nyan.md (26)

!noid
!sage
!NO

Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/mozilla-patches-firefox-thunderbird-against-zero-day-exploited-in-attacks/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/mozilla-patches-firefox-thunderbird-against-zero-day-exploited-in-attacks/

Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.

Tracked as CVE-2023-4863, the security flaw is caused by a heap buffer overflow in the WebP code library (libwebp), whose impact spans from crashes to arbitrary code execution.

"Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild," Mozilla said in an advisory published on Tuesday.

🤭
Hackers steal $53 million worth of cryptocurrency from CoinEx
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/hackers-steal-53-million-worth-of-cryptocurrency-from-coinex/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/hackers-steal-53-million-worth-of-cryptocurrency-from-coinex/

New WiKI-Eve attack can steal numerical passwords over WiFi
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/new-wiki-eve-attack-can-steal-numerical-passwords-over-wifi/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/new-wiki-eve-attack-can-steal-numerical-passwords-over-wifi/

A new attack dubbed 'WiKI-Eve' can intercept the cleartext transmissions of smartphones connected to modern WiFi routers and deduce individual numeric keystrokes at an accuracy rate of up to 90%, allowing numerical passwords to be stolen.

WiKI-Eve exploits BFI (beamforming feedback information), a feature introduced in 2013 with WiFi 5 (802.11ac), which allows devices to send feedback about their position to routers so the latter can direct their signal more accurately.

The problem with BFI is that the information exchange contains data in cleartext form, meaning that this data can be intercepted and readily used without requiring hardware hacking or cracking an encryption key.

Google fixes another Chrome zero-day bug exploited in attacks
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/</a>" frameborder="0">https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/

The critical zero-day vulnerability (CVE-2023-4863) is caused by a WebP code library (libwebp) heap buffer overflow weakness whose impact ranges from crashes to arbitrary code execution.

libwebpのやつ気になるねえ🧐

🤭

MGM Resorts shuts down IT systems after cyberattack
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/mgm-resorts-shuts-down-it-systems-after-cyberattack/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/mgm-resorts-shuts-down-it-systems-after-cyberattack/

MGM Resorts International disclosed today that it is dealing with a cybersecurity issue that impacted some of its systems, including its main website, online reservations, and in-casino services, like ATMs, slot machines, and credit card machines.

仮想通貨だけじゃなくて現実世界に対する影響が大きい話が増えてきてる気がする

Transcoding Unicode strings at crazy speeds with AVX-512
https://hatenablog-parts.com/embed?url=https://lemire.me/blog/2023/09/13/transcoding-unicode-strings-at-crazy-speeds-with-avx-512/</a>" frameborder="0">https://lemire.me/blog/2023/09/13/transcoding-unicode-strings-at-crazy-speeds-with-avx-512/

NIST SP 800-207A
A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Cloud Environments
https://hatenablog-parts.com/embed?url=https://csrc.nist.gov/pubs/sp/800/207/a/final</a>" frameborder="0">https://csrc.nist.gov/pubs/sp/800/207/a/final

Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack
https://hatenablog-parts.com/embed?url=https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html</a>" frameborder="0">https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html

>>4
Password-Stealing without Hacking: Wi-Fi Enabled Practical Keystroke Eavesdropping
https://hatenablog-parts.com/embed?url=https://arxiv.org/abs/2309.03492</a>" frameborder="0">https://arxiv.org/abs/2309.03492

🤔

Google has a new tool to outsmart authoritarian internet censorship

https://hatenablog-parts.com/embed?url=https://www.technologyreview.com/2023/09/13/1079381/google-jigsaw-outline-vpn-internet-censorship/</a>" frameborder="0">https://www.technologyreview.com/2023/09/13/1079381/google-jigsaw-outline-vpn-internet-censorship/

Jigsaw, a unit of Google that operates sort of like an internet freedom think tank and that creates related products, already offers a suite of anti-censorship tools including Outline, which provides free, open, and encrypted access to the internet through a VPN. Outline uses a protocol that makes it hard to detect, so users can surf the web largely out of sight from authorities who might want to block internet access.

This repository contains exploit modules for Bluesky, using a framework that simplifies the creation of new modules as new exploits are discovered.
https://hatenablog-parts.com/embed?url=https://github.com/qwell/bsky-exploits</a>" frameborder="0">https://github.com/qwell/bsky-exploits

Save the Children hit by ransomware, 7TB stolen
https://hatenablog-parts.com/embed?url=https://www.theregister.com/2023/09/11/bianlian_save_the_children/</a>" frameborder="0">https://www.theregister.com/2023/09/11/bianlian_save_the_children/

now @dApplingNetwork supports
@bunjavascript

with zero config + auto detection

Great work to the team rolling this out so quickly 🐇

https://twitter.com/0xBookland/status/1701696473182699749

The return of the ASN-DROP

https://hatenablog-parts.com/embed?url=https://www.spamhaus.org/news/article/820/the-return-of-the-asn-drop</a>" frameborder="0">https://www.spamhaus.org/news/article/820/the-return-of-the-asn-drop

DDoSかはともかくasnでblockすればいいんじゃないのって話に役立ちそうなの、南欧に書くべきかな

イーブイちゃんのぷにぷに暗号化
Let's Go Eevee! A Friendly and Suitable Family of AEAD Modes for IoT-to-Cloud Secure Computation
https://hatenablog-parts.com/embed?url=https://eprint.iacr.org/2023/1361</a>" frameborder="0">https://eprint.iacr.org/2023/1361

フォーティネット、最新ASICを搭載した次世代ファイアウォール「FortiGate 90G」を発表
https://hatenablog-parts.com/embed?url=https://cloud.watch.impress.co.jp/docs/news/1531047.html</a>" frameborder="0">https://cloud.watch.impress.co.jp/docs/news/1531047.html

ライフサイクル早くない？
ASIC周りでNPx関連よく弄りました

>>19
FortiProxyなどに端を発するSSLVPNdの根本的問題を解決しきれなかったんか？
ずっと定期的にVulnでてるよね🤭

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
https://hatenablog-parts.com/embed?url=https://www.cisa.gov/news-events/alerts/2023/09/12/nsa-fbi-and-cisa-release-cybersecurity-information-sheet-deepfake-threats</a>" frameborder="0">https://www.cisa.gov/news-events/alerts/2023/09/12/nsa-fbi-and-cisa-release-cybersecurity-information-sheet-deepfake-threats

https://i.imgur.com/7S73cLf.png" data-lightbox="image">https://i.imgur.com/7S73cLf.png" loading="lazy">
https://i.imgur.com/7S73cLf.png
https://i.imgur.com/3jPzeKQ.png" data-lightbox="image">https://i.imgur.com/3jPzeKQ.png" loading="lazy">
https://i.imgur.com/3jPzeKQ.png
https://i.imgur.com/5Fju86z.png" data-lightbox="image">https://i.imgur.com/5Fju86z.png" loading="lazy">
https://i.imgur.com/5Fju86z.png
https://i.imgur.com/U4yGCxL.png" data-lightbox="image">https://i.imgur.com/U4yGCxL.png" loading="lazy">
https://i.imgur.com/U4yGCxL.png
https://i.imgur.com/eOBXclZ.png" data-lightbox="image">https://i.imgur.com/eOBXclZ.png" loading="lazy">
https://i.imgur.com/eOBXclZ.png
https://i.imgur.com/36lO4zR.png" data-lightbox="image">https://i.imgur.com/36lO4zR.png" loading="lazy">
https://i.imgur.com/36lO4zR.png
https://i.imgur.com/NmPHKg7.png" data-lightbox="image">https://i.imgur.com/NmPHKg7.png" loading="lazy">
https://i.imgur.com/NmPHKg7.png
https://i.imgur.com/Ym717la.png" data-lightbox="image">https://i.imgur.com/Ym717la.png" loading="lazy">
https://i.imgur.com/Ym717la.png
https://i.imgur.com/y0bqTHv.png" data-lightbox="image">https://i.imgur.com/y0bqTHv.png" loading="lazy">
https://i.imgur.com/y0bqTHv.png
https://i.imgur.com/Ffx4GUg.png" data-lightbox="image">https://i.imgur.com/Ffx4GUg.png" loading="lazy">
https://i.imgur.com/Ffx4GUg.png

>>20
新しく出したから前使ってた脆弱性はバレんやろ……の精神

使ってたやなくて残ってたや

過去のって言うと2018年くらいのSSLVPN webportalのdirectory traversalが多分一番メジャーだけどsslvpnd自体の問題は修正しきれてない感あるんよね

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
12/13/2022
https://hatenablog-parts.com/embed?url=https://nvd.nist.gov/vuln/detail/cve-2022-42475</a>" frameborder="0">https://nvd.nist.gov/vuln/detail/cve-2022-42475

Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
06/13/2023
https://hatenablog-parts.com/embed?url=https://nvd.nist.gov/vuln/detail/CVE-2023-27997</a>" frameborder="0">https://nvd.nist.gov/vuln/detail/CVE-2023-27997

CVE-2023-33308
https://hatenablog-parts.com/embed?url=https://nvd.nist.gov/vuln/detail/CVE-2023-33308</a>" frameborder="0">https://nvd.nist.gov/vuln/detail/CVE-2023-33308

最後のはSSL DPI利用してる環境でのRCEだけど前2つはheap based buffer overflowで条件がなぁ😑

https://hatenablog-parts.com/embed?url=https://labs.watchtowr.com/fortinet-no-more-funny-titles-cve-2022-42475/</a>" frameborder="0">https://labs.watchtowr.com/fortinet-no-more-funny-titles-cve-2022-42475/

If you recall, the initial difference that piqued our interest was a change to the memory allocator, which will now reject HTTP requests with a Content-Length of over 0x40000000 bytes. There are other such checks added, presumably to add extra layers of safety to the large codebase. One such check will reject POST attempts which contain a payload of more than 1048576 (0x10000) bytes, responding with a HTTP "413 Request Entity Too Large" message instead of waiting for the transfer of the payload data.