September 15, 2024
September 15, 2024
Security Phd: run fuzzers for days and get an unexploitable bug ๐คก
โ itewqq (@lyq_sqsp) September 14, 2024
Game console players: look at the fbsd kernel for 15 minutes and find a race-condition based UAF ๐https://t.co/RXr5dhoxbL
read another paper: An Empirical Assessment of Endpoint Security Systems Against Advanced Persistent Threats Attack Vectors
โ ajdin (@ajdinre) September 14, 2024
Took some time, since I'm not that familiar with Windows internals,
Four different attack vectors were used: (CPL) a DLL (.cpl) file which can be executedโฆ pic.twitter.com/U4oQovdQmH
Bytecode Reuse Attack (Part 4) : https://t.co/5p9cvo3NI1
โ Binni Shah (@binitamshah) September 14, 2024
Bytecode Injection (Part 3) : https://t.co/KGASPPibhr
Fundamentals for Bytecode Exploitation (Part 2) : https://t.co/5gTSkE7QGD
Introduction to Android Bytecode Exploitation (Part 1) : https://t.co/D82tu0Vd2Z pic.twitter.com/QsiotxMsKv
No need for sci-fi cyberpunk dystopias anymore, these are all real photos from the last few years pic.twitter.com/KiCyiDm0jP
โ Sebastiaan de With (@sdw) September 14, 2024
By popular request here is the link to my @BlueTeamCon slide deck on Adventures in Cloud Hacking. Refresh tokens have been revoked to protect the innocent.
โ rootsecdev (@rootsecdev) September 14, 2024
There is no recorded video but be on the lookout for one in the future. https://t.co/0RhH59k07Y
New #TradecraftSunday episode! This time we look into how nation-states take advantage of browser extensions/plugins for SIGINT operations.https://t.co/JaWDhq8RN3#SIGINT #cyberespionage #CNE
โ Spy Collection (@SpyCollection1) September 15, 2024
OPEN SOURCE INTELLIGENCE (OSINT) NEWS: Realistic Spy Thrillers: Movies Praised by the CIA for Accuracy
A blog about the 17 spy agencies comprising the US Intelligence Community
Looking for some real-deal spy thrillers? Hereโs a list of movies praised by the CIA for their accuracy! ๐ต๏ธโโ๏ธ Get ready for suspense that hits close to home. #SpyThrillers #CIA #RealisticEspionage #MustWatch #USA #spymovieshttps://t.co/ESJyoQIqTp pic.twitter.com/H47JSPxXhj
โ Robert Morton (@Robert4787) September 14, 2024
OPEN SOURCE INTELLIGENCE (OSINT) NEWS: CIA Numbers Stations- do they still exist?
A blog about the 17 spy agencies comprising the US Intelligence Community
The Way to Android Root: Exploiting Your GPU on Smartphone by Xiling Gong, Xuan Xing, Eugene Rodionov. Slides available at:https://t.co/wyrpO3myhz pic.twitter.com/MiW1sw13Wb
โ 8kSec (@8kSec) September 13, 2024
https://diffusionillusions.com
Well, this was a stupid insomnia project, but... ๐
โ John Hammond (@_JohnHammond) September 13, 2024
Playground code is here: https://t.co/GQsVFrYsvy https://t.co/KhdbhTJKxN pic.twitter.com/CQxvTUMuZP
#SpyNews - week 37 (September 8-14):
โ Spy Collection (@SpyCollection1) September 15, 2024
A summary of 62 espionage-related stories from week 37 coming from ๐บ๐ธ๐ฎ๐น๐ฑ๐พ๐ฎ๐ฑ๐ฌ๐ง๐ฉ๐ช๐ท๐บ๐จ๐ณ๐น๐ผ๐พ๐ช๐ซ๐ท๐ณ๐ฑ๐ฎ๐ท๐ธ๐ฆ๐ฑ๐ง๐ณ๐ด๐ฐ๐ต๐ฐ๐ท๐ต๐ฑ๐ง๐พ๐ธ๐ช๐ง๐ฉ๐ฆ๐ฑ๐น๐ท๐ฌ๐ช๐จ๐ฟ๐ณ๐ฌ๐ฐ๐ฟ๐ฐ๐ฌ๐น๐ฏ๐บ๐ฟ https://t.co/DdwSCrkLXp#espionage #OSINT #SIGINT #HUMINT #spy
This is certainly one way to frame thingsโฆ
>Microsoft paves the way for Linux gaming success with plan that would kill kernel-level anti-cheat
โ Pirat_Nation ๐ด (@Pirat_Nation) September 14, 2024
>Microsoft has officially announced its intent to move security measures out of the kernel, following the Crowdstrike disaster a few short months ago.
The removal of kernelโฆ pic.twitter.com/RW0NAbHvg9
Oof, AWS had a bug that allowed Transit Gateway peering requests to be accepted by the requestor, so an attacker could accept their own requests and peer to any gateway. The prevention logic for this was only in the web console UI, not the API. ๐ https://t.co/DZLcWSaROh
โ Scott Piper (@0xdabbad00) September 15, 2024
https://t.co/TjJhsc5bfyhttps://t.co/h6PBuJbwcM
โ xvonfers (@xvonfers) September 14, 2024
Great job @0x10n https://t.co/lAf5EjmZ72 pic.twitter.com/xIOpSLSHeQ