Wishing all my American friends strength today & for the future. Please hang in there!

Published a new article: Malicious extensions circumvent Google’s remote code ban

https://palant.info/2025/01/20/malicious-extensions-circumvent-googles-remote-code-ban/

Looking at 60 malicious extensions belonging to three groups here, still running remote code despite Google banning it in Manifest V3. “Fun” fact: some of these extensions have been featured on my blog in 2023, others on McAfee’s in 2022.

Recurring pattern: downloading rules and adding them to declarativeNetRequest API. The abuse potential here is enormous, including injecting malicious scripts into websites.

Only one extension went for essentially a custom programming language, others settled with simpler approaches. Luckily for me because the latter allows better guesses about what this functionality is meant for. Spoiler: ads and affiliate fraud. Also: affiliate fraud and ads.

Curious about Rust, fuzzing, and type systems? Interested in GSoC? Then LibAFL may have a project for you.

We are currently looking to implement a generic/associated-type bounds over-specification linter as a GSoC project this year. We have opened an RFC for developing such a project, and are looking for feedback from academics or professionals specialising in Rust tooling and type systems, so do please chime in if you're interested!

Would you buy my memecoin?

WTF #Microsoft?!

Alt+F4 is not closing #MicrosoftEdge I am stuck on the welcome screen.

There is no ❌ to click either, and right click close on the taskbar is ignored too.

This is fine.

Serious question: Is there an open-source 2D printer (the type with paper and ink)?

If not, why not? Is there some serious production bottleneck that only HP&co can meet?

periodic reminder for infosec folks: stop deciding things are done badly or "insecure" outside of the context of a threat model

it's disingenuous and irresponsibly ignores that security and cryptography are fundamentally about balancing risk tolerance and risk abatement

pwndbg 2025.01.20 Release

https://github.com/pwndbg/pwndbg/releases/tag/2025.01.20

"This release features LLDB support, improved performance, bug fixes and better embedded systems experience. Pwndbg can now run on macOS (both Intel & Apple Silicon) and allows for debugging Mach-O binaries."

Session Round 2

Earlier this week, I wrote a blog post succinctly titled, Don't Use Session. Two interesting things have happened since I published that blog: A few people expressed uncertainty about what I wrote about using Pollard's rho to attack Session's design (for which, I offered to write a proof of concept and report back with results), and Session wrote a blog claiming to rebut the claims made in that blog post.

http://soatok.blog/2025/01/20/session-round-2/

If you’ve recently installed Homebrew you may have installed a Trojan Horse if you used Google to find it
https://alecmuffett.com/article/110957
#HomographAttack #hacking #homebrew

Seems that new windows update bring some changes in NTFS as its no longer possible to delete folders with ::$INDEX_ALLOCATION allocation trick with DeleteFile api.

"Technology giants must do more to co-operate with law enforcement on encryption or they risk threatening European democracy, according to the head of Europol". She considered end-to-end encryption incompatible with democracy? https://www.ft.com/content/1e6a600d-8620-4ed6-a4cd-5c454d6247ba

New assessment for topic: CVE-2024-49112

Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability ..."

"CVE-2024-49112 is a critical vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service ..."

Link: https://attackerkb.com/assessments/07d80193-ab91-4495-ad6c-eeeb6ffbb112

[RSS] Microwatt goes multiprocessor

https://www.talospace.com/2025/01/microwatt-goes-multiprocessor.html

"Microwatt, the OpenPOWER VHDL softcore. Microwatt now runs on multiple FPGA boards or can be run (slowly) in simulation, and is capable of booting Linux"

Note to progressive politicians: If you don’t offer real solutions to problems, voters will follow people who offer fake solutions.

Austrian-born American actress and inventor Hedy Lamarr died #OTD in 2000.

At the beginning of World War II, along with George Antheil, Lamarr co-invented a radio guidance system for Allied torpedoes that used spread spectrum & frequency hopping technology to defeat the threat of radio jamming by the Axis powers. However, the technology was not used in operational systems until after World War II, & then independently of their patent.

https://en.wikipedia.org/wiki/Hedy_Lamarr

#science #technology #womeninStem

This is an interesting question re: the Windows file delete privesc vector published by ZDI:

Does FolderContentsDeleteToFolderDelete.exe Still Work on Windows 11 24H2? #8 - https://github.com/thezdi/PoC/issues/8

https://www.thezdi.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks

[RSS] Linux Kernel TLS Part 1

https://u1f383.github.io/linux/2025/01/20/linux-kernel-tls-part-1.html

Finally! https://sethmlarson.dev/how-to-disable-copilot-in-github

Thank you @harrysintonen for making me aware #github #copilot

In ~1h, we’ll explore the awesome and clever DOOM.PDF!
https://www.youtube.com/live/t17joAiWBkE?si=clV3nvyFZ5DjKQ5e