syncop @colt@nanao.cybtex.fr

MISP 2.4.168 released with bugs fixed, security fixes and major improvements in STIX support.

https://www.misp-project.org/2023/02/16/MISP.2.4.168.released.html/

Don't forget to update your instance.

#misp #threatintelligence #opensource

Our #rapid7 blog about an 0-day being actively exploited in Forta GoAnywhere:

https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/

Just did a bug fix release of ssldump (version 1.6) which fixes an annoying bug with ports not being recorded in the pcap output. Thanks to all the contributors.

#opensource #tls #ssl #ssldump

:link: https://github.com/adulau/ssldump/

#Ransomware attacks on schools can have some unexpected consequences. For example, here's a snippet of an email I received after an incident involving a small, rural district.

The #malvertising campaigns via Google Ads are not just about software downloads and scams. They also include phishing for popular password managers such as 1Password.

The differences are so subtle, most people will fall for it.

Real URL:
https://my[.]1password.com/signin
Phishing URL:
https://my1pasword[.]com/signin

#Botconf2023 The tickets are now officially on sale ! https://www.billetweb.fr/botconf-2023

This is a summary of the most important highlights in r2-5.8.2, compared to 5.8.0:

* Add support for micromips (m4k)
* Add sourceline support from DWARF5 and Plan9
* Run any command to replace N bytes inside the disasm with the Cr command
* All the bugs reported by linux and bsd distros are now fixed, rpm packages are now tested and built in the CI, debian packages are now built with fakeroot
* Better error messages when missing basic tools, specially on Termux
* Added support for scripting in Pascal, assembly
* Fixed regressions in the GDB register mapping
* Huge optimization that mainly affects r2dec (80s -> 20s)
* Improved ESIL for arm64, v850
* Support multiple core plugins in pure quickjs, updated r2papi with integrated esil decompilation
* Updated support for Typescript
* Implemented TIRE algorithm in the search api, with much faster scans
* Added support for GNU/Poke
* Support two column and colors in r2slides
* Bug fixes and performance improvements in many places.

There are two CVEs for 5.8.0 related to ansi escape injection and a null deref, nothing really critical. but @pancake found and fixed a couple of UAFs so we encourage and recommend everyone to update!