the grugq's newsletter

Subscribe
Archives
March 14, 2025

March 14, 2025

March 14, 2025

Some exciting research to share from Binarly REsearchers @cci_forensics and @pagabuc -- a novel approach to UEFI bootkit detection.

🔥Read the technical paper: "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior"

👉 https://t.co/KwmiNq9hdc pic.twitter.com/2UEtUiMiEN

— BINARLY🔬 (@binarly_io) March 13, 2025


Update:
This Bybit launderer is trying to transfer their frozen USDC/USDT and does not understand why the transactions keep failing 🤣 https://t.co/sLsshZ6vrj pic.twitter.com/n5REKbQibY

— Nick Bax.eth (@bax1337) March 13, 2025


"This is decades-old code. On a first glance, it seems strange that it took so long to find such a trivial bug with fuzz testing..."

"This is really the same issue as CVE-2017-9047, just in a different function." - Back to 2017😅https://t.co/hXF3LKWuBU https://t.co/mwI1KZ8fGZ

— j00sean (@j00sean) March 13, 2025


Two equally smart Amazon robotspic.twitter.com/iaQvVT4veR

— Massimo (@Rainmaker1973) March 13, 2025


Bug reports and pocs:https://t.co/W4z514PeC8https://t.co/ItTL1xOKaA https://t.co/vKe0LPz1rQ

— j00sean (@j00sean) March 13, 2025


New FCC Chairman Brendan Carr has created a national security team at the commission to handle telecom supply chain risks, cyber threats, and emerging-technologies (6G, AI, quantum, space) competition with China: https://t.co/6E2TW1KYla

— Eric Geller (@ericgeller) March 13, 2025


https://t.co/ZYwPUN8Qg2 pic.twitter.com/TA751YWC3G

— horse powder (@JuliusIrvington) March 13, 2025


My Scammer Girlfriend: Baiting A Romance Fraudster

My Scammer Girlfriend: Baiting A Romance Fraudster | www.bentasker.co.uk

Romance fraud has been growing as an issue for years. It's not uncommon to see news stories with bewildered victims explaining just how deeply they'd been sucked in. After receiving a number of opener



Security researcher @gentoo_python discovered a Prompt Injection on VirusTotal.

Could this be used as a form of social engineering to trick users into thinking a file is safe when it's not?

File hash: 1d30bfee48043a643a5694f8d5f3d8f813f1058424df03e55aed29bf4b4c71ce pic.twitter.com/PS5K5nWAqL

— vx-underground (@vxunderground) March 14, 2025


KrbRelayEx-RPC tool is out! 🎉
Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) https://t.co/Aebt5iFIjC pic.twitter.com/oObMOQYy1W

— Andrea Pierini (@decoder_it) March 13, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X