January 24, 2024
January 24, 2024 I have acquired the fabled NSA "FURBIE ALERT" memo.I have a significant amount of documentation that came back on an FOIA and I'll be...
Kerckhoffs's Principle at War
Kerckhoffs's Principle at War How WW2 US Paratroopers Secured Their Blind Recognition Protocol Before the D-Day landings, the 101st paratrooper division...
January 23, 2024
January 23, 2024 Trying to imagine what precedent they'd argue allows this. Is this same as grabbing small part of fingerprint, using AI to complete...
January 22, 2024
January 22, 2024 Apologies for tweets not getting embedded and lack of previews recently. I’ve raised a support ticket with ButtonDown to get it resolved....
January 21, 2024
January 21, 2024 No, you’re freaking out because it’s already three weeks into 2024! Hans reiser on the removal of Reiserufs...
January 20, 2024
January 20, 2024 Comparing the 1970’s Cray-1 supercomputer against the Raspberry Pi single-board computer range Comparing the 1970’s Cray-1 supercomputer...
January 19, 2024
January 19, 2024 Reverse engineering expert system by @juanandres_gs free to play with (ChatGPT plus subscription required) at https://t.co/haFXmZWEnw...
January 18, 2024
January 18, 2024 https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html 1/ A technical writeup on @Meta’s...
January 17, 2024
January 17, 2024 Ostorlab/ostorlab: Ostorlab is a security scanning orchestrator for the modern age. GitHub - Ostorlab/ostorlab: Ostorlab is a security...
January 16, 2024
January 16, 2024 TLDR: If you didn’t apply Ivanti Connect Secure VPN mitigation on January 10th reasonable chance you were exploited - mass exploitation by...
January 15, 2024
January 15, 2024 Nervous about heading thru the Bab?Just punch in "ALL CHINESE CREW" and enjoy the ride. pic.twitter.com/C4uCFTG0iI— TankerTrackers.com, Inc....
January 14, 2023
January 14, 2023 This is interesting in that it has taken a year for cybercriminals to convert a public PoC into a working exploit. Not sure what it means,...
January 13, 2024
January 13, 2024 Our AppSec team is sharing things they wish they'd known before using Semgrep. Follow our seven-step plan for bootstrapping this static...
January 12, 2024
January 12, 2024 Holy cow! New debugger just dropped 👀!https://t.co/AwHhxEPQdp— j j (@mistymntncop) January 12, 2024 I threw together a quick blog post...
January 11, 2024
January 11, 2024 "My" CVE-2024-20692 has just been fixed by Microsoft. TLDR: Network secrets can be stolen from the Local Security Authority Subsystem...
January 10, 2023
January 10, 2023 Exploit dev/bug hunting friends: what are your favourite vuln write-ups from the past few years? The more the merrier =) (Across any...
January 9, 2024
January 9, 2024 Visualising ext4 Visualizing ext4What does ext4 look like? Big Tech has already made enough money in 2024 to pay all its 2023 fines Big Tech...
January 8, 2024
January 8, 2024 Quick test of Safari JavaScript WASM RCE bug from Operation Triangulation (CVE-2023-32435) pic.twitter.com/UPEvTLab41— Alisa Shevchenko...
January 7, 2024
January 7, 2024 Exploiting Google Chrome extensions for privilege escalationInteresting blog post by @deryilzhttps://t.co/6ow4vsiW8o#chrome #infosec...
January 6, 2024
January 6, 2024 i was trying to explain what a capybara was to my gf’s french aunt last night, so googled “french for capybara” and the first thing that came...
