Fuzzing Weekly

10. March 2023 | CW10

Researchers Discover 'Kill Switch' in Starlink Terminals With Fuzzing

Starlink quietly shipped software that patched a “kill switch” in its user terminals in December last year. The discovery was made by a team of academics from Oxford University and a researcher from Switzerland’s Federal Office for Defence Procurement, who published their work at arXiv. Learn more.

From: Richard Chirgwin

Security Vulnerabilities Detected, Which Reveals DJI Drone Operator's Exact Location

Security researchers have detected critical security vulnerabilities in several DJI drones, which enable users, for example, to change a drone’s serial number or override the mechanisms that allow security authorities to track the drones and their pilots. Learn more. Learn more.

From: Ruhr-University Bochum

In Other News

CVE-2023-26266 fixed in AFL++ (NVD Score 9.8 - Critical)
In AFL++ 4.05c, the CmpLog component uses the current working directory to resolve and execute unprefixed fuzzing targets, allowing code execution. Learn more .
From: YSaxon

This Week's Discussions

How to use LibFuzz on a C project that is not a library
From: Niklbird

Buffer Overflow Confusion
From: Anglose

New Tutorial

Hacking APIs: Fuzzing 101
From: The Cyber Mentor

Fuzzing an Insecure Directory Object Reference (IDOR) Vulnerability With ZAP!
From: RedBlue Lab

Fuzzing Jobs

Principal Security Researcher
Oracle. Remote

Security Engineer, Product Security
Meta, Remote

Code Intelligence, Rheinwerkallee 6,
Bonn, NRW 53227, +49 228 28695830

Unsubscribe Manage preferences