Posts
4251
Following
735
Followers
1631
"I'm interested in all kinds of astronomy."
repeated

"I'm very glad," said Piglet happily, "that I thought of giving you Something to put in a Useful Pot."

0
1
0
repeated

discovered and reported to @certcc 11 old Microsoft-signed UEFI shim bootloaders that allow bypassing UEFI Secure Boot on most UEFI systems. Read about it at https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/
Tracked by -2026-8863 and -2026-10797, all these vulnerable shims were revoked in Microsoft’s June Patch Tuesday updates.

https://www.cve.org/CVERecord?id=CVE-2026-8863

https://www.cve.org/CVERecord?id=CVE-2026-10797
Exploiting these vulnerable shims allows execution of untrusted code at system boot by using the Bring Your Own Vulnerable Driver (#BYOVD) technique, enabling deployment of malicious UEFI bootkits on systems that trust the Microsoft Corporation UEFI CA 2011 certificate.
What makes these old shims dangerous is not a novel vulnerability, it’s that no new vulnerability is needed to bypass Secure Boot. Just an old, still-trusted, unrevoked shim and basic knowledge of how UEFI works is enough to bypass UEFI Secure Boot and deploy a UEFI bootkit.
For more details and instructions on how to verify that the dbx patches were properly applied on your system, read our blogpost:
https://www.welivesecurity.com/en/eset-research/forgotten-uefi-shims-undermining-secure-boot/

0
4
0
[RSS] Smashing the ServiceNow Sandbox - Pre Authentication RCE

https://slcyber.io/research-center/smashing-the-servicenow-sandbox-pre-authentication-rce/
0
0
0
LegacyHive : Windows user profile service arbitrary hive load elevation of privileges vulnerability

https://github.com/MSNightmare/LegacyHive
0
1
0
[RSS] I handed the epoll UAF to an agent

https://guysrd.github.io/epoll-uaf-agent
0
0
0
repeated

Idle thought: you can have progressive JPEGs in which coefficients for lower-frequency components are sent first and the detail is refined as more data arrives.

I'm sure you can abuse this to construct a *regressive* JPEG that looks good with the initial low-frequency data and then degrades into something terrible.

2
3
0
repeated

COMPART/SAURUS.GIF

0
3
0
@terinjokes You'd have a bright future in the budget airline biz!
0
0
0
repeated

Remarkable transparency from CISA here. After years of telling orgs to have a playbook for security incident handling, they had a security incident themselves.. and no playbook on how to respond. https://techcrunch.com/2026/07/10/us-cyber-agency-cisa-had-to-build-its-incident-playbook-during-the-incident-agency-reveals/

4
9
0
repeated

Jesus christ. I just watched ChatGPT consult the Merriam-Webster dictionary for firewall syntax.

2
3
0
repeated

lets be honest, we’re doing you a favor making your pc unbootable.

2
15
0
repeated

RE: https://infosec.exchange/@nemokamui/116919449162115047

Perfect 10 in SonicWALL SMA1000! 🥳

sev:CRIT 10.0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0008

Edit to add that it's EITW:

IMPORTANT: SonicWall PSIRT has investigated multiple cases indicating the active exploitation of the vulnerabilities described in this advisory. Customers are strongly urged to upgrade to the hotfix release as soon as possible to remediate these vulnerabilities.

3
3
0
repeated

TrendAI Zero Day Initiative

It's landed. The bug apocalypse is upon us as releases patches for 620+ CVEs to go along with 's 88. @TheDustinChilds has done his best to make sense of it all. Read his analysis at https://www.zerodayinitiative.com/blog/2026/7/14/the-july-2026-security-update-review

0
2
0
I read that a passenger was almost sucked out of a #Ryanair flight after a window broke. What will be the next move of the airline?
85% Charge the sucked out passenger for the extra space
14% Charge all other passengers because they could remain in their seats during the whole flight
2
0
1
repeated

@cR0w when I need to do substitutions or otherwise want to push bash to its limits, my first reference was always the Bash Hacker's Wiki, which is now defunct but I'm thankful for flokoe for being back the content: https://flokoe.github.io/bash-hackers-wiki/

1
6
0
repeated

Lorenzo Franceschi-Bicchierai

NEW: The Iranian government abused well-known flaws in the global telecoms infrastructure — specifically SS7 — to locate U.S. military personnel in the Middle East at the beginning of the war.

https://techcrunch.com/2026/07/14/iran-abused-mobile-networks-vulnerabilities-to-locate-u-s-military-in-the-middle-east-report-says/

2
6
0
@h0ng10 @Rapid7Official @attackerkb One nice thing about similar initiatives is that people can use them differently. Some moderation work would've been required for sure, but I don't see that as a major, shutdown triggering problem.
0
0
2
@h0ng10 I maintain @attackerkb and I don't see an alarming level of spam. I see this more as one of the last community-driven knowledge-bases turning into a service/product.

@Rapid7Official
1
1
1
repeated

So, @Rapid7Official is shutting down AttackerKB (https://attackerkb.com/) soon.

I view this as a case where an initially promising idea became overwhelmed by low‑quality reports from contributors.

Anyway, archive any data you wish to retain.

1
2
0
repeated
Show older