November 19, 2024
November 19, 2024
Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to the API. https://t.co/eQXbb9QGVl
— freefirex (@freefirex2) November 18, 2024
We're now releasing our previously internal make_token_cert bof to auth using only a .pfx file :)
Phishing simulations are an ineffective tool. Put in phishing resistant strong authentication instead. https://t.co/20nMFkEsNS
— Heather Adkins - Ꜻ - Spes consilium non est (@argvee) November 17, 2024
Whatever happens next, a huge thank you to the brilliant @CISAJen for her leadership of cyber security across the western alliance over the past few years. A job very, very well donehttps://t.co/fPs2AGsyoC
— Ciaran Martin (@ciarancyber1) November 18, 2024
All the workshop recordings and slides from #r2con2024 are now edited and published. If you didn't had a chance to attend now it's a good time to catch up starting right from the very first day! 👉 https://t.co/8Jnqg6H3N8 pic.twitter.com/LMQhHgXrMx
— radare (@radareorg) November 17, 2024
My keynote slides from VXCON 2024 https://t.co/9VLW903Trz
— Alisa Esage Шевченко (@alisaesage) November 18, 2024
Just wrote a blog entry looking into John the Ripper's new Tokenize attack mode and comparing it to other attacks. Lots of side tangents as well such as using Hashmob wordlists for cracking sessions, and a deep dive into Hashcat Utilities. Link: https://t.co/0fIM8IvPPF
— Lakiw @lakiw@infosec.exchange (@lakiw) November 17, 2024
Now this is cool.
Unusual Android malware distribution vector - physical analog letter ✉️
— Mobile Hacker (@androidmalware2) November 18, 2024
Fake letters were sent to people at their home addresses to download "Severe Weather Warning App" via the attached QR code. #Coper AKA #Octo2 banking malware is downloaded insteadhttps://t.co/kRpPGA9sLu pic.twitter.com/219XC6kJfJ
OZZ: Identifying Kernel Out-of-Order Concurrency Bugs with In-Vivo Memory Access Reordering https://t.co/murg6WdgCz
— Anderson Nascimento (@andersonc0d3) November 18, 2024
Linux kernel page-UAF-based exploit strategy
— 0xor0ne (@0xor0ne) November 18, 2024
BH 2024 slides:https://t.co/hMUjVW3bzT#Linux #infosec pic.twitter.com/WSfHUhVxYo
The CIA publishes the craziest stuff on their website.
— Andrew Côté (@Andercot) November 17, 2024
"Oh yeah we had professional remote viewers, yeah, we asked them to go visit Mars one million years ago. What did they see? Pyramids, obelisks, a dying elder race looking for a new home. Anyway its declassified now." pic.twitter.com/Jpts5bbpsu
"Oh yeah the last thing we picked up from Mars 1 million years ago was this dying elder race all getting into a shiny space ship and then traveling to another planet that had a lot more vegetation" pic.twitter.com/4ZZCrKtG8k
— Andrew Côté (@Andercot) November 17, 2024
The more I research material for science fiction the more impression I get that either all these intelligence agencies are massively tolling us or, perhaps, we already live in someone else's sci-fi universe and its like the universes' best video game to drop into.
— Andrew Côté (@Andercot) November 17, 2024
Paged Out! #5 is out! Enjoy!https://t.co/8GiM1IwmHD
— Gynvael Coldwind (@gynvael) November 19, 2024
And if you like the cover, check out the 8K wallpaper by Mark Graham (downloadable on our website)! https://t.co/UwcFeaU6JZ pic.twitter.com/T7kjDrXXWA