March 1 more time, 2024
March 1, 2024
Dan Geer keynote from 2023
From 28 March 2023:
Whither Software?
Cloud Threats & Vulnerabilities Summit, San Francisco, California,
http://geer.tinho.net/geer.cloudsecurityalliance.28iii23.mov
This is how you know you've reached the good part of the manual pic.twitter.com/FLGxv6ydRa
β Brendan Dolan-Gavitt (@moyix) February 29, 2024
"The wars of the future will not be fought on the battlefield or sea. They will be fought in space or possibly on top of a very tall mountain...most actual fighting will be done by small robots. As you go forth today remember your duty is clear: to build & maintain those robots." https://t.co/z0FldcVuTd pic.twitter.com/knRgJ0xpTO
β Shashank Joshi (@shashj) February 29, 2024
"Microsoft, OpenAI and Nvidia are among the investors backing a Silicon Valley start-up that aims to introduce artificial intelligence-powered humanoid robots to the workforce and transform the global labour market." https://t.co/LYnvoPrdBw
β Shashank Joshi (@shashj) February 29, 2024
π¨NEW - iSoon & the Chinese cyber mercenary ecosystem π¨
β Winnona πΎ (@__winn) February 29, 2024
Going back to my roots with some good old fashioned China cyber analysis @Margin_Research. How is iSoon related to cyber mercenaries, and the Chinese offensive ecosystem? π§΅/ 5 findings:https://t.co/HpsctXUPjU
Thread by @__winn on Thread Reader App β Thread Reader App
@__winn: π¨NEW - iSoon & the Chinese cyber mercenary ecosystem π¨ Going back to my roots with some good old fashioned China cyber analysis @Margin_Research. How is iSoon related to cyber mercenaries, and the Chinese of...β¦
FYI, yesterday Microsoft reclassified the admin-to-kernel vulnerability (MS fixes admin-to-kernel issues at its discretion) CVE-2024-21338 as being actively exploited.
β Brian in Pittsburgh (@arekfurt) February 29, 2024
It knew last August the issue was being abused by Lazarus.
Anyway, this post is well worth a read on its own. https://t.co/PtMqh4dQec pic.twitter.com/YWUGbYc0ij
Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day | https://t.co/Jvty0ewQH4 @AvastThreatLabs
β 780th Military Intelligence Brigade (Cyber) (@780thC) February 29, 2024
https://x.com/mardial/status/1427354632745996299
Could the US military track Putin's movements in real-time. How? His comrades (advisers, drivers, etc.) had smartphones and were browsing the internet, using apps. Ads were displayed to them. And data traces from advertising networks revealed everything. https://t.co/YV7MF5qzPP
β Lukasz Olejnik, βοΈπ₯ (@lukOlejnik) March 1, 2024
17th edition of H2HC Magazine (the one that we've distributed printed to attendees at H2HC 20th) is finally online, with articles in English as well (Attacking the Linux Kernel Free List Hardening & LLVM Rust CFI): https://t.co/DLfV56HIpt
β H2HC (@h2hconference) February 28, 2024
β Aaron Grattafiori (@dyn___) February 29, 2024
#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
β blackorbird (@blackorbird) February 29, 2024
Beyond BYOVD with an Admin-to-Kernel Zero-Dayhttps://t.co/irFNz3Dntt pic.twitter.com/Hfco33UPBm