NASA knows what knocked Voyager 1 offline, but it will take a while to fix #NASA #JetPropulsionLaboratory #Voyager1 https://arstechnica.com/space/2024/04/the-diagnosis-is-in-bad-memory-knocked-nasas-aging-voyager-1-offline/
Ars Technica
NASA knows what knocked Voyager 1 offline, but it will take a while to fix
"Engineers are optimistic they can find a way for the FDS to operate normally."
Modder made an IRC client that runs entirely inside the motherboard's BIOS chip #Cybersecurity #UEFI #BIOS #IRCClient https://www.tomshardware.com/software/someone-made-a-functioning-irc-client-that-runs-entirely-inside-the-motherboards-uefi
Tom's Hardware
Modder made an IRC client that runs entirely inside the motherboard's BIOS chip
"I told a friend I was making a joke project, then explained. She said she wasn't sure when to laugh. I'm not sure either."
Rust developers at Google are twice as productive as C++ teams #MemorySafeLanguages #CPlusPlus #Rust #SoftwareSecurity #MemorySafety https://www.theregister.com/2024/03/31/rust_google_c
The Register
Rust developers at Google are twice as productive as C++ teams
Code shines up nicely in production, says Chocolate Factory's Bergstrom
CoralRaider targets victims’ data and social media accounts #ComputerSecurity #DataBreach #AttackSurface #ThreatActor #IncidentResponse https://blog.talosintelligence.com/coralraider-targets-socialmedia-accounts/
Cisco Talos Blog
CoralRaider targets victims’ data and social media accounts
Cisco Talos discovered a new threat actor we’re calling “CoralRaider” that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries.
ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins #ScrubCrypt #VenomRAT #BatchFile #AES-CBC #MalwareFamilies https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins
Fortinet Blog
ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins
FortiGuard Labs uncovered a threat actor using ScrubCrypt to spread VenomRAT along with multiple RATs. Learn more. …
Persistent Magento backdoor hidden in XML #Backdoor #Magento https://sansec.io/research/magento-xml-backdoor
Sansec
Persistent Magento backdoor hidden in XML
Does your Interceptor.php keep getting infected? Attackers are using a new method for malware persistence on Magento servers. Sansec discovered a cleverly cr...
Puckungfu 2: Another NETGEAR WAN Command Injection #ResearchBlog #NETGEAR #CryptographicVisualization #CommandInjection #ThreatDetection https://research.nccgroup.com/2024/02/09/puckungfu-2-another-netgear-wan-command-injection/
Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces #Gradio #FileReadVulnerabilities #HuggingFace #NodeZero #PentestingServices https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces/
Horizon3.ai
Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces
Exploiting file read vulnerabilities in Gradio to steal secrets from Hugging Face Spaces.
_eventFirstResponderChainDenoscription (Xcode debugging) #Debugging #ResponderChain #Cocoa #iOS #MacOS https://mjtsai.com/blog/2024/03/22/_eventfirstresponderchaindenoscription/#comment-4059578
Mjtsai
Michael Tsai - Blog - _eventFirstResponderChainDenoscription
reverst: Reverse Tunnels in Go over HTTP/3 and QUIC #GitHub #ReverseTunnels #Go #HTTP3 #QUIC https://github.com/flipt-io/reverst/
GitHub
GitHub - flipt-io/reverst: Reverse Tunnels in Go over HTTP/3 and QUIC
Reverse Tunnels in Go over HTTP/3 and QUIC. Contribute to flipt-io/reverst development by creating an account on GitHub.
The Distribution Problem What's wrong with internal CAs (and what to do about it) https://anchor.dev/blog/the-distribution-problem
anchor.dev
The Distribution Problem
At Anchor, we see certificate provisioning as table-stakes for any certificate management product, and we’re obsessive about solving these distribution problems. We want to change how developers think about internal CAs.
🤔1
Exploiting Empire C2 Framework https://aceresponder.com/blog/exploiting-empire-c2-framework
BatBadBut: You can't securely execute commands on Windows #WindowsCommandInjection #BatBadBut #Vulnerability #FlattSecurityResearch #CVE https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
GMO Flatt Security Research
BatBadBut: You can't securely execute commands on Windows
Introduction
Hello, I’m RyotaK ( @ryotkak
), a security engineer at Flatt Security Inc.
Recently, I reported multiple vulnerabilities to several programming languages that allowed an attacker to perform command injection on Windows when the specific conditions…
Hello, I’m RyotaK ( @ryotkak
), a security engineer at Flatt Security Inc.
Recently, I reported multiple vulnerabilities to several programming languages that allowed an attacker to perform command injection on Windows when the specific conditions…
Starry Addax targets human rights defenders in North Africa with new malware #CiscoTalos #StarryAddax #Malware #NorthAfrica #HumanRightsDefenders https://blog.talosintelligence.com/starry-addax/
Cisco Talos Blog
Starry Addax targets human rights defenders in North Africa with new malware
Cisco Talos is disclosing a new threat actor we deemed “Starry Addax” targeting mostly human rights activists, associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware.
Backdoor in XZ Utils That Almost Happened https://www.schneier.com/blog/archives/2024/04/backdoor-in-xz-utils-that-almost-happened.html
Schneier on Security
Backdoor in XZ Utils That Almost Happened - Schneier on Security
Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story…
The Pizza Box #CharlesSchwab #ThreatHunt #WebDAV #NewOutlook #VulnerabilityDiscovery https://mpizzicaroli.github.io/missfile/
mpizzicaroli.github.io
Missfile://CVE-2024-20670
Before I start, I want to give a shout to the Charles Schwab Threat Intelligence team and our leadership for giving me the opportunity, time, and opinions to give this some legs. As the new Unstructured Hunt lead, this was a thrilling find.
DLL code for testing CVE-2024-21378 in MS Outlook #DLL #code #testing #CVE-2024-21378 #MSOutlook https://gist.github.com/Homer28/7f3559ff993e2598d0ceefbaece1f97f
Gist
DLL code for testing CVE-2024-21378 in MS Outlook
DLL code for testing CVE-2024-21378 in MS Outlook. GitHub Gist: instantly share code, notes, and snippets.
🤷3
Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated May 20) #ThreatBrief #CVE20243400 #OperationMidnightEclipse #Unit42 #Cybersecurity https://unit42.paloaltonetworks.com/cve-2024-3400/
Unit 42
Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated May 20)
We detail Operation MidnightEclipse, a campaign exploiting command injection vulnerability CVE-2024-3400, and include protections and mitigations.
DES algorithm illustration https://hereket.com/tiny/des-algorithm/
PuTTY vulnerability vuln-p521-bias #PuTTY #vulnerability #NIST #P521 #security https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400) #PaloAlto #GlobalProtect #CVE-2024-3400 #SSLVPN #Vulnerability https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400/
watchTowr Labs
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Welcome to April 2024, again. We’re back, again.
Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device.
We’ve seen all the…
Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device.
We’ve seen all the…
👾1