Archive • the grugq's newsletter

December 11, 2024

December 11, 2024 Microsoft Rolls Out Default NTLM Relay Attack Mitigations https://t.co/uEPMLkRjHH— Nicolas Krassas (@Dinosn) December 10, 2024 DarkFlare -...

December 10, 2024

December 10, 2024 Craziest thing that happened in World War II in your area?— Hush-Kit Aviation News, History & Satire (@Hush_Kit) December 9, 2024 The IRA...

December 9, 2024

December 9, 2024 Hooka - shellcode loader with multiple capabilities. It is based on other tools like BokuLoader, Freeze or Shhhloader, and tries to...

December 8, 2024

December 8, 2024 The lack of end-to-end encryption through the telco infra is the vulnerability. We improved Internet infra security by largely de-...

December 7, 2024

December 7, 2024 A Russian state-sponsored hacker group, known as Gamaredon, has been targeting Ukrainian-speaking victims in an ongoing cyber-espionage...

December 6, 2024

December 6, 2024 Hot take: by being actively hostile to end to end encryption apps, FBI and DOJ has created the playing field on which Salt Typhoon now...

December 5, 2024

December 5, 2024 Me reverse engineering: Haha fuck yeah!!! Yes!! Me engineering: Well this fucking sucks. What the fuck.— Battle Programmer Yuu (@netspooky)...

December 4, 2024

December 4, 2024 @dagrano.bsky.social on BlueskyWe've just released our Q3 Adversarial Threat Report. Being part of the team creating the threat disruption...

December 3, 2024

December 3, 2024 It's Baaaaaack!!Our Credit Card Canarytokens are out of beta and on your Canarytoken servers..- Grab one;- Stash it somewhere "safe";- We...

December 2, 2024

December 2, 2024 The fascinating security model of dark web marketplaces The fascinating security model of dark web marketplaces After facial recognition...

December 1, 2024

December 1, 2024 The season of “next year cybersecurity predictions” is almost upon us. It's never too early to have "the talk" with your children....

November 29, 2024

November 29, 2024 In a somewhat recent project we used a vulnerable driver, which worked fine...Except: The customer had a custom rule that caused an alert...

November 28, 2024

November 28, 2024 Dopped a spicy 25-min read exploring adversarial ML 🤠 It's a mix of in-depth & light peppering of the broader field. So much I couldn’t fit...

November 27, 2024

November 27, 2024 If you like bounties, I highly recommend this presentation from @tincho_508 on novel web cache deception techniques. It comes with...

November 26, 2024

November 26, 2024 “With its aircraft carriers, nuclear submarines and missile systems, France's military is among Europe’s most modern. In terms of feathered...

November 25, 2024

November 25, 2024 A video that goes deep into the career of one of the Scattered Spider hackers. Tracing his journey through the Minecraft to Hacking...

November 24, 2024

November 24, 2024 #SpyNews - week 47 (November 17-23):A summary of 77 espionage-related stories from week 47 coming from...

November 23, 2024

November 23, 2024 If you’re looking to kill 3hrs with a podcast of my talking about hacker history, Phrack, and a bunch of random thoughts, I’ve heard this...

November 22, 2024

November 22, 2024 Spelunking in Comments and Documentation for Security Footguns - Include Security Research Blog Remember, remember the 22nd of...

November 21, 2024

November 21, 2024 https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ On the heels of @Google’s ‘Big Sleep’ AI discovery of a real-world...

November 20, 2024

November 20, 2024 Love this series. The actual size of ancient battles is hard to comprehend without seeing a full simulation. It is kilometres from one end...

November 19, 2024

November 19, 2024 Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to...

November 18, 2024

November 18, 2024 How does the new iOS inactivity reboot work? What does it protect from?I reverse engineered the kernel extension and the secure enclave...

November 16, 2024

November 16, 2024 @martu.bsky.social on BlueskyDeath threats, phishing emails, leaks and mobile malware—Iranian intelligence has heavily targeted Israeli...

November 15, 2024

November 15, 2024 France’s former intelligence chief accused of spying for Louis Vuitton billionairehttps://t.co/O65j7wuZ2A— Dr. Dan Lomas (@Sandbagger_01)...

November 14, 2024

November 14, 2024 I’ve always thought Seatbelt was a great situational awareness tool, I created a python implementation of it. Due to the nature of how I...

November 13, 2024

November 13, 2024 Uploaded my slides from POC2024. I'll soon be giving a slightly shorter version of the same talk on CODE BLUE 2024...

November 12, 2024

November 12, 2024 Looks like the talks from BlueHat 2024 are now onlinehttps://t.co/QFrktRrgJe— Alex Plaskett (@alexjplaskett) November 12, 2024 blue hat...

November 11, 2024, redux

November 11, 2024

November 10, 2024

November 10, 2024 Sorry about November 9th’s newsletter. I’ve raised the issue with Buttondown support and hopefully they’ll fix it. I got out of my Waymo to...

November 9, 2024 redux

November 10, 2024

November 9, 2024 iOS 18.1 added an implementation of the auto-reboot timer for locked devices we've been using in GrapheneOS since June...

November 9, 2024 redux

November 9, 2024

November 9, 2024 iOS 18.1 added an implementation of the auto-reboot timer for locked devices we've been using in GrapheneOS since June...

November 8, 2024

November 8, 2024 https://t.co/VB3CnETxc0 is free (not $5 or $10), clean, doesn't have ads, and works anywhere btw https://t.co/nuhRyoVcQ9...

November 7, 2024

November 7, 2024 As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog...

November 6, 2024

November 6, 2024 Resources on Satellite hacking CTFs Satellite Hacking Demystified: https://t.co/hGDo9jKO7W Hack-a-sat writeups: https://t.co/PIkGXuAKSN...

November 5, 2024

November 5, 2024 Don’t look too closely at the code here. You might not be able to recover https://t.co/47RIUcnETk— Theo - t3.gg (@theo) November 4, 2024 💡In...

November 4, 2024

November 4, 2024 Mind the v8 patch gap: Electron's Context Isolation is insecure Electron uses V8 isolates for context isolation, but the v8 patch gap allows...

November 3, 2024

November 3, 2024 reminder that the bcrypt hash function ignores input above a certain length! so if you do bcrypt(username || password) for some reason, a...

November 2, 2024

November 2, 2024 Project Zero blog: LLMs find 0days now! 👀 And: our fuzzer setup did not reproduce it! https://t.co/xz6j2fzrWe pic.twitter.com/i6PZX9jFFB—...

November 1, 2024

November 1, 2024 Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIREDSophos went so far as to plant surveillance “implants” on...

October 31, 2024

October 31, 2024 Boo. I hope you enjoyed the Halloween content I prepared for you, now back to the regular scheduled newsletter. Three-year prison sentence...

October 30, 2024

October 30, 2024 An air "battle" between a Ukrainian FPV and an enemy reconnaissance drone equipped with a rear camera with an AI module for evasion....

October 29, 2024

October 29, 2024 NEW: hackers from #China were capturing call audio from US political figures.#SaltTyphoon gathered other unencrypted communications, too....

October 27-28, 2024

October 28, 2024

October 27-28, 2024 In the mid-1920s, Germany taxed radios based on the number of vacuum tubes in the receiver. In 1926 Loewe Radio decided they could make a...

October 26, 2024

October 26, 2024 After 2.5 years 4 REvil case defendants sentenced in RU Zaets & Malozemov got 4.5 & 5 years for illegal turnover of payment means (art 187...

October 25, 2024

October 25, 2024 Let's say about 90% of incidents are auth based (that's a high level number based on CISA data and my view of the world) telling people to...

October 24, 2024

October 24, 2024 My talk on finding security vulnerabilities by combining classical symbolic reasoners with modern-day LLMs: Recording:...

October 23, 2024

October 24, 2024

October 23, 2024 Introducing Nova, a series of foundation models for binary/assembly code. We have also released fine-tuned models for binary code...

October 22, 2024

October 22, 2024 Another day another "MONERO TRACED" news story about some guys failed attempt at washing criminal gains through Monero but getting caught by...

October 21, 2024

October 21, 2024 New blog! I hate you COM – Pitfalls of COM object activation! Addressing few issues in .NET unmanaged apis when used in offensive coding...