March 14, 2025
March 14, 2025
Some exciting research to share from Binarly REsearchers @cci_forensics and @pagabuc -- a novel approach to UEFI bootkit detection.
— BINARLY🔬 (@binarly_io) March 13, 2025
🔥Read the technical paper: "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior"
👉 https://t.co/KwmiNq9hdc pic.twitter.com/2UEtUiMiEN
Update:
— Nick Bax.eth (@bax1337) March 13, 2025
This Bybit launderer is trying to transfer their frozen USDC/USDT and does not understand why the transactions keep failing 🤣 https://t.co/sLsshZ6vrj pic.twitter.com/n5REKbQibY
"This is decades-old code. On a first glance, it seems strange that it took so long to find such a trivial bug with fuzz testing..."
— j00sean (@j00sean) March 13, 2025
"This is really the same issue as CVE-2017-9047, just in a different function." - Back to 2017😅https://t.co/hXF3LKWuBU https://t.co/mwI1KZ8fGZ
Two equally smart Amazon robotspic.twitter.com/iaQvVT4veR
— Massimo (@Rainmaker1973) March 13, 2025
Bug reports and pocs:https://t.co/W4z514PeC8https://t.co/ItTL1xOKaA https://t.co/vKe0LPz1rQ
— j00sean (@j00sean) March 13, 2025
New FCC Chairman Brendan Carr has created a national security team at the commission to handle telecom supply chain risks, cyber threats, and emerging-technologies (6G, AI, quantum, space) competition with China: https://t.co/6E2TW1KYla
— Eric Geller (@ericgeller) March 13, 2025
https://t.co/ZYwPUN8Qg2 pic.twitter.com/TA751YWC3G
— horse powder (@JuliusIrvington) March 13, 2025
My Scammer Girlfriend: Baiting A Romance Fraudster

My Scammer Girlfriend: Baiting A Romance Fraudster | www.bentasker.co.uk
Romance fraud has been growing as an issue for years. It's not uncommon to see news stories with bewildered victims explaining just how deeply they'd been sucked in. After receiving a number of opener
Security researcher @gentoo_python discovered a Prompt Injection on VirusTotal.
— vx-underground (@vxunderground) March 14, 2025
Could this be used as a form of social engineering to trick users into thinking a file is safe when it's not?
File hash: 1d30bfee48043a643a5694f8d5f3d8f813f1058424df03e55aed29bf4b4c71ce pic.twitter.com/PS5K5nWAqL
KrbRelayEx-RPC tool is out! 🎉
— Andrea Pierini (@decoder_it) March 13, 2025
Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) https://t.co/Aebt5iFIjC pic.twitter.com/oObMOQYy1W