The @badkeys project added the leaked and decrypted keys from the Fortinet breach: "Overall, there were around 100,000 private keys in PKCS format and 60,000 in OpenSSH format" https://blog.hboeck.de/archives/908-Private-Keys-in-the-Fortigate-Leak.html
#golangAustin Go(phers): it's almost that time again! Tomorrow (Weds/Jan15) is the January ATX Golang Meetup. Swing by for pizza, beer, and general nerdiness around Go -- 6:30pm at the Capital Factory (Antones):
Orange Tsai & splitline's "WorstFit" research into Windows unicode "BestFit" encoding is 🔥 🔥 🔥 (and mostly unpatched)!
https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/
This work brings back memories of IIS and ASP (classic) unicode exploit-dev. For example, the letter "h" having alternate encodings of %c4%a4, %c4%a5, %c4%a6, %c4%a7, %d1%88, %d1%a8, %d4%a4, %d4%a5, %d4%a6, %d4%a7, %e2%84%8b, %e2%84%8c, %e2%84%8d, and %e2%84%8e
runZero Hour Episode 13 is streaming LIVE on Youtube!
https://www.youtube.com/watch?v=mi0lrEtb4eIJoin us to celebrate one year of runZero Hour with a special anniversary episode! To mark this special occasion, we’ve gathered an all-star panel of cybersecurity experts to look back on 2024's greatest security hits and ponder what's ahead in 2025.
We’ll also be hosting the live raffle for the mystery mini-machine crafted by our very own HD Moore and celebrating our t-shirt winners. It's gonna be an epic episode!
I love hacker toys, but don't love that they tend to sit on a shelf collecting dust for the majority of their lives. My goal for the runZero Hour anniversary "mystery machine" raffle was to provide something you actually want to use every day. Tune in Friday for the reveal and snag a limited runZero t-shirt if you sign up soon! https://www.runzero.com/research/runzero-hour/
watchTowr Labs keeps things spicy in their recent post on Mitel MiCollab vulnerabilities: "Where There’s Smoke, There’s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day" - https://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day/
My session on "The Unreasonable Effectiveness of Inside Out Attack Surface Management" is starting in a few minutes and will showcase some simple (but useful!) tricks for finding sneaky network exposures: https://dr-resources.darkreading.com/free/w_runz04/
Hope to see you soon!
Hi folks! I'm thrilled to present runZero's latest applied research: "Inside Out Attack Surface Management". With IOASM you can immediately identify exposures that other approaches miss, with zero false positives, and no additional investment. Join me for a live demo on Wednesday, December 4th at 1PM EST: https://dr-resources.darkreading.com/free/w_runz04/
#golangAt least they are using #golang https://www.ac3.com.au/resources/discovery-of-CVE-2024-2550/
It was much easier to replace my ESXi lab servers with Proxmox than to download a security update[1. see alt text] for ESXi post-Broadcom. Now ESXi runs as a scan target inside of Proxmox and all is well.
Copyright 1998-2025 HD Moore