Broadcast message from [email protected] (Tue 2019-05-14 21:30:00 EDT): [===== ]-----------------------------------------------------------------[===== ]| /\ |/\ |______________ ______ ___ ________ | /\ |/\ || \ / \/ |.\\ _ _ /----/ /_____/ \\\ . /_| \ / \/ ||/ \| ) __/ /___\ _/ // / // /___(__|/ \| |\ /| / // \ // / // /_\ \|\ /| | / \ /\ |/ _____ \ /_____ \_________ \_______ \| / \ /\ || \ / \/ |//////// \_____ /////// \\///////// \\/////// \_____ //. | \ / \/ ||/ \| _________ ___________ ________ _______ ________ |/ \| |\ /| _ ) /_.) ._ // ___ // /_____\ ____ (|\ /| | / \ /\ |\ |__/ \__ |/ _// // /X0 / \| / \ /\ || \ / \/ |\ : // \__ / // _/ \ /. / \| \ / \/ ||/ \| .\\ ___ /___ \ /_____ /// / ____ /\ \\__ /|/ \| |\ /| //// \____ ////// \ ____ /////// //////// \ ____ //// \____ //. |\ /| | / \ /\ |///// ///// ///// ///// | / \ /\ || \ / \/ || \ / \/ ||/ \| --- NEWS --------------------------------------------------// --|/ \| |\ /| |\ /| | Linux Kernel rds_tcp_kill_sock Function Race Condition Vuln/ \ /\ || / \ /\ || \ / \/ |> Bleeping Computer Write up| \ / \/ ||/ \| |/ \| |\ /| Prevent a worm by updating Remote Desktop Services|\ /| | / \ /\ || / \ /\ || Cisco IOS XE Software Web UI Command Injection Vulnerability\ / \/ || \ / \/ ||/ \| |/ \| |\ /| Cisco Secure Boot Hardware Tampering Vulnerability|\ /| | / \ /\ |> Website for the Vuln "Thangrycat"| / \ /\ || \ / \/ || \ / \/ ||/ \| Over 275 Million Records Exposed by Unsecured MongoDB DB|/ \| |\ /| |\ /| | WhatsApp voice calls used to inject Israeli spyware on phones/ \ /\ || / \ /\ || \ / \/ |> Facebook advisory| \ / \/ ||/ \| |/ \| |\ /| MDS - Microarchitectural Store Buffer Data - CVE-2018-12130,|\ /| | CVE-2018-12126, CVE-2018-12127, and CVE-2019-11091/ \ /\ || / \ /\ || \ / \/ |> MDS Attacks Website and checker| \ / \/ ||/ \| > Intel Statement|/ \| |\ /| |\ /| | ZombieLoad - Arbitrary Memory Read via fill-buffer logic/ \ /\ || / \ /\ || \ / \/ |> POC| \ / \/ ||/ \| > Whitepaper|/ \| |\ /| |\ /| | Antivirus Makers Confirm-and Deny-Getting Breached by Hackers/ \ /\ || / \ /\ || Looking to Sell Stolen Data\ / \/ || \ / \/ ||/ \| |/ \| |\ /| FCC Commissioners Say the Agency Won't Tell Them About Phone|\ /| | Location Data Investigation/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| Attacks Exploiting Sharepoint CVE-2019-0604|/ \| |\ /| > Twitter Thread|\ /| | / \ /\ || / \ /\ || Multiple Vulnerabilities in Gemalto (Thales Group) DS3\ / \/ || \ / \/ ||/ \| Authentication Server / Ezio Server|/ \| |\ /| |\ /| | / \ /\ |--- GOOD READS --------------------------------------------// --| / \ /\ || \ / \/ || \ / \/ ||/ \| From Collisions to Chosen-Prefix Collisions Application to|/ \| |\ /| Full SHA-1|\ /| | / \ /\ || / \ /\ || How to brick all Samsung phones\ / \/ || \ / \/ ||/ \| > PoC Repo|/ \| |\ /| |\ /| | Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant/ \ /\ || / \ /\ || CPUs\ / \/ || \ / \/ ||/ \| |/ \| |\ /| A Questionable Journey From XSS to RCE|\ /| | / \ /\ || / \ /\ || Recently released records show how NASA investigated the 1989\ / \/ || \ / \/ ||/ \| WANK worm infection|/ \| |\ /| |\ /| | An example why NAT is NOT security/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| Notifiable Data Breaches Scheme 12-month Insights Report|/ \| |\ /| |\ /| | Florida Man Arrested For I EAT ASS Sticker Wont Be Prosecuted/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| Why a Helium Leak Disabled Every iPhone in a Medical Facility|/ \| |\ /| |\ /| | / \ /\ |--- CHEAT CODES -------------------------------------------// --| / \ /\ || \ / \/ || \ / \/ ||/ \| System Down: A systemd-journald exploit|/ \| |\ /| |\ /| | Sqlite3 Window Function Remote Code Execution Vulnerability/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| Remotely monitor cursor location using CSS :hover selectors|/ \| |\ /| |\ /| | Exploiting Deserialisation in ASP.NET via ViewState/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| Danger of Stealing Auto Generated .NET Machine Keys|/ \| |\ /| |\ /| | Cleartext message spoofing in supplementary Go Cryptography/ \ /\ || / \ /\ || Libraries (@sec_consult)\ / \/ || \ / \/ ||/ \| |/ \| |\ /| Jenkins RCE Bug chain|\ /| | / \ /\ || / \ /\ || \ / \/ |--- USEFUL ------------------------------------------------// --| \ / \/ ||/ \| |/ \| |\ /| Need a zero-width space on your clipboard?|\ /| | / \ /\ || / \ /\ || List of Free Science Books\ / \/ |NOTE: This site may have a fake | \ / \/ ||/ \| browser update in one of the ads, so be careful |/ \| |\ /| |\ /| | / \ /\ |--- SAFARI ------------------------------------------------// --| / \ /\ || \ / \/ || \ / \/ ||/ \| l33th4x|/ \| |\ /| |\ /| | ALL CREDIT CARD PIN CODES IN THE WORLD LEAKED/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| --- GOOD NEWS ---------------------------------------------// --|/ \| |\ /| |\ /| | We are looking at a bunch of merch - Vote in our poll!/ \ /\ || / \ /\ || \ / \/ || \ / \/ ||/ \| A video announcing our return to broadcasting will be out|/ \| |\ /| sometime this week! Keep an eye on twitter for details.|\ /| | / \ /\ || / \ /\ || Vote for us in "Best CyberSecurity Video or CyberSecurity\ / \/ || \ / \/ ||/ \| Video Blog" for the EU Security Blogger Awards!|/ \| |\ /| |\ /| | / \ /\ || / \ /\ || \/ |\/ || [\/ |\/ |===== ]------------------logo by x0 --layout by yuu ------------------[===== ]\ / \ / \ / \ / \ / \ / | | O O