November 29, 2024

                November 29, 2024

            November 29, 2024

            November 29, 2024

In a somewhat recent project we used a vulnerable driver, which worked fine...

Except: The customer had a custom rule that caused an alert when a service is created!

Decided to write a tool that creates the registry keys and calls into NtLoadDriver: https://t.co/SWjBJOaO5Z
— Layle (@layle_ctf) November 28, 2024

Weird that bug bounty hunters would find a way to exploit the system. 

This is a repeating behavior in all bug bounties: pic.twitter.com/NGYjaTaT0x
— Zuk (@ihackbanme) November 29, 2024

Taken from https://t.co/M5jc1qmJuj
— Zuk (@ihackbanme) November 29, 2024

Spent some time researching CVE-2024-11477, the new #7zip #CVE and made a writeup about my work on it. Let me know what you think! https://t.co/JJcfjXaPUF
— SuperN00by (@SuperN00by) November 29, 2024

save yourself if you find something like this pic.twitter.com/BdrrSWecg6
— goosewin (@dan_goosewin) November 27, 2024

One problem Georgia Tech Research Institute had in the last decade was that CFA kept hiring its talented devs and devops people away for higher $. I used to joke that the business of selling chicken sandwiches was becoming a threat to radar and electronic warfare development. https://t.co/o333JRgWRE
— HIGH PLANES Drifter (@the_engi_nerd) November 28, 2024

Don't miss what's next. Subscribe to the grugq's newsletter:

Start the conversation: