As well as giving a sense of scale, the court record also shows how the Secret Service investigated this ring
- followed money from victims to exchanges
- got access to linked email account
- in that email, US visa
- got phone number from that application https://t.co/ttmTCmYgbN pic.twitter.com/ULnQmOLZsY

— Joseph Cox (@josephfcox) January 8, 2024

New on Hacking the Cloud! Have you ever wanted to exploit a 3.5 year old AWS bug? Now you can! Read here about bypassing Amazon Cognito’s user enumeration controls. https://t.co/KlxJDPvTA6

— Nick Frichette (@Frichette_n) January 8, 2024

speakin in a global language pic.twitter.com/9PrXqzFbaZ

— sandy (@sandyhonig) January 8, 2024

In the 2010s, the computing zeitgeist did not care about performance - Moore's law was alive and well, so slow code was fine.

Now we care about performance deeply. Clock speeds have stalled. Will wrangling bits on low power machines be relevant again? ASM renaissance?

— Lewis Campbell (@LewisCTech) January 7, 2024

Issues of data protection and human dignity of generative AI processing and creations are an important one. My #GDPR complaint about OpenAI's data processing. It concerns input and output, access to information, and technology design. https://t.co/fn2H954JqM

— Lukasz Olejnik, Ph.D, LL.M (@lukOlejnik) January 8, 2024

lol I wasn't in the video (it was after I graduated and was no longer at CSAW). But:https://t.co/ABnWwTERYq

(playback should work. I also have a download locally if it doesn't play for you)

— tylerni7 (@tylerni7) January 6, 2024

Heap exploitation series by @Ch0pinhttps://t.co/tLsHXCsArohttps://t.co/tp2UYyjJgkhttps://t.co/VwFBRE8xnOhttps://t.co/CuTbPCTX7ghttps://t.co/MbS5KdllzWhttps://t.co/lRIaAzTgifhttps://t.co/squUPud5F6https://t.co/VsKXgzxuDJhttps://t.co/kPJ1Jzn2om#infosec #heap pic.twitter.com/YFfo5Edgzo

— 0xor0ne (@0xor0ne) January 8, 2024

We just released Mixtral 8x7B paper on Arxiv:https://t.co/wn0kOOFTcJ pic.twitter.com/Xth6asCjpQ

— Devendra Chaplot (@dchaplot) January 9, 2024

Meta releases audio2photoreal@Gradio demo: https://t.co/7REMj1Hizs

From audio of a dyadic conversation, generate photorealistic face, body, and hand gestures pic.twitter.com/hazEi6SpX7

— AK (@_akhaliq) January 8, 2024

Whenever I’m facing a moral dilemma, I think of the advice my father gave me.

“Never leave a paper trail,” he’d say, tapping the glass partition between us for emphasis.

— John Lyon (@JohnLyonTweets) October 19, 2022

Great repository by @NCCGroupInfosec collecting exploit mitigations (various operating systems, architectures and applications and versions)https://t.co/bP2ayGfggN#exploit #infosec pic.twitter.com/LLa3uhNzQl

— 0xor0ne (@0xor0ne) January 8, 2024

Have you ever wondered what the attack surface of Counter Strike: Global Offensive looks like? Our ninjas @myr463 and @v1csec studied it and found a server to client bug! Read more details about this research in our latest blogpost.https://t.co/QaoheZbQoi

— Synacktiv (@Synacktiv) January 8, 2024

Interesting talk about Lockdown Mode from @blacktop__https://t.co/NcOVvCqNC9

— xvonfers (@xvonfers) January 5, 2024

So here we go. A thread exposing a major fuck up by Rwanda National Police in the recruiting of Jonathan Boyd Scott aka Jonathan Lee Villarreal and a curious Russian connection. A thread 🧵

— Cthulhu Answers Ⓥ 🏴‍☠️ (@Cthulhu_Answers) January 7, 2024

Here we have a few more photos of Jonathan’s contact with the @Rwandapolice (he is on the right with the image of the vatniks, I’m not blocking their faces because fuck the Russian military). Another post where the Rwandan National Police Officer praises Putin. pic.twitter.com/VczLAMZsUD

— Cthulhu Answers Ⓥ 🏴‍☠️ (@Cthulhu_Answers) January 8, 2024

RCE over WAN on Cisco RV340 SSL VPN module (sslvpnd)
Credits @pedrib1337 and @RabbitProhttps://t.co/857rlDXD2z#cisco #cybersecurity #iot pic.twitter.com/W7jfwO93Ct

— 0xor0ne (@0xor0ne) January 6, 2024

I taped my dwarf parsing work onto weggli to be able to pattern match object allocation sites of specific sizes for linux heap exploitation
it needs some work (threw it together last night) but it works pretty well from what I've seen:https://t.co/bhfFU3XyD8

— Justin Miller (@zolutal) January 5, 2024

Sonos One reverse engineering analysis (HITB 2023 presentation)
Credits @bl4styhttps://t.co/HrRlrlEP2g#sonos #infosec pic.twitter.com/VMB0absuNd

— 0xor0ne (@0xor0ne) January 5, 2024

Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100

The Era 100 is Sonos’s flagship device, released on March 28th 2023. NCC found weaknesses within the bootloader which can lead to full compromise of the device.https://t.co/h5LBbUJe7ghttps://t.co/8JkcXU3y7H

— NCC Group Research & Technology (@NCCGroupInfosec) December 4, 2023

Mobile ALOHA's hardware is very capable. We brought it home yesterday and tried more tasks! It can:
- do laundry👔👖
- self-charge⚡️
- use a vacuum
- water plants🌳
- load and unload a dishwasher
- use a coffee machine☕️
- obtain drinks from the fridge and open a beer🍺
- open… pic.twitter.com/XUGz7NhpeA

— Zipeng Fu (@zipengfu) January 4, 2024