August 23, 2023
August 23, 2023
Ghidralligator is a tool by @AirbusCyber to emulate Ghidra p-code for fuzzing with AFL++
— 0xor0ne (@0xor0ne) August 20, 2023
Github Repo: https://t.co/RzvtuaGVFz#ghidra #fuzzing #infosec pic.twitter.com/kAO2kpkb7g
New—hackers have access to a powerful chain of data that lets them dox nearly anyone in US for $15. With credit cards your address goes to the credit bureaus. That is then sold to companies, and the hackers tap into that. Targets include Musk, Rogan, Biden https://t.co/ljCCCj3fWb
— Joseph Cox (@josephfcox) August 22, 2023
VirusBulletin has been an amazing platform, publishing my first long form contribution to the industry in 2015, followed by four consecutive papers on TI.
— J. A. Guerrero-Saade (@juanandres_gs) August 22, 2023
After a short hiatus, I’m honored to return to @virusbtn to give this year’s Closing Keynote.https://t.co/ZY383G7usr
We would like to express our condolences to Blue Teamers.
— vx-underground (@vxunderground) August 22, 2023
Microsoft has announced Microsoft Excel will now support Python.
More information: https://t.co/LutCzlYc0x
Awesome blogpost by @DanielMiessler here. He lays it out clear and plain how he generates some serious income through UL and does it while keeping life quality high and working on interesting topics.
— Justin Gardner (@Rhynorater) August 22, 2023
Goalz.https://t.co/Zi1zaZS88a
ICYMI: "[The CSA Regulation] could become the basis for de facto generalised and indiscriminate scanning of the content of virtually all types of electronic communications of all users in the EU/EEA", said @EU_EDPB & @EU_EDPS in July 2022 (Aug 22) https://t.co/E7rEtQ4POz HT @EDRi
— Matthijs R. Koot (@mrkoot) August 22, 2023
TL;DR: client-side scanning = VERY BAD idea.
— Matthijs R. Koot (@mrkoot) August 22, 2023
Source:
Joint Opinion 4/2022 by @EU_EDPB & @EU_EDPS on Proposal for a Regulation of @Europarl_EN & @EUCouncil laying down rules to prevent and combat child sexual abuse (.pdf, July 2022, 38 pages) https://t.co/QOOvXkoO10 https://t.co/nd410XoVQ2
just copped that mystery flesh pit heat‼️ pic.twitter.com/oLJXQ6oyvH
— uncle baby billy’s veneers (@meatprison_) August 7, 2023
Microsoft-signed PlugX dropped via a selective supply-chain attack.
— J. A. Guerrero-Saade (@juanandres_gs) August 22, 2023
<this is fine.gif>https://t.co/wnfb0JoImT
I spent entirely too long explaining every useful feature of SSH. This includes:
— Graham Helton (@GrahamHelton3) August 23, 2023
- Local,Reverse, and Dynamic Portforwards
- Jumphosts
- SSH config file
- SSH helper utilities
- The SSH ~C console
All with pictures to help you follow along. Enjoy :)https://t.co/kWKoaoZuVp
That's very good Navalist Twitter. I'm sure the Navy needs 500 ships and the entire DoD budget. Just one last thing. Where does the entirety of the human race live? pic.twitter.com/UxaXPKmmse
— James (@GravitysRa1nbow) August 22, 2023
— No Context Russia (@Russia_NC) August 23, 2023
Declassified CIA history “Forging an Intelligence Partnership: CIA and the Origins of the BND, 1945-49”https://t.co/xrE5lm0mHj pic.twitter.com/fXtWanOith
— Aaron Bateman (@aaronbateman22) August 22, 2023
LTE/5G IMO are LESS secure than 2G when it comes to true RCE (no fake basestation).
— Mathew Solnik (@msolnik) August 22, 2023
The IMS/VoLTE stacks can be hit from anywhere in the world with just a phone number.
Media parsing, XML, etc... Android in baseband, iOS in userland.
Plenty of 0days to be found. Have fun!…
Contrary to popular belief, you can use eSIM phone plans without needing a phone that supports eSIM.
— Mishaal Rahman (@MishaalRahman) August 21, 2023
Why would you want that? Many prepaid eSIM plans are very cheap and can be bought ahead of travel, but most phones don't have an eSIM chip built-in.
So how does this work?
The… pic.twitter.com/1pjyIuaojw
— Dr. Dan Lomas (@Sandbagger_01) August 22, 2023
Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. – Krebs on Security
In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions…
I took a look at some of the privacy decisions made by Worldcoin, the eyeball-scanning cryptocurrency. https://t.co/iNNzMzWKa0
— Matthew Green (@matthew_d_green) August 22, 2023
conservatives got a hold of a clip of the astroturfed country song guy saying america is a "melting pot" and now he's fucking cancelled. also potentially a cia agent pic.twitter.com/sZSafwt5bo
— america's lounge singer (@KrangTNelson) August 22, 2023
The whole internet loves Redbeard Hillbilly Song Guy, a lovely hillbilly that that sings songs! *5 seconds later* We regret to inform you the hillbilly is not racist enough
— anderscules (@AndersCules) August 22, 2023
You may think you have a great job, but some guy at Coca Cola has gone from:
— Chris Bakke (@ChrisJBakke) August 22, 2023
- Metaverse Lead to
- Head of NFT Campaigns to
- Global Head of Generative AI
all in under 3 years and is probably pulling $5m TC.
Hats off to you my guy. pic.twitter.com/5v8EZ9zEzr
The UK wants the ability to stop companies from patching vulnerabilities.
— John Scott-Railton (@jsrailton) August 22, 2023
Catastrophically shortsighted.
Any tech product that stays will be suspect in the global marketplace.
The sector will flee.
Goodbye tech investment & jobs.
By @IoannisKouvakashttps://t.co/lO7WUL3OAA pic.twitter.com/rSLDRyMsIC
I've been teaching Hypervisor Vulnerability Research for years now, at each session I get to say: "VMM subsystem bugs are the rarest kind, especially MMU bugs". In fact, there was a handful of them in all history (all in Xen). Definitely interesting!https://t.co/c4v5UWUlYI
— Alisa Esage Шевченко (@alisaesage) August 22, 2023
Start the conversation: