Jan 30, 2023

begging

                            January 30, 2023

                Jan 30, 2023

This is very interesting. Russia is sending combat robots to Ukraine for testing. It will be interesting to see how they perform, their capabilities and limitations.
Samuel Bendett @SamBendett
1/ At this point, this sounds more PR than a realistic tactic: Russia's Rogozin claims that Marker UGVs will be modified with antitank weapons to target  Leopard and Abrams tanks in Ukraine. Mostly because Markers were not yet really tested in a dynamic combat environment.  
Samuel Bendett @SamBendett
1/ THREAD: Russia's Dmitry Rogozin gave a detailed interview to RIA Novosti about Marker combat UGV trials in Ukraine next month, along with discussion about drones and EW in the war. Main points below - given that its Russian state media, usual caveats apply: https://t.co/SwWlKx8C26 https://t.co/kMWPQbdpLp1:58 PM ∙ Jan 26, 2023
44Likes7Retweets
Samuel Bendett @SamBendettApparently, Marker UGVs are getting loaded for combat tests in Ukraine - now its 4  vehicles instead of 3. That's 4 out of 5 existing Markers. t.me/rogozin_do/3670 
Samuel Bendett @SamBendett
1/ At this point, this sounds more PR than a realistic tactic: Russia's Rogozin claims that Marker UGVs will be modified with antitank weapons to target  Leopard and Abrams tanks in Ukraine. Mostly because Markers were not yet really tested in a dynamic combat environment. https://t.co/mMhuuypG1P https://t.co/wTYjpibOAp
1:56 PM ∙ Jan 29, 2023
21Likes12Retweets
-
Subscribe now
-
“Alex” @mangopdf
the girls are tearing your s3 bucket permissions policy apart in the group chat9:51 AM ∙ Jan 29, 2023
931Likes116Retweets
-
Bypassing (some) EDR stack trace based detections
First part of this series explains the trick used to bypass EDR.

https://0xdarkvortex.dev/proxying-dll-loads-for-hiding-etwti-stack-tracing/
Essentially, call an ntdll function that takes a callback as an argument, rather than calling the API wrappers. To ensure the stack is clean, the ntdll function is executed in another thread. Now the code has no dodgy parent from some weird memory region. 
Chetan Nayak (Brute Ratel C4 Author) @NinjaParanoid
Some EDRs catch indirect syscalls with callstack analysis. Here is a totally new technique which build a clean callstack originating from ntdll to avoid detections. No ROP required and tested and works against every EDR. Enjoy! 🔥

0xdarkvortex.dev/hiding-in-plai… 
4:28 PM ∙ Jan 29, 2023
421Likes139RetweetsFor a load of other tricks from a bygone era, check out an article I wrote for Phrack twenty years ago. We had to release it anonymously because myself and the other co-author worked for companies that produced HIPS products. Jamey Butler wrote the shellcode included in the article. We’d agreed that everyone would be anonymous, but things didn’t work out like that. 

https://github.com/grugq/grugq.github.com/blob/master/docs/phrack-62-05.txt
-
IGN @IGN
These fish committed credit card fraud while playing Pokémon. 💳🐟🐟🐟🐟 
12:23 AM ∙ Jan 25, 2023
38,284Likes9,384Retweets
-
uefitool @uefitool
Updated UEFITool and related tools to A63.

Features:
- support for HiDPI displays
- support for Zlib-compressed sections used on AMI-based boards for AMD CPUs
- several small fixes
github.comRelease UEFITool NE/UEFIExtract/UEFIFind A63 · LongSoft/UEFIToolNew features: it is now possible to paste GUIDs in raw EDK2 format into Search window as is without manual re-formatting, thanks to @mikebeaton
support for HiDPI displays, thanks to @NikolajSchlej...12:43 AM ∙ Jan 30, 2023
16Likes7Retweets