February 6, 2024

then

                            February 6, 2024

                February 6, 2024

                        February 6, 2024
Excellent blog post by @sec_consult about reverse engineering custom ASICshttps://t.co/zx4Lr16zxJ#reverseengineering #cybersecurity pic.twitter.com/RFONTjZ2gg
— 0xor0ne (@0xor0ne) February 5, 2024

Vesuvius Challenge 2023 Grand Prize awarded: we can read the first scroll!

Vesuvius Challenge 2023 Grand Prize awarded: we can read the scrolls! | Vesuvius Challenge
The 2000-year-old scroll discusses music, food, and how to enjoy life’s pleasures.

Tomorrow the UK and France will co-host a conference at Lancaster House titled: The Pall Mall Process- Tackling the Proliferation and Irresponsible Use of Commercial Cyber Intrusion Capabilities. Stay tuned for updates over the next two days #pallmallprocess #cybersecurity
— LondonCyber (@LondonCyber) February 5, 2024

I get it that it's a touch more effort to do your homework and determine if a vulnerability is new, or whether it's merely another product affected by an EXISTING vulnerability. But can we at least pretend that we want to follow CVE rules? 

CVE-2024-21893 is merely CVE-2023-36661 https://t.co/Nd9cZZOkSk pic.twitter.com/aD4619ayGt
— Will Dormann (@wdormann) February 5, 2024

Well this is timely.

Ivanti Connect Secure is vulnerable to xmltooling CVE-2023-36661.

How was this handled?

HackerOne assigned CVE-2024-21893 to capture this.  🤦‍♂️https://t.co/PNU9vzeVDG pic.twitter.com/hR8KQ1Ax0a
— Will Dormann (@wdormann) February 3, 2024

Things on a currrent Ivanti VPN box:

curl 7.19.7 2009-11-04 (14 years)

openssl 1.0.2n-fips 2017-12-07 (6 years)

perl 5.6.1 2001-04-09 (23 years)

psql 9.6.14 2019-06-20 (5 years)

cabextract 0.5 2001-08-20 (22 years)

ssh 5.3p1 2009-10-01 (14 years)

unzip 6.00 2009-04-29 (15 years)
— Will Dormann (@wdormann) February 5, 2024

In case you missed it last week: runc, a critical component in the container runtime stack, disclosed a high severity vulnerability.https://t.co/e3qxcSWFEn

Make sure to update runc on your system.
— @cpuguy@hachyderm.io (@cpuguy83) February 5, 2024

Inside the Underground Site Where ‘Neural Networks’ Churn Out Fake IDs
The site, called OnlyFake, threatens to streamline everything from bank fraud to money laundering, and has implications for cybersecurity writ large.

CUT MY LIST IN TWO PIECES

THAT’S HOW YOU START QUICK SORT pic.twitter.com/QOYrNogjgC
— Corey Quinn (@QuinnyPig) October 7, 2023

ICYMI: Our attack path explanation & analysis of the January Microsoft breach:

Blog 1: https://t.co/2YbcvyK9el 

Blog 2: https://t.co/M98HTrfZi0

Video: https://t.co/SwHi5xdQti 

Tomorrow (Feb 6) 9AM Pacific: AMA about this breach in the BloodHound Slack - https://t.co/RMujGtkb3s
— Andy Robbins (@_wald0) February 5, 2024

I wuz robbed. 

More specifically, I was tricked by a phone-phisher pretending to be my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened. And then he tried to do it again, a week later!

1/ pic.twitter.com/xtlHVFufqG
— Cory Doctorow @pluralistic@mamot.fr (@doctorow) February 5, 2024

Thread by @doctorow on Thread Reader App – Thread Reader App
@doctorow: I wuz robbed. More specifically, I was tricked by a phone-phisher pretending to be my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I...…

Something to watch: @johnnysaks130 reports that CISA's Joint Cyber Defense Collaborative is losing steam as participants disengage over weak technical staffing and fears of being collateral damage in right-wing attacks on CISA. https://t.co/FWAdovRBLv pic.twitter.com/IimEBjc8uX
— Eric Geller (@ericgeller) February 5, 2024

I'm about 50% done integrating SAILR into angr master:  https://t.co/jnHS5ieTmb 🎉

P.S.: You can also use angr's decompiler more easily now. Try this out:

```

pip3 install angr && \

angr decompile /bin/true --functions main

```
— Zion Basque (@mahal0z) February 5, 2024

Amazon is purchasing first-party data based on user activity on websites to address Google Chrome's phase out of third-party cookies. A deal with a publisher Reach. Privacy-proofing that will be a challenge... #GDPR https://t.co/0A3jiK4ziW pic.twitter.com/u4ghsSGaSx
— Lukasz Olejnik, ☕️🥐 (@lukOlejnik) February 5, 2024

I have a friend who has been tasked with conducting DDoS testing (approved as part of a red teaming exercise).

I suggested https://t.co/T5O1Afw9hr because it's what malicious actors are using in conjunction with freshly purchased SOCKS proxies.

Do you know of any other tools…
— Jason Haddix (@Jhaddix) February 4, 2024

CanSecWest Presentation by @kutyacica 

There Will Be Bugs: Exploiting Basebands in Radio Layer Two pic.twitter.com/7X3p8EAwRZ
— dragosr (@dragosr) February 5, 2024

Amicus brief by former USG cyber bigwigs in the SolarWinds case, calling for more info sharing by industry with government.

Look forward to reading.https://t.co/TWcXPlanzJ
— Ravi Nayyar (@ravirockks) February 6, 2024

🇲🇲 #Myanmar: Myanmar Border Guard Police (BGP) have been seen fleeing over the border into #Bangladesh as clashes between the Arakan Army and Junta intensify. At least 15 policemen who fled over the border were wounded as a result of ongoing clashes.

(via @tbim6 on IG) pic.twitter.com/JxkFKoCfwC
— POPULAR FRONT (@PopularFront_) February 6, 2024

Finland's National Bureau of Investigation (NBI) identified and arrested an individual by getting his fingerprints ... from a photograph made by a phone.

Attached image is where they got his fingerprints

More information: https://t.co/E3AXQCqtxo pic.twitter.com/aPcA7dfPko
— vx-underground (@vxunderground) February 6, 2024

                            Don't miss what's next. Subscribe to the grugq's newsletter: