July 1, 2024

                July 1, 2024

            July 1, 2024

            July 1, 2024

Pre Auth RCE in OpenSSH.

https://www.openwall.com/lists/oss-security/2024/07/01/3

The award-winning Qualys Threat Research Unit (TRU) has discovered a critical vulnerability in OpenSSH, designated CVE-2024-6387 and aptly named "regreSSHion." This Remote Code Execution bug grants full root access, posing a significant exploitation risk. https://t.co/uDHHSuzd5f
— Qualys (@qualys) July 1, 2024

Speaking of… 

https://www.tarsnap.com/spiped.html

Today seems like a good day to mention that on my servers I use spiped to protect access to OpenSSH -- you can't even send a single byte to sshd unless you have the spiped secret key.https://t.co/ZH0qgFar1c
— Colin Percival (@cperciva) July 1, 2024

Here are my slides for REcon 2024 talk entitled: “A Tale of Reverse Engineering 1001 GPTs: The good, the bad And the ugly”https://t.co/CYM5WhLSwH

Beware of your IP address being leaked when using custom GPTs.
— allthingsida (@allthingsida) June 29, 2024

Did I read this correctly?! 
...If you skip the auth. verification part of the handshake in fast-connect mode..., you can pair with & eavesdrop on mic of AirPods?! Make sure your firmware is up2date (Ver. 6F8). This is super easy and practical to do.https://t.co/7uQ3d34NYt
— Hamid Kashfi (@hkashfi) June 29, 2024

Fascinating conversation, moderated by @ciaranmartinoxf, with @BobbyChesney on the law and policy of (offensive) cyber, especially in terms of grey zone stuff by the Chinese and Russians.https://t.co/2mMNYkFGIs
— Ravi Nayyar (@ravirockks) June 29, 2024

Every week nerds ask us "do you know {ransomware_groups} onion?". 

Every ransomware group's domains are archived, past and present, as well as their post history by @joshhighet on his website ransomwatch telemetry.

Now stop asking us >:(

Link: https://t.co/88dzPGHmL8
— vx-underground (@vxunderground) June 30, 2024

https://t.co/aBYTZSL80G pic.twitter.com/aPIdQ6CxZd
— SwiftOnSecurity (@SwiftOnSecurity) July 1, 2024

                  misc-scripts/iwmon at main · k-korn/misc-scripts · GitHub
Miscellaneous scripts. Contribute to k-korn/misc-scripts development by creating an account on GitHub.            

                  William Gibson's 'Neuromancer' to Become a Series on Apple TV+ - Slashdot
It's been adapted into a graphic novel, a videogame, a radio play, and an opera, according to Wikipedia  — which also describes years of trying to adapt Neuromancer into a movie.  "The landmark 1984 cyberpunk novel has been on Hollywood's wishlist for decades," writes Gizmodo, "with multiple f...            

Have you ever come across a news page that looks authentic but isn't quite right? Our publication explores the impersonation of media to spread false narratives, particularly those promoted by the Kremlin. Read more: https://t.co/XyPWDE02RS pic.twitter.com/jwSl6itlqH
— STRATCOMCOE (@STRATCOMCOE) July 1, 2024

Don't miss what's next. Subscribe to the grugq's newsletter:

Start the conversation: