April 29, 2024

                            April 29, 2024

                April 29, 2024

                        April 29, 2024
Interesting reading on antivirus evasion techniques for beginners

Credits @gatarieehttps://t.co/D2CApg1fXT#infosec #evasion pic.twitter.com/LjB7DZyRNT
— 0xor0ne (@0xor0ne) April 28, 2024

Today, I took a few minutes to analyze the #WordPress Automatic Plugin CVE-2024-27956 (Unauthenticated Arbitrary SQL Execution) #security #vulnerability. Turns out it is super easy to exploit.

Here is a basic PoC:

Since "q" is passed directly into a $wpdb->get_results() call,… pic.twitter.com/2FZu1JIIBi
— Julien | MrTuxracer 🇪🇺 (@MrTuxracer) April 27, 2024

While driving home yesterday, we noticed a strange landmark on the Sat-nav. All it said was “The Pole”. (1/n) pic.twitter.com/cRc7koeB1b
— Dara Ó Briain (@daraobriain) April 28, 2024

Thread by @daraobriain on Thread Reader App – Thread Reader App
@daraobriain: While driving home yesterday, we noticed a strange landmark on the Sat-nav. All it said was “The Pole”. (1/n) Clicking further revealed little else other than a series of very positive reviews and the ...…

https://fs.blog/mental-models/

🕷️ ScrapeGraphAI: You Only Scrape Once

ScrapeGraphAI is a web scraping python library that uses LLMs to create scraping pipelines for websites, documents and XML files. Just say which information you want to extract and the library will do it for you!https://t.co/h9CnTwKHWi pic.twitter.com/u0IrkGGI2a
— LangChain (@LangChainAI) April 28, 2024

A thread: I have only read this article and NOT the book from which it derives, but as the author of the standard biography of Anthony Blunt, I feel inclined to comment. The main contention is that not only was Blunt spying for the Soviets, but that he was/ https://t.co/xnq82ZruNw
— Miranda (MJ) Carter (@MJCarter10) April 28, 2024

R. Bradley Lathe - made in a POW Camp
http://www.lathes.co.uk/bradley-pow-lathe/
Interesting how this was constructed and hidden, mostly by putting it in plain sight as something else. 

Recently finished Operating Systems: Three easy pieces (a.k.a comet book / OSTEP).

Great book to learn about Operating Systems if you have basic understanding of C and Computer Architecture, also has a lecture series with it that you can watch while reading the chapters to… pic.twitter.com/XE3JAyfexd
— Mr. Rc (@rcx86) January 20, 2024

Great to see this new IoT security legislation finally in force in 🇬🇧

No more cameras with 123456 as unchangeable default passwords 

Well done to the Goverment! Credit where it’s due  https://t.co/aXcaqiBO7S
— Ciaran Martin (@ciaranmartinoxf) April 29, 2024

Some people publish 0-day Local Privilege Escalations in VirtualBox, JUST LIKE THAT. 

They don't try to apply for Pwn2Own or get some glory... INSANITY! https://t.co/HGhxIRr3oF (sorry, as Habr stopped supporting google translate, you need to do it yourself)/
— Timur Yunusov (@a66ot) April 29, 2024

Security and Ten Laws of Technology 
There are many well known, so called, laws of technology. Moore’s law being particularly emblematic. Let’s look at some of them and see what the security implications have been for each and what might further develop as a result. [Definitions of the laws are from Wikipedia or other linked sources.]1.Moore’s LawMoore's law is the observation that the number of transistors in an integrated circuit (IC) doubles about every two years. Moore's law is an observation and projection of a historical tren...

                            Don't miss what's next. Subscribe to the grugq's newsletter: