This weeks statistics:
- Random shitpost: 25 repeats, 61 favs
- Original technical content: 3 repeats, 3 favs

#social

Study: Your coworkers hate you for using AI at work

https://pivot-to-ai.com/2025/05/10/your-coworkers-hate-you-for-using-ai-at-work/ - text
https://www.youtube.com/watch?v=ONx7IFkX9OE&list=UU9rJrMVgcXTfa8xuMnbhAEA - video

"Hey, we're gonna take a screenshot of your PC every five seconds to feed our AI, mmkay? Oh wait, you want a screenshot of a meeting slide? Heck no we don't want your COMPANY to sue us!"

-Microsoft, definitely

https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-will-soon-block-screen-capture-during-meetings/

#privacy #microsoft

I am surprised this isn’t getting the attention it deserves: Hungarian military intelligence is apparently mapping what the response in parts of Ukraine will be when Orban would march in with his army. Ukraine has several Hungarian populated pockets and Putin encouraged orban several times to grab that land from Ukraine. War is not a game, so this should be seriously addressed, Kaja Kallas and Mark Rutte!

https://ssu.gov.ua/en/novyny/sbu-vpershe-v-istorii-ukrainy-vykryla-ahenturnu-merezhu-voiennoi-rozvidky-uhorshchyny-yaka-shpyhuvala-proty-nashoi-derzhavy-video

Why the UK's IBM Failed by Asianometry

https://www.youtube.com/watch?v=EkTHDgYTh64

[RSS] Fixing Decompilation of Stack Clash Protected Binaries

https://intrigus.org/research/2025/04/15/fixing-decompilation-of-stack-clash-protected-binaries/

#Ghidra #BinaryNinja #ReverseEngineering

[RSS] Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages

https://googleprojectzero.blogspot.com/2025/05/breaking-sound-barrier-part-i-fuzzing.html

"Wrong but plausible" is a feature and not a bug for LLMs if you're looking for a system to deploy where you can use it, say, to fine-tune insurance reimbursements to the exact dollar amount you wanted and have it produce the justifications needed to get there at an industrial scale

XWiki has been compromised, and all personal wikis have been deleted. That includes mine, named XHE for "XML Hacking Encycopledia" 😢

a baby is making a sad face wh...

Binary Ninja 5.0 brings big updates to the debugger: a cleaner adapter settings UI, smarter analysis that won’t slow down your session, and new backends including rr and Corellium. Faster and more flexible debugging, whether local or remote! https://binary.ninja/2025/04/23/5.0-gallifrey.html#debugger

German President Steinmeier's speech commemorating the 80th anniversary of the end of World War II:

https://www.bundespraesident.de/SharedDocs/Reden/EN/Frank-Walter-Steinmeier/Reden/2025/250508-End-WWII.html

You want to read the whole thing, but the part below and the emphasis on the importance of learning from the past instead of describing it as a "cult of guilt" were powerful and eloquent. No words were minced, and we need more of that.

Now this looks like a pretty kick ass project: FUZZUER: Enabling Fuzzing of
UEFI Interfaces on EDK-2 https://www.ndss-symposium.org/wp-content/uploads/2025-400-paper.pdf and source at https://github.com/BreakingBoot/FuzzUEr

Finally a paper on malware fuzzing! PFUZZER: Practical, Sound, and Effective Multi-path Analysis of
Environment-sensitive Malware with Coverage-guided Fuzzing https://www.diag.uniroma1.it/~delia/papers/eurosp25-pfuzzer.pdf

@wdormann @GossiTheDog @deepthoughts10 Tamper Protection usually implements anti-debugging so you won't be able to attach a debugger even to the low-priv UI process of the AV. This is not normally a security boundary so there are of course bypasses, what you just showed basically goes back to having a UAC bypass + admin account.

@vulnbot @cR0w this is fake or at least incomplete

To join the recent series of great Windows Defender content (defendnot, EvilentCoerce) I published a status report on mpclient development:

Fuzzing Windows Defender with loadlibrary in 2025

https://scrapco.de/blog/fuzzing-windows-defender-with-loadlibrary-in-2025.html

#Fuzzing #ReverseEngineering #Antivirus

@jpmens @bagder Well, if your backups can be restored using a web API, curl can actually help!

the latest incarnation of this is someone saying that curl can be used to download a ".curlrc" into your $HOME and then curl might do bad things in subsequent invokes.

The first step is "just" to trick a user to run a curl command line doing the bad.

... if you can trick a user into running an arbitrary command, you can of course do so much more harm than just this.

I think it’s really funny that in windows the standard libraries serve to abstract away incompatibilities between the kernel of different windows releases while this funny thing:

• GLibc

in the lunix world does the exact opposite

A practical NTLM relay attack using the MS-EVEN RPC protocol and antivirus-assisted coercion https://github.com/Thunter-HackTeam/EvilentCoerce