I presented about file formats at #38C3.
Thanks for the feedback everyone!
https://speakerdeck.com/ange/fearsome-file-formats-18374bc4-b3f2-429f-862e-2177ab4d7aae

Unsigned and unencrypted radio protocols control a large amount of street lamps and power plants, threatening European grid stability.

All you need is a large antenna, aka. putting a wire on a kite.

Check the research of Fabian and Luca in Saal 1 at 21:45 #38c8 or at Spiegel (paywall).

https://www.spiegel.de/netzwelt/web/stromversorgung-koennten-hacker-blackouts-ueber-funk-ausloesen-a-53c29240-425b-4603-852e-5a1c0a1e5400

Proprietary silicon ICs and dubious marketing claims? Let's fight those with a microscope! #38c3

https://streaming.media.ccc.de/38c3/relive/492

Didn't expect this one to have a #synthdiy angle! 🤩

I would complain about #38c3 streaming issues but the very existence of the service is so impressive I'll just thank the Angels now: thank you!

(Edit: in case of problems, downloads still work)

To little surprise it seems that multiple #antivirus vendors have been ignoring COM hijacking as a self-defense bypass and LPE vector since at least 2018, when I first published about this technique (see my prev post).

At #38c3 guys from Neodyme demonstrated some more elegant exploits than my initial PoCs, nice work! My German is rusty but I think I'd have some comments about proposed solutions :)

ReLive will be available here:

https://streaming.media.ccc.de/38c3/relive/815

In 10mins: Der Schlüssel zur COMpromittierung: Local Privilege Escalation Schwachstellen in AV/EDRs #38c3

https://events.ccc.de/congress/2024/hub/event/der-schlssel-zur-compromittierung-local-privilege-escalation-schwachstellen-in-av-edrs/

This looks remarkably similar to my previous research on #antivirus privescs:

https://blog.silentsignal.eu/2018/01/08/bare-knuckled-antivirus-breaking/
https://blog.silentsignal.eu/2019/06/24/self-defenseless-exploring-kasperskys-local-attack-surface/

Can't wait to see what these guys found!

Does anybody have a tap for a keg of beer (10l, DIN 6647-1) with them? Maybe a top vent as well. We Cologne people have beer, but no way to get it out of the keg.

If you can help us out of our misery, that would be great. And you'll get beer! 🍻

#38C3

At #38C3, who's around? :)

Raw recordings of #38C3 from yesterday are live here:
https://streaming.media.ccc.de/38c3/relive

extremely based slide to end on for the train hackers #38c3

New assessment for topic: CVE-2024-48457

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48457](https://www.cve.org/CVERecord?id=CVE-2024-48457) is an authentication bypass that allows for an unauthenticated reset of the Wifi and admin password of the router. ..."

Link: https://attackerkb.com/assessments/182d054a-a1ba-4e39-8b00-bae34a0a894a

YouTuber won DMCA fight with fake Nintendo lawyer by detecting spoofed email
Gamer urges YouTube to change DMCA takedown process to end copyright abuse.
https://arstechnica.com/tech-policy/2024/12/youtuber-won-dmca-fight-with-fake-nintendo-lawyer-by-detecting-spoofed-email/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

I will give two lightning talks at #38c3 🎉 Both on day 3, stage Huff, around 11:30am.

Detecting Fake Base Stations with CellGuard on iOS 📶
https://cfp.cccv.de/38c3-lightningtalks/talk/8RRHKT/

iOS Inactivity Reboot 📲
https://cfp.cccv.de/38c3-lightningtalks/talk/B83MXJ/

New, w/ @lorenzofb: Data-loss prevention startup Cyberhaven was hacked to publish a malicious update to its Chrome extension, affecting potentially thousands of users. A security researcher says other big Chrome extensions were hacked in the same campaign.

More: https://techcrunch.com/2024/12/27/cyberhaven-says-it-was-hacked-to-publish-a-malicious-update-to-its-chrome-extension/

I finally figured out why I can't bypass the V8 Sandbox on the Amazon Echo Show 5's Wi-Fi captive portal browser.

... it's 32-bit; there is no V8 Sandbox

When digital materials are vulnerable to sudden removal, our collective memory is compromised, and the public’s ability to access its own history is at risk. This year, we released the Vanishing Culture report, a study that details instances of cultural loss and emphasizes the crucial role that libraries and archives play in preserving materials for future generations.

Help us in saving these resources: https://archive.org/donate/?origin=mstdn-eoy2024

“The Chaos Computer Club supports the three hackers who explained in detail at 37C3 how the Polish rail vehicle manufacturer Newag had manipulated its trains in such a way that they could only be repaired in the company's own workshops. The manufacturer reacted to the publications with an attitude not seen since the 90s and sued the hackers under both criminal and civil law.

The CCC is calling for donations to cover the legal and other resulting costs incurred so far.”

https://www.ccc.de/en/updates/2024/das-ist-vollig-entgleist

Best 38C3 preso I have seen so far (kinda week so far this year!) -> https://events.ccc.de/congress/2024/hub/en/event/from-silicon-to-sovereignty-how-advanced-chips-are-redefining-global-dominance/

Amazing tech to build modern chips!!!! :O
Fucking bonkers...

Circle Drone of Doom progress

2024 has been an exciting year for our research group! We pushed the boundaries of fuzzing and ventured into Android security, uncovering some fascinating bugs along the way. Don’t miss the highlights --- check out my latest blog post for a quick summary and links to some of our most intriguing papers: https://nebelwelt.net/blog/2024/1227-retrospective.html