Anyone interested in #ReverseEngineering a pointlessly #NDA'd "bus" system that makes it harder for no valid reason to resurrect some otherwise still functional #SATCOM gear?

https://www.beamcommunications.com/document/9-manual-9522b-l-band-transceiver/file page 15

#DPLbus #DPL #Iridium #9522B #handset

...last offset, I gave you my heart...

Having spent the last couple of nights reversing data types I'm all in for UNION busting!

#ReverseEngineering #capitalism

I've just upgraded Turbo Intruder with a shiny new algorithm called HTTP Anomaly Rank, which automatically finds the most unusual responses in your attack! Here's a quick demo, full details in the writeup below: https://youtu.be/z92GobdN40Y

TIL when you recursively search for source files, .ccls-cache can ruin your day because it contains very similar file names to the originals :P

free as in use-after

Friendly reminder from @buherator about your thoughts on reshare and r4ghidra projects: #poll

r4ghidra-r2web - https://mbbkepfl.formester.com/f/GfJNIHusN
r4ghidra-REPL - https://mbbkepfl.formester.com/f/invMupinF
REshare - https://mbbkepfl.formester.com/f/rLvls916S

Have a fun Patch Tuesday, nerds.

https://apnews.com/article/japan-softbank-son-nvidia-ai-chips-d8a10172850628c317a214280a4d94c9

You install PSP on your operator workstation and the vendor starts spying on you.

https://www.huntress.com/blog/rare-look-inside-attacker-operation

#opsec

@uint8_t A man of culture ;)

This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:

https://www.huntress.com/blog/rare-look-inside-attacker-operation

You only install this stuff, because you trust the vendor (and their government, etc.). Or not, see Kaspersky vs. US.

#AntiVirus #EDR #HackBack

That's … special. Scientists in the field of artifical intelligence telling von der Leyen to stop AGI buzzwording.

https://www.iccl.ie/wp-content/uploads/2025/11/20251110_Scientists-letter-to-the-President-AI-Hype.pdf

@keepassxc I think you misunderstood the “plausible-looking generation” criticism. The issue is not that the LLM is created to purposefully slip changes past reviewers, that would indeed be quite silly. It is trained by optimizing for plausible looking output – in essence the LLM “tries” to generate code that looks plausibly correct and such code is correct only inasmuch as code being correct is correlated with code looking correct. In contract humans when coding are trying to create correct code, and correctness there is related to how well a given human can generate correct code. The worry is that when a human makes a mistake it has a much higher chance of looking like a mistake, while LLMs are more likely to create correct-looking mistakes, because they are optimized for creating correct-looking output in general. This is what people mean when they say that LLMs will “sneak” mistakes past reviewers, and perhaps a reason to at least have different approaches to reviewing these two kinds of code.

I’m not sure what to think about the change in general, given what I know about LLMs your approach still makes me quite uneasy, but probably not enough to switch to a different password manager. Anyway, just wanted to explain the apparent confusion about this specific argument.

Oh, and since I’m writing to you already – thanks a lot for maintaining KeePassXC, it’s on the short list of software that works exactly as I like and I really have no complaints about.

[RSS] How I got Domain Admin via Citrix FAS through ESC3

https://scribe.rip/@Debugger/how-i-got-domain-admin-via-citrix-fas-through-esc3-40c6b86d7ae1

Looks like the need to fire staff to cover AI costs has hit the Windows team

RIP Windows Insider

From vendor to ESC1

https://scribe.rip/@Debugger/from-vendor-to-esc1-ed32281b7ea7

Awesome blog post explaining why ~all enterprise domains could be pwned via ADCS lately: vendors prescribe insecure configuration to integrate their stuff!

(AFAICT I couldn't post this from my RSS reader, but if you see this for the fifth time, I'm sorry!)

@algernon You are joking but https://www.itjungle.com/2025/11/10/fresche-taps-ai-for-new-rpg-to-java-conversion-tool/

@G33KatWork Every single line in that video is brilliant 😂

@TomSellers