High-severity vulnerabilities affect a wide range of Asus router models: https://arstechnica.com/security/2024/06/high-severity-vulnerabilities-affect-a-wide-range-of-asus-router-models/ via @dangoodin

@immibis@social.immibis.com this makes for a handy get-my-ip-and-region-from-the-cli too! curl https://www.cloudflare.com/cdn-cgi/trace

📺 ⏰ Tune in at the top of the hour (12pm US Central) for our next episode of runZero Hour! We are thrilled to welcome Brianna Cluck of @greynoiseio. We'll dive into Brianna's "x-files," her collection of fascinating payloads, & new threat intel insights. Register here 👉
https://runzero.zoom.us/webinar/register/WN_mk62HbrzTaO6Fd9MO7LKCw#/registration

Oona Räisänen (@windytan) does amazing analysis and writes about it, the latest is no exception -- "Ultrasonic investigations in shopping centres" https://www.windytan.com/2024/06/ultrasonic-investigations-in-shopping.html

I am a huge fan of the Hacker History podcast by Josh Bressers and really enjoyed chatting with him for this episode. It's a fantastic interview style and I think captures the "why" of the hacker mindset in a unique way: https://hackerhistory.com/podcast/the-history-of-hd-moore/

PSA: If you use GOGS.io (the predecessor to Gitea and friends), please make sure self-registration is disabled. I reported a trivial RCE a couple months ago, received no reply, and it's starting to look intentional.

I am super excited to speak at Black Hat USA this year with Rob King (@lorddimwit) Our work, "Secure Shells in Shambles", dives deep into the Secure Shell protocol, its popular implementations, what's changed, what hasn't, and how this leads to unexpected vulnerabilities and novel attacks. An open source tool, dubbed "sshamble", will be demonstrated, which reproduces these attacks and opens the door for further research.

#BHUSA #vulnerability #infosec

- https://www.blackhat.com/us-24/briefings/schedule/#secure-shells-in-shambles-40393

Some of the announced talks that I am looking forward to include:

* Super Hat Trick: Exploit Chrome and Firefox Four Times: Nan Wang, Zhenghang Xiao, & Xuehao Guo

* Securing Network Appliances: New Technologies and Old Challenges: Vladyslav Babkin

* Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server! Orange Tsai

* Listen to the Whispers: Web Timing Attacks that Actually Work: James Kettle

* Project Zero: Ten Years of 'Make 0-Day Hard': Natalie Silvanovich

* Nope, S7ill Not Secure: Stealing Private Keys From S7 PLCs: Nadav Adir, Alon Dankner, Eli Biham, Sara Bitan, Ron Freudenthal, Or Keret

* Listen Up: Sonos Over-The-Air Remote Kernel Exploitation and Covert Wiretap: Alex Plaskett, Robert Hererra

* Bugs of Yore: A Bug Hunting Journey on VMware's Hypervisor: Zisis Sialveras

* Crashing the Party: Vulnerabilities in RPKI Validation: Niklas Vogel, Donika Mirdita, Haya Schulmann, Michael Waidner

* OVPNX: 4 Zero-Days Leading to RCE, LPE and KCE (via BYOVD) Affecting Millions of OpenVPN Endpoints Across the Globe: Vladimir Tokarev

* Surveilling the Masses with Wi-Fi Positioning Systems: Erik Rye

* Terrapin Attack: Breaking SSH Channel Integrity by Sequence Number Manipulation: Fabian Bäumer

For anyone considering "Skip this update" due to ITerm2's silly AI thing - NOT updating means missing patches for this fun bag of exploits: https://vin01.github.io/piptagole/escape-sequences/iterm2/hyper/url-handlers/code-execution/2024/05/21/arbitrary-url-schemes-terminal-emulators.html

Maybe time for a new terminal?

📺 💡 Tune in tomorrow for a special episode of runZero Hour with myself, @lorddimwit , and @blainsmith

We're unpacking the findings from our inaugural Research Report. See what our analysis of millions of assets revealed about the state of asset security. Register here: https://runzero.zoom.us/webinar/register/WN_298GtwnOSj-iJ-4YDw3dVA#/registration

Don't like webcasts? You can find the full research report at: https://www.runzero.com/research-report/

Finding zero-day is great and all, but I really love finding bugs that were silently patched. Less disclosure work and often just as much impact.

PS. Using Ruckus Wireless APs? _Definitely_ apply the latest firmware (5.2.1 or newer).