Good morning, afternoon, and evening. Let's get into this week's topics 👇

In Case You Missed It...

• The White House Is Making Memory Corruption Illegal - No, memory corruption in this instance does not refer to the President's mind (low hanging fruit - sorry). In a 16 page document, the administration outlined its "Path Towards Secure and Measurable Software", which mainly calls for a move towards memory safety and an increase in measurability.
• RingZer0 And NDSS Symposium - Slide decks, papers and training materials are slowly filtering out into the interwebs. We have included a few in the resources section below.

Resources And Write-Ups From This Week:

• Trail Of Bits Handbook - Fuzzing - A little late to this party, but Trail Of Bits updated their testing handbook to include a new chapter on fuzzing. It goes in depth on the tactics and methodologies, before providing actionable walkthroughs for each of the major fuzzers in the space. A great primer for anyone looking to get spun up or improve their fuzzing skills.
• Finding Gadgets for CPU Side-Channels with Static Analysis Tools - @pwningsystems and @fkaasan released research this week into using static analysis tools to find Spectre-V1 gadgets. The post walks through the CodeQL query they put together, as well as the two gadgets (CVE-2023-0458, CVE-2023-0459) they uncovered
• NDSS Symposium 2024 Round-Up - NDSS Symposium took place this week, and with it came a heap of new papers related to LLMs, fuzzing, and exploitation. @alexjplaskett put together a list of some of his favorites, including Large Language Model guided Protocol Fuzzing and SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem.
• Glitching in 3D: Low Cost EMFI Attacks - @wrongbaud slides from RingZer0. The talk starts with a fault injection overview, before demonstrating these attacks on a STM32FX. The research starts with typical voltage fault injection, before moving to Electromagnetic Fault Injection. Due to the expense of the EMFI tooling, @wrongbaud shows how to replicate these tools cost-effectively using a PicoEMP and a 3D printer
• “To live is to fight, to fight is to live! - IBM ODM Remote Code Execution - Watchtowr labs released a write-up on their research into the IBM Operational Decision Manager. The post details the two bugs they found, a deserialization vuln and a JNDI injection. The team was able to take the JNDI injection all the way to RCE, and both vulns were given CVEs (CVE-2024-22319, CVE-2024-22320).

Interesting Job Postings:

• AI Security Researcher @ Carnegie Mellon University (On-Site: Arlington, VA)
• Mobile Vulnerability Researcher @ Paragon Solutions US, Inc (Remote)
• Exploit Developer @ RedBlue Security (Remote)
• Vulnerability Researcher @ Interrupt Labs (Remote: US)
• Reverse Engineer @ DigiFlight (On-Site: Fort Meade, MD)

Wrapping Up...

As always, thanks for stopping by. We here at the club are always trying to improve so if you have comments, questions, or suggestions, feel free to shoot us a DM on X (or just drop us a follow if you are feeling generous).

We are opening up the exploits.club Discord to the public. Feel free to join us here 👉 https://discord.gg/2dxN2Gtgpx

Want to support us? You can now sponsor a coffee for the club.

Same time next week? See you then 🏴‍☠️