🛡️ #CrushFTP , & #Cisco ASA & FTD users: We added #CVE -2024-4040, CVE-2024-20353 & CVE-2024-20359 to our Known Exploited Vulnerabilities Catalog. Visit go.dhs.gov/Z3Q & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

“Every time a block is broken in Minecraft versions Beta 1.8 through 1.12.2, the precise coordinates of the dropped item can reveal another player's location.” github.com/spawnmason/ran…

Full Rapid7 analysis of PAN-OS CVE-2024-3400 now available from Stephen Fewer and our stellar new research teammate Ryan Emmons! Spoiler: It's a two-vuln exploit chain. attackerkb.com/topics/SSTk336…

Ayyyy 8.1 not too bad

cvedetails.com/cve/CVE-2024-2…

It's a little too early to tell, but a handful of #ScreenConnect instances that we saw previously responsive & functioning with normal interactivity, now seem to exhibit some different behavior....

I can't say anything for certain, but it makes me a little nervous there might be…

The recent #ConnectWise vulnerability really looks like it's setup to be a bad one. Fingers crossed those behind the scenes keep zipping along to get it patched.

Cloudflare's bot detection is cool. Some notes:
1. Using HTTP/2 can increase your 'score' by ~20.
2. 'Anomalies' like lowercase headers are punished.
3. Your client 'JA3' fingerprint can lead to penalties (Python SSL socket == bot).
4. JA3 is also compared against your UA.

Low-level JavaScript internals tip: v8 —trace-ignition and —trace-bytecode are awesome flags for debug engine memory corruption issues (both disabled in debug build config by default), to see what JS code is doing when event happens + basically all —trace* flags. Barely needs gdb

me whenever a broken printer is nearby

Windows hardening script
gist.github.com/mackwage/08604…

Leverages windows firewall to block certain binaries from making connections
Sets lsass in protected mode
Implementation of ASR rules
Harden office
Disables DNS multicast, smbv1, netbios, powershellv2
Change file associations

I finally got a good username for something! infosec.exchange/web/@fuzz

From our headquarters underneath the Vatican, happy Halloween!

Today we release the first edition of our new publication Black Mass.

Special thanks to our Editor in Chief Helen (of Tor) for all of her hard work.

papers.vx-underground.org/papers/Other/V…

Had a fantastic time in ϻг_ϻε’s Source Incite FSWA class. If anyone is looking for the next step in advanced web app and source code review classes, I highly recommend taking this class!