October 20, 2023
October 20, 2023
Exein - Pulsar | Pulsar
Next-gen open source framework for the security of everything
There’s a new way to flip bits in DRAM, and it works against the latest defenses | Ars Technica
New technique produces lots of bitflips and could one day help form an attack.
https://people.inf.ethz.ch/omutlu/pub/RowPress_isca23.pdf
Google-hosted malvertising leads to fake Keepass site that looks genuine | Ars Technica
Google-verified advertiser + legit-looking URL + valid TLS cert = convincing lookalike.
Thousands of IT workers contracting with US companies have for years secretly sent millions of dollars of their wages to North Korea to fund its weapons programs. They worked remotely with companies around US and used false identities to get jobs, per FBI https://t.co/e10TTGnfVe
— Kim Zetter (@KimZetter) October 19, 2023
You want to detect the probability if a text was generated by a LLM. ZipPy can help (it's fast).https://t.co/n3ovB3kUxW
— Alexandre Dulaunoy @adulau@infosec.exchange (@adulau) October 19, 2023
"ZipPy: Fast method to classify text as AI or human-generated"
A nifty tool presented by Jacob Torrey at @hack_lu 2023 #hacklu #llm #opensource
#Lazarus CVE-2023-26369 Exploit: Adobe Acrobat PDF Reader RCE when processing TTF fontshttps://t.co/cQWuyR6fHg
— blackorbird (@blackorbird) October 18, 2023
ref:https://t.co/mwQUWkk8QG pic.twitter.com/S8gU4Q9Pku
Thread by @JonBruner on Thread Reader App â Thread Reader App
@JonBruner: Whatâs inside Appleâs $129 Thunderbolt cable? We CT scanned one to find out, and compared it to some cheaper cables⦠𧵠Turns out thereâs a lot going on in this Thunderbolt 4 connector. Thereâs a very...â¦
they don't know that I used to be a crypto millionaire pic.twitter.com/wLry44EFRB
— Russian Memes United (@RussianMemesLtd) October 19, 2023
From using stolen IDs and Social Security numbers, to paying US workers to do video job interviews and conference calls for them and using US WiFi/IP addresses to hide their location - here's how North Korean workers tricked US companies into hiring themhttps://t.co/X7Kaqc2z0L
— Kim Zetter (@KimZetter) October 20, 2023
Resumes are about to get really weird. pic.twitter.com/z1rLYWuCh7
— Daniel Feldman (@d_feldman) October 14, 2023
If a crow said "ni hao" to me I'd jump off the nearest cliff pic.twitter.com/vv24yUg8Y9
— terrorist cigarettes (@halfheldsky) October 16, 2023
Windows rootkit development for red teaming
— 0xor0ne (@0xor0ne) October 19, 2023
Excellent series by @Idov31
Part 1: https://t.co/gLIk9tGiEI
Part 2: https://t.co/ryrPfTLJrR
Part 3: https://t.co/l6C4j7TMte
Part 4: https://t.co/SONhXgCEp7
PArt 5: https://t.co/KOsDQxfBGp#windows #driver #kernel #rootkit #redteam pic.twitter.com/E4yKgI6H0j
Catalin Cimpanu: "Cyphur Labs have published instructions on how se…" - Mastodon
Cyphur Labs have published instructions on how security researchers can hunt for Cobalt Strike 4.9 C&C servers. v4.9 of Cobalt Strike got leaked on a Chinese hacking forum earlier this month, and its usage among threat actors is expected to rise in the coming weeks. So far, Cyphur analysts have identified at least two Cobalt Strike v4.9 servers. https://blog.cyphur.com/detecting-leaked-cobalt-strike/
Am I reading this right and the proposed https://t.co/fI4yw1kKgg rule treats ordinary use of BIP39 wallets, UniSwap, or "send it later" as currency mixing? pic.twitter.com/fMpWcSdfpR
— Madars Virza 🛡 (@MadarsV) October 19, 2023
The fact that the biggest blown claims of this war have been major news organizations taking Hamas claims at face value and people mistaking ARMA 3 gameplay footage for war reporting should really qualify your fears that AI will lead to any meaningful surge in misinformation.
— Alec Crisman (@AlecCrisman) October 18, 2023
If you already have the burners on, the gas leaking, the fire extinguishers broken, and the fire alarms turned off, it kind of doesn’t matter if you buy some gasoline and put it in your garage. Your house burning down is overdetermined.
— Alec Crisman (@AlecCrisman) October 18, 2023
📢 It's important to note that, since Russia is currently under OFAC sanctions, engaging with #OperationZero could potentially lead to violations of both technology transfer and financial transfer sanctions.
— bugcrowd (@Bugcrowd) October 19, 2023
@caseyjohnellis explains in @cpomagazine: https://t.co/Q6bOHQMRbO pic.twitter.com/KBqC3qzifl
I can’t wait to run ads on a platform where the most well-heeled / engaged users won’t see them. https://t.co/rh9UPE8LLm
— Corey Quinn (@QuinnyPig) October 20, 2023
What if you could make your fuzzer ask an LLM about the correct structure and order of protocol messages as specified in hundreds of pages of RFC?
— Marcel Böhme👨🔬 (@mboehme_) October 20, 2023
🎉 Accepted @ NDSS'24
📝 https://t.co/yPLlV9gOmq
🧑💻 https://t.co/CwYV2Meooc
Led by @RuijieMeng w/ M. Mirchev, @AbhikRoychoudh1 & YT pic.twitter.com/xlu60F1pal
I'm proud to present the tool I had the opportunity to develop during my internship @orangecyberdef.
— Azrm (@Azrm_rf) October 19, 2023
LinikatzV2 is a post-exploitation tool for Unix machines joined to an Active Directory, based on @timb_machine Linikatz tool.
Available on Github 👉 https://t.co/y7oCbYgwWb
At a high level fuzzing to me breaks down categories of:
— d3fp4r4m (@defparam) October 11, 2023
1) Feedback Driven (responses drive your next test)
2) Structure Aware (each test follows obeys some protocol structure)
If while fuzzing you lack either of these properties you will likely not find much at all.
Start the conversation: