"Automated CrowdStrike BSOD Workaround in Safe Mode using Group Policy"
https://gist.github.com/whichbuffer/7830c73711589dcf9e7a5217797ca617
"On July 19, 2024, a CrowdStrike update was suspected to cause the Blue Screen of Death on Microsoft Windows, affecting millions of computers (Windows/Mac) worldwide, including those of essential services like emergency services, hospitals, banks, airlines, trains and others.
The blue screen of death is reported with a stop code of PAGE_FAULT_IN_NONPAGED_AREA from the csagent.sys driver."
Heads up new OpenSSH (sshd) security bug only exists in RHEL 9 and friends. OpenSSH bug leaves RHEL 9 and the RHELatives vulnerable https://www.theregister.com/2024/07/11/openssh_bug_in_rhel_9/ #linux
I permanently switched away from #intel CPUs back when I had a C2000 board self-destruct due to CPU degradation fault (*) - now 13900K/14900K CPUs are developing issues en masse. Intel has acknowledged the issue but has been unable to give proper explanation for it. So far these issues has mostly been raised by individual end users but it seems this is likely to change as it appears that large hosting companies using these CPUs appear to be affected as well. #Level1Techs and #GamersNexus are hinting on the issue being far more widespread than initially believed and not a result of running the chips near or over the recommended power limits. GN video: https://www.youtube.com/watch?v=oAE4NWoyMZk
*) https://www.anandtech.com/show/11110/semi-critical-intel-atom-c2000-flaw-discovered
CVE-2024-5535 is an #OpenSSL problem that cannot be triggered by #curl
OpenSSL calls it it a low severity flaw. https://www.openssl.org/news/vulnerabilities.html
GitHub lists is as "critical" at 9.1 out of 10: https://github.com/advisories/GHSA-4fc7-mvrr-wv2c
At Sommarhack this weekend we somehow managed to win the zero bitplane competition with this contribution: https://youtu.be/QlbSEDq6Cno?si=sdocBAN_f3ZRj5fV
We just barely managed to get a higher score than SMFX with this demo, which in my opinion is more technically impressive: https://youtu.be/z2Ke-Irp7U8?si=fiBT7UXIl24bpIsa
The rules for the competition was that the demo should run on an Atari ST and should never display any graphics on the bitmap, and the only way you are allowed to display anything on the screen is by changing the background colour at precise times.
📚The r2book is getting updated with new contents and better organization. Check out the new chapters on r2con, r2wars, r2frida, r2pipe, r2js scripting and the revamped project introduction and help us by following the new contribution guidelines! https://book.rada.re
The death of public jailbreaks and the inability for Apple to let go of their control over their customers’s devices is an ongoing vulnerability that will be (or has been, even) getting people killed. I’m sure the ‘DMA bad’ peeps will find ways to spin or flat out ignore this.
https://infosec.exchange/@lorenzofb/112752391329610950
Lock up your computers and hide your software. A new version of SERV has been seen roaming the streets. https://blog.award-winning.me/2024/07/serv-13.html
@pancake https://en.wikipedia.org/wiki/Rabbit_r1#Security_breach
^^ hardcoded API keys
Just received the #rabbitr1 today and with the last update it feels so useless and buggy. Can’t even use it to tell time because the timezone and the rabbithole thing feels so unsafe and scary to login any service there. At least the device looks cool
On some tracks I layer floppy drive sounds behind the drums. Here's a short video showing how it's done :)
So there's a "novel" #VPN attack with a fancy name "#TunnelVision". I argue that this is not novel at all. It is quite well known that these routes bypass routes set up by a VPN. Case example: Here is the TunnelVision attack described in September 2023: https://lowendtalk.com/discussion/188857/a-rogue-dhcp-server-within-your-network-can-and-will-hijack-your-vpn-traffic #infosec #cybersecurity
@textfiles Plenty of bootlickers in the world.
Great, another crapball OS we have to deal with
-"When the going gets weird, the weird turn pro..."