Packing files into archives like zips, tars, jars, wars, cpios, apks, rars and 7zs is a common way to keep important files and filesystem structures together when sharing them; it's also a source of potentially dangerous malware attacks.
In a new paper the security research organization Snyk details an attack they call Zip Slip, which exploits a bug in thousands of archiving and de-archiving utilities, including ones from HP, Amazon, Apache and Pivotal.
Zip Slip is a "directory traversal" attack, which exploits lax checking during unpacking, allowing the attacker to craft an archive that drops files in arbitrary directories anywhere on your hard drive, even overwriting key components.
Zip Slip Vulnerability [Snyk]
Cyriak Harris is writing a novel titled “Horse Destroys the Universe.” Cyriak has been creating strange animated GIFs and videos for more than a decade so he made a promo animation for his book-in-progress. Guess what? It’s incredibly weird and amazing. From the novel description: Life was simple for Buttercup the horse. Chewing grass in […]
Rulof Maker used a salvaged motorcycle piston and cylinder, mounted in an Ikea lamp, to create a homebrew espresso machine, using a lever to pressurize water at temperature through a puck of coffee grounds.
If your kid gets fined for running an unlicensed lemonade stand this summer, or has to pay to get a license to operate a stand, Country Time will pay the first $300 in expenses, to a maximum of $60,000 in fines between now and Aug 31 (sorry, Labor Day parade lemonade stands, you're SOL). It's […]
The Adobe Creative Cloud is home to a suite of editing tools today’s creatives count on to produce their content. Whether you’re an aspiring photographer, animator, or graphic designer, Adobe’s programs can help you in your creative pursuits, and with the Complete Adobe CC Training Bundle, you can come to grips with six of them for […]
Your pet might be photogenic, but getting them to stare long enough at your camera to snap that Instagram-worthy photo isn’t as simple as telling them to sit. Bribing your pets with their favorite treat, however, might just do the trick, and with the Adjustable Pet Selfie Smartphone Attachment, you can do just that while getting […]
The cybersecurity landscape is changing, and now one of the most effective ways to counter hacking threats is to employ another hacker against them. Commonly referred to as ethical hackers, these professionals use a cybercriminal’s tools against them, checking networks for vulnerabilities and patching them up before they can be exploited. The Certified Ethical Hacker Bootcamp […]