smx-smx

XZ Backdoor symbol deobfuscation. Updated as i make progress

q3k

0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'

thesamesam

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

BushidoUK

Statement on MGM Resorts International: Setting the record straight
9/14/2023, 7:46:49 PM

We have made multiple attempts to reach out to MGM Resorts International, "MGM". As reported, MGM shutdown computers inside their network as a response to us. We intend to set the record straight.

No ransomware was deployed prior to the initial take down of their infrastructure by their internal teams. 

MGM made the hasty decision to shut down each and every one of their Okta Sync servers after learning that we had been lurking on their Okta Agent servers sniffing passwords of people whose passwords couldn't be cracked from their domain controller hash dumps. Resulting in their Okta being completely locked out. Meanwhile we continued having super administrator privileges to their Okta, along with Global Administrator privileges to their Azure tenant. They made an attempt to evict us after discovering that we had access to their Okta environment, but things did not go according to plan. 

On Sunday night, MGM implement

lleyton

Open Source Business Challenges and Reality

Original Japanese note here.

Original Author: Rui Ueyama (creator of the mold linker)

Translated by @windowsboy111

Minimally edited by @lleyton

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

bboure

aws ssm get-parameters-by-path --path '/path/to/prams' --recursive \
  | jq .Parameters[].Name \
  | xargs -L1 -I'{}' aws ssm delete-parameter --name {}

akihikodaki

Linux Desktop on Apple Silicon in Practice

I bought M1 MacBook Air. It is the fastest computer I have, and I have been a GNOME/GNU/Linux user for long time. It is obvious conclusion that I need practical Linux desktop environment on Apple Silicon.

Fortunately, Linux already works on Apple Silicon/M1. But how practical is it?

• Two native ports exist.

joshuat

Slack has listened to feedback and given us a way to toggle off the sidebar avatars.

(This only seems to be available in the Beta channel at the moment)

Display or hide profile photos

1. From your desktop, click your profile picture in the top right.
2. Select Preferences from the menu.
3. Click Sidebar in the left-side column.
4. Check or uncheck the boxes next to Show profile photos next to DMs.

cubehouse

#!/bin/bash

function convert {
        filename=$(echo "$1" | cut -f 1 -d '.')
        newFilename=${filename}_HD.mkv

        if [ -f "$newFilename" ]; then
            echo \* $newFilename already exists!
        else
                COLORS=$(ffprobe -show_streams -v error "$1" |egrep "^color_transfer|^color_space=|^color_primaries=" |head -3)