October 24, 2023
October 24, 2023
Bellingcat: "Bellingcat isn't just a news site, we have a coll…" - Mastodon 🐘
Bellingcat isn't just a news site, we have a collection of tools and resources on our page to help individuals in the open-source research field. You can find the full archive here: https://www.bellingcat.com/category/resources/
Błażej Kowalczyk: "Ad blockers getting more and more effective 💪💪" - Pol.social
Załączono: 1 obraz Ad blockers getting more and more effective 💪💪
Thread by @KimZetter on Thread Reader App – Thread Reader App
@KimZetter: Car bomb that killed daughter of Putin ally Alexander Dugin was smuggled into Russia in hidden compartment of a cat crate. The op was part of a raging shadow war being conducted by Ukraine's SBU spy...…
Marcel Böhme: "What if you could make your fuzzer ask an LLM abo…" - Infosec Exchange
What if you could make your fuzzer ask an LLM about the correct structure and order of protocol messages as specified in hundreds of pages of RFC? 🎉 Accepted @ NDSS'24 📝 https://mpi-softsec.github.io/papers/NDSS24-chatafl.pdf 🧑💻 https://github.com/ChatAFLndss/ChatAFL Led by Ruijie Meng w/ Martin Mirchev and Abhik Roychoudhury
Catalin Cimpanu: "Today's newsletter covered all the Cisco IOS XE d…" - Mastodon
Today's newsletter covered all the Cisco IOS XE drama, on how it unfolded and how attackers began to hide infected devices: https://mastodon.social/@campuscodi/111283390046046356 As Fox-IT explained today... it isn't a law enforcement takedown or a white-hate. It's the attacker. They've added an authenticator in front to prevent fingerprinting. There's still 37k infected Cisco routers around. They didn't go anywhere: https://twitter.com/foxit/status/1716472673876730149
BleepingComputer: "The number of Cisco IOS XE devices hacked with a …" - Infosec Exchange
The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline. https://www.bleepingcomputer.com/news/security/number-of-hacked-cisco-ios-xe-devices-plummets-from-50k-to-hundreds/
Abusing gdb Features for Data Ingress & Egress · Arch Cloud Labs
About The Project Modern Software Development environments have significant debugging capabilities to troubleshoot issues with the complex nature of modern software . These debugging capabilities typically manifest in Interactive Development Environment (IDE) as features that extend an IDEs capability to examine the given state of an application at run time or analyze previous binary executions. The standalone GNU Debugger (gdb) is integrated in a wide variety of IDEs and other 3rd party (1,2,3) utilities to provide a robust debugging interface for end users.
The schedule for #Pwn2Own Toronto is now live! We've got an exciting four days of exploits ahead of us. Check it out at https://t.co/PP8cTWxgpa
— Zero Day Initiative (@thezdi) October 23, 2023
If it weren’t for public PoCs I probably would have never learned modern exploit dev. Also speaking from personal experience, publishing techniques shortens their lifespan. By a lot. https://t.co/E1j26QJisB
— chompie (@chompie1337) October 23, 2023
Summary:
— Katie🌻Moussouris (she/her) (@k8em0) November 30, 2019
✅Yes PoC helps bad people do bad things faster
✅Defenders need the PoC more than the attackers do, even though both sides are helped by its release
✅Giving defenders even slight edges over the majority of criminal attackers is net good
✨Non disclosure is far worse
What?!? It seems like spying for China is the least problematic part of this tradition.
The Royal Navy is ending its century-old tradition of having Chinese servants on warships amid fears that they could be forced to spy for Beijing ⬇️https://t.co/nzZM3stEe9
— The Times and The Sunday Times (@thetimes) October 23, 2023
amazing 1 star review of the british museum pic.twitter.com/dLD7iGxAKr
— tom (@tombomp) October 23, 2023
Thread by @JohnLaTwC on Thread Reader App â Thread Reader App
@JohnLaTwC: I spoke at @MSFTBlueHat last week. â¡ï¸ I will follow up with a link to the recording when it is posted. Some highlights from my talk belowðððgithub.com/JohnLaTwC/Shar⦠I talked about how incidents can tea...â¦
Catalin Cimpanu: "PortSwigger researchers have taken the concept be…" - Mastodon
Attached: 1 image PortSwigger researchers have taken the concept behind the HTTP2 Rapid Reset attack that was being used to launch DDoS attacks and applied it in a manner to perform remote race condition attacks with just one single TCP packet https://portswigger.net/research/the-single-packet-attack-making-remote-race-conditions-local
The single-packet attack: making remote race-conditions 'local' | PortSwigger Research
The single-packet attack is a new technique for triggering web race conditions. It works by completing multiple HTTP/2 requests with a single TCP packet, which effectively eliminates network jitter an
Lili Saintcrow: ""Using it to “poison” this training data could da…" - Ragged Feathers
"Using it to “poison” this training data could damage future iterations of image-generating AI models, such as DALL-E, Midjourney, and Stable Diffusion, by rendering some of their outputs useless..." https://www.technologyreview.com/2023/10/23/1082189/data-poisoning-artists-fight-generative-ai/ 1/2
1Password detects “suspicious activity” in its internal Okta account | Ars Technica
1Password CTO says investigation found no compromise of user data or sensitive systems.
John Regehr: ""Cascade: CPU Fuzzing via Intricate Program Gener…" - Mastodon
"Cascade: CPU Fuzzing via Intricate Program Generation" https://comsec.ethz.ch/research/hardware-design-security/cascade-cpu-fuzzing-via-intricate-program-generation/ and also a paper: https://comsec.ethz.ch/wp-content/files/cascade_sec24.pdf
Video of my PoC for CVE-2023-43641: out-of-bounds array access in libcue. libcue is used by tracker-miners, which automatically scans new files in ~/Downloads, so the bug is triggered by downloading a file. pic.twitter.com/xCSkaHD7zp
— Kev (@kevin_backhouse) October 9, 2023
I've published the full PoC for CVE-2023-43641. I'm still writing a blog post about it, but it should be coming soon. https://t.co/O1MeHGmRsm https://t.co/1zk24zikE9
— Kev (@kevin_backhouse) October 23, 2023
https://t.co/gBV5aXEqLB pic.twitter.com/JblLSrxh2C
— joernchen (@joernchen) October 23, 2023
Releasing an exploit proof of concept is a hot debate. Some argue it’s educational, but it can also empower malicious actors. We see bulk exploitation rates explode after, but advanced compromises against key victims don’t change a lot. What’s your take? pic.twitter.com/nO4bPuAsGc
— Rob Joyce (@NSA_CSDirector) October 23, 2023
Them: Can you help me?
— John Lyon (@JohnLyonTweets) November 13, 2021
Me: I don’t work here.
Them: Oh, sorry. leaves
My boss: You need to stop doing that.
Here's what we knew in the early 1990s and why we had the Bugtraq mailing list:
— Robᵉʳᵗ Graham 𝕏 (@ErrataRob) October 24, 2023
#1 full disclosure exists because sometimes the disclosure process fails and the bugs don't get fixed
#2 in other words, without a working exploit, nobody will take the vulnerability seriously
#3… https://t.co/PxDYAgTkQs
How does macOS manage virtual cores on Apple silicon?
