October 22, 2024
October 22, 2024
Another day another "MONERO TRACED" news story about some guys failed attempt at washing criminal gains through Monero but getting caught by simple timing & amount analysis.https://t.co/cF4c8tDxYI
— monerobull (@monerobull) October 21, 2024
Page-level UAF exploitation technique in Linux kernel (BH24 slides)https://t.co/hMUjVW3bzT#Linux #infosec pic.twitter.com/5xrhdrj09q
— 0xor0ne (@0xor0ne) October 22, 2024
I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung and Huawei devices due to their use of hypervisors. Check it out here: https://t.co/UHesQZgjuv
— Klecko (@klecko0) October 21, 2024
CVE-2024-26926 Binder n-day analysis.
— Maher Azzouzi (@maherazz2) October 21, 2024
It is labeled EoP in Android Security Bulletin (Is it really exploitable?)https://t.co/tbJHf8pWem
The quieter you are the more you.... oh wait.... https://t.co/oykjncj6Lr
— mRr3b00t (@UK_Daniel_Card) October 22, 2024
OpenAI's Swarm Web Extractor
— Kalyan KS (@kalyan_kpl) October 21, 2024
This can autonomously search the web, map entire websites, and extract data.
This is built on top of OpenAI’s new multi-agent framework Swarm, Serp AI and Firecrawl API.
- Swarm is a lightweight and experimental framework introduced by OpenAI to… pic.twitter.com/ThNBu9V01i
KQL to spot missing Microsoft logs
— Joe Stocker (@ITguySoCal) October 22, 2024
(excludes weekends since those are normally low)
SigninLogs
| where TimeGenerated >= ago(90d)
| summarize SignInCount = count() by bin(datetime_utc_to_local(TimeGenerated,"US/Pacific"), 1d)
| where dayofweek(Column1) !="6.00:00:00" and… https://t.co/J2qDN4iFU5 pic.twitter.com/a5Pq686tb9
I'd argue the opposite. General purpose grey box fuzzing research is complete as it is no longer feasible to distinguish between optimizations and over-fitting. Per-target optimizations should be left as an engineering exercise. https://t.co/mYHWc1TfJ8
— Mathias Payer (@gannimo) October 21, 2024
In the weekend I began a new project named beacondbg (https://t.co/eeqoZN2cvP) to run & eventually debug locally or in remote process your COFF beacon. If you are engaged in #OffensiveSecOps and you would like to have some features ping me!
— cod (@wolfcod) October 21, 2024