Ransomware Diaries Volume 7: “I Had to Take the Guilt For Everyone” – The Kaseya Hacker Breaks His Silence

https://analyst1.com/ransomware-diaries-volume-7-i-had-to-take-the-guilt-for-everyone-the-kaseya-hacker-breaks-his-silence/

“The enjoyment of one's tools is an essential ingredient of successful work.”
#DonaldKnuth

farads per isopropyl wipe

Reading all these posts about AIxCC challenge. Quite interesting and exciting material. What bothers me is saying the agents have deep understanding and next that they get stuck and need many attempts to get over the problems. This normalization of properties that don't really exist bothers me, you see it everywhere. LLMs can't think, don't have real understanding of anything. That doesn't mean they can't be very useful tools for certain domains.

Curious how a bug in Linux’s ipset subsystem could lead to full kernel compromise?

In our new article, we revisit CVE-2024-53141 to break down the bug, explore the memory layout, and show how it can be turned into a powerful privilege escalation.
Read it here: https://ssd-disclosure.com/linux-kernel-netfilter-ipset-missing-range-check-lpe/

Thank you to everyone who made it out for my DEF CON 33 presentation, "Shaking Out Shells With SSHamble", you can find the materials online at https://hdm.io/decks/MOORE%20-%20Shaking%20Out%20Shells%20With%20SSHamble.pdf

This deck includes some lightly-censored zero-day and I recommend tossing `sshamble scan -u root,admin,guest 22,24442,2222,70,222,10022,10399,2022,22222 --interact=all` at your local network to see what shakes out =D

(PS. You can find most of my presentations at https://hdm.io/)

Finally a useful magic quadrant

Thanks to @wendynather for the discovery.

#cybersecurity #vulnerability

On a fresh #Linux install in 2025...

Reinforcement learning makes LLM bullshit more.
https://machine-bullshit.github.io

[RSS] Creating the longest possible Ski Jump in The Games: Winter Challenge

https://mrwint.github.io/winter/writeup/writeup2.html

[oss-security] CVE-2025-55188: 7-Zip: Arbitrary file write on extraction, may lead to code execution

https://seclists.org/oss-sec/2025/q3/82

🐧🏆 Linux just bagged a Pwnie with my CVE—well, technically multiple rejected CVEs 😏 Congrats!

📜 BTW, MITRE is still investigating my -4.6 Dispute Resolution- request… submitted back in June. 🗓️⏳

If you want an ebook of some public domain work, either:

1. Check standardebooks.org before Gutenberg. They clean up books from Gutenberg with sane typography and print design.

2. Consider buying a "Dover Thrift Editions" version of the ebook. Many fly-by-night ebook "publishers" are turning a quick buck on selling you a Gutenberg edition. Dover is a real publisher, even in print, and their well-formatted ebooks of public domain works are usually under $4, or even less.

Happy Zero Cool Day

I wonder how things are going right now in the universe where IBM chose CP/M for the IBM PC instead of MS-DOS.

(Like… with computers. I mean.)

I've been wrestling with #Ghidra's decompiler API and a slight hangover for a couple of hours now (even invoking LLM's!). Turns out I wrote up the gist of the solution 5 years ago:

Ghidra Decompiler Notes (from 2020)
https://gist.github.com/v-p-b/5be986dfe494249374cecf058d4dd41c

I definitely have to find a better place to host this...

#TIL that last month some dimwits at Ventegus Anti-Piracy GmbH (likely on behalf of Hex-Rays?) submitted a #DMCA (Copyright) Complaint to #Google to remove these two pages from search results:

https://0xdeadbeef.info/augur/augur/
https://0xdeadbeef.info/augur/src/haruspex/lib.rs.html

See for yourself:
https://lumendatabase.org/notices/54378675

Not that I care, but WTAF...

I am in this picture.. and I like it :-) #why2025

CVE-2025-48708: #ghostscript can embed plaintext #password in encrypted #PDFs 😶

https://www.openwall.com/lists/oss-security/2025/05/23/2

Debian 13 "trixie" has been released, thanks to everyone involved! "trixie" images are available for download at https://www.debian.org/distrib/ or you can run apt full-upgrade as always ;-) #debian #debian13 #trixie #ReleasingDebianTrixie