25 years later, #curl is now at 0 sscanf calls - and we do not allow new ones to get added

IBM i 7.5 TR 5 and 7.4 TR 11 are now GA - already installed on the first partitions here! 😀

For more information about the contents in the TR's, see these links:
https://www.ibm.com/support/pages/ibm-i-75-tr5-enhancements
https://www.ibm.com/support/pages/ibm-i-74-tr11-enhancements

#IBMi

NATO Secretary-General Mark Rutte delivered a speech recently, urging us to mentally prepare for war. It is worth your time to read the actual speech "But if we are not strong enough, if Putin and others would think that we cannot defend ourselves, then they might start to try to attack us. And already this is happening in the terrain of cyber" -> https://www.nato.int/cps/en/natohq/opinions_231348.htm

Yesterdays link to the Let‘s Encrypt blog dragged in some people who seem to think that CAs are unnecessary or even evil.

LE is s very small group who set out to improve the terrible CA situation and the fucking middle box corruptions.

They did that successfully with a budget that a medium sized city spends on its department for car license plates.

So, my advice: don‘t yell at people who made the world somewhat better or you‘ll soon run out of ones who try.💁🏻‍♂️

Reverse Engineering an STM32 firmware with radare2 https://medium.com/techmaker/reverse-engineering-stm32-firmware-578d53e79b3 #firmware #reverseengineering #radare2

CVE-2024-55557 - Weasis 4.5.1 https://www.partywave.site/show/research/CVE-2024-55557%20-%20Weasis%204.5.1

"let me use an AI and file another bug against #curl

https://github.com/curl/curl/issues/15736

A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. https://googleprojectzero.blogspot.com/2024/12/windows-tooling-updates-oleviewnet.html

Ever wanted to know what data #PowerShell or other programs send to AMSI. I wrote a C# COM server implementation that logs this data as a JSON string. Had some fun learning more about COM and .NET AOT with this little project https://github.com/jborean93/AmsiProvider

#PaloAltoNetworks
has just released a PANOS update, 10.2.13, which includes this interesting little fix. Looking at the portal logs from the management console or CLI I can't see any cleartext passwords being logged in regular or debug mode.

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-13-known-and-addressed-issues/pan-os-10-2-13-addressed-issues

Here's the slides to my PoC 2024 keynote "An insider perspective on the offensive industry": https://webdl.nso.group/OffIndustry-PDF.pdf

My apologies for the delay in publishing these.

Astalavista.com - Security Community - Relaunch 2024 https://forum.astalavista.com

The 7 Coolest Mathematical Discoveries of 2024
https://www.scientificamerican.com/article/the-7-coolest-mathematical-discoveries-of-2024/?utm_source=flipboard&utm_medium=activitypub

Posted into Scientific American @scientific-american-SciAm

Hear ye hear ye

The following instances will be offline briefly on Saturday, December 14 from 9am ET / 2pm UTC for approxmately 10 minutes:
infosec.exchange
infosec.town
infosec.pub
pixel.infosec.exchange
books.infosec.exchange
matrix/element.infosec.exchange
relay.infosec.exchange
meetup.infosec.exchange
video.infosec.exchange
infosec.press
infosec.place
fedia.io
fedia.social
elk,.infosec.exchange
infosec.space
convo.casa

The servers supporting these instances require a reboot. The Dell servers these instances run on take a very long time to boot, so I am estimating 10 minutes of downtime. It could be more, could be less.

We use live patches to minimize reboots needed for patching, however Ubuntu only provides livepatch support for a year, which is how long most of these systems have been running for.

In his latest blog, ZDI researcher Piotr Bazydło covers a pre-auth Arbitrary File Deletion vulnerability he discovered in the SolarWinds Access Rights Manager (ARM). It may not sound exciting, but it can lead to a local privilege escalation on domain-joined Windows machines. Read the details at https://www.zerodayinitiative.com/blog/2024/12/11/solarwinds-access-rights-manager-one-vulnerability-to-lpe-them-all

It's time for everybody's favorite: unsolicited advice!

In which I discuss the reality of the cybersecurity jobs market, and what you really should be doing to improve your chances.

https://taggart-tech.com/20241212-2025-jobs-guide/

Citrix Denial of Service: Analysis of CVE-2024-8534 https://www.assetnote.io/resources/research/citrix-denial-of-service-analysis-of-cve-2024-8534

Fixed the OpenGraph image on Shazzer it was bugging me. Then did a normalization vector to test it!

https://shazzer.co.uk/vectors/675add23a8574986b36cc848