#Nordnet services appear to be back.
harrysintonen
Nordnet has a lot of technical issues to sort out. If the malfunction allowed unauthorized parties to operate the accounts it will be quite messy to sort out.
Among with technical part, they will have to deal with the regulatory issues, in particular the Financial Supervisory Authority. They will demand answers.
I still occasionally write some m68k code and apps. These are from 2024:
- Execute code in #amiga color registers: https://sintonen.fi/src/colexec/colexec.asm
- RXS-M-XS 32bit->32bit Permuted Congruential Generator: https://sintonen.fi/src/misc/pcg/_rand.asm
- Minimal modplayer (protracker music player): https://sintonen.fi/src/minimod/ (the replayer routine is mostly from Frank Wille however)
I also participated in very useless size/speedcoding competitions - some of them are still accessible from this old web page: https://amycoders.org/compo/
Note that some of the HTML is a bit broken, for example https://amycoders.org/compo/circlecompo.html - you can view source to see the full routine
#m68k #assembly #sizecoding #speedcoding
@[email protected] Curl will likely address this eventually even though they don't consider it a vulnerability. See https://github.com/curl/curl/issues/16197
The latest curl version 8.12.0 (released today) is affected.
The details of the #AMD Microcode Signature Verification #Vulnerability are out:
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html
- https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w
#infosec #infosecurity #cybersecurity
In total surprise to no one, #NVIDIA #RTX5080 card is just "meh": https://www.youtube.com/watch?v=sEu6k-MdZgc
So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation "DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende" gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s
@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn't seem to be going great here.
Update: The "PeCoffLoader memory overflow issue for security" likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796
I had actually forgotten I still had Docker installed on this system. I've now fixed this issue by uninstalling the malicious app. I'm using #podman elsewhere already, just had this install lingering still. Apple: Thanks for the warning!
"#Nordnet admits that it was possible to trade in other people's depots during the IT breakdown"
https://www.marketscreener.com/quote/stock/NORDNET-AB-115787339/news/Nordnet-admits-that-it-was-possible-to-trade-in-other-people-s-depots-during-the-IT-breakdown-49034492/