syncop @colt@nanao.cybtex.fr

I released some scripts to manipulate hashquines.
https://github.com/corkami/collisions/
Cc @0xabad1dea @spq @retr0id @ESultanik

🚀 Pyodide 0.23 is out! Now featuring CPython 3.11.2 with official Tier 3 support for WebAssembly, FFI improvements, load time optimizations, and additional packages. We've also introduced an experimental SDL2 support for graphics applications in Python. 🎉

https://blog.pyodide.org/posts/0.23-release/

oh, the new dbx update has the trend micro bootloaders (CVE-2023-28005) revoked too

how nice

also: MS didn't update dbx on windows yet. (probably because CVE-2023-28005 JUST got fixed, i was told june/july for that dbx update actually), so people on windows who trust the MS UEFI third party CA are still vulnerable to shdloader until then!

REALLY great job MS! :D

CVE-2023-21036 / acropalypse is absolutely bonkers.

Apparently for 5+ years the cropping / editing tools for screenshots on Google Pixel phones was only overwriting the start of the screenshot PNG file, but not truncating.

All screenshots shared for the past 5+ years might have data recoverable from them. Demo available at https://acropalypse.app/

Google still hasn't communicated anything on this.

(h/t ItsSimonTime on Musk's site)

Made a small project this week-end, using a RPI (mysql Grafana and a 7inch screen) and two custom sensor based on ESP32 I made a small meteo station to replace the one dead few weeks ago :) I still need to make pcb to cleanup the mess and make some lasercut box :) By the way I have huge doubt about reliability of the PMS5003 sensor.

Finally releasing our new file indexing and search project.

We integrated #ClamAV and #Yara scanning and are archiving suspicious files we come across.

We also look into compressed files.

https://files.leakix.net/?q=infected%3Atrue

New in last week's #Metasploit release:

* Exploits for Cisco RV Series #CVE_2022_20707 and GitLab #CVE_2022_2992
* Bug fix for Arch warnings when starting msfconsole
* Updates to DLL template code that allow msfvenom to use (default Metasploit) DLL templates with payloads larger than 4096 bytes (e.g., unstaged payloads).

https://www.rapid7.com/blog/post/2023/02/17/metasploit-wrap-up-193/

MISP 2.4.168 released with bugs fixed, security fixes and major improvements in STIX support.

https://www.misp-project.org/2023/02/16/MISP.2.4.168.released.html/

Don't forget to update your instance.

#misp #threatintelligence #opensource

Our #rapid7 blog about an 0-day being actively exploited in Forta GoAnywhere:

https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/

Just did a bug fix release of ssldump (version 1.6) which fixes an annoying bug with ports not being recorded in the pcap output. Thanks to all the contributors.

#opensource #tls #ssl #ssldump

:link: https://github.com/adulau/ssldump/

#Ransomware attacks on schools can have some unexpected consequences. For example, here's a snippet of an email I received after an incident involving a small, rural district.

The #malvertising campaigns via Google Ads are not just about software downloads and scams. They also include phishing for popular password managers such as 1Password.

The differences are so subtle, most people will fall for it.

Real URL:
https://my[.]1password.com/signin
Phishing URL:
https://my1pasword[.]com/signin

#Botconf2023 The tickets are now officially on sale ! https://www.billetweb.fr/botconf-2023

This is a summary of the most important highlights in r2-5.8.2, compared to 5.8.0:

* Add support for micromips (m4k)
* Add sourceline support from DWARF5 and Plan9
* Run any command to replace N bytes inside the disasm with the Cr command
* All the bugs reported by linux and bsd distros are now fixed, rpm packages are now tested and built in the CI, debian packages are now built with fakeroot
* Better error messages when missing basic tools, specially on Termux
* Added support for scripting in Pascal, assembly
* Fixed regressions in the GDB register mapping
* Huge optimization that mainly affects r2dec (80s -> 20s)
* Improved ESIL for arm64, v850
* Support multiple core plugins in pure quickjs, updated r2papi with integrated esil decompilation
* Updated support for Typescript
* Implemented TIRE algorithm in the search api, with much faster scans
* Added support for GNU/Poke
* Support two column and colors in r2slides
* Bug fixes and performance improvements in many places.

There are two CVEs for 5.8.0 related to ansi escape injection and a null deref, nothing really critical. but @pancake found and fixed a couple of UAFs so we encourage and recommend everyone to update!