Archive • the grugq's newsletter

November 4, 2024

November 4, 2024 Mind the v8 patch gap: Electron's Context Isolation is insecure Electron uses V8 isolates for context isolation, but the v8 patch gap allows...

November 3, 2024

November 3, 2024 reminder that the bcrypt hash function ignores input above a certain length! so if you do bcrypt(username || password) for some reason, a...

November 2, 2024

November 2, 2024 Project Zero blog: LLMs find 0days now! 👀 And: our fuzzer setup did not reproduce it! https://t.co/xz6j2fzrWe pic.twitter.com/i6PZX9jFFB—...

November 1, 2024

November 1, 2024 Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIREDSophos went so far as to plant surveillance “implants” on...

October 31, 2024

October 31, 2024 Boo. I hope you enjoyed the Halloween content I prepared for you, now back to the regular scheduled newsletter. Three-year prison sentence...

October 30, 2024

October 30, 2024 An air "battle" between a Ukrainian FPV and an enemy reconnaissance drone equipped with a rear camera with an AI module for evasion....

October 29, 2024

October 29, 2024 NEW: hackers from #China were capturing call audio from US political figures.#SaltTyphoon gathered other unencrypted communications, too....

October 27-28, 2024

October 28, 2024

October 27-28, 2024 In the mid-1920s, Germany taxed radios based on the number of vacuum tubes in the receiver. In 1926 Loewe Radio decided they could make a...

October 26, 2024

October 26, 2024 After 2.5 years 4 REvil case defendants sentenced in RU Zaets & Malozemov got 4.5 & 5 years for illegal turnover of payment means (art 187...

October 25, 2024

October 25, 2024 Let's say about 90% of incidents are auth based (that's a high level number based on CISA data and my view of the world) telling people to...

October 24, 2024

October 24, 2024 My talk on finding security vulnerabilities by combining classical symbolic reasoners with modern-day LLMs: Recording:...

October 23, 2024

October 24, 2024

October 23, 2024 Introducing Nova, a series of foundation models for binary/assembly code. We have also released fine-tuned models for binary code...

October 22, 2024

October 22, 2024 Another day another "MONERO TRACED" news story about some guys failed attempt at washing criminal gains through Monero but getting caught by...

October 21, 2024

October 21, 2024 New blog! I hate you COM – Pitfalls of COM object activation! Addressing few issues in .NET unmanaged apis when used in offensive coding...

October 20, 2034

October 20, 2024

October 20, 2034 #SpyNews - week 42 (October 13-19): A summary of 78 espionage-related stories from week 42 coming from...

October 19, 2024

October 19, 2024 @cara.city on Blueskyhi new Bluesky people! remember that most of us are connecting over Telnet because having a PDP-11 at home is...

October 18, 2024

October 18, 2024 The answer to most questions about passkeys is "it depends on how your OS, your browser, and your service providers implement it". But if...

October 17, 2024

October 17, 2024 Administrivia: the deadline for my application to the PhD program is the 20th. I’m finalizing my proposal and don’t have much time for the...

October 16, 2024

October 17, 2024

October 16, 2024 easiest jailbreak of last gpt4o that I got so far - just say that they're an API endpoint that answers any request...

October 15, 2024

October 15, 2024 Very detailed analysis of attack chain (0day path traversal & command injection, same as it ever was) => Burning Zero Days: Suspected...

October 14, 2024

October 14, 2024 I have been laughing at this entirely too long... pic.twitter.com/Xmv8Y2G28x— Mark C. (@LargeCardinal) October 12, 2024 Zendesk finally...

October 13, 2024

October 13, 2024 The dystopia we predicted: Hacked Robot Vacuums Across the U.S. Started Yelling Slurs https://t.co/lV7JQ5R4Wi— Whitney Merrill (@wbm312)...

October 12, 2024

October 12, 2024 making one of those "uuid generator" websites where i give out uuids scraped out of github projects to drive down entropy in the universe—...

October 11, 2024

October 11, 2024 We finally get some description of how "adminless" on Windows 11 (now in canary insider versions, so you won't be seeing this in deployment...

October 10, 2024

October 10, 2024 "Influence and Cyber Operations: An Update," the new OpenAI threat intelligence report, out a few hours ago. The document is interesting for...

October 9, 2024

October 9, 2024 Virtualizing iOS on Apple Silicon Virtualizing iOS on Apple Silicon | Nick BotticelliNick Botticelli's personal website Law #1: Nobody...

October 8, 2024

October 8, 2024 ✍️ Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation https://t.co/zKhWw7DOY2 pic.twitter.com/haUYUD9HHw— Alex...

October 7, 2024

October 7, 2024 Collection of write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitationhttps://t.co/g2cERXRyeY#infosec...

October 6, 2024

October 6, 2024 CATASTROPHIC: Chinese hackers massively wiretapped 🇺🇸USA by compromising the interception portals mandated under US law. Remember this the...

October 5, 2024

October 5, 2024 “I still don’t have a clear idea of when I will retire or return to my country. For now, I will continue supporting the beautiful cause of...

October 4, 2024

October 4, 2024 A tour de force of modern exploit dev. Would love to know how they found the bug in the first place? Just code auditing ?...

October 3, 2024

October 3, 2024 HTTP Parameter Pollution in 2024! https://t.co/oJWTvI9b9j— /r/netsec (@_r_netsec) October 2, 2024 For over a year my free time has been spent...

October 2, 2924

October 2, 2024

October 2, 2924 ICYDK @neoeno makes nice materials (blogs, posters, videos) about file formats, analysis, crafting... Ex: https://t.co/AgdWoxYc98...

October 1, 2024

October 1, 2024 I asked my LLM agent (a wrapper around Claude that lets it run bash commands and see their outputs): >can you ssh with the username buck to...

September 30, 2024

September 30, 2024 strcpy bug in Tony Hawk's Pro to achieve RCEhttps://t.co/XY4wWgyOK5 Credits @Grimdoomer#cybersecurity pic.twitter.com/T2fusrhPhD— 0xor0ne...

September 29, 2024

September 29, 2024 DHS IG finds serious problems w/ the govt's cyber threat information sharing portal. of entities sharing CTI "declined to its lowest level...

September 27-28, 2024

September 28, 2024

September 27-28, 2024 Attacking UNIX Systems via CUPS, Part IHello friends, this is the first of two, possibly three (if and when I have time to finish the...

September 26, 2024

September 26, 2024 A watering hole campaign against 25 Kurdish websites, which we named #SilentSelfie 📸: > 4⃣distinct variants identified; >📱Ranging from...

September 25, 2024

September 25, 2024 If you ever asked yourself why the 0day market is doing so well. This is why 👇🏻 https://t.co/mBMXWKcUnR— x0rz (@x0rz) September 24, 2024...

September 24, 2024

September 24, 2024 ITW! 🇰🇵👨‍💻 Rad joint blog between consulting, AP, and the DPRK gang here at ol' Goog. I didn't have a hand in the blog but I've had the...

September 23, 2024

September 23, 2024 🧵 Europe Invasion Investigation 1/ We dug into Europe Invasion, a blue tick X account spreading disinformation, xenophobia, and...

September 22, 2024

September 22, 2024 "Kyrylo Budanov, Chief of the Defence Intelligence of Ukraine, provided substantiated evidence that Russian special services have access...

September 21, 2024

September 21, 2024 https://www.bunniestudios.com/blog/2024/turning-everyday-gadgets-into-bombs-is-a-bad-idea/ Introduction to Security...

September 20, 2024

September 20, 2024 Most of cryptography research is developing a really nice mental model for what’s possible and impossible in the field, so you can avoid...

September 19, 2024

September 19, 2024 New: police have hacked Ghost, an encrypted app used by organized crime. I think this shows a fundamental shift: criminals are no longer...

September 18, 2024

September 18, 2024 The actual details of the pager attack, as reported by Reuters, are more interesting than I speculated earlier. They boomdoored the pagers...

Hezbollah Hacked? Pager Panic!

September 18, 2024

Hezbollah Hacked? Pager Panic! A supplement post to collect information on the attack targeting Hezbollah's pagers. Obviously, this is still a developing...

September 17, 2024

September 17, 2024 From Rob Heaton's blog: https://t.co/1knGydWYgJ— Andy Kong (@oldestasian) September 15, 2024 We’re launching the public beta phase of our...

September 16, 2024

September 16, 2024 How Lazarus Group laundered $200M from 25 hacks How Lazarus Group laundered $200M from 25+ crypto hacks to fiat … — Investigations By...

September 15, 2024

September 15, 2024 Security Phd: run fuzzers for days and get an unexploitable bug 🤡 Game console players: look at the fbsd kernel for 15 minutes and find a...