July 1, 2024
July 1, 2024
Pre Auth RCE in OpenSSH.
https://www.openwall.com/lists/oss-security/2024/07/01/3The award-winning Qualys Threat Research Unit (TRU) has discovered a critical vulnerability in OpenSSH, designated CVE-2024-6387 and aptly named "regreSSHion." This Remote Code Execution bug grants full root access, posing a significant exploitation risk. https://t.co/uDHHSuzd5f
— Qualys (@qualys) July 1, 2024
Speaking of…
https://www.tarsnap.com/spiped.htmlToday seems like a good day to mention that on my servers I use spiped to protect access to OpenSSH -- you can't even send a single byte to sshd unless you have the spiped secret key.https://t.co/ZH0qgFar1c
— Colin Percival (@cperciva) July 1, 2024
Here are my slides for REcon 2024 talk entitled: “A Tale of Reverse Engineering 1001 GPTs: The good, the bad And the ugly”https://t.co/CYM5WhLSwH
— allthingsida (@allthingsida) June 29, 2024
Beware of your IP address being leaked when using custom GPTs.
Did I read this correctly?!
— Hamid Kashfi (@hkashfi) June 29, 2024
...If you skip the auth. verification part of the handshake in fast-connect mode..., you can pair with & eavesdrop on mic of AirPods?! Make sure your firmware is up2date (Ver. 6F8). This is super easy and practical to do.https://t.co/7uQ3d34NYt
Fascinating conversation, moderated by @ciaranmartinoxf, with @BobbyChesney on the law and policy of (offensive) cyber, especially in terms of grey zone stuff by the Chinese and Russians.https://t.co/2mMNYkFGIs
— Ravi Nayyar (@ravirockks) June 29, 2024
Every week nerds ask us "do you know {ransomware_groups} onion?".
— vx-underground (@vxunderground) June 30, 2024
Every ransomware group's domains are archived, past and present, as well as their post history by @joshhighet on his website ransomwatch telemetry.
Now stop asking us >:(
Link: https://t.co/88dzPGHmL8
https://t.co/aBYTZSL80G pic.twitter.com/aPIdQ6CxZd
— SwiftOnSecurity (@SwiftOnSecurity) July 1, 2024
misc-scripts/iwmon at main · k-korn/misc-scripts · GitHub
Miscellaneous scripts. Contribute to k-korn/misc-scripts development by creating an account on GitHub.
William Gibson's 'Neuromancer' to Become a Series on Apple TV+ - Slashdot
It's been adapted into a graphic novel, a videogame, a radio play, and an opera, according to Wikipedia — which also describes years of trying to adapt Neuromancer into a movie. "The landmark 1984 cyberpunk novel has been on Hollywood's wishlist for decades," writes Gizmodo, "with multiple f...
Have you ever come across a news page that looks authentic but isn't quite right? Our publication explores the impersonation of media to spread false narratives, particularly those promoted by the Kremlin. Read more: https://t.co/XyPWDE02RS pic.twitter.com/jwSl6itlqH
— STRATCOMCOE (@STRATCOMCOE) July 1, 2024