December 14, 2024
December 14, 2024
FLARE is releasing a tool today that I've been working on over this year that helps break down binaries into smaller functional clusters and uses Gemini to describe their relationships, behavior and the overall malware functionality. It's called XRefer and it is out for you to…
— Muhammad Umair (@m_umairx) December 13, 2024
just had my first wallet drained – lost 20k after making old github code public.
— jtgi ⌐🆇-🆇 (@jtgi) December 6, 2024
mistakes:
- the project had an old commit from 3y ago w/ a private key for a wallet i was using on rinkeby
- i unknowingly reused this account in @metamask 1mo ago to trade memes on base
funds…
Imagine you get hit with Phobos #ransomware variant eking in 2020, and 4 yrs later, you get hit by Hunters.
— Valéry Rieß-Marchive | @valerymarchive.bsky.social (@ValeryMarchive) December 13, 2024
And they exfiltrate some data that is *still* encrypted by the first one.
Yup. Nice one, right? pic.twitter.com/TxdSihE5e8
I keep telling you
— Natalia Antonova 🇺🇸🇺🇦 (@NataliaAntonova) December 13, 2024
The loneliness epidemic is a national security issue pic.twitter.com/PosB9ij0uW
B-29 mechanical computer implementation details
Finding 0day is not the most impactful thing that Project Zero does 😲 — it's sharing knowledge 🧠. One part of that sharing is our tooling work to help other devs and reserachers.
— Tim Willis (@itswillis) December 12, 2024
Today's installment, @tiraniddo's updated https://t.co/nLl1d6hr37👍
Blog: https://t.co/pD0bF2Ax7P
Deepinstinct : DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely : https://t.co/H3MjSWDvRD
— Binni Shah (@binitamshah) December 13, 2024
Ref : Forget PSEXEC: DCOM Upload & Execute Backdoor : https://t.co/spty8917aF pic.twitter.com/TdvJyWb4bM
I just released v0.8 of #BinaryRefinery!https://t.co/E20pgo2bTL
— Jesko Hüttenhain (@huettenhain) December 13, 2024
There are some breaking changes, but you'll notice them only if you are a power user.
The vstack unit now supports using Speakeasy - at the cost of running Unicorn v1. Related post:https://t.co/oJaxPXfIA9
MBE - Course materials for Modern Binary Exploitation by RPISEC : https://t.co/OYe7O2W76O
— Binni Shah (@binitamshah) December 14, 2024
pablolarah: "🟠 "Pwned", The Book, Is Now Available for Free by…" - Mastodon
Attached: 1 image 🟠 "Pwned", The Book, Is Now Available for Free by @troyhunt@infosec.exchange In PDF & EPUB formats. #TroyHunt #Pwned #freeEbook https://www.troyhunt.com/pwned-the-book-is-now-available-for-free/
pytune - a post-exploitation tool for enrolling a fake device into Intune with multiple platform support https://t.co/sJPgPhv9v6
— Panos Gkatziroulis 🦄 (@netbiosX) December 14, 2024