🛠️ RIFT just got an upgrade!
Now supports FLIRT signature generation on Linux 🐧
Perfect for reverse engineering Rust malware 🦀
🔗 https://github.com/microsoft/RIFT
#DFIR #ReverseEngineering #RustLang #FLIRT #MalwareAnalysis

The IT world has convinced us no new software can be deployed outside of US clouds. We're so sure about this that European governments (including the UK) are handing over vital government functions & data to US controlled servers. In this piece I argue that until recently we somehow could run stuff on locally owned hardware, and that we should urgently relearn that skill, while it is still possible - or end up as digital colony of the US: https://berthub.eu/articles/posts/our-self-inflicted-cloud-crisis/

I would strongly suggest organisations disable Microsoft Translator for Edge. It's enabled by default, and allows users to automatically translate webpages (without prompt after first use) to native language by sending the entire page content to MS. This includes intranet sites and SaaS services.

It links to a privacy policy that sounds fluffy and nice and - ya know - it isn't. The Microsoft Translator privacy policy for M365 or Azure doesn't actually apply to it.

Pst.

You don't need "privacy-preserving age verification".

Age verification solves exactly zero problems and creates several new ones.

On the internet, nobody is meant to know you're a dog.

SharePoint ToolShell – One Request PreAuth RCE Chain https://blog.viettelcybersecurity.com/sharepoint-toolshell/

New Trail of Bits Tribune: Our AIxCC finals submission, how we exposed critical flaws in Go's built-in parsers that can enable authentication bypass and data exfiltration from production systems, and 14 new security reviews.
Read it here: https://mailchi.mp/trailofbits/trail-of-bits-tribune-july-2025

This is Mastodon and this is why it rocks!

"These very typical words are in method and intent exactly like all those ads that tell us that if we don't buy this deodorant or detergent or gadget or whatever, everyone else, even our friends, will despise, mock, and shun us the advertising industry's attack on the fragile self-esteem of millions of people. This using of people's fear to sell them things is destructive and morally disgusting.

The fact that the computer industry and its salesmen and prophets have taken this approach is the best reason in the world for being very skeptical of anything they say. Clever they may be, but they are mostly not to be trusted. What they want above all is not to make a better world, but to join the big list of computer millionaires."

https://paste.sr.ht/~rabbits/1c22b0fa383438d404d3d99ad506c6c6d60c1fd2

On Computers
Growing Without Schooling #29
September 1982
by John Holt.

Here’s an example of a linked Liszt: https://en.wikipedia.org/wiki/Franz_Liszt

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 005bcc30

EVP_CIPHER_CTX_ctrl

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F005bcc30.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F005bcc30.json&colors=light

Every little website is being pushed onto Facebook thanks to the computer illiterate duckheads in UK Parliament. We'll played MPs, people are much more vulnerable on Facebook you cuckwombles 🤬

#uk #OnlineSafetyAct

posix: Fix double-free after allocation failure in regcomp

https://sourceware.org/pipermail/libc-announce/2025/000047.html

This is what it's like publishing research in 2025. I write an extremely popular blog post on EDR bypasses and Google just comes along and steals my search traffic in the most brazen way possible.

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a434dcc

ComparePathWithVolumeMap

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a434dcc.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a434dcc.json&colors=light

«Alan Turing Institute scraps diversity drive under pressure from ministers»

Funny change in tune for an institute that was named after a person that was basically killed by the UK government for being gay. 🤷

https://archive.ph/JkOgI#selection-2204.0-2204.1

Want to make the most of the upcoming research drop? We've just updated https://http1mustdie.com/ with links to essential pre-read/watch resources. Enjoy!