2023-07-25
I really appreciate how accessible @taviso makes his write ups. His processor use-after-free discovery is super interesting https://lock.cmpxchg8b.com/... In particular the bit at the end where he described how he generated two equivalent pieces of assembly that executed differently... [image]
Tom's Hardware
A Google researcher finds a vulnerability in AMD's Zen 2 chips, giving access to secure information like encryption keys; AMD expects most patches to come in Q4
A huge Zen 2 leak requires a patch. … Tavis Ormandy, a researcher with Google Information Security, posted today …
2023-05-29
Oof. ChatGPT hallucinated case law and this 30 year tenure lawyer just used it sans validation. Now the judge is asking why he and his firm shouldn't be sanctioned for submitting false unvalidated information to the court. https://twitter.com/... [image]
New York Times
A New York lawyer faces sanctions for using ChatGPT to write his legal brief that had “bogus judicial decisions, with bogus quotes and bogus internal citations”
Thanks, ChatGPT? Maya Posch / Hackaday : ChatGPT v. The Legal System: Why Trusting ChatGPT Gets You Sanctioned CourtListener : Mata v. Avianca, Inc. (1:22-cv-01461) Igor Bonifacic ...
2023-03-20
Recovering original photo data from Google Pixel 7 cropped photos. https://www.da.vidbuchanan.co.uk/ ... Modified photos are written over the original without truncation. Compressed with dynamic Huffman encoding and the tree is re-specified every approximately 16KB. Allows recovery. (1/2)
9to5Google
Researchers detail “aCropalypse”, a bug in Google Pixel's Markup fixed in March 2023, where some edited screenshots can be retroactively unredacted or uncropped
Screenshot recovery utility Alan Friedman / PhoneArena : Pixel vulnerability that hits the Markup screenshot editing tool is potentially dangerous Emma Roth / The Verge : Google Pi...
Root cause is a fail to truncate the file when writing the new image. You can test if your images are impacted here https://acropalypse.app/ (runs client side) Gray parts are unrecoverable parts. (2/2)
9to5Google
Researchers detail “aCropalypse”, a bug in Google Pixel's Markup fixed in March 2023, where some edited screenshots can be retroactively unredacted or uncropped
Screenshot recovery utility Alan Friedman / PhoneArena : Pixel vulnerability that hits the Markup screenshot editing tool is potentially dangerous Emma Roth / The Verge : Google Pi...
2020-07-15
CheckPoint says exploitation gets you DA, most DC's are also DNS servers. The mitigation looks like a limit on DNS packet sizes ... https://twitter.com/...
CyberScoop
Microsoft issues a patch for a critical “wormable” flaw affecting OSes including Windows 10 and Server; Check Point says the flaw has been in code for 17 years
Shannon Vavra / CyberScoop :