[RSS] A blueprint for formal verification of Apple corecrypto

https://security.apple.com/blog/formal-verification-corecrypto

Fun fact, a web upload trigger gives you root read access on the Tolino Vision Color, but im not even sure if they are in general just more open for tinkering.

7" Full Color Linux eink reader for 200€ is anyway more on the expensive side

eat flaming shit, google.

https://techcrunch.com/2026/05/22/you-can-no-longer-google-the-word-disregard/

void shitIDo(bShouldCrash){
if (!bShouldCrash){
crash();
}else{
while(1){}
}
}

Hello and welcome to #NakedDieFriday! This time with proper capitalisation. :-)

The die of today is named HD6483153 and is designed by Hitachi. It fell out of a SIM card. I do not know what commercial p/n this is, if it was ever assigned one. If anyone can provide any details on what smart cards were made by Hitachi, please do so! In the meantime, we shall explore a bit. 🧵

Full-res map: http://infosecdj.net/map/hitachi/hd6483153/infosecdj_mz_nikpa40x_2/

EDIT: This is H8/3153, part of the H8/3150 series.

#electronics #reverseengineering #smartcards

🏆 Nominations for the 2026 Burp Suite Extension Awards close THIS TUESDAY ⚠️

Week 3 of Extensibility month is almost wrapped - here's what happened, what's still to come, and how to get your nomination in before it's too late 👇

When you can make $thing enter debug mode without docs, before your first and/or after your sixth coffee you know you've spent way too much time on $thing.

(picussecurity.com) UNC2891: Anatomy of a Sophisticated Bank Heist Using CAKETAP Rootkit and Raspberry Pi-Based Attacks

UNC2891, a financially motivated threat group active since 2017, has executed sophisticated attacks on banking infrastructure using custom malware and physical access vectors. Their latest campaign in Q1 2025 involved planting a 4G-enabled Raspberry Pi on a bank’s network switch to bypass perimeter defenses, enabling ATM fraud via Payment HSM manipulation.

In brief - UNC2891 targets financial institutions with advanced Linux/Solaris malware, including the CAKETAP rootkit, to authorize fraudulent ATM withdrawals. A recent attack used a Raspberry Pi for initial access, highlighting evolving physical and digital threats to banking systems.

Technically - UNC2891 employs CAKETAP (Solaris kernel rootkit) to hook system calls like `mkdirat` and `ipcl_get_next_conn`, enabling stealthy C2 and network manipulation. SLAPSTICK (PAM backdoor) captures credentials, while TINYSHELL (backdoor) communicates over raw TCP (ports 53/443). Tools like WINGHOOK (keylogger) and STEELHOUND (in-memory dropper) facilitate credential harvesting and payload execution. The CAKETAP variant on ATM switches bypasses card/PIN verification by replaying HSM responses.

Source: https://www.picussecurity.com/resource/blog/unc2891-bank-heist-explained-caketap-rootkit-and-raspberry-pi-attack

#Cybersecurity #ThreatIntel

RE: https://mastodon.social/@marver/116617742819891906

If you don't recognize "Starlette":

"Starlette is the foundation of the FastAPI Python framework."

... and everything uses FastAPI.

Patch Starlette now! If you're run it via uvicorn or other common ASGI servers then a host header parsing issue can lead to vulnerabilities leading from auth bypass up until RCE! Examples for affected packages are liteLLM, vllm, etc... Here is the X41 Advisory:

https://x41-dsec.de/lab/advisories/x41-2026-002-starlette/

[RSS] CVE-2026-9082 | Drupal SQL Injection Vulnerability

https://horizon3.ai/attack-research/vulnerabilities/cve-2026-9082/

[RSS] CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox

https://voidsec.com/cve-2026-40369-browser-sandbox-escape/

This is another writeup of a Windows sandbox escape that multi-collided during P2O

[RSS] Advisory X41-2026-002: Request Host Header not Validated in Starlette

https://x41-dsec.de/lab/advisories/x41-2026-002-starlette/

This can lead to auth bypass!

[RSS] Emulating & Exploiting UEFI: Unveiling Vulnerabilities in Firmware Security

https://www.netspi.com/blog/technical-blog/hardware-and-embedded-systems-penetration-testing/emulating-and-exploiting-uefi/

[RSS] Striga: Lifting x86 to LLVM IR with Python

https://secret.club/2026/05/21/striga.html

New from secret club!

A bunch of local companies had an incident when a datacenter fire triggered an extinguisher without proper nozzles installed and the shock wave of the gas killed a bunch of HDDs at once.

Now I wonder if I should move my speakers further away from my desktop machine...

https://soundcloud.com/djfernandamartins/tough-waves-36-rudosa

I just noticed a maybe lesser emphasized parental instinct: letting children do stuff very inefficiently.

Helping in the kitchen, driving a screw, planting a flower.

Because that's how we learn things and improve.

RE: https://mastodon.social/@tdp_org/116614512704731546

It's probably over-attribution, but in the end politicians always first check what everyone else says! So I'll say it anyway: Republik journalism, the gift that keeps on giving.

https://www.republik.ch/2026/02/18/how-tenaciously-palantir-courted-switzerland [English]

https://www.republik.ch/2025/12/08/wie-hartnaeckig-palantir-die-schweiz-umwarb [German]

🎂 IDA Turns 35.
From DOS-era disassembler to one of the most widely used reverse engineering platforms in the world...

To celebrate, we’re launching:
• 35% off new licenses (see eligibility requirements)
• Limited-edition swag giveaway
• “35 Ways to Use IDA” as told by you
• Stories from the past and a few for the future

Read all about it here:
https://hex-rays.com/blog/ida-turns-35-lets-celebrate-together