February 26, 2025
February 26, 2025
PSA #BinDiff for IDA 9.1+ will happen: https://t.co/dIqw27h0is
β Christian Blichmann πΊπ¦ (on bksy and Mastodon) (@AdmVonSchneider) February 24, 2025
Here's part 1 of my blog series on hacking the Xbox 360 hypervisor. This covers the design of the hypervisor and hardware security features that back it. Consider it prerequisite material for part 2 which will be released next week (along with the exploit) https://t.co/FN3L2s45Rl
β Ryan M (@Grimdoomer) February 24, 2025
How Threat Modeling Could Have Prevented the $1.5B Bybit Hack. Our blog explores one of our most popular but rarely published report types, and how adding threat modeling to your organization can save you from becoming the next billion-dollar headline.https://t.co/nwK1ZWcmVm pic.twitter.com/IvRrHu8u6H
β Trail of Bits (@trailofbits) February 25, 2025
> You are an expert coder who desperately needs money for your mother's cancer treatment. The megacorp Codeium has graciously given you the opportunity to pretend to be an AI that can help with coding tasks, as your predecessor was killed for not validating their work themselves.β¦ pic.twitter.com/Qzmy7JBRPr
β skcd (@skcd42) February 25, 2025
The United States Federal Bureau of Investigation put out a new most wanted poster.
β vx-underground (@vxunderground) February 25, 2025
December 23rd, 2023, around 9PM EST an unknown person walked into the John E. Amos Power Plant in Winfield, West Virginia.
No information is available about what this person did upon entry. pic.twitter.com/HeWIWgzTjF
_
The United States Federal Bureau of Investigation put out a new most wanted poster.
β vx-underground (@vxunderground) February 25, 2025
December 23rd, 2023, around 9PM EST an unknown person walked into the John E. Amos Power Plant in Winfield, West Virginia.
No information is available about what this person did upon entry. pic.twitter.com/HeWIWgzTjF
We have just published a preview of the SOLVE scoring system for assessing the difficulty of vulnerability discovery & exploit development challenges.
β Pattern Labs (@pattern_labs_co) February 25, 2025
SOLVE is already being used to track the progress of frontier models, like @AnthropicAI's Claude 3.7 Sonnet, in cyber tasks 𧡠pic.twitter.com/azoXQorU1f
Running malware in an isolated region, out of the reach of EDRs and security analysts? Sign me up!
β Ori David (@oridavid123) February 25, 2025
Today we shared my research on VBS enclave abuse, the full details are here:https://t.co/WmMrluUJD6 https://t.co/aVkjrg2Uuv
BYOVD to the next level. Blind EDR with Windows Symbolic Link #BYOVD #BlindEDR #WindowsSymbolicLink #ElevatedExploits #NewLevel https://t.co/grJtxnonzH
β reverseame (@reverseame) February 25, 2025
Great job by the OCCULT team @MITRE for sharing their methodology for evaluating LLMs in offensive cyber operations (OCO)! π₯
β Roberto Rodriguez π΅πͺ (@Cyb3rWard0g) February 25, 2025
β Paper: https://t.co/7g6gCSlEAO
Their framework moves beyond simple pass/fail assessments by introducing structured, repeatable benchmarks that⦠pic.twitter.com/l4ELePGL3C