Posts
2520Following
646Followers
1461
buherator
buherator
https://hackaday.com/2024/10/01/java-ring-one-wearable-to-rule-all-authentications/
0
0
1
buherator
buheratorhttps://cyberscoop.com/nso-group-court-filing-apple-lawsuit/
0
0
0
repeated
adam_cyber
adam_cyber@bird.makeup
This was a fun podcast with @aionescu discussing all things kernel: https://podcasts.apple.com/us/podcast/adversary-universe-podcast/id1694819239?i=1000671431945
0
2
0
repeated
bert hubert 🇺🇦🇪🇺🇺🇦
bert_hubert@fosstodon.orgI love this part also. The #CSAM regulation proposal is full of how it is all great for privacy, and then it hits you with this. Apparently this is scanning of all OUR photos, not of theirs: https://www.patrick-breyer.de/wp-content/uploads/2024/10/2024-10-01-conseil-hu-csam-proposition-approche-generale-24-septembre.pdf
2
6
0
repeated
HN Security
hnsec@infosec.exchangeThe second article in our new series on #Windows #kernel #driver #vulnerability research and #exploitation is out!
Exploiting #AMD atdcm64a.sys arbitrary pointer dereference - Part 2:
https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-2/
This time, @ale98 covers how to craft PoCs for the arbitrary MSR read and arbitrary pointer dereference vulnerabilities described in his previous article, with step-by-step advice for debugging with #IDAPro.
Enjoy... and stay tuned for the third and last article next week.
0
2
0
repeated
Andrea Barisani
lcars@infosec.exchangeMy TamaGo talk at the recent @osfc_io is now online, if you are interested check it out!
https://www.osfc.io/2024/talks/tamago-bare-metal-go-for-arm-risc-v-socs/
0
2
0
repeated
repeated
Christian Blichmann🇺🇦
AdmVonSchneider@infosec.exchangeI'll end this on a more positive note by saying that https://github.com/google/binexport/pull/133 at least enables the same workflow for IDA 9.0 as the one we use for Binary Ninja and Ghidra (export first, then invoke #BinDiff manually). 6/N
2
1
0
repeated
Ivan Kwiatkowski
justicerage@infosec.exchangeIf you're using @zimbra, mass-exploitation of CVE-2024-45519 has begun. Patch yesterday.
Malicious emails are coming from 79.124.49[.]86 and attempting to curl a file from that IP.
0
4
0
buherator
buheratorhttps://github.com/google/security-research/security/advisories/GHSA-q9wq-xc9h-xrw9
0
0
1
buherator
buheratorhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/
0
0
0
buherator
buheratorhttps://binary.ninja/2024/10/01/plugin-spotlight-coolsigmaker.html
0
0
0
repeated
Joxean Koret (@matalaz)
joxean@mastodon.socialA friend of mine (@GabrielGonzalez) has written a book about "Attacking and Securing U-Boot".
https://www.amazon.com/Attacking-Securing-U-Boot-Gabriel-Gonzalez/dp/B0DJ7M2JNN
1
4
0
repeated
Ange
Ange@mastodon.socialAn awesome video of live coding 6502 asm directly in Basic to produce music, with all the explanations on the way.
https://www.youtube.com/watch?v=ly5BhGOt2vE
0
1
0
repeated
repeated
/r/netsec
_r_netsec@infosec.exchangeVesta Admin Takeover: Exploiting Reduced Seed Entropy in bash $RANDOM https://fortbridge.co.uk/research/vesta-admin-takeover-exploiting-reduced-seed-entropy-in-bash-random/
0
1
0