the grugq's newsletter

Subscribe
Archives
April 11, 2025

April 11, 2025

April 11, 2025

In iOS 18.4, Apple introduced a bug in dynamic symbol resolutions for some specific exports. @0xf4b took a long journey down a rabbit hole to understand its root cause.https://t.co/q03QTtw373

— Synacktiv (@Synacktiv) April 10, 2025


SentinelOne has now issued a statement on the situation. Apparently hoping that the administration won't actually follow through on revoking clearances for all SO employees while telling investors there will be no material impact on earnings if it does. https://t.co/5mfuJU2CBL pic.twitter.com/wjisOp8kSV

— Brian in Pittsburgh (@arekfurt) April 10, 2025


‘I am not who you think I am’: how a deep-cover KGB spy recruited his own sonhttps://t.co/pmUIDtV96w

— Dr. Dan Lomas (@Sandbagger_01) April 10, 2025


Journal of applied operational intelligence

https://www.ubplj.org/index.php/jaoi


The hunt for the red October: the untold story

A CIA satire.

https://brian.carnell.com/wiki/the_hunt_for_red_october_the_untold_story


NEW: A recently published court document shows the locations of WhatsApp victims targeted with NSO Group's spyware.

The document lists 1,223 victims in 51 countries, including Mexico, India, United Kingdom, United States, etc.

This was over a span of ~ two months in 2019.

— Lorenzo Franceschi-Bicchierai (@lorenzofb) April 9, 2025

Full story here: https://t.co/SMZgN2EGaZ

— Lorenzo Franceschi-Bicchierai (@lorenzofb) April 9, 2025

And court document here: https://t.co/zTbAagJSED

— Lorenzo Franceschi-Bicchierai (@lorenzofb) April 9, 2025


"The boom, the bust, the adjust and the unknown"

The industry around us changes at a faster pace than ever before.

This will force the different stakeholders to reevaluate their strategy and how they will decide to move forward. #Zer0Con2024 https://t.co/eTFbRL49jC

— Maor Shwartz (@malltos92) April 9, 2024


From firmware dumps to wireless exploration — check out our latest dive into DVB receiver analysis and the hidden attack surface it exposes!https://t.co/5lAwyF23EF

— Synacktiv (@Synacktiv) April 9, 2025


Just remember: China can stay poor longer than the US can stay poor, this is their leverage and it’s not a joke

— Leveraged Cat (@leveraged_cat) April 8, 2025


In 2023, a cluttered guesthouse in a sleepy English town became the hub of a Russian spy network. The court rulings, and over 80,000 Telegram messages, expose a deep web of freelance intelligence. https://t.co/t6ZVdaWOOl

— War on the Rocks (@WarOnTheRocks) April 11, 2025


It's tempting to see this as just another case of Ivanti junk being abused, but the situation is a lot more noteworthy. The PRC-affiliated group here found a memory corruption issue that was patched with no vulnerability announcement and built a complex exploit for it. https://t.co/KrRd3e6RkG

— Brian in Pittsburgh (@arekfurt) April 10, 2025

We have just published our AttackerKB @rapid7 Analysis of CVE-2025-22457, an unauth stack buffer overflow in Ivanti Connect Secure. Difficult to exploit due to severe character restrictions, we detail our full RCE technique here: https://t.co/MKx9O90rm2

— Stephen Fewer (@stephenfewer) April 10, 2025

This was an interesting challenge to go from a restricted character set "0123456789." for the overflow, to arbitrary RCE. Hat tip to @watchtowrcyber for diffing out the bug last Friday. PoC available here: https://t.co/EVDvrxE6mc

— Stephen Fewer (@stephenfewer) April 10, 2025

GitHub - sfewer-r7/CVE-2025-22457: PoC for CVE-2025-22457

PoC for CVE-2025-22457. Contribute to sfewer-r7/CVE-2025-22457 development by creating an account on GitHub.


Infiltrate video archives


Best day of the week 🎉 time for another https://t.co/t7k0vTE3ln 👇

Emulating iPhones from @eshard @wrongbaud hacks a toothbrush

Spring cleaning ft hacking from @Synacktiv

Unexploitable bugs...exploited ITW from @watchtowrcyber

+ Jobs and MORE 🏴‍☠️https://t.co/taL29vQRfs

— exploits.club (@exploitsclub) April 10, 2025


If you missed it before, make sure to check out Doom's epic XBox reverse engineering saga: https://t.co/bxh4jotdoa

As a bonus, we've updated the video description with a link to the slides!

— RE//verse (@REverseConf) April 10, 2025


My plan for managing IT:

> Get ransomeware
> Change all IT tickets in SNow to go to threat actors’ email
> Tell threat actors if they can’t meet IT SLAs, they won’t get paid
> Send threat actors money every 2 weeks on Friday
> Give them a bonus if they meet their KPIs

— rekdt (@rekdt) April 10, 2025


Any reason [a CVE fix] wasn’t backported to older [Linux] kernel versions? https://t.co/78xKG0cHPk
"That's usually because no one has taken the time to do so." "As an example, for the latest 5.4.y stable kernel release, I see that there are currently 1110 unfixed CVEs"

— Open Source Security mailing list (@oss_security) April 11, 2025


My talk "Crowdsourcing Bluetooth identity, to understand Bluetooth vulnerability" is now posted here https://t.co/DgcgQv99aa, and the @DistrictCon video has also been posted https://t.co/OawBDnxEGt

— Xeno Kovah (@XenoKovah) April 11, 2025


crypto history https://t.co/Ef17T9UqIY

— JP Aumasson (@veorq) April 11, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X