January 24, 2024

        January 27, 2025

January 24, 2024

            January 24, 2024

Concrete example of the difference between theory and practice in systems engineering:

When we were designing the storage system at @Dropbox (called "magic pocket") every new PhD graduate would say it was dumb to use a thousand-node MySQL cluster to store the mapping from file… https://t.co/KxssWi7Iwj
— James Cowling (@jamesacowling) January 22, 2025

The current state of much SaaS security. Stolen support credentials, which were likely hugely overprivileged, leads to... 

"The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of 62.4M students and 9.5M…
— Chris Wysopal (@WeldPond) January 22, 2025

https://www.theregister.com/2025/01/23/asus_amd_processor_fix/

This might be one of the best reddit posts I've seen in a while no cap fr fr pic.twitter.com/hAlc6mxbVh
— Dorian Develops (@DorianDevelops) January 23, 2025

Azure Post Exploitation Framework https://t.co/3FO1aDHY8v
— Panos Gkatziroulis 🦄 (@netbiosX) January 22, 2025

CVE-2025-0395: Buffer overflow in the GNU C Library's assert() https://t.co/BUhgLoNezm
— Anderson Nascimento (@andersonc0d3) January 22, 2025

Multilayered AV/EDR Evasion Framework https://t.co/w3Gb9XIvWC #pentesting #CyberSecurity #infosec pic.twitter.com/e2a70D22ap
— Ptrace Security GmbH (@ptracesecurity) January 21, 2025

I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. https://t.co/KbsWfdLT3D

Project:https://t.co/xJvm24qqXv
— x86matthew (@x86matthew) January 23, 2025

Analyzing and Exploiting Branch Mispredictions in Microcode https://t.co/tMWVzDiOG8
— Anderson Nascimento (@andersonc0d3) January 23, 2025

The windows emulator project now runs macOS and Linux :D

Thanks to @yates82 for doing the hard work :) pic.twitter.com/Y6K2AA2uLI
— Maurice Heumann (@momo5502) January 23, 2025

                  GitHub - momo5502/emulator: 🪅 Windows User Space Emulator
🪅 Windows User Space Emulator . Contribute to momo5502/emulator development by creating an account on GitHub.            

NEW: US seeks extradition of Israeli private spy over sprawling hacking against 🇺🇸American nonprofits.

Amit Forlit's alleged customer? US lobbying firm @DCIGroup... representing @exxonmobil 

Extradition filings in UK give fresh peek into this wild case 1/ pic.twitter.com/4cQxNJlLic
— John Scott-Railton (@jsrailton) January 23, 2025

https://liberux.net/#specs

"I'll ask your body": SMBGhost pre-auth RCE abusing Direct Memory Access structs by @hugeh0ge https://t.co/sABeLSrZyX pic.twitter.com/7ZTVQ5UHhT
— Alex Plaskett (@alexjplaskett) January 23, 2025

Tenable Research examines the TTPs of Salt Typhoon, a state-sponsored actor linked to the People’s Republic of China | https://t.co/PFH8MIP0vK @TenableSecurity
— 780th Military Intelligence Brigade (Cyber) (@780thC) January 24, 2025

a QR code that sends you to a different source depending on the angle

                  Christian Walther: "@gvy_dvpont@mastodon.social Got me thinking… can …" - Mastodon 🐘
Attached: 1 image

@gvy_dvpont@mastodon.social Got me thinking… can it be done without the lens? This one seems to work!            

                   Christian Walther: "@gvy_dvpont@mastodon.social Yeah, half of each pi…" - Mastodon 🐘
@gvy_dvpont@mastodon.social Yeah, half of each pixel comes from one code and the other from the other. I assume readers sample in the center of where they expect the pixels to be based on the alignment blocks, so the important point is that the mask is the same on each pixel, and the center of the pixel lies on the boundary of the mask. So a slight shift of the picture tends to shift all of the samples to one or the other half.            

                  GitHub - ggml-org/llama.vim: Vim plugin for LLM-assisted code/text completion
Vim plugin for LLM-assisted code/text completion. Contribute to ggml-org/llama.vim development by creating an account on GitHub.            

                  Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United States, Canada, and Japan.            

https://www.theregister.com/2025/01/24/section_702_court/

                            Don't miss what's next. Subscribe to the grugq's newsletter:

          Add a comment:

                Share this email:

                                Share on Twitter

                                Share on Hacker News

                                Share via email

                                Share on Mastodon

                                Share on Bluesky