Just compromised a user with the pw +rndPass and was curious where this originated from.

Turns out ktpass can create random passwords, but the switch is not "-pass +rndPass" but "+rndPass" - if you do the former, the password will be set to +rndPass lol. Might be a worth a spray pic.twitter.com/I5nDMCiCKF

— eversinc33 🤍🔪⋆｡˚ ⋆ (@eversinc33) December 16, 2024

ppl in the offensive security industry love talking about how their exploits and implants have to be completely reliable and clean lmao. great work team!!! only 3 crashes!! :] pic.twitter.com/Sut7Z6gKpD

— emma (@carrot_c4k3) December 16, 2024

.@InsiderEng's investigations have led to more EU sanctions of Russian operatives. See here for a full accounting: https://t.co/249q0OMIHb

— Michael Weiss (@michaeldweiss) December 16, 2024

Chinese hacker singlehandedly responsible for exploiting 81,000 Sophos firewalls, DOJ says. https://t.co/cgjNcsgLX0 #hacker #doj #firewalls #cybernews

— Robert Morton (@Robert4787) December 16, 2024

I have posted the slides for the talk @chompie1337 and I gave this past weekend at @h2hconference -> The Kernel Hacker’s Guide to the Galaxy: Automating Exploit Engineering Workflows #H2HChttps://t.co/Cl8b58KkAv pic.twitter.com/kvue5oKyiE

— b33f | 🇺🇦✊ (@FuzzySec) December 16, 2024

⚠️ Reminder that if you ever stored your private keys or seed phrases in LastPass prior to 2023, your funds might be at risk. We've seen 15+ cases of potential LastPass-related hacks TODAY

Move your assets before hackers move them for you. For more information, keep reading🧵

— Security Alliance (@_SEAL_Org) December 16, 2024

We updated our CFP for Phrack 72! The deadline is now April 1st 2025. Check the site for specifics on how to contribute, as well as some inspiration! We also posted a link to purchase physical copies of Phrack 71, and a donation link too. Enjoy!https://t.co/R0PKIigpt8 pic.twitter.com/YydroeV5Zh

— Phrack Zine (@phrack) December 16, 2024

Fascinating Tether anecdote:

On a recent state visit to Iran, Belarusian leader Alexander Lukashenko couldn't pay ahead of time for logistics, since both Lukashenko and Iran are sanctioned.

Their solution? "Please check if you can pay tether." pic.twitter.com/QEBtdilR36

— John Paul Koning (@jp_koning) December 16, 2024

XRefer: The Gemini-Assisted Binary Navigator by Muhammad Umairhttps://t.co/CSITlKL0PF

XRefer provides a persistent companion view to assist analysts in navigating and understanding binarieshttps://t.co/jCAULG4nH6

— Alex Plaskett (@alexjplaskett) December 15, 2024

Cable: .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation https://t.co/3ML38oB526

— Nicolas Krassas (@Dinosn) December 16, 2024

Beginners introduction to Windows kernel exploitation

Part 1: https://t.co/nNTKqtgmA4
Part 2: https://t.co/QwbNVNNyt2
Part 3: https://t.co/f1hRv93yrB
Part 4: https://t.co/vS1SUVUF0c
Part 5: https://t.co/2aDetUK8g1#infosec #windows pic.twitter.com/ievBMXn7vK

— 0xor0ne (@0xor0ne) December 16, 2024

iPod Nano 7G bootrom exploit a bit too late ~ https://t.co/4fUuOAnLDa

— gsch (@__gsch) December 15, 2024

Slides for my talk at @h2hconference 2024:

Diving into Linux kernel security 🤿

I described how to learn this complex area and knowingly configure the security parameters of your Linux-based system.

And I showed my open-source tools for that purpose!https://t.co/5VXLNnuDe5

— Alexander Popov (@a13xp0p0v) December 15, 2024

Best poster moment at #NeurIPS2024 pic.twitter.com/XCvoy89XZw

— Shalev Lifshitz @NeurIPS (@Shalev_lif) December 15, 2024

Organized crime rings are starting to target bitcoin HODLers. Learn how to steer clear of them and protect your savings from physical attacks! #reposthttps://t.co/QPgZjJU1bj

— Jameson Lopp (@lopp) December 16, 2024

Important news: Microsoft is working to bring SMAP into Windows https://t.co/OxeGiqzzLu

— Yarden Shafir (@yarden_shafir) December 16, 2024

🚨 BREAKING: Amnesty’s latest report on digital surveillance in Serbia: new *NoviSpy* spyware discovered; zero days identified and patched; and first evidence showing use of Cellebrite UFED forensic products to unlock phones to then infect with spyware. 🧵 pic.twitter.com/HGYHvnXa4W

— Donncha Ó Cearbhaill (@DonnchaC) December 16, 2024

My blog post is now live alongside @amnesty 's joint release, providing remarkable insight into an ITW exploitation campaign!https://t.co/O3niXxtT6O

Turns out that you can find out quite a bit with just some kernel stacktraces ;)

From Amnesty:https://t.co/4CeJynhwZ6

— Seth Jenkins (@__sethJenkins) December 16, 2024

One thing that didn't make it into this story:

Some CISA staffers expect more people with military backgrounds to join the agency under Trump — a dynamic that one staffer describes as potentially problematic... https://t.co/9K3BWVUUFg

— Eric Geller (@ericgeller) December 16, 2024

New attack on x86 secure enclaves, specifically AMD SEV this time. SEV is AMD's answer to Intel TDXs.

Basically tricking the CPU into thinking the DRAM is a different size, causing physical address aliasing, which can then be exploited pic.twitter.com/e9457VaBse

— cts🌸🏳️‍⚧️ (@gf_256) December 17, 2024

Svartalfheim: Shellcode for stage 0, Nt API calls made using indirect syscalls, and LoadLibraryA/WinHttp calls performed with return address spoofinghttps://t.co/VM8NuuEROb pic.twitter.com/yKEyBzyrD9

— Rtl Dallas (@RtlDallas) December 16, 2024