency-hacked

I just published my writeups for all challenges of #flareon11:

👉 https://blog.washi.dev/posts/flareon11/

👉 https://washi1337.github.io/ctf-writeups/writeups/flare-on/2024/

Hope you like them as much as I liked writing them!

Astronomers have just discovered the first known "Einstein zigzag."

Due to a rare, lucky cosmic alignment, the combined gravity of two galaxies bent light like spaghetti & split a distant quasar into six different images.

This six-part image could allow a very accurate measure of the expansion of the universe.

https://www.science.org/content/article/first-known-double-gravitational-lens-could-shed-light-universe-s-expansion #science #space #astronomy #physics

To say something positive about LLM's the English auto subtitles on this documentary about #Hungarian #punks are *really* good:

https://www.youtube.com/watch?v=svc5ZjK-43o

OK so I'm going through YT videos about terminal emulators, seek randomly in one and guy talks about **privacy settings** then later the video has a section called **AI features** :O

Yeah I totally want a parrot on LSD finish my rm command!

Another serious question: why do terminal emulators need hardware acceleration? #ELI5

Device vendor placed deliberate backdoor in device, and doesn't provide updates anymore. Assuming no hacky stuff, if you want a not backdoored device you throw the one you bought in trash and buy a new one.

Can you sue in EU in 2024?

https://isc.sans.edu/diary/rss/31442

SANS ISC: Ancient TP-Link Backdoor Discovered by Attackers
@jullrich did you want to report this vulnerability to MITRE (or be credited)? Using CWE-912: Hidden Functionality and sekurak's entry as vulnerability details, this should be a quick CVE submission.

#tplink #backdoor #vulnerability #cve

It’s finally landed! You can now watch “Listen to the whispers: web timing attacks that actually work” on YouTube: https://youtube.com/watch?v=zOPjz-sPyQM

Could someone from @Rapid7Official shut this spammer up?

RE: https://infosec.place/objects/43b8b113-fa3b-4fcf-b893-e61261304e7e

Evasive ZIP Concatenation: Trojan Targets Windows Users

https://perception-point.io/blog/evasive-concatenated-zip-trojan-targets-windows-users/

Parser differentials FTW :)

[RSS] Cute trick to mark parts of a C structure read-only

https://dustri.org/b/cute-trick-to-mark-parts-of-a-c-structure-read-only.html

[RSS] Beyond good ol' Run key, Part 144

https://www.hexacorn.com/blog/2024/11/15/beyond-good-ol-run-key-part-144/

Hey #infosec folks, if you've bridged your account to #Bluesky using BridgyFed (https://fed.brid.gy/) let me know so I can add that bridged account to a starter pack there. 👍

Would be great to highlight the infosec people who are here, over there.

Boost around so I can nab everyone! 🚀

- Why was ollydbg discontinued?
- Not enough ollyfans

NEW: WhatsApp forced a judge to release previously non-public court documents, which include a ton of details on how NSO's spyware works.

The documents show how NSO targeted WhatsApp, the number of customers the company had to cut off because of abuse, and more.

Here are the biggest revelations.

https://techcrunch.com/2024/11/15/nso-group-admits-cutting-off-10-customers-because-they-abused-its-pegasus-spyware-say-unsealed-court-documents/