Instagram is rolling out nude detection in private DMs; will automatically blur images it believes are nudes, including in end-to-end encrypted chats because the processing is done on device, Meta says https://t.co/apymwAhqqW pic.twitter.com/rUQqlMdiVp

— Joseph Cox (@josephfcox) April 11, 2024

I love CIA memoirs about the 1960s. The guy is carrying an M1 & webbing heading to upcountry Laos, but is content that his cover is good because “I had read several books on rice growing in Southeast Asia, the paddy and mountain varieties.” pic.twitter.com/rfIrNLT38Q

— Shashank Joshi (@shashj) April 11, 2024

The xz backdoor was removed: https://t.co/pZuTn9KANt

— Malcore (@Malcoreio) April 11, 2024

As it was discovered and made public, I can finally say I had this universal KASLR bypass since 2020, and I patiently saw many discussions about the effectiveness of KASLR. I said nothing, not only because it was still a 0day, but because it's interesting to see how people are so… https://t.co/AmUe5QcMPs

— Anderson Nascimento (@andersonc0d3) April 11, 2024

17 yrs of KASLR bypasses was a total waste of time 🫤https://t.co/i2GhsNemwj

— c0m0r1 (@c0m0r1) April 11, 2024

How did I find it at the time? I started to do Linux kernel exploitation almost a decade ago and there were plenty of kernel addresses leaked on the filesystem. It was way easier. Later, I had a vulnerability that would be easier to exploit if I had a KASLR bypass before…

— Anderson Nascimento (@andersonc0d3) April 11, 2024

What I mentioned is just the general idea. The actual commands I used probably had something to filter out false positives, and anyway, I am patient. If the name of the files are printed out, you discard a lot of matches. Also, if there were a way to obtain randomized kernel…

— Anderson Nascimento (@andersonc0d3) April 11, 2024

It seems there has been an interesting incident related to the n_gsm vector of the Linux kernel.

While it's still unclear who is right and who is wrong, one thing can be asserted: my bug will soon be patched, and I need more caffeine. 😂https://t.co/23Wwtwmqis pic.twitter.com/KlNQnVql5h

— fffvr (@FFFVR_) April 11, 2024

instagram can't figure out the most basic aspects of catfish scam moderation to save its life. but if there's one thing it knows how to do, it's detect a tiddie https://t.co/leGGNdrOsn

— Samantha Cole (@samleecole) April 11, 2024

I'm excited to announce that the technical analysis and the exploit of my CVE-2023-6546 (ZDI-24-020)
Linux Kernel GSM Multiplexing Race Condition LPE is now available on : https://t.co/bk4yjCMtdl

Happy Reading#Cybersecurity #Vulnerability #CVE #InfoSec #exploit #Security

— Pikala (@p1k4l4) January 16, 2024

A friend observed “the Russians are in deep shit now!”https://t.co/cDJeGjud8G

— Rob Joyce (@RGB_Lights) April 10, 2024

Deanon is claiming to have the original version of Pegasus that works on all versions of Android and iOS. The pricing for the lifetime access is $ 1,500,000 👀 A few days later, Deanon offered the subscription model for Pegasus Panel.
Around April 10, Apple started sending email… pic.twitter.com/PQHMLcLnof

— RussianPanda 🐼 🇺🇦 (@RussianPanda9xx) April 11, 2024

Here's my blog post about CVE-2024-26230. I aim not only to introduce the exploit stage but also hope to share my thoughts on how I completed the exploitation step-by-step in all my posts from now on.https://t.co/Cqxl4NK5IM

— k0shl (@KeyZ3r0) April 10, 2024

The nature of sisense is they require access to their customers confidential data sources. They have direct access to JDBC connections, to SSH, and to SaaS platforms like Salesforce and many more. It also means they have tokens, credentials, certificates often upscoped. 1/2

— Marc Rogers (@marcwrogers) April 11, 2024

The data stolen from sisense contained all these tokens, credentials and access configurations. This is a worst case scenario for many sisense customers. These are often literally the keys to their kingdoms. Treat as an EXTREMELY serious event. 2/2

— Marc Rogers (@marcwrogers) April 11, 2024

There's a known 0day out there that can disable all Windows Event Logging in your network even on fully updated Windows. Our patches for it are the only patches in existence and have been available for 70 days. If 0patch is not your first line of defense, make it your second. https://t.co/gGTXGffba0

— 0patch (@0patch) April 11, 2024

Update 4/10/2024: April Windows Updates did not patch this issue, so it remains a 0day (now 70 days without official fix). If you're using ANY version of Windows without 0patch, Windows Event Logging can be disabled remotely on all machines in your network within seconds.

— 0patch (@0patch) April 11, 2024

lmao, why do people do this pic.twitter.com/58fzaW0AYx

— Chris Paxton (@chris_j_paxton) April 11, 2024

Apparently Apple is alerting users when they detect Pegasus 👀 https://t.co/D2SYH1CGWw pic.twitter.com/8vRWOqYJx9

— Corgi (@corg_e) April 11, 2024

Sisense has released specific instructions to its customers.

On the one hand it’s easy to be mad at this situation, the plaintext storage of credentials and the insecure storage of data at rest.

On the other had I want to give them props for reaching this point in under 24… pic.twitter.com/Gxvqb8Cibo

— Marc Rogers (@marcwrogers) April 11, 2024

1. KASLR for an attacker with arbitrary local unpriv execution is not effective. 2, KASLR for heap based exploitation is not effective including remote attacks. 3. I believe this to be independent the details of KASLR implementation, OS and CPU for general compute systems. https://t.co/7DQH0c40Ym

— Anders Fogh (@anders_fogh) April 11, 2024

As it was discovered and made public, I can finally say I had this universal KASLR bypass since 2020, and I patiently saw many discussions about the effectiveness of KASLR. I said nothing, not only because it was still a 0day, but because it's interesting to see how people are so… https://t.co/AmUe5QcMPs

— Anderson Nascimento (@andersonc0d3) April 11, 2024

Many other attacks will also provide primitives that can bypass KASLR, but I don't thing it generalizes well. Consequently, I think KASLR offers marginal protects and increased complexity won't help.

— Anders Fogh (@anders_fogh) April 11, 2024

On a subset of embedded systems I think KASLR can provide significant security. But this is super niche.

— Anders Fogh (@anders_fogh) April 11, 2024

Big 4th Amendment case from the Colorado Supreme Court, People v. Seymour.

Police obtained suspect's Google search history from Google.

Court: "users own their Google content"—not Google. Police copying the suspect's data was a 4th Amendment "seizure." https://t.co/qPsv5TSk8U pic.twitter.com/yHazZXi4xc

— Brent Skorup (@bskorup) April 11, 2024

Court says: "Indeed, Google's licensing agreement makes clear that it does not own its users' content. Instead, users own their Google content, which, according to testimony from a Google policy specialist, includes their search histories."

— Brent Skorup (@bskorup) April 11, 2024

My summary of the case, at the Federalist Society blog: Digital data is often obtained by law enforcement and this "will change how modern-day investigations into digital data are conducted if other state and federal judges agree." https://t.co/sMXowhgf1j

— Brent Skorup (@bskorup) April 11, 2024

Israel tried to keep sensitive spy tech under wraps. It leaked abroad

by @omerbenj and @e_triantafillou https://t.co/2pAXAflCo8

— avi scharf (@avischarf) April 11, 2024

NEW: @haaretzcom and @insidestory_gr reveal a scary new attack techniques offered by spyware-vendor Intellexa.

Intellexa's Aladdin product uses malicious web ad's to target and silent infect targets as they simply browse the web. https://t.co/Df7dK8ZQ0d

— Donncha Ó Cearbhaill (@DonnchaC) April 11, 2024

Not being able to block ads on Android is as bad as when Microsoft makes you pay extra for logging https://t.co/TFZ2KUQedc

— Dave Aitel (@daveaitel) April 11, 2024

Source: @binarly_io on 'forever bugs' in modern software supply chains:https://t.co/5gGZv9yodm

— Ryan Naraine (@ryanaraine) April 11, 2024

Some of you really need to see this because you're posting stuff like ID cards with blurs and pixelation.
Pixelation and Blur are non-destructive ways of image modification and they can absolutely be reversed. If you want to not share a detail in an image, solid color fill it. pic.twitter.com/V8pRShJVrR

— Vixus | MSA™ Millennial || Vixus on 💙🌥️ (@VixusFoxy) April 11, 2024

Our team at @Volexity has identified a new 0day exploited in the wild. This time we caught a threat actor using an unauthenticated RCE in Palo Alto Networks GlobalProtect. It has been assigned CVE-2024-3400 and is covered in this @PaloAltoNtwks advisory https://t.co/JZIOPnavnX

— Steven Adair (@stevenadair) April 12, 2024