August 6-7, 2024
August 6-7, 2024
Crowdstrike BSOD is actually exploitable for LPE.. https://t.co/OwT68CjDS0 pic.twitter.com/ErQAtzoYvN
— Richard Johnson (@richinseattle) August 5, 2024
CISA studied 172 critical open source projects and found Nixpkgs contains only 5KLoC of unsafe code. Effectively 0%. Check out Exploring Memory Safety in Critical Open Source Projects: https://t.co/sf0X32rcvo
— Determinate Systems (@DeterminateSys) August 5, 2024
Resorts World, one of the hotels that has a block for the DEF CON hacking conference this week, says it will perform daily room searches, including those with a privacy sign
— Joseph Cox (@josephfcox) August 5, 2024
“A well-known hacking convention will be held in Las Vegas during your stay”https://t.co/zDbAHGN1uw
Kevin Beaumont: "In case you missed it - CrowdStrike are attemptin…" - Cyberplace
In case you missed it - CrowdStrike are attempting to use legal threats to suppress criticism and parody.
https://doublepulsar.com/crowdstrike-trying-to-use-legal-threats-to-suppress-criticism-and-parody-of-global-it-outage-49320e922120
Mobile device management vendor Mobile Guardian attacked
13,000 devices remote wiped.
https://www.theregister.com/2024/08/06/mobile_guardian_mdm_attack/After months of digging and reporting, I have learned where Facebook's bizarre AI spam (like "Shrimp Jesus") comes from, who is making it, how it works, and how it is monetized.
— Jason Koebler (@jason_koebler) August 6, 2024
Turns out Meta is directly paying people to spam FB with this stuffhttps://t.co/FQYLQDaF1q
Our @wleightond just pushed out a brand new Canarytoken.
— Thinkst Canary (@ThinkstCanary) August 5, 2024
1) Visit https://t.co/712OurVT2I;
2) Create a fake app¹;
3) Download it to your home-screen;
4) Get an alert when anyone else opens it!
Read more about it at https://t.co/pPHrpzQIXG
__
¹ Still completely free pic.twitter.com/dqSgM4gNVk
Unlocking my hotel room door with my fingernails!
— @baybedoll@infosec.exchange (@Baybe_Doll) August 6, 2024
New #defconnails for #defcon inspired by Jon Buckley's "High Tech Monopoly" with 2x hidden Mifare Classic magic chips and 2x NTAG+LED nail stickers that I designed. I used @flipper_zero to clone my room key to the Mifare chip! pic.twitter.com/XrsfKltF4P
Quick analysis of the @Ronin_Network Bridge hack (2M USDC & 4000 ETH) on August 6, 2024:
— Verichains (@Verichains) August 6, 2024
- Previous versions of Ronin Bridge fetched totalWeight from MainchainBridgeManager contract.
- The latest upgrade stores totalWeight in the contract's storage under the variable… pic.twitter.com/n0SmKx8wAD
2/
— Verichains (@Verichains) August 6, 2024
- Previous versions of Ronin Bridge fetched totalWeight from MainchainBridgeManager contract
- The latest upgrade stores totalWeight in the contract's storage under the variable _totalOperatorWeight pic.twitter.com/hEo97zK4Ms
3/ This variable is initialized in the initializeV3() function, but the deployer only called initializeV4 during the upgrade, leaving _totalOperatorWeight uninitialized and defaulting to 0 pic.twitter.com/p54tUkRm5T
— Verichains (@Verichains) August 6, 2024
Paper day
— Meysam (@R00tkitSMM) August 6, 2024
1- EXPRACE: Exploiting Kernel Races through Raising Interruptshttps://t.co/VADXipsnkO
and
2- Racing against the clock -- hitting a tiny kernel race window ( this is really cool)https://t.co/iDtxv9bVCd
have you seen published papers in 1924. it was like "i watched a chipmunk for 3 hours. it cached 14 acorns" and no sources cited https://t.co/oRN7SzXIXz
— Spencer Johnson 🏳️🌈 (@deathbymustelid) August 5, 2024
PHYSICS IS STILL A THING, DAMMIT. Normally I wouldn't pick on Gen. (ret) Mark Milley & Google (ret) Eric Schmidt, who've done a ton to drag the US military into the 21st century, but their @ForeignAffairs piece out today makes a mistake people KEEP MAKING, and I am LOSING IT. /1 pic.twitter.com/cAqcj1uXCF
— Sydney Freedberg (@SydneyFreedberg) August 5, 2024
Thread by @SydneyFreedberg on Thread Reader App – Thread Reader App
@SydneyFreedberg: PHYSICS IS STILL A THING, DAMMIT. Normally I wouldn't pick on Gen. (ret) Mark Milley & Google (ret) Eric Schmidt, who've done a ton to drag the US military into the 21st century, but their...…
America Isn’t Ready for the Wars of the Future: And They’re Already Here
And they’re already here.
I pushed a change to hostapd-mana to output WPA2 handshakes in the “new” hashcat 22000 WPA-PBKDF2-PMKID+EAPOL format. If you’re into that sort of thing.https://t.co/bnDT4UaF5C
— Dominic White 👾 (@singe) August 6, 2024
"As the UK’s new government assesses priorities for the forthcoming Strategic Defence Review, it would do well to reflect on the effectiveness of cyber power as an organising concept for cyber policy." Read the latest #RUSICommentary by @DrAndrewDwyer. https://t.co/XsUKM7pkw6
— RUSI (@RUSI_org) August 5, 2024
Course on Linux debugging, profiling and tracing training
— 0xor0ne (@0xor0ne) August 5, 2024
Slides: https://t.co/OxmADoTOEH
Lab exercises: https://t.co/3Irhh332w1
Lab material (.tar.xz): https://t.co/psVOfoxSbW
Credits @bootlincom#Linux #cybersecurity pic.twitter.com/hPi3b1npv1
Introduction to Chromium’s V8 Heap Sandbox escapehttps://t.co/5dXuRtiPtO#chrome pic.twitter.com/tOfXZG2GIT
— 0xor0ne (@0xor0ne) August 4, 2024
Enjoying the fact that military coups have also succumbed to corporate jargon. https://t.co/nLsEDCRxEF
— Shashank Joshi (@shashj) August 5, 2024
Nerds were able to transform Google Calendar into a filesystem.
— vx-underground (@vxunderground) August 6, 2024
tl;dr malware ideahttps://t.co/LgSX29RjMb
How to achieve code execution with an Out-of-Bounds Write in Chrome V8 engine (Maglev compiler)https://t.co/NwRnwpMQfR
— 0xor0ne (@0xor0ne) August 5, 2024
Credits Javier Jimenez and Vignesh Rao#chrome #cybersecurity pic.twitter.com/gLBMAE8UVc
Looks like Apple are using standard prompt engineering for a bunch of their Apple Intelligence features, and someone on Reddit found the prompts. Some notes here: https://t.co/TpajUEioZH
— Simon Willison (@simonw) August 6, 2024
An excellent, timeless, unpatchable, iOS persistence mechanism covered by the @JamfSoftware Threat Labs.
— Zuk (@ihackbanme) August 7, 2024
If one of the vulnerabilities gets patched in an already compromised phone, attackers allow the user to “update” but actually don’t update anything: https://t.co/IUIl8Td8J9
Crowdstrike posted a full root cause analysis this morning, once again confirming this is nothing to do with a NULL pointer dereference. There is some dump analysis on pg 12 by someone clearly familiar with kd.https://t.co/rqJQmGtpeq
— Tavis Ormandy (@taviso) August 6, 2024
This readme has strong aura tbh, 1.6k stars https://t.co/9tpdqkc6gE pic.twitter.com/8CmNb8LCCP
— pix (@pixqc) August 5, 2024
Broke: prompt engineer Apple Intelligence to reveal its system prompt
— Max Woolf (@minimaxir) August 5, 2024
Woke: just search for a .txt file containing the prompts lol pic.twitter.com/wuFEgY7rcS
Damn. This guy was a human rights activist and cofounder of a significant pro-democracy organization named for victims of the Tiananmen Square massacre. He was also an MSS spy reporting to the PRC on the activities of those who joined as far back as at least 2006. https://t.co/wa18Ojm4Fu
— Brian in Pittsburgh (@arekfurt) August 7, 2024
In depth blog post on how to exploit an out-of-bounds write vulnerability in FortiGate SSL VPNhttps://t.co/9PYzVpKIxD
— 0xor0ne (@0xor0ne) August 7, 2024
Credits Dylan Pindur (@assetnote)#exploit #cybersecurity pic.twitter.com/ZjrH0G1DuR
Speaking of Discord in wartime: If your business is relying on cloud services for critical internal processes or even just routine efficiency, your cyber intel shop ought have a very good understanding of other military users of the same services in the event of conflict. There…
— JD Work (@HostileSpectrum) August 7, 2024