Part of the job as a cybersecurity professional is in fact arguing to purge and not log information about your customers.

Data is not oil. It's risk.

You know those non-vulnerabilities that companies get forced to fix for compliance reasons? I've found a full bypass for a common patch strategy. I'm half-tempted to keep it secret for the greater good 😂

At DistrictCon's inaugural Junkyard competition, we achieved full remote execution on two popular home network devices: a Netgear WGR614v9 router and BitDefender Box V1 security appliance.

Our exploitation techniques included chaining four buffer overflow vulnerabilities with authentication bypass on the router, plus a novel "bashsledding" ROP technique that sprays shell commands into NVRAM for reliable code execution.

Read the blog: https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 00598f60

ossl_ec_GFp_simple_ladder_post

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00598f60.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00598f60.json&colors=light

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 0091ec00

_dl_relocate_object

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0091ec00.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0091ec00.json&colors=light

🛠️ RIFT just got an upgrade!
Now supports FLIRT signature generation on Linux 🐧
Perfect for reverse engineering Rust malware 🦀
🔗 https://github.com/microsoft/RIFT
#DFIR #ReverseEngineering #RustLang #FLIRT #MalwareAnalysis

The IT world has convinced us no new software can be deployed outside of US clouds. We're so sure about this that European governments (including the UK) are handing over vital government functions & data to US controlled servers. In this piece I argue that until recently we somehow could run stuff on locally owned hardware, and that we should urgently relearn that skill, while it is still possible - or end up as digital colony of the US: https://berthub.eu/articles/posts/our-self-inflicted-cloud-crisis/

I would strongly suggest organisations disable Microsoft Translator for Edge. It's enabled by default, and allows users to automatically translate webpages (without prompt after first use) to native language by sending the entire page content to MS. This includes intranet sites and SaaS services.

It links to a privacy policy that sounds fluffy and nice and - ya know - it isn't. The Microsoft Translator privacy policy for M365 or Azure doesn't actually apply to it.

Pst.

You don't need "privacy-preserving age verification".

Age verification solves exactly zero problems and creates several new ones.

On the internet, nobody is meant to know you're a dog.

SharePoint ToolShell – One Request PreAuth RCE Chain https://blog.viettelcybersecurity.com/sharepoint-toolshell/

New Trail of Bits Tribune: Our AIxCC finals submission, how we exposed critical flaws in Go's built-in parsers that can enable authentication bypass and data exfiltration from production systems, and 14 new security reviews.
Read it here: https://mailchi.mp/trailofbits/trail-of-bits-tribune-july-2025

This is Mastodon and this is why it rocks!