IBM Power11 is coming, but not announced.
💙 #IBMi #rpgpgm #IBMChampion
https://www.rpgpgm.com/2024/11/ibm-power11-is-coming-but-not-announced.html
Hello #TROOPERS, we have opened the cfp (https://troopers.de/troopers25/contribute/) and ticket shop for next year's #TROOPERS25! Get your early bird until January 31st. Hope to see you in Heidelberg next near in June and looking forward to all your submissions!
We open sourced FastFeedParser, a high performance RSS, Atom and RDF parser in Python: https://github.com/kagisearch/fastfeedparser
This library powers Kagi Small Web (https://github.com/kagisearch/smallweb) and a few other initiatives at Kagi and is 10x-100x faster and more efficient at parsing feeds than existing alternatives!
Extracting Plaintext Credentials from Palo Alto Global Protect https://shells.systems/extracting-plaintext-credentials-from-palo-alto-global-protect/
Vulnerability names: this is log4shell. We named it this way because it's in log4j and gives you shell.
Threat actor names: this is HAIRY EEL, aka VIOLIN HIPPO, no relation to VEXING MACKEREL. Also known as APT-74, formely APT-C-92. We named it this way because he's a guy in Bulgaria
Thinking of participating in #Pwn2Own Automotive? ZDI's Connor Ford provides a detailed look at the internals of the #Kenwood DMX958XR. This is the first in a series detailing the attack surface of the IVI. Read all the details (and gander at the pics) at https://www.zerodayinitiative.com/blog/2024/11/18/looking-at-the-internals-of-the-kenwood-dmx958xr-ivi
ZDI-24-1514|CVE-2024-11393] (0Day) Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVSS 8.8; Credit: The_Kernel_Panic) https://www.zerodayinitiative.com/advisories/ZDI-24-1514/
Paged Out! #5 is out! Enjoy!
https://pagedout.institute/
And if you like the cover, check out the 8K wallpaper by Mark Graham (downloadable on our website)!
Finally got to publish the CVE for a "forever-day" path traversal in the .NET library DotNetZip affecting all releases since 2018. Enjoy, the PoC is in the patch! #CVE_2024_48510