Teaching 15-213 again; we're in the part where we talk about C (and really, the CPU) behavior with unsigned & signed addition, shifts, etc.
This year I have a secret weapon when preparing examples: I write the code that generates the examples in Rust. 🤣 And then teach the students what happens in C.
(First, I enjoy Rust more and trust the results; second, being able to println! into a binary output is really handy for making the examples. And the playground.)
Amazon plans to close AmazonSmile, its program launched in 2013 that let customers donate 0.5% of eligible items' purchase prices to a charity, on February 20 (Addy Bink/The Hill)
1/ A lot of people have been asking for an explainer on what is going on with Southwest Airlines and the massive meltdown that occurred. Hi, I'm TProphet. I write the Seat 31B travel blog (https://www.seat31b.com) and closely follow the airline industry. More importantly, I have a friend whom Southwest abandoned in Las Vegas until New Year's (along with his cat), and there was literally nothing I could do for him. Ready? Let's dive in.
With the Guardian newspaper hit by ransomware, this is your occasional reminder:
We don't have a ransomware problem per se. We have a Bitcoin problem. Any financial system that can electronically transmit $5M ransoms without KYC/AML checks would do. But such a system is only cryptocurrency. Banks would rightly view allowing ransom payment as an exestential threat, while $5M in cash is 50kg, and needs to be picked up in person.
Zscaler has a breakdown of updates to the code of the Black Basta ransomware during November 2022.
These include changes to the ransomware's file encryption algorithms, the introduction of stack-based string obfuscation, and the use of per-victim file extensions.
Zscaler researchers believe the modifications are an attempt to better evade antivirus and EDR solutions.
At least 31 children were found to be working in the employ of Packers Sanitation Services Inc. in Nebraska and Minnesota. Packers is one of the largest food sanitation companies in the country with 17,000 employees servicing around 700 plants.
"security operations with velociraptor" 🔥🦖🤓 can't wait!
see you nerds in january :)
OK, so I'm going to drop a nice #ZeroDay here. At least I think it's 0day, but for bring your own vulnerable driver purposes it's still not blocklisted (despite reporting it months ago, maybe MS only adds drivers that are actively exploited):
BattlEye Anti-Cheat BEDAISY.SYS PPL privesc:
Have the string "top BEService&pi" somewhere in your executable PE image. You can just write it to .data if you want.
Open its \\?\GLOBALROOT\Device\BattlEye device.
Write a 9-byte zerofilled buffer to it.
Congratulations, you just got WinTCB PPL, go tamper with lsass or whatever.
He/Him. Professional Computer Look-at-er. No authoritarians, everything flows from there.
Friend Zone: A place for friends.