Part 2 of my series on Hypervisor-Managed Linear Address Translation (HLAT) is here: https://www.asset-intertech.com/resources/blog/2024/12/vt-rp-hlat-and-my-aaeon-alder-lake-core-i7-1270pe-board-part-2/. I used SourcePoint to pinpoint where HLAT is enabled on the p-cores of my AAEON Alder Lake board. Many thanks to @yarden_shafir, @aall86 and @standa_t for inspiration.

fuck you, 2024. I made it through \o/

Multiple vulnerabilities in CTFd versions <= 3.7.4 (CVE-2024-11716, CVE-2024-11717)

https://seclists.org/fulldisclosure/2024/Dec/21

Do these count as Cursed CTF tactics?

Looks like hyp3rlinx also got interested in #IBMi :)

https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_Server_Side_Request_Forgery_CVE-2024-51463.txt

https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_HTTP_Security_Token_Bypass-CVE-2024-51464.txt

(CVE-2024-51463, CVE-2024-51464)

[RSS] Security Bulletin: IBM PowerHA SystemMirror for #IBMi is vulnerable to multiple vulnerabilities in the PowerHA Web Interface [CVE-2024-55897, CVE-2024-55896]

https://www.ibm.com/support/pages/node/7180036?myns=swgother&mynp=OCSSPHQG&mynp=OCSWG60&mync=A&cm_sp=swgother-_-OCSSPHQG-OCSWG60-_-A

[RSS] Remote Memory Access in Linux

https://u1f383.github.io/linux/2024/12/28/remote-memory-access-in-linux.html

[RSS] The Feasibility of Using Hardware Breakpoints To Extend the Race Window

https://u1f383.github.io/linux/2024/12/29/the-feasibility-of-using-hardware-breakpoints-to-extend-the-race-window.html

[RSS] From Arbitrary File Write to RCE in Restricted Rails apps

https://blog.convisoappsec.com/en/from-arbitrary-file-write-to-rce-in-restricted-rails-apps/

[RSS] What does [it] mean to "Commit Params/Return"? #Ghidra

https://old.reddit.com/r/ghidra/comments/1hpom0c/what_does_mean_to_commit_paramsreturn/

Waymo (aka Google) admits that it trains its robotaxis to break the law. When WaPo reporter finds robotaxis fail to stop for pedestrians in marked crosswalk 70% of the time, Waymo says it follows "social norms" rather than laws.
Expert explains: When robotaxis obey law, they don't go fast enough to compete successfully with Uber, so Google execs ordered engineers to ignore laws.
https://wapo.st/3ZZDifm

Reminder: Tomorrow, @lavados, @lunkw1ll and I will give a talk at #38c3 about #Rowhammer at 12:00. If you want to check whether your computers are vulnerable to #Rowhammer, visit https://flippyr.am. Everything is open source! You can build our ISO and flash it onto your USB stick. If you're feeling lazy and trust us, come to Hall 3 by the palm tree and get a free USB stick with the ISO already flashed.

Can We Find Beauty in Tax Fraud? #38c3

https://streaming.media.ccc.de/38c3/relive/402

This looks fun!

'International Obfuscated C Code Contest' Will Relaunch, Celebrating 40th Anniversary https://developers.slashdot.org/story/24/12/29/1730224/international-obfuscated-c-code-contest-will-relaunch-celebrating-40th-anniversary?utm_source=rss1.0mainlinkanon

I have this PCB where circular solder points are perfect, while square ones ("negative legs") seem to have solder repellent fields around them.

Is this a known thing or my skill/material issue? If the former, how should I solder these things?

#soldering

Volkswagen's bad streak: They know where your car is, Chaos Computer Club says – and they don't know how to secure it properly. https://reynardsec.com/en/volkswagens-bad-streak-we-know-where-your-car-is/

In 10 mins: Dialing into the Past: RCE via the Fax Machine – Because Why Not?

https://events.ccc.de/congress/2024/hub/event/dialing-into-the-past-rce-via-the-fax-machine-because-why-not/

#38c3

I found the GitHub repo "A Compiler Writing Journey" and was glad to see the compiler building from the ground up - documented with each step in detail.

For any compiler enthusiast, these steps provide valuable insights worth sharing.

I'm making a memory-safe implementation of C/C++. It's called Fil-C. Currently working on making it fanatically compatible with C and C++ so that lots of programs can be made memory-safe with zero or minimal changes.

Learn more here: https://github.com/pizlonator/llvm-project-deluge/blob/deluge/Manifesto.md

Only 10 days left to submit your papers to #MADWeb and secure a spot to present your work in the sunny San Diego!

📅 Deadline: January 9, 2025 (AoE)
📜 Submit here: https://madweb25.hotcrp.com/
🔗 Website: https://madweb.work/

#CfP #websec #websecurity

i just discovered some really good software: SENinja https://github.com/borzacchiello/seninja

it lifts Binary Ninja's intermediate representation to a symbolic form and lifts it to an SMT2 representation, then feeds it to Z3

the user interface is like a debugger, except you get things like symbolic expression, or you can ask for which inputs will result in reaching a specific branch

this is so so so cool

https://doi.org/10.1016/j.softx.2022.101219