Hewlett Packard report that they are spotting AI-generated malware in the wild, not through complex analysis or watermarking, but because… it is weirdly well-commented. https://threatresearch.ext.hp.com/wp-content/uploads/2024/09/HP_Wolf_Security_Threat_Insights_Report_September_2024.pdf

I'm at about third of the 100 #Rust exercises and I think we just got to the "Draw the rest of the fucking owl" part 🖊

I find CVE-2024-40896 (Raptor/libxml2 XXE) very educational:

Based on the analysis[1] it's a nice example of Chesterton’s Fence[2], while its discovery[3] underlines the importance of automated testing for regressions and known dangerous behavior.

[1] https://www.openwall.com/lists/oss-security/2024/12/25/2 (thx @alexandreborges for sharing!)
[2] https://fs.blog/chestertons-fence/
[3] https://gitlab.gnome.org/GNOME/libxml2/-/issues/761

CVE-2024-40896 Analysis: libxml2 XXE due to type confusion

https://www.openwall.com/lists/oss-security/2024/12/25/2

#cve #linux #libxml2 #xxe #vulnerability #exploitation #bug #typeconfusion

Find your first zero-day vulnerability!

In this article, we want to share a step-by-step guide on how to run American Fuzzy Lop ++ (AFL++) to fuzz an open source target.
https://www.hackers-arise.com/post/exploit-development-fuzzing-with-american-fuzzy-lop-afl-to-find-zero-day-vulnerabilities
#AFL #Fuzzing #Hacking #ZeroDay

Safe #Rust AIN'T SAFE!? (cve-rs explainer)

https://youtu.be/vfMpIsJwpjU

🤣🤣🤣
[CVE-2024-40896][libxml2] XXE protection broken in downstream code
https://gitlab.gnome.org/GNOME/libxml2/-/issues/761
https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a8932303969907f6572b1b6aac4081c56adb5c6

"...bug should occur if you compile libraptor with the commit above and libxml2 2.11 or greater."

PoC:
https://git.libreoffice.org/core/+/cdda6533b44333b18d3dc6306dfd0f7058e40b32/unoxml/qa/unit/data/cve_2012_0037.rdf

🎄 All I Want for Christmas is a CVE-2024-30085 Exploit 🎄
As always, we at @starlabs_sg are sharing what we learnt. This time, it's brought to you by Cherie-Anne Lee

https://starlabs.sg/blog/2024/all-i-want-for-christmas-is-a-cve-2024-30085-exploit/

More than funds, what Wikipedia really needs is more good editors. The number of people who regularly edit articles in English Wikipedia hasn't grown substantially in years, while the number of articles has, and editor demographics remains skewed. The foundation itself largely stays away from editing, leaving it to volunteers. While articles that get a lot of attention are often good, it's not hard to find ones with biased and promotional content in less-visited topics, and in other languages.

Oh my god, I just learned of a hilariously obvious bug that Nintendo (of all companies) failed to fix.

So, NES & SNES games often have a problem with pressing left+right and up+down, at the same time. This is because that's not supposed to be possible. It's physically prevented from happening by the design of the controller itself.

Former NSA cyberspy's not-so-secret hobby – Xmas light hacks • The Register
https://www.theregister.com/2024/12/25/joyce_christmas_lights/

#frombsky

Elon Musk has ordered everyone to stop donating to Wikipedia.

I never started, until this morning.

https://donate.wikimedia.org is the link, if anyone feels like disobeying a direct order from a billionaire jerkwad.

Happy Holidays to my oncall buddies today. I wish you all a quiet and uneventful shift.

I survived #Whamageddon \o/

To avoid sudden dangerous drops of frustration during these peaceful Holidays I'm configuring Postfix.

#Christmas #MontyPython

What are the online #book stores that are neither a) monopolistic giants built on enshittification nor b) copyright bullies?

If I ask for a unicorn, which ones do at least give authors a more fair share for their work?

The slides for the keynote our Cristofaro Mune(@pulsoid) has given at @h2hconference
"False Injections: Tales of Physics, Misconceptions and Weird Machines" are now available here:

https://raelize.com/upload/research/2024/2024_H2HC2024_False-Injections-Tales-of-Physics-Misconceptions-and-Weird-Machines.pdf

Enjoy!

nice one, asus

https://www.windowslatest.com/2024/12/22/asus-bombards-windows-11-with-christmas-exe-malware-like-christmas-wreath-banner/

In light of the Crowdstrike outage over 5 months ago, what specific changes has your organization made to your enterprise security program? What changes to policies, procedures, training, alerting, testing, and your written IRP have you made? Please share!