August 13, 2024
August 13, 2024 A quote from the launch of Google Project Zero in 2014:“We’re really going to make a dent in this problem,” Evans says. “Now is a very good...
August 12, 2024
August 12, 2024 So cool to see my vulnerability research automation work integrated into such a powerful tool! Keep it up ✊ https://t.co/jsBlS1j0LC—...
August 11, 2024
August 11, 2024 Just re-upping this amazing podcast which I think is one of our best of the year https://t.co/7eTTrL9Lvr— Ryan Evans (@EvansRyan202) August...
August 10, 2024
August 10, 2024 The biggest risk from cyber attacks is businesses with lax resilience failing to rapidly recover. The good news? Most critical national...
August 9, 2024
August 9, 2024 wow. an amazing 325 page google strategy document quietly unsealed buried in google antitrust docket. It's gonna take a long thread but I have...
August 8, 2024
August 8, 2024 I’m no military security expert (ok, yes I am) but it seems like using Discord for critical comms is bad? Two more videos of Russian soldiers...
The Hostile Hotel
The Hostile Hotel Actually, it's good that hotels announced room searches Some hotels in Vegas have alerted their guests there will be daily room searches to...
August 6-7, 2024
August 6-7, 2024 Crowdstrike BSOD is actually exploitable for LPE.. https://t.co/OwT68CjDS0 pic.twitter.com/ErQAtzoYvN— Richard Johnson (@richinseattle)...
August 5, 2024
August 5, 2024 Nicholas Carlini is one of the sharper people I have ever met and I pay attention to anything he writes; this, on day-to-day utility of LLMs,...
August 4, 2024
August 4, 2024 LayeredSyscall – Abusing VEH to Bypass EDRs : https://t.co/PWlPoiLZm9 Bypassing AV/EDR Hooks via Vectored Syscall - POCVectored Syscall :...
August 3, 2024
August 3, 2024 Seems like the Docker Escape (CVE-2024-6222) that our team members, @st424204 ,@n0psledbyte & @tuanit96 presented at Pwn2Own is finally fixed....
August 2, 2024
August 2, 2024 The first version of Arcane, formerly known as PowerRemoteDesktop is now available. For those unfamiliar with the project, Arcane is a fully...
August 1, 2024
August 1, 2024 I found an old iOS reversing guide I wrote a few years ago, it's a bit dated but I think it's still useful ☺️ https://t.co/kPaHN7zdNv— Ghidra...
July 31, 2024
July 31, 2024 I’m thrilled to share my latest blog post! This one focuses on the bug hunting process: inspiration, approach, and execution. I also provide a...
July 30, 2024
July 30, 2024 A few days ago we were alerted to Roblox 'cheaters' (we're using that term loosely) being impacted by malicious code in their 'cheat...
July 29, 2024
July 29, 2024 True for FPV drone vs FPV drone? https://t.co/2KCorOr9F2— Dave Aitel (@daveaitel) July 28, 2024 This is cool, I guess. Too bad defcon is...
July 28, 2024
July 28, 2024 Activision Blizzard released a 25 white page document that includes an amazing A/B test where they secretly progressively turned off SBMM and...
July 27, 2024
July 27, 2024 In case you’ve missed the JD Vance couch memes, here is a good summary thread. Thread by @TeddyRoosevalt on Thread Reader App – Thread Reader...
July 26, 2024
July 26, 2024 1/ A world first reverse engineering analysis of AWS Session Tokens.Prior to our research these tokens were a complete black box. Today, we are...
July 25, 2024
July 25, 2024 As we all know, drones have completely revolutionised everything. Even sports teams’ spying on their competitors. Canadian women's soccer team...
