@ticoombs
@reddthat.comhttps://www.abc.net.au/news/2024-09-08/social-media-ban-children-sa-law/104325508
Social media giants would be forced to ban children under the age of 14 from their platforms or face hefty penalties, under proposed laws in South Australia that could be replicated in other states.
https://samcurry.net/hacking-millions-of-modems
Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive the traffic from the vulnerable server.
https://drewdevault.com/2024/05/24/2024-05-24-Bunnix.html
https://codedbearder.com/posts/f3-backplane/
https://www.hezmatt.org/~mpalmer/blog/2024/04/09/how-i-tripped-over-the-debian-weak-keys-vuln.html
https://threadreaderapp.com/thread/1776691497506623562.html
@bl4sty: the xz sshd backdoor rabbithole goes quite a bit deeper. I was just able to trigger some harder to reach functionality of the backdoor. there's still more to explore.. 1/n it requires sending a properly craf...…
https://axleos.com/an-irc-client-in-your-motherboard/
I made a graphical IRC client that runs in UEFI. It’s written in Rust and leverages the GUI toolkit and TrueType renderer that I wrote for axle’s userspace. I was able to develop it thanks to the vmnet network backend that I implemented for QEMU. You can connect to an IRC server, chat and read messages, all from the comfort of your motherboard’s pre-boot environment. “Why”? What kind of question is “why”?
https://github.com/amlweems/xzbot
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) - amlweems/xzbot
https://fsturmat.net/blog/04202022/
https://securelist.com/network-tunneling-with-qemu/111803/
While investigating an incident, we detected uncommon malicious activity inside one of the systems. We ran an analysis on the artifacts, only to find that the adversary had deployed and launched the QEMU hardware emulator.