A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. https://googleprojectzero.blogspot.com/2024/12/windows-tooling-updates-oleviewnet.html

Ever wanted to know what data #PowerShell or other programs send to AMSI. I wrote a C# COM server implementation that logs this data as a JSON string. Had some fun learning more about COM and .NET AOT with this little project https://github.com/jborean93/AmsiProvider

#PaloAltoNetworks
has just released a PANOS update, 10.2.13, which includes this interesting little fix. Looking at the portal logs from the management console or CLI I can't see any cleartext passwords being logged in regular or debug mode.

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-13-known-and-addressed-issues/pan-os-10-2-13-addressed-issues

Here's the slides to my PoC 2024 keynote "An insider perspective on the offensive industry": https://webdl.nso.group/OffIndustry-PDF.pdf

My apologies for the delay in publishing these.

Astalavista.com - Security Community - Relaunch 2024 https://forum.astalavista.com

To understand the reality of today both in tech and society as a whole it is important to realize the *adult people can't fucking read*

https://www.oecd.org/en/publications/survey-of-adults-skills-2023-country-notes_ab4f6b8c-en/hungary_c8c395ed-en.html

(Check below for more countries)

The 7 Coolest Mathematical Discoveries of 2024
https://www.scientificamerican.com/article/the-7-coolest-mathematical-discoveries-of-2024/?utm_source=flipboard&utm_medium=activitypub

Posted into Scientific American @scientific-american-SciAm

Hear ye hear ye

The following instances will be offline briefly on Saturday, December 14 from 9am ET / 2pm UTC for approxmately 10 minutes:
infosec.exchange
infosec.town
infosec.pub
pixel.infosec.exchange
books.infosec.exchange
matrix/element.infosec.exchange
relay.infosec.exchange
meetup.infosec.exchange
video.infosec.exchange
infosec.press
infosec.place
fedia.io
fedia.social
elk,.infosec.exchange
infosec.space
convo.casa

The servers supporting these instances require a reboot. The Dell servers these instances run on take a very long time to boot, so I am estimating 10 minutes of downtime. It could be more, could be less.

We use live patches to minimize reboots needed for patching, however Ubuntu only provides livepatch support for a year, which is how long most of these systems have been running for.

In his latest blog, ZDI researcher Piotr Bazydło covers a pre-auth Arbitrary File Deletion vulnerability he discovered in the SolarWinds Access Rights Manager (ARM). It may not sound exciting, but it can lead to a local privilege escalation on domain-joined Windows machines. Read the details at https://www.zerodayinitiative.com/blog/2024/12/11/solarwinds-access-rights-manager-one-vulnerability-to-lpe-them-all

It's time for everybody's favorite: unsolicited advice!

In which I discuss the reality of the cybersecurity jobs market, and what you really should be doing to improve your chances.

https://taggart-tech.com/20241212-2025-jobs-guide/

Citrix Denial of Service: Analysis of CVE-2024-8534 https://www.assetnote.io/resources/research/citrix-denial-of-service-analysis-of-cve-2024-8534

Fixed the OpenGraph image on Shazzer it was bugging me. Then did a normalization vector to test it!

https://shazzer.co.uk/vectors/675add23a8574986b36cc848

Forget PSEXEC: DCOM Upload & Execute Backdoor
https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor

#frombsky

I can't seem to get WebView2 working in a Visual Studio extension, so I'm dropping that effort for now.

If anyone knows how to do this, or actually wants Function-Graph-Overview in Visual Studio, let me know!

The number one skill required for learning any complex system is patience.

— Kelsey Hightower

#complexity

🚨 We are calling on all EU-based Mozillians to help us monitor Apple’s new browser choice screens.

Let’s hold Big Tech to account!

Anyone in the EU with an Apple device can join in this effort.

Learn more: http://mzl.la/49xJpvP

[RSS] Linux vDSO & VVAR - CVE-2023-23586 analysis

https://u1f383.github.io/linux/2024/12/11/linux-vdso-and-vvar.html

[RSS] X41 Reviewed Mullvad VPN

https://x41-dsec.de/news/2024/12/11/mullvad/

[RSS] Far From Random: Three Mistakes From Dart/Flutter's Weak PRNG

https://www.zellic.io/blog/proton-dart-flutter-csprng-prng

Incredible essay about the importance and challenges of digital archival by Maxwell Neely-Cohen, as well as the various imperfect strategies to achieve “century-scale” digital archives.

https://lil.law.harvard.edu/century-scale-storage/

"We picked a century scale because most physical objects can survive 100 years in good care. It is attainable, and yet we selected it because the design of mainstream digital storage mediums are nowhere close to even considering this mark."

1/

#archival