Shitposting is valid pentesting apparently.

https://www.reddit.com/r/csMajors/comments/1i7v7hg/my_teams_intern_just_found_a_critical_bug_by/

Shellcode over MIDI? Bad Apple on a PSR-E433, Kinda

https://hackaday.com/2025/01/23/shellcode-over-midi-bad-apple-on-a-psr-e433-kinda/

...and here we go: Next entry in our bingo card is CVE-2025-23006 in SonicWall SMA1000.

Thanks, everyone, and remember: Current version lives at https://cku.gt/appbingo25

Project: microsoft/TypeScript https://github.com/microsoft/TypeScript
File: src/compiler/utilities.ts:4463 https://github.com/microsoft/TypeScript/blob/cbac1ddfc73ca3b9d8741c1b51b74663a0f24695/src/compiler/utilities.ts#L4463

function canHaveJSDoc(node: Node): node is HasJSDoc

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FTypeScript%2Fblob%2Fcbac1ddfc73ca3b9d8741c1b51b74663a0f24695%2Fsrc%2Fcompiler%2Futilities.ts%23L4463&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FTypeScript%2Fblob%2Fcbac1ddfc73ca3b9d8741c1b51b74663a0f24695%2Fsrc%2Fcompiler%2Futilities.ts%23L4463&colors=light

Daily life in 2025.

#AI #Tech #JustLetMeBe #FFS

SonicWall exploited zero-day: SMA1000 Pre-Authentication Remote Command Execution Vulnerability
CVE-2025-23006 (9.8 critical) Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.

IMPORTANT: SonicWall PSIRT has been notified of possible active exploitation of the referenced vulnerability by threat actors

cc: @goatyell @cR0w @GossiTheDog @briankrebs

#zeroday #CVE_2025_23006 #sonicwall #vulnerability #CVE #infosec #cybersecurity #eitw #activeexploitation

CVSS is dead to us

https://daniel.haxx.se/blog/2025/01/23/cvss-is-dead-to-us/

#curl

Nvm, I'm outta here until the daily rage minutes end...

How is HttpOnly not deprecated yet?

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 007060c0

ossl_gcm_stream_update

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F007060c0.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F007060c0.json&colors=light

Google Chrome security advisory: Stable Channel Update for Desktop
New version 132.0.6834.110/111 for Windows, Mac and 132.0.6834.110 for Linux includes 3 security fixes, 2 were externally reported. CVE-2025-0611 (high severity) Object corruption in V8 and CVE-2025-0612 (high) Out of bounds memory access in V8. No mention of exploitation.

#google #chrome #chromium #vulnerability #cve #infosec #cybersecurity

“Clang will now more aggressively use undefined behavior on pointer addition overflow for optimization purposes.” https://github.com/llvm/llvm-project/commit/c2979c58d49b

A whole lot of non-exploitable bugs may become exploitable pretty soon.

Microsoft is getting ready to do away with MFA for its web-based products. No, this is not clickbait.

Beginning in February, if you log in to a web-based service, Microsoft will keep you logged in by default. Go ahead and close the browser window, it doesn’t matter. You’re still logged in, unless you deliberately log out. Think about hotel computers, library computers. Think about women in an abusive relationship.

It’s no longer MFA if Microsoft reduces authentication to device authentication. They won’t be requiring proof of identity of the person in front of the screen.

If you sign in to a Microsoft web-based app on a computer that is ACCESSED BY OTHER PEOPLE, you are at risk.

ACTION STEP
Even though Microsoft is placing the notification at the top of the screen right now, there are people you know who won’t understand what it means. There are people who won’t even notice the message. Make sure your friends and family know how to explicitly sign out after every session on a shared computer.

One last note: Microsoft says that instead of logging out you can use private browsing (for example, Google’s incognito mode). I don’t recommend this option, because sometimes software doesn’t behave quite like the coder thinks it will. For the most reliable security, log out.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #privacy

Here's a video overview of Venture, the cross-platform Windows Event Viewer. Version 0.2.0 now has the ability to join multiple .evtx files into a single view!

https://www.youtube.com/watch?v=LSobpAWwNV8

Grab Venture here: https://github.com/mttaggart/venture/releases/

"CrowdStrike, Fortinet Get Price Target Hikes Amid Booming Cybersecurity Market"

Clearly the Clownstrike "incident" doom is already behind, and Fortinet product security is irrelevant to stock price :X

Episode 8478 of how the internet works

Cisco Zero-Day: ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
CVE-2025-20128 (5.3 medium) A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read.

The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.
The Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory.

Two more Cisco security advisories:

• Cisco Meeting Management REST API Privilege Escalation Vulnerability CVE-2025-20156 (9.9 critical)
• Cisco BroadWorks SIP Denial of Service Vulnerability CVE-2025-20165 (7.5 high)

These two do not mention proof of concept or exploitation.

#cisco #vulnerability #cve #infosec #cybersecurity

South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware.

https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 006a55e0

tdes_wrap_cipher

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F006a55e0.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F006a55e0.json&colors=light

I just went through @drawio 's homepage so I can throw some money at them, but I just can't because disrupting unhealthy markets is its own reward it seems:

https://www.drawio.com/about

These people are pretty cool!