Posts
184
Following
248
Followers
769
A drunken debugger
repeated

Thank you Google Bard AI!

1
2
0
repeated

The full schedule for Vancouver 2023 is now available! We have 19 entries targeting 9 targets, including 2 attempts and a SharePoint RCE. Read the details at https://www.zerodayinitiative.com/blog/2023/3/21/pwn2own-vancouver-schedule-2023

0
5
0
repeated

Success! AbdulAziz Hariri of Haboob SA completed his attack against Adobe Reader using a 6-bug logic chain exploiting multiple failed patches which escaped the sandbox and bypassed a banned API list. He earns $50,000 and 5 Master of Pwn points.

0
2
1
repeated

scare - Simple Configurable Assembly REPL && Emulator

I wrote this for people who want to write/test/play with various assembly architectures on the command line. Currently supports x86, x64, arm32, arm64 with plans for more architectures and modes.

https://github.com/netspooky/scare

2
3
0
repeated

New blogpost by @FuzzySec
and I! Patch Tuesday -> Exploit Wednesday: Pwning Windows afd.sys in 24 Hours. We reverse engineer a bug + write an exploit using a cool new primitive. We also find out that it's been exploited in the wild (previously unknown).

https://securityintelligence.com/posts/patch-tuesday-exploit-wednesday-pwning-windows-ancillary-function-driver-winsock/

0
8
0
repeated

Our story from last week, on the GRU agent caught in the Netherlands in 2018 who's now leading Sandworm, stirred up the years-old question of why the Dutch released him at the time:

https://www.wired.com/story/russia-gru-sandworm-serebriakov/

I spoke to a former Dutch official close to intelligence and updated the story with an answer.

1
3
0
#german #rave
Show content
Blasting this the whole day, and I'm measurably happier :)

https://www.youtube.com/watch?v=SC3IsrsFyg8

(from this epic mix: https://www.youtube.com/watch?v=RgB3i-sKe44 )
1
0
0
repeated

It's amusing to me that star trek imagined a world where an AI faces social rejection because he's rational, fact based, literal, fiercely/dogmatically moral, and struggles with social nuance. But here in reality we invented AIs that have no concept of truth, give zero fucks about accuracy, have no rationality, and can't do math, but match vibes and tone nearly perfectly.

The first artificial person will not be an autistic science officer. It'll be an extremely allistic salesbro or politician.

5
8
0
repeated

Outstanding work by @doyensec as usual 👏

Installer EOP (CVE-2023-21800)

https://blog.doyensec.com//2023/03/21/windows-installer.html

0
1
0
repeated

My latest: a deep dive on why no, Bitcoin isn't pumping because it's a "safe haven" from banks. Please for the love of god stop printing nonsense.

https://newsletter.mollywhite.net/p/no-bitcoin-isnt-pumping-because-its

3
5
0
repeated

My new book "Arm Assembly Internals & Reverse Engineering" is up for pre-order!

Save the date for the official launch: May 9th.

Can't wait for you to dive into the world of Arm Assembly!

Check out the official book page for more info:
https://arm-assembly.com

3
6
0
repeated

Very surprised to see that there are no browser entries (on ANY browser) at Pwn2Own this year.

0
5
0
repeated
repeated

@GossiTheDog Did you see over at the bird site the discussion regarding Acropalypse? Looks like the Snip tool in Windows has the same issue as the Google Pixel. Snip something with it, then crop the resulting file with the Snip tool. You should see as I did that the file size stays exactly the same. The original data of the file isn’t removed when it’s overwritten. Hard to believe how long it takes to find these issues. I tested on Windows 11 latest insider beta release.

3
2
0
repeated

Another dropped! With @maxpl0it, a Senior Vulnerability Researcher at Interrupt Labs.

"So my first actual CVE was probably in 2017/2018...It was a format string bug in a restricted CLI of a router."

https://medium.com/@xnomas/maxpl0it-interview-with-a-security-researcher-fe75969010e7

We talk about , max's journey and some good advice on .

Liked the ? Share it, it helps a lot!

0
6
0
repeated

We are excited to share a blog post from Chris Eagle – the author of the IDA Pro Book! In this article, he introduces his plugin. It is worthwhile reading it 🌐 https://hex-rays.com/blog/plugin-focus-sk3wldbg/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Plugin-Focus-SK3wldbg

0
3
0
repeated

Even though JMX exploitation is generally perceived to be comprehensively understood, we were able to find new universal exploitation techniques & one of them allows to gain instant Remote Code Execution using TemplatesImpl. Read all about @mwulftange's and @qtc's recent discoveries, which have already been implemented in : https://codewhitesec.blogspot.com/2023/03/jmx-exploitation-revisited.html

0
9
0
Missed this research back in December:

https://seclists.org/fulldisclosure/2022/Dec/10

Now Security Explorations posted an update:

https://seclists.org/fulldisclosure/2023/Mar/10
0
0
1
repeated
repeated

CVE-2023–26604: before 247 does not adequately block local privilege escalation for some configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because executes as root when the terminal size is too small to show the complete systemctl output.

https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7

0
3
0
Show older