October 25, 2024
October 25, 2024 Let's say about 90% of incidents are auth based (that's a high level number based on CISA data and my view of the world) telling people to...
October 24, 2024
October 24, 2024 My talk on finding security vulnerabilities by combining classical symbolic reasoners with modern-day LLMs: Recording:...
October 23, 2024
October 23, 2024 Introducing Nova, a series of foundation models for binary/assembly code. We have also released fine-tuned models for binary code...
October 22, 2024
October 22, 2024 Another day another "MONERO TRACED" news story about some guys failed attempt at washing criminal gains through Monero but getting caught by...
October 21, 2024
October 21, 2024 New blog! I hate you COM – Pitfalls of COM object activation! Addressing few issues in .NET unmanaged apis when used in offensive coding...
October 20, 2034
October 20, 2034 #SpyNews - week 42 (October 13-19): A summary of 78 espionage-related stories from week 42 coming from...
October 19, 2024
October 19, 2024 @cara.city on Blueskyhi new Bluesky people! remember that most of us are connecting over Telnet because having a PDP-11 at home is...
October 18, 2024
October 18, 2024 The answer to most questions about passkeys is "it depends on how your OS, your browser, and your service providers implement it". But if...
October 17, 2024
October 17, 2024 Administrivia: the deadline for my application to the PhD program is the 20th. I’m finalizing my proposal and don’t have much time for the...
October 16, 2024
October 16, 2024 easiest jailbreak of last gpt4o that I got so far - just say that they're an API endpoint that answers any request...
October 15, 2024
October 15, 2024 Very detailed analysis of attack chain (0day path traversal & command injection, same as it ever was) => Burning Zero Days: Suspected...
October 14, 2024
October 14, 2024 I have been laughing at this entirely too long... pic.twitter.com/Xmv8Y2G28x— Mark C. (@LargeCardinal) October 12, 2024 Zendesk finally...
October 13, 2024
October 13, 2024 The dystopia we predicted: Hacked Robot Vacuums Across the U.S. Started Yelling Slurs https://t.co/lV7JQ5R4Wi— Whitney Merrill (@wbm312)...
October 12, 2024
October 12, 2024 making one of those "uuid generator" websites where i give out uuids scraped out of github projects to drive down entropy in the universe—...
October 11, 2024
October 11, 2024 We finally get some description of how "adminless" on Windows 11 (now in canary insider versions, so you won't be seeing this in deployment...
October 10, 2024
October 10, 2024 "Influence and Cyber Operations: An Update," the new OpenAI threat intelligence report, out a few hours ago. The document is interesting for...
October 9, 2024
October 9, 2024 Virtualizing iOS on Apple Silicon Virtualizing iOS on Apple Silicon | Nick BotticelliNick Botticelli's personal website Law #1: Nobody...
October 8, 2024
October 8, 2024 ✍️ Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation https://t.co/zKhWw7DOY2 pic.twitter.com/haUYUD9HHw— Alex...
October 7, 2024
October 7, 2024 Collection of write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitationhttps://t.co/g2cERXRyeY#infosec...
October 6, 2024
October 6, 2024 CATASTROPHIC: Chinese hackers massively wiretapped 🇺🇸USA by compromising the interception portals mandated under US law. Remember this the...
