CVE-2022-0435 is a remote stack overflow in the Transparent Inter-Process Communication (TIPC) module of the Linux kernel. We’re basically able to send a payload of attacker-controlled size to the target, where it will be memcpy’d into a 272-byte buffer on the kernel’s stack—not a bad primitive, right?....
Writing a Linux Kernel Remote in 2022
Really good detailed article.
Lots of new users joining Mastodon today. Welcome!!
Remember to read our rules and code of conduct here:
Did you know there are centralized alternatives to the #Fediverse?
They are great!
Instead of being developed by volunteers for the community they are developed for millionaires with the sole purpose of getting them more money and influence over the "users".
They contain ads and algorithms, so you don't have to decide, what you want to see, but you get to see what makes you addicted, so you view more ads, buy more stuff and thereby support the capitalist system that we all love.
Instead of anonymity you get to enter your phone number and other form of identification, which totally helps against hate speech, right?
I could go on with advantages, but I think it's best you check them out for yourselves.
A Closer Look at the LAPSUS$ Data Extortion Group.
Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here's a closer look at LAPSUS$, a...
Wow. CSS Tricks has been acquired by Digital Ocean. Congrats to Chris, he’s a great guy and deserves all the success in the world.
T-Mobile Actively Censoring Certain URLs:
And not just those URLs via SMS. They are also blocking CleanBrowsing DoH url - without ever replying or giving us a valid reason.
Another other protocol being actively used that I am missing? At least, only seeing those 3 on our honeypot logs:
Also some interesting obfuscation, I am assuming to bypass WAF and IDSs:
We are sharing jndi (log4j) attack logs here:
Might be useful to find variation of attacks and IPs abusing it.
Founder of CleanBrowsing, Sucuri and OSSEC. Former VP Engineering, GoDaddy - CTO, Sucuri. Builder and breaker by heart...
Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the noc.org team.