[RSS] Micropatches Released for Preauth DoS on Windows Deployment Service (CVE-2025-29957)

https://blog.0patch.com/2025/05/micropatches-released-for-preauth-dos.html

Good bathroom reads.

Unfortunately the #OpenStreetMap wiki is very slow today. We are fighting an aggressive web scraper bot. 10,000 of IPs involved. Randomised User-Agent. Ignoring robots.txt #aibot #ddos

Update: Fixed. We've been able to mitigate the bot traffic. #fail2ban

Looks like @bluehatil talks are online now, so here’s my talk for anyone who wanted to learn about the latest episode of KASLR and couldn’t make it: https://youtu.be/Dk2rLO2LC6I

It looks like Kerio Control was PWNed with a Pre auth RCE! We're going through the exploit now to see everything works like it should #TyphoonCon25

[RSS] CVE-2025-23009 & CVE-2025-23010: Elevating Privileges with SonicWall NetExtender

https://www.netspi.com/blog/technical-blog/red-teaming/elevating-privileges-with-sonicwall-netextender/

[RSS] The Windows Registry Adventure #8: Practical exploitation of hive memory corruption

https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-8-exploitation.html

The Junkyard - An End-of-Life Pwnathon is now open:

https://www.districtcon.org/junkyard

"We want you to bring your most impactful, creative, or most meme-worthy bugs in end-of-life (EOL) targets (both software or hardware), and demonstrate them live on stage."

Would you?

"In the Who Cares Era, the most radical thing you can do is care." – @dansinker
https://dansinker.com/posts/2025-05-23-who-cares/

"I miss the insanity of 80s processor design.

Intel’s iAPX 432 was a 'micromainframe'.

It had no general purpose registers, supported object orientation *directly*, and performed garbage collection on-chip." - Also by @lauriewired

https://threadreaderapp.com/thread/1925982635903398106.html

The i960 post by @kenshirriff is also worth checking out if you are interested in revolutionary architectures that just didn't really make it (while some concepts are still working in #IBMi and #CHERI I guess?):

https://www.righto.com/2023/07/the-complex-history-of-intel-i960-risc.html

"Want to recognize a song from just a few seconds of distorted audio? Use Constellation Maps." by lauiriewired

https://threadreaderapp.com/thread/1927474297909489852.html?s=09

A small slide deck for a 15 minute impulse talk at Cycon 2025 in Talinn: https://docs.google.com/presentation/d/1_3Iu74UijAjfSLHzqWDkDEaIwoB6WBSo9-mY5e0u0HM/edit?usp=drivesdk

[RSS] Inside GitHub: How we hardened our SAML implementation

https://github.blog/security/web-application-security/inside-github-how-we-hardened-our-saml-implementation/

[RSS] Remote Code Execution on Evertz SDVN (CVE-2025-4009 - Full Disclosure)

https://www.onekey.com/resource/security-advisory-remote-code-execution-on-evertz-svdn-cve-2025-4009

[RSS] MATLAB developer bringing systems back online following ransomware attack

https://therecord.media/matlab-developer-bringing-systems-online-ransomware

Hands off MATLAB!

🆕 New blog post! It's a rather short one, nothing crazy. Just wanted to share a random finding I made recently. 🤷‍♂️

'Hijacking the Windows "MareBackup" Scheduled Task for Privilege Escalation'

👉 https://blog.scrt.ch/2025/05/20/hijacking-the-windows-marebackup-scheduled-task-for-privilege-escalation/

#pentest #pentesting #redteam #windows #privilegeescalation

this is it -- GOOD INTERNET magazine is LIVE, BABY~ 🥂 🎊 🥳

https://goodinternetmagazine.com/
https://goodinternetmagazine.com/
https://goodinternetmagazine.com/

i present the spring 2025 issue of GOOD INTERNET, featuring stories by @binarydigit, @internetarchive, @Leilukin, @greg, @surprisetalk, and SO MUCH MORE!

with only 6.5 hours to go before my surgery, the website is now launched! you can order physical or digital copies of the magazine! :) there are some initial stories on the website now, but more are coming over the next week, so keep an eye on your RSS feeds!!

‼️quick note: pre-ordered print editions will begin shipping out this week (!!!) and digital editions will go out this week as well to emails!

🙏 THANK YOU SO MUCH to EVERYONE who helped with this. thank you to the contributors (like @robb/ @echofeed, & @adam/ @omgdotlol). thank you to the writers, thank you to everyone who thought about this project, shared it with others, and got the word out. i am so so so stoked to bring y'all this.

🕛 issue 2 is in the fall! :) get your submission ideas in!!

#html #css #web #indieweb #smallweb #socialmedia #internet #enshittification #website #webdev #webdesign #neocities #indie #zine #coding #code #personalweb #blog #blogging

[RSS] GhidraApple: Better Apple Binary Analysis for #Ghidra

https://github.com/reverseapple/ghidraapple